ArchLinux:rclone: Difference between revisions
(→Sync) |
m (→Encryption) |
||
(8 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
{{DISPLAYTITLE: | {{DISPLAYTITLE:{{TitleIcon|arch=true}} Encrypted Cloud Storage}}<metadesc>Encrypted cloud storage on Arch Linux using rclone.</metadesc> | ||
<div id="tocalign">__TOC__</div> | <div id="tocalign">__TOC__</div> | ||
{{Back|Arch Linux}} | {{Back|Arch Linux}} | ||
This is the setup process for using {{mono|rclone}} which sets up an encrypted rsync with your cloud storage provider. While you do not have to be using hubiC to follow this guide it was definitely tailored towards it. | This is the setup process for using {{mono|rclone}} which sets up an encrypted rsync with your cloud storage provider. While you do not have to be using hubiC<ref>[//rclone.org/overview/ rclone]. Overview of cloud storage systems</ref> to follow this guide it was definitely tailored towards it. | ||
hubiC is a cloud storage service provided by OVH. I use it to backup all of my data, whether it be from my house or from my dedicated server (also hosted by OVH). | hubiC is a cloud storage service provided by OVH. I use it to backup all of my data, whether it be from my house or from my dedicated server (also hosted by OVH). | ||
= | ={{Icon24|sitemap}} Install rclone= | ||
First install {{mono|rclone}}. | First install {{mono|rclone}}. | ||
{{Console|1= | {{Console|1=pacaur -S rclone}} | ||
= | ={{Icon24|sitemap}} Authorize with Cloud Provider= | ||
Run the {{mono|rclone}} config. | Run the {{mono|rclone}} config. | ||
{{Console|1=rclone config}} | {{Console|1=rclone config}} | ||
Line 18: | Line 17: | ||
Select {{mono|YES}} to auto config (provided Xorg is running and a web browser is available). Then follow the instructions and login to your cloud provider so that rclone can get the proper authentication.<br/> | Select {{mono|YES}} to auto config (provided Xorg is running and a web browser is available). Then follow the instructions and login to your cloud provider so that rclone can get the proper authentication.<br/> | ||
Next accept the key download by selecting {{mono|YES}} the token is correct.<br/>The remote should now be properly configured. | Next accept the key download by selecting {{mono|YES}} the token is correct.<br/>The remote should now be properly configured. | ||
= | ={{Icon24|sitemap}} Encryption= | ||
Before configuration of the encrypted remote is setup, make sure you have a folder created on your cloud provider and setup properly for your needs before you continue. I am going to be setting up a folder for an SD Card that permanently sits in my laptop, the folder I created is called {{mono|sdcard}}. | Before configuration of the encrypted remote is setup, make sure you have a folder created on your cloud provider and setup properly for your needs before you continue. I am going to be setting up a folder for an SD Card that permanently sits in my laptop, the folder I created is called {{mono|sdcard}}. | ||
Line 26: | Line 25: | ||
This time select option {{mono|5}} for Encrypt/Decrypt a remote.<br/> | This time select option {{mono|5}} for Encrypt/Decrypt a remote.<br/> | ||
Next specify which remote and directory you would like to encrypt/decrypt, this has the format {{mono|remote:directory}}. | Next specify which remote and directory you would like to encrypt/decrypt, this has the format {{mono|remote:directory}}. | ||
{{Console|hubiC:/sdcard/|prompt=false}} | {{Note|For hubiC in particular if you can see the folder in the web interface you must prefix it with {{mono|default}}, normally it would just be {{mono|hubiC:/sdcard/}}}} | ||
{{margin}} | |||
{{Console|hubiC:default/sdcard/|prompt=false}} | |||
Type {{mono|standard}} for encrypted file names.<br/> | Type {{mono|standard}} for encrypted file names.<br/> | ||
Select {{mono|Y}} to set a password for the encrypted container.<br/> | Select {{mono|Y}} to set a password for the encrypted container.<br/> | ||
Line 32: | Line 33: | ||
{{Warning|DO NOT forget the password or salt to the container or all of the data inside will be irretrievable!}} | {{Warning|DO NOT forget the password or salt to the container or all of the data inside will be irretrievable!}} | ||
Finally confirm with {{mono|Y}} to create the encrypted remote. | Finally confirm with {{mono|Y}} to create the encrypted remote. | ||
= | |||
={{Icon24|sitemap}} Sync= | |||
Integrity can be checked to see the difference. | Integrity can be checked to see the difference. | ||
{{Console|1=rclone check /mnt/sdcard sdcard:}} | {{Console|1=rclone check /mnt/sdcard sdcard:}} | ||
Line 45: | Line 47: | ||
To restore a folder from the cloud to the local computer simply use the {{mono|sync}} option. | To restore a folder from the cloud to the local computer simply use the {{mono|sync}} option. | ||
= | ={{Icon24|sitemap}} Mounting= | ||
One can also mount their folder direct from the cloud, this can be useful for media servers. | One can also mount their folder direct from the cloud, this can be useful for media servers. | ||
{{Console|1=rclone mount --umask 0 --allow-other --max-read-ahead 200M sdcard: /mnt/sdcard &}} | {{Console|1=rclone mount --umask 0 --allow-other --max-read-ahead 200M sdcard: /mnt/sdcard &}} | ||
Line 51: | Line 53: | ||
{{Console|1=fusermount -u /mnt/sdcard}} | {{Console|1=fusermount -u /mnt/sdcard}} | ||
Another option is to create a systemd user service. | Another option is to create a systemd user service. | ||
{{Console|1=[Unit]<br/>Description{{=}}rclone FUSE mount<br/>After{{=}}network.target<br/><br/>[Service]<br/>Type{{=}}simple<br/>User{{=}}USER<br/>ExecStart{{=}}/usr/sbin/rclone mount --umask 0 --allow-other --max-read-ahead 200M sdcard: /mnt/sdcard<br/>ExecStop{{=}}/bin/fusermount -u /mnt/sdcard<br/>Restart{{=}}always<br/><br/>[Install]<br/>WantedBy{{=}}multi-user.target|prompt=false}} | {{Console|1={{MagentaBold|[Unit]}}<br/>{{Magenta|Description{{=}}}}rclone FUSE mount<br/>{{Magenta|After{{=}}}}network.target<br/><br/>{{MagentaBold|[Service]}}<br/>{{Magenta|Type{{=}}}}simple<br/>{{Magenta|User{{=}}}}USER<br/>{{Magenta|ExecStart{{=}}}}/usr/sbin/rclone mount --umask 0 --allow-other --max-read-ahead 200M sdcard: /mnt/sdcard<br/>{{Magenta|ExecStop{{=}}}}/bin/fusermount -u /mnt/sdcard<br/>{{Magenta|Restart{{=}}}}always<br/><br/>{{MagentaBold|[Install]}}<br/>{{Magenta|WantedBy{{=}}}}multi-user.target|prompt=false}} | ||
= {{Icon24|book-brown}} References = | |||
<references/> | |||
[[Category:Arch Linux]] | [[Category:Arch Linux]] |
Latest revision as of 00:41, 31 July 2017
This is the setup process for using rclone which sets up an encrypted rsync with your cloud storage provider. While you do not have to be using hubiC[1] to follow this guide it was definitely tailored towards it.
hubiC is a cloud storage service provided by OVH. I use it to backup all of my data, whether it be from my house or from my dedicated server (also hosted by OVH).
Install rclone
First install rclone.
# pacaur -S rclone |
Authorize with Cloud Provider
Run the rclone config.
# rclone config |
Create a new remote by selecting n and pressing <ENTER>.
Specify a name for the remote for use in commands. For this I am using hubiC.
Select which cloud provider you are using, again I am selecting 8 for hubiC.
Leave the Client Id and Client Secret blank for hubiC.
Select YES to auto config (provided Xorg is running and a web browser is available). Then follow the instructions and login to your cloud provider so that rclone can get the proper authentication.
Next accept the key download by selecting YES the token is correct.
The remote should now be properly configured.
Encryption
Before configuration of the encrypted remote is setup, make sure you have a folder created on your cloud provider and setup properly for your needs before you continue. I am going to be setting up a folder for an SD Card that permanently sits in my laptop, the folder I created is called sdcard.
Once the directory is created you can run rclone again.
# rclone config |
Again we want to setup a N new remote.
This time select option 5 for Encrypt/Decrypt a remote.
Next specify which remote and directory you would like to encrypt/decrypt, this has the format remote:directory.
For hubiC in particular if you can see the folder in the web interface you must prefix it with default, normally it would just be hubiC:/sdcard/ |
hubiC:default/sdcard/ |
Type standard for encrypted file names.
Select Y to set a password for the encrypted container.
Then repeat this process for a salt if you want added security or chose a non-random password.
WARNING: DO NOT forget the password or salt to the container or all of the data inside will be irretrievable! |
Finally confirm with Y to create the encrypted remote.
Sync
Integrity can be checked to see the difference.
# rclone check /mnt/sdcard sdcard: |
To put data to the cloud one has two options: copy and sync.
Copy will copy new files from the local computer to the cloud, but it will not remove files from the cloud that have been removed locally. This is particularly good for adding things to an existing container, such as a backup folder.
Sync will mirror the local computer to the cloud, this will delete files from the cloud that have been removed locally. This can be particularly useful for application database folders, or any data that needs to be 1:1 synchronized.
If you need to have a running copy of what is on the cloud I would highly recommend mounting your container from the cloud instead.
# rclone copy /mnt/sdcard sdcard: # rclone sync /mnt/sdcard sdcard: |
To restore a folder from the cloud to the local computer simply use the sync option.
Mounting
One can also mount their folder direct from the cloud, this can be useful for media servers.
# rclone mount --umask 0 --allow-other --max-read-ahead 200M sdcard: /mnt/sdcard & |
If you then need to unmount it for any reason you can with the following.
# fusermount -u /mnt/sdcard |
Another option is to create a systemd user service.
[Unit] Description=rclone FUSE mount After=network.target [Service] Type=simple User=USER ExecStart=/usr/sbin/rclone mount --umask 0 --allow-other --max-read-ahead 200M sdcard: /mnt/sdcard ExecStop=/bin/fusermount -u /mnt/sdcard Restart=always [Install] WantedBy=multi-user.target |