Encrypted snapshots
Client-side encrypted, compressed, deduplicated snapshots for local and S3-compatible repositories.
FileFerry is an all-Rust CLI for encrypted, compressed, deduplicated backups to local and S3-compatible repositories. It is built for shells, restore drills, and self-hosted operations.
$ ferry init s3://company-backups/laptops
repository initialized · format v0 · encrypted
$ ferry backup ~/Documents --tag laptop --jsonl
{"event":"command_started","command":"backup",...}
{"event":"progress","data":{"phase":"write_commit"},...}
{"event":"command_completed","command":"backup",...}
# stdout stays JSONL · progress stays on stderr
$ ferry restore --latest ~/restore-test
restored · verified bytes · metadata warnings reportedThe 1.0.0 release exercises FileFerry's encrypted backup, restore, check, retention, key-management, machine-output, and release-artifact paths. Platform wording is limited to observed CI, tests, artifacts, and smoke evidence.
Client-side encrypted, compressed, deduplicated snapshots for local and S3-compatible repositories.
Restore by latest, id, tag, and path with destination safety checks and byte verification.
Human output, one-document JSON, newline-delimited JSON events, and documented exit-code families.
Signed checksums, SBOMs, cargo-auditable metadata, manifests, installer scripts, and archive-smoke JSON.
Regular-file and directory modified times plus Unix mode bits are applied where representable; other metadata is reported as warnings.
No GUI, TUI, daemon, scheduler, server, SaaS dashboard, mobile app, FUSE mount, or format-compatibility mode.
The release attaches archives for Linux x86_64 GNU, Linux ARM64 GNU, macOS x86_64, macOS ARM64, and Windows x86_64 MSVC. Each target includes checksums, a Sigstore bundle, SBOM, manifest, archive-smoke JSON, and installer scripts.
FileFerry is automation-first. Human progress is optional; stdout is machine output and exit codes are treated as an API surface.
Human progress and diagnostics stay on stderr so scripts can trust stdout.
Single-document output for state. Newline-delimited events for long operations.
Forget and prune expose explicit dry-run behavior before object deletion.
Metadata that cannot be applied is reported instead of silently claimed restored.
FileFerry uses client-side encryption and authenticated repository objects. The 1.0.0 release has tests for wrong-key, wrong-password, tamper, corruption, and redaction paths, but it is not an external audit claim.
Contents, names, directory shape, manifests, indexes, and sensitive config are stored in authenticated encrypted objects.
FileFerry does not read or write restic, rustic, Borg, Kopia, or rclone-native repository formats.
Immutable objects, retry-safe writes, explicit commit markers, and no required rename assumptions.