E-mail after backup job to https://healthchecks.io contains sensitive information

Jeroen1000 · 4 September 2020 11:33

Dear dev,

Can we filter most information from the e-mail that duplicacy sends after completion? Basically I would like to limit it to:

Subject: success

Schedule: backup_docs
Start time: 01:00PM, Frequency: Daily, Days: F Sa Su

Back up x:/xxxxxxxxxx to storage xxxxxx, status: Completed, log file: backup-20200904-130001.log

Note I further obfuscated some text and replaced it by the letter ‘x’.

ps: I am already using INFO UPLOAD_FILE in the “Excluded Logs” input box to prevent file names from leaking to healthchecks.io

Best regards,
Jeroen

towerbr · 4 September 2020 13:34

I didn’t understand what you mean by “files names”.

I use Healthchecks and the “ping log” has this format:

{"computer":"NOTE4","directory":"D:/Personal_Files","end_time":1598828548,"new_chunk_size":0,"new_chunks":0,"new_file_chunk_size":0,"new_file_chunks":0,"new_file_size":0,"new_files":0,"new_metadata_chunk_size":0,"new_metadata_chunks":0,"result":"Success","start_time":1598828519,"storage":"personal--b2","storage_url":"b2://personal","total_chunk_size":3263168512,"total_chunks":2801,"total_file_chunk_size":3257925632,"total_file_chunks":2795,"total_file_size":3257925632,"total_files":14054,"total_metadata_chunk_size":4941824,"total_metadata_chunks":6,"uploaded_chunk_size":0,"uploaded_file_chunk_size":0,"uploaded_metadata_chunk_size":0}

The above information is the json generated by .

Only the name of the computer and the repository are given (ok, it’s not ideal either, but it doesn’t have any sensitive information).

Other information that appears is the name of the storage and the bucket in B2. Again, not ideal, but if your bucket security options are correct, it’s not too much of a problem.

Of course, these are all concerns in case of scrutiny by Healthchecks or data leak.

As for sending the complete log by email after executing a schedule, it goes directly to a private email used only for log collection, it is not sent to Healthchecks.

Am I missing something?

Jeroen1000 · 4 September 2020 16:40

Hi towerbr, please allow me to elaborate quite some bit.

On the “Schedule” page there is a checkbox “Send email after completion”. This e-mail is sent to healthchecks.io by Duplicacy. It is in that e-mail there is sensitive information. Healthchecks on its turn only sends me an e-mail (to my private e-mail address) if the word ‘error’ is in the subject line of the e-mail it received from Duplicacy.

See the screenshots I made of both Duplicacy and healthchecks

In the red rectangle after the keyword “UPLOAD_FILE”, there would be the actual file names of the files that have been uploaded during the backup job. This is a big no no. However, this can be avoided by using “Excluded logs” which you can see in my screenshot.
The yellow rectangle contains the word ‘success’ for the subject. Healthchecks will only e-mail me when it would contain the word ‘error’.

Having said this, you are talking about a JSON object so I get this feeling I am doing something wrong or at least not using the best method to achieve my goal? Which is (1) getting notified if backups fail and (2) getting notified if for some reason Duplicacy is no longer doing its thing. So in its most basic form, I only need to send healthchecks a notice when things fail and healtchecks must sound the alarm bell if Duplicacy goes AWOL.

towerbr · 4 September 2020 17:00

That’s the difference. I don’t send emails to Healthchecks, but to my “log collector” e-mail address.

In the configuration of my backups I send a ping to Healthchecks:

2020-09-04_135228_127.0.0.1

And in the configuration of my schedules I send an email to my collector address:

2020-09-04_135652_127.0.0.1

So, if my backup fails (does not run) Healthchecks warns me.

If my backup runs but with errors, my email filter based on the subject warns me.

Droolio · 4 September 2020 17:13

Wow, I had no idea this existed. Is this basically like doing a post-backup script?

towerbr · 4 September 2020 17:58

I wouldn’t say that it is as powerful and flexible as a script.

It is a service in which you ping a specific address (yours), and takes care of sending in that ping the json with the execution information.

2020-09-04_144853_healthchecks.io

You set up in Healthchecks how often it should expect for a ping. If it doesn’t get it, it warns you.

Despite being a one-man company, it has a very simple and robust design and architecture, and works very well.

Droolio · 5 September 2020 00:45

Yea sorry, I wasn’t clear. I’m aware of Healthchecks but wasn’t aware of that option in the Backup tab for Duplicacy. Must’ve missed that one (assumed it was the same as the email on schedule tab).

Had previously set up a test pre-backup script for Vertical Backup (Duplicacy for ESXi) with basically:

#!/bin/sh
/bin/wget http://hc-ping.com/<GUID> -O /dev/null > /dev/null 2>&1

Plus it never occurred to me I should probably use post-backup instead. Hmm. (Then again, Vertical Backup quite often randomly fails to take a snapshot - which I’m pretty sure is ESXi’s fault - so I may stick with pre-backup script in that case.)

Jeroen1000 · 5 September 2020 09:32

It looks like healthchecks does not interpret the JSON objects’ key-value pairs? I.e. it does not understand “result”:“Success” as a trigger to do something. It would be great if it could do that but I think I am going to stay with the e-mail method for that reason as that will alert me on error and alert me if it has not heard from Duplicacy beyond a set threshold.