Skip to main content

Encrypted portable containers for Git bare remotes.

Project description

GSafe

GSafe stores a Git bare remote as an encrypted .gsf container. It allows you to safely store your repository on third party services like Google Drive, and work with it almost as effortlessly as if you were hosting on GitHub. The storage provider cannot read your data, as the unencrypted remote exists only on your device while the container is unlocked. This tool is not really meant for collaboration. Unlock your containers only on one machine at a time and don't forget to wait until the sync finishes before unlocking it on a second machine.

Project Status

GSafe is alpha software. The container format and command behavior may still change before a stable 1.0.0 release. Keep independent backups of important repositories.

Requirements

  • Python 3.10 or newer
  • Git available in PATH
  • Git LFS available in PATH if the repository uses LFS

The gsafe command is a Python console script. It becomes available after the package is installed with a Python package installer. If the Python scripts directory is not in PATH, use python -m gsafe instead.

Install

macOS (recommended)

Python on macOS, especially when installed with Homebrew, may block global pip installs with an externally-managed-environment error.

For CLI usage, install gsafe with pipx from inside this repository:

brew install pipx
pipx install .

Check that it works:

gsafe --version

From this repository

python3 -m pip install .

For local development

Use a virtual environment so the editable install points to this repository without touching the system Python installation:

python3 -m venv .venv
source .venv/bin/activate
python3 -m pip install -e .

Check that it works:

gsafe --version

If gsafe is not found:

python3 -m gsafe --version

Platform Notes

macOS and Linux usually expose python3 and install command-line scripts into a user or virtual environment scripts directory. If gsafe is not found after install, either activate the virtual environment you installed it into or use python3 -m gsafe.

Windows requires Python 3.10 or newer and Git for Windows. In Git Bash, use python or py -m pip depending on how Python was installed. If gsafe.exe is not in PATH, use python -m gsafe or add Python's Scripts directory to PATH.

Use

cd ~/path/repo
gsafe init
gsafe status ~/path/repo.gsf
gsafe unlock ~/path/repo.gsf
gsafe lock ~/path/repo.gsf
gsafe change-password ~/path/repo.gsf

gsafe init uses the current Git repository. You can also pass --path-repo ~/path/repo from another directory. GSafe uses .gsf for new containers. It also accepts .gsafe. Other extensions require --force. Passing a container path without a command is shorthand for gsafe status ~/path/repo.gsf. gsafe unlock and gsafe lock also accept --path-gsafe ~/path/repo.gsf if you prefer named options. gsafe status asks for the password and prints encrypted container metadata. gsafe change-password asks for the current password once and the new password twice.

Recovery

If a machine unlocks a container and then becomes unavailable before gsafe lock, the container remains marked as unlocked. Recover it from the last encrypted state:

gsafe recover ~/path/repo.gsf

Recovery asks you to type RECOVER. It clears the stale unlock marker, but it cannot save commits that existed only in the old unlocked remote.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

gsafe-0.7.0.tar.gz (14.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

gsafe-0.7.0-py3-none-any.whl (17.2 kB view details)

Uploaded Python 3

File details

Details for the file gsafe-0.7.0.tar.gz.

File metadata

  • Download URL: gsafe-0.7.0.tar.gz
  • Upload date:
  • Size: 14.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for gsafe-0.7.0.tar.gz
Algorithm Hash digest
SHA256 f9a5316b4f0272f7cd2e430bc887978af17d4d0edd7975aa0322a81560e015f7
MD5 7bb1e2a86ece53fdbe81d3aed1e35a01
BLAKE2b-256 8b9dab2ac7c4727400333c6e5d54801f9126e3b2f46db0e277b3b0fcec124cc4

See more details on using hashes here.

Provenance

The following attestation bundles were made for gsafe-0.7.0.tar.gz:

Publisher: publish.yml on guideblade/gsafe

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file gsafe-0.7.0-py3-none-any.whl.

File metadata

  • Download URL: gsafe-0.7.0-py3-none-any.whl
  • Upload date:
  • Size: 17.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for gsafe-0.7.0-py3-none-any.whl
Algorithm Hash digest
SHA256 3e798bb3ac7af55be57e804cf4c6f0586105e7821d9172cb2630f3178b8b8f73
MD5 31492aafaa124200569c6bb2ff02fad1
BLAKE2b-256 18507f2565963428787908f88425011dbe6c28481ae079b5966ab82e2a3caf1e

See more details on using hashes here.

Provenance

The following attestation bundles were made for gsafe-0.7.0-py3-none-any.whl:

Publisher: publish.yml on guideblade/gsafe

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page