[Feature request] Automatic export of vault for backing up to cloud

[ExhaustedCat]

For example when you add a new card, make an automatic export of the vault to a set directory. You can then sync that directory to a cloud service so you never lose your cards.

For inspiration you can take a look at Aegis 2FA, where this feature has come in handy when I bricked my phone.

Thanks

[obfusk]

You can already manually export a .zip to do this. It might be possible to automate that, but it is probably best to do that after the importer refactor.

[ExhaustedCat]

I'm aware of the manual export option, what I'm suggesting is an option to enable automatic exports be it either periodically or when new cards are added. That way the backup on a remote location always has all your cards even if you forgot to manually export your collection.

I'm not sure what you mean with "importer refactor", I have no coding experience.

However I can understand if this seems a bit overkill since people probably don't constantly expand their collection unlike the 2FA app I mentioned.

Still I think it would be neat :))

[TheLastProject]

This seems to be a duplicate of #23. Are there any reasons to believe the reasons I closed #23 for are incorrect? Probably better to reopen #23 if I misjudged stuff there.

[ExhaustedCat]

Yes you are correct.

Another reason I would like a backup function to my nextcloud instance is that I semi-regularly change ROM and not all custom ROMs support seedvault/default android backup.

I wasn't aware Google doesn't like apps writing to local (internal) storage though, or has this changed since then?

[obfusk]

I'm not sure what you mean with "importer refactor", I have no coding experience.

We're planning to improve the import/export functionality, which includes running it in the background instead of the way it runs now. Which is a change we would probably need for automatic backups.

I know orgzly has this kind of "sync to local folder" functionality. Not sure about Play vs F-Droid. But IIRC it uses the storage permission that only gives access to a specific folder, which Google might allow (but we should make 100% sure). So this might be possible, at least on android versions that support that.

[obfusk]

However I can understand if this seems a bit overkill since people probably don't constantly expand their collection unlike the 2FA app I mentioned.

That is something that makes me wonder whether this is worth implementing. I would assume people don't add cards so often that a manual export is too much work. And that losing a card would be a lot less bad than losing a 2FA token.

[ExhaustedCat]

From what I can gather from other apps I use with automatic export, they only needed 1 exposed directory (on android 13). So security risks should be nil right? However they're all F-Droid apps or sideloaded...

It seems there is some interest considering earlier issues requesting the same thing.

I'll let it up to you guys to decide, I'm not really of any use development wise.

[PanderMusubi]

To add some info if it is worth implementing, for me is one of the top selection criteria for FOSS apps. Can it automatically export my user data to a folder I can backup via Syncthing or Nextcloud. (Personally preferably in Documents.)

[TheLastProject]

It's clear a lot of people want this. Given multi-device/sync is not likely to happen any time soon (which could have also been used to restore a single device) and nobody seems interested in picking that up, maybe this would be picked up by someone.

It would first require fixing #513 though. Until we can generate an export in the background, we can't possibly schedule it.

[PanderMusubi]

I have been looking into this a bit more. Indeed Android is walling off app data more and more, so automatically writing to a generic folder such as Documents (for syncting e.g.) isn't easy without dragging in more permissions. I guess a Nextcloud sync is the way to go. I will look into this more, there must be an example implementation that could be used by many apps.

Another was is using LineageOS with https://calyxinstitute.org/projects/seedvault-encrypted-backup-for-android, but that only covers backups, not syncing with other devices.

[TheLastProject]

FWIW: Catima already works with Seedvault as that just hooks into the default Android backup system and I've seen several people on fedi explicitly talk about it working.

[PanderMusubi]

Nice, perhaps worth mentioning support for SeedVault on https://catima.app/

[TheLastProject]

I'd honestly rather not. There are several issues with Android's backup system:

1. The app data may not cross 25MB, if it does, app backups are silently disabled (and I cannot guarantee Catima's database will never go above that size)
2. There is extremely little info on the app backup states visible. Seedvault does this somewhat better by showing you some basic per-app info, but it's still quite limited
3. I cannot debug backup or restore issues with Android's backup system, as there is no easy to share file or easy restore instructions that I'm aware of
4. The last time I had to reset my phone, Seedvault failed to restore the data for most of my app. And just now I found out my Seedvault hasn't been doing any backups and wanted to be re-initialized, so yeah 😅

I'd much rather people use Catima's built-in backup system as I can test and debug issues with that very easily (and users could send me their backup files so I can see exactly what went wrong). Android's backup system (and Seedvault) I just do not trust enough to always work reliably to promote the support for.

I've made a PR to update the documentation of that here, let's continue any further documentation discussion on the current backup situation there :)