diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml deleted file mode 100644 index 1a3526825a41e..0000000000000 --- a/.github/FUNDING.yml +++ /dev/null @@ -1,4 +0,0 @@ -github: [ncw] -patreon: njcw -liberapay: ncw -custom: ["https://rclone.org/donate/"] diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 9463899d74610..123014908bebb 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,10 +1,6 @@ -version: 2 -updates: - - package-ecosystem: "github-actions" - directory: "/" - schedule: - interval: "daily" - - package-ecosystem: "gomod" - directory: "/" - schedule: - interval: "daily" +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 19113318b7d36..d12696daf1987 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -8,9 +8,9 @@ name: build on: push: branches: - - '*' + - '**' tags: - - '*' + - '**' pull_request: workflow_dispatch: inputs: @@ -27,12 +27,12 @@ jobs: strategy: fail-fast: false matrix: - job_name: ['linux', 'linux_386', 'mac_amd64', 'mac_arm64', 'windows', 'other_os', 'go1.18', 'go1.19'] + job_name: ['linux', 'linux_386', 'mac_amd64', 'mac_arm64', 'windows', 'other_os', 'go1.19', 'go1.20'] include: - job_name: linux os: ubuntu-latest - go: '1.20' + go: '1.21' gotags: cmount build_flags: '-include "^linux/"' check: true @@ -43,14 +43,14 @@ jobs: - job_name: linux_386 os: ubuntu-latest - go: '1.20' + go: '1.21' goarch: 386 gotags: cmount quicktest: true - job_name: mac_amd64 os: macos-11 - go: '1.20' + go: '1.21' gotags: 'cmount' build_flags: '-include "^darwin/amd64" -cgo' quicktest: true @@ -59,14 +59,14 @@ jobs: - job_name: mac_arm64 os: macos-11 - go: '1.20' + go: '1.21' gotags: 'cmount' build_flags: '-include "^darwin/arm64" -cgo -macos-arch arm64 -cgo-cflags=-I/usr/local/include -cgo-ldflags=-L/usr/local/lib' deploy: true - job_name: windows os: windows-latest - go: '1.20' + go: '1.21' gotags: cmount cgo: '0' build_flags: '-include "^windows/"' @@ -76,20 +76,20 @@ jobs: - job_name: other_os os: ubuntu-latest - go: '1.20' + go: '1.21' build_flags: '-exclude "^(windows/|darwin/|linux/)"' compile_all: true deploy: true - - job_name: go1.18 + - job_name: go1.19 os: ubuntu-latest - go: '1.18' + go: '1.19' quicktest: true racequicktest: true - - job_name: go1.19 + - job_name: go1.20 os: ubuntu-latest - go: '1.19' + go: '1.20' quicktest: true racequicktest: true @@ -99,12 +99,12 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Install Go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: go-version: ${{ matrix.go }} check-latest: true @@ -130,6 +130,11 @@ jobs: - name: Install Libraries on macOS shell: bash run: | + # https://github.com/Homebrew/brew/issues/15621#issuecomment-1619266788 + # https://github.com/orgs/Homebrew/discussions/4612#discussioncomment-6319008 + unset HOMEBREW_NO_INSTALL_FROM_API + brew untap --force homebrew/core + brew untap --force homebrew/cask brew update brew install --cask macfuse if: matrix.os == 'macos-11' @@ -211,13 +216,12 @@ jobs: shell: bash run: | if [[ "${{ matrix.os }}" == "ubuntu-latest" ]]; then make release_dep_linux ; fi - if [[ "${{ matrix.os }}" == "windows-latest" ]]; then make release_dep_windows ; fi make ci_beta env: RCLONE_CONFIG_PASS: ${{ secrets.RCLONE_CONFIG_PASS }} # working-directory: '$(modulePath)' # Deploy binaries if enabled in config && not a PR && not a fork - if: matrix.deploy && github.head_ref == '' && github.repository == 'rclone/rclone' + if: env.RCLONE_CONFIG_PASS != '' && matrix.deploy && github.head_ref == '' && github.repository == 'rclone/rclone' lint: if: ${{ github.event.inputs.manual == 'true' || (github.repository == 'rclone/rclone' && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name)) }} @@ -227,7 +231,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Code quality test uses: golangci/golangci-lint-action@v3 @@ -237,9 +241,9 @@ jobs: # Run govulncheck on the latest go version, the one we build binaries with - name: Install Go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: - go-version: '1.20' + go-version: '1.21' check-latest: true - name: Install govulncheck @@ -256,15 +260,15 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 # Upgrade together with NDK version - name: Set up Go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: - go-version: '1.20' + go-version: '1.21' - name: Go module cache uses: actions/cache@v3 @@ -352,4 +356,4 @@ jobs: env: RCLONE_CONFIG_PASS: ${{ secrets.RCLONE_CONFIG_PASS }} # Upload artifacts if not a PR && not a fork - if: github.head_ref == '' && github.repository == 'rclone/rclone' + if: env.RCLONE_CONFIG_PASS != '' && github.head_ref == '' && github.repository == 'rclone/rclone' diff --git a/.github/workflows/build_publish_beta_docker_image.yml b/.github/workflows/build_publish_beta_docker_image.yml new file mode 100644 index 0000000000000..4c4f935c4ceae --- /dev/null +++ b/.github/workflows/build_publish_beta_docker_image.yml @@ -0,0 +1,77 @@ +name: Docker beta build + +on: + push: + branches: + - master +jobs: + build: + if: github.repository == 'rclone/rclone' + runs-on: ubuntu-latest + name: Build image job + steps: + - name: Free some space + shell: bash + run: | + df -h . + # Remove android SDK + sudo rm -rf /usr/local/lib/android || true + # Remove .net runtime + sudo rm -rf /usr/share/dotnet || true + df -h . + - name: Checkout master + uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ghcr.io/${{ github.repository }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + # This is the user that triggered the Workflow. In this case, it will + # either be the user whom created the Release or manually triggered + # the workflow_dispatch. + username: ${{ github.actor }} + # `secrets.GITHUB_TOKEN` is a secret that's automatically generated by + # GitHub Actions at the start of a workflow run to identify the job. + # This is used to authenticate against GitHub Container Registry. + # See https://docs.github.com/en/actions/security-guides/automatic-token-authentication#about-the-github_token-secret + # for more detailed information. + password: ${{ secrets.GITHUB_TOKEN }} + - name: Show disk usage + shell: bash + run: | + df -h . + - name: Build and publish image + uses: docker/build-push-action@v5 + with: + file: Dockerfile + context: . + push: true # push the image to ghcr + tags: | + ghcr.io/rclone/rclone:beta + rclone/rclone:beta + labels: ${{ steps.meta.outputs.labels }} + platforms: linux/amd64,linux/386,linux/arm64,linux/arm/v7,linux/arm/v6 + cache-from: type=gha, scope=${{ github.workflow }} + cache-to: type=gha, mode=max, scope=${{ github.workflow }} + provenance: false + # Eventually cache will need to be cleared if builds more frequent than once a week + # https://github.com/docker/build-push-action/issues/252 + - name: Show disk usage + shell: bash + run: | + df -h . diff --git a/.github/workflows/build_publish_docker_image.yml b/.github/workflows/build_publish_docker_image.yml deleted file mode 100644 index af52509732534..0000000000000 --- a/.github/workflows/build_publish_docker_image.yml +++ /dev/null @@ -1,26 +0,0 @@ -name: Docker beta build - -on: - push: - branches: - - master - -jobs: - build: - if: github.repository == 'rclone/rclone' - runs-on: ubuntu-latest - name: Build image job - steps: - - name: Checkout master - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - name: Build and publish image - uses: ilteoood/docker_buildx@1.1.0 - with: - tag: beta - imageName: rclone/rclone - platform: linux/amd64,linux/386,linux/arm64,linux/arm/v7,linux/arm/v6 - publish: true - dockerHubUser: ${{ secrets.DOCKER_HUB_USER }} - dockerHubPassword: ${{ secrets.DOCKER_HUB_PASSWORD }} diff --git a/.github/workflows/build_publish_release_docker_image.yml b/.github/workflows/build_publish_release_docker_image.yml index 6fe9213c78761..319ce1b3050c6 100644 --- a/.github/workflows/build_publish_release_docker_image.yml +++ b/.github/workflows/build_publish_release_docker_image.yml @@ -10,8 +10,17 @@ jobs: runs-on: ubuntu-latest name: Build image job steps: + - name: Free some space + shell: bash + run: | + df -h . + # Remove android SDK + sudo rm -rf /usr/local/lib/android || true + # Remove .net runtime + sudo rm -rf /usr/share/dotnet || true + df -h . - name: Checkout master - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Get actual patch version @@ -39,8 +48,17 @@ jobs: runs-on: ubuntu-latest name: Build docker plugin job steps: + - name: Free some space + shell: bash + run: | + df -h . + # Remove android SDK + sudo rm -rf /usr/local/lib/android || true + # Remove .net runtime + sudo rm -rf /usr/share/dotnet || true + df -h . - name: Checkout master - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Build and publish docker plugin diff --git a/.github/workflows/winget.yml b/.github/workflows/winget.yml index db79b3aa34ecf..6a2264b93a015 100644 --- a/.github/workflows/winget.yml +++ b/.github/workflows/winget.yml @@ -5,7 +5,7 @@ on: jobs: publish: - runs-on: windows-latest # Action can only run on Windows + runs-on: ubuntu-latest steps: - uses: vedantmgoyal2009/winget-releaser@v2 with: diff --git a/.gitignore b/.gitignore index ff61403f32e3d..9627f353d8d97 100644 --- a/.gitignore +++ b/.gitignore @@ -8,10 +8,13 @@ rclone.iml .idea .history *.test -*.log *.iml fuzz-build.zip *.orig *.rej Thumbs.db __pycache__ +.DS_Store +/docs/static/img/logos/ +resource_windows_*.syso +.devcontainer diff --git a/.golangci.yml b/.golangci.yml index 9828c53dd9df4..0d61df700a51f 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -2,15 +2,17 @@ linters: enable: - - deadcode - errcheck - goimports - revive - ineffassign - - structcheck - - varcheck - govet - unconvert + - staticcheck + - gosimple + - stylecheck + - unused + - misspell #- prealloc #- maligned disable-all: true @@ -25,6 +27,74 @@ issues: # Maximum count of issues with the same text. Set to 0 to disable. Default is 3. max-same-issues: 0 + exclude-rules: + + - linters: + - staticcheck + text: 'SA1019: "github.com/rclone/rclone/cmd/serve/httplib" is deprecated' + + # don't disable the revive messages about comments on exported functions + include: + - EXC0012 + - EXC0013 + - EXC0014 + - EXC0015 + run: # timeout for analysis, e.g. 30s, 5m, default is 1m timeout: 10m + +linters-settings: + revive: + # setting rules seems to disable all the rules, so re-enable them here + rules: + - name: blank-imports + disabled: false + - name: context-as-argument + disabled: false + - name: context-keys-type + disabled: false + - name: dot-imports + disabled: false + - name: empty-block + disabled: true + - name: error-naming + disabled: false + - name: error-return + disabled: false + - name: error-strings + disabled: false + - name: errorf + disabled: false + - name: exported + disabled: false + - name: increment-decrement + disabled: true + - name: indent-error-flow + disabled: false + - name: package-comments + disabled: false + - name: range + disabled: false + - name: receiver-naming + disabled: false + - name: redefines-builtin-id + disabled: true + - name: superfluous-else + disabled: true + - name: time-naming + disabled: false + - name: unexported-return + disabled: false + - name: unreachable-code + disabled: true + - name: unused-parameter + disabled: true + - name: var-declaration + disabled: false + - name: var-naming + disabled: false + stylecheck: + # Only enable the checks performed by the staticcheck stand-alone tool, + # as documented here: https://staticcheck.io/docs/configuration/options/#checks + checks: ["all", "-ST1000", "-ST1003", "-ST1016", "-ST1020", "-ST1021", "-ST1022", "-ST1023"] diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 6f8ea2aface69..6e2e885ee4bf3 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,8 +1,8 @@ -# Contributing to rclone # +# Contributing to rclone This is a short guide on how to contribute things to rclone. -## Reporting a bug ## +## Reporting a bug If you've just got a question or aren't sure if you've found a bug then please use the [rclone forum](https://forum.rclone.org/) instead @@ -12,13 +12,13 @@ When filing an issue, please include the following information if possible as well as a description of the problem. Make sure you test with the [latest beta of rclone](https://beta.rclone.org/): - * Rclone version (e.g. output from `rclone version`) - * Which OS you are using and how many bits (e.g. Windows 10, 64 bit) - * The command you were trying to run (e.g. `rclone copy /tmp remote:tmp`) - * A log of the command with the `-vv` flag (e.g. output from `rclone -vv copy /tmp remote:tmp`) - * if the log contains secrets then edit the file with a text editor first to obscure them +- Rclone version (e.g. output from `rclone version`) +- Which OS you are using and how many bits (e.g. Windows 10, 64 bit) +- The command you were trying to run (e.g. `rclone copy /tmp remote:tmp`) +- A log of the command with the `-vv` flag (e.g. output from `rclone -vv copy /tmp remote:tmp`) + - if the log contains secrets then edit the file with a text editor first to obscure them -## Submitting a new feature or bug fix ## +## Submitting a new feature or bug fix If you find a bug that you'd like to fix, or a new feature that you'd like to implement then please submit a pull request via GitHub. @@ -73,9 +73,9 @@ This is typically enough if you made a simple bug fix, otherwise please read the Make sure you - * Add [unit tests](#testing) for a new feature. - * Add [documentation](#writing-documentation) for a new feature. - * [Commit your changes](#committing-your-changes) using the [message guideline](#commit-messages). +- Add [unit tests](#testing) for a new feature. +- Add [documentation](#writing-documentation) for a new feature. +- [Commit your changes](#committing-your-changes) using the [commit message guidelines](#commit-messages). When you are done with that push your changes to GitHub: @@ -88,9 +88,9 @@ Your changes will then get reviewed and you might get asked to fix some stuff. I You may sometimes be asked to [base your changes on the latest master](#basing-your-changes-on-the-latest-master) or [squash your commits](#squashing-your-commits). -## Using Git and GitHub ## +## Using Git and GitHub -### Committing your changes ### +### Committing your changes Follow the guideline for [commit messages](#commit-messages) and then: @@ -107,7 +107,7 @@ You can modify the message or changes in the latest commit using: If you amend to commits that have been pushed to GitHub, then you will have to [replace your previously pushed commits](#replacing-your-previously-pushed-commits). -### Replacing your previously pushed commits ### +### Replacing your previously pushed commits Note that you are about to rewrite the GitHub history of your branch. It is good practice to involve your collaborators before modifying commits that have been pushed to GitHub. @@ -115,7 +115,7 @@ Your previously pushed commits are replaced by: git push --force origin my-new-feature -### Basing your changes on the latest master ### +### Basing your changes on the latest master To base your changes on the latest version of the [rclone master](https://github.com/rclone/rclone/tree/master) (upstream): @@ -149,13 +149,21 @@ If you squash commits that have been pushed to GitHub, then you will have to [re Tip: You may like to use `git rebase -i master` if you are experienced or have a more complex situation. -### GitHub Continuous Integration ### +### GitHub Continuous Integration rclone currently uses [GitHub Actions](https://github.com/rclone/rclone/actions) to build and test the project, which should be automatically available for your fork too from the `Actions` tab in your repository. -## Testing ## +## Testing -### Quick testing ### +### Code quality tests + +If you install [golangci-lint](https://github.com/golangci/golangci-lint) then you can run the same tests as get run in the CI which can be very helpful. + +You can run them with `make check` or with `golangci-lint run ./...`. + +Using these tests ensures that the rclone codebase all uses the same coding standards. These tests also check for easy mistakes to make (like forgetting to check an error return). + +### Quick testing rclone's tests are run from the go testing framework, so at the top level you can run this to run all the tests. @@ -168,7 +176,7 @@ You can also use `make`, if supported by your platform The quicktest is [automatically run by GitHub](#github-continuous-integration) when you push your branch to GitHub. -### Backend testing ### +### Backend testing rclone contains a mixture of unit tests and integration tests. Because it is difficult (and in some respects pointless) to test cloud @@ -203,7 +211,7 @@ project root: go install github.com/rclone/rclone/fstest/test_all test_all -backend drive -### Full integration testing ### +### Full integration testing If you want to run all the integration tests against all the remotes, then change into the project root and run @@ -218,55 +226,56 @@ The commands may require some extra go packages which you can install with The full integration tests are run daily on the integration test server. You can find the results at https://pub.rclone.org/integration-tests/ -## Code Organisation ## +## Code Organisation Rclone code is organised into a small number of top level directories with modules beneath. - * backend - the rclone backends for interfacing to cloud providers - - * all - import this to load all the cloud providers - * ...providers - * bin - scripts for use while building or maintaining rclone - * cmd - the rclone commands - * all - import this to load all the commands - * ...commands - * cmdtest - end-to-end tests of commands, flags, environment variables,... - * docs - the documentation and website - * content - adjust these docs only - everything else is autogenerated - * command - these are auto-generated - edit the corresponding .go file - * fs - main rclone definitions - minimal amount of code - * accounting - bandwidth limiting and statistics - * asyncreader - an io.Reader which reads ahead - * config - manage the config file and flags - * driveletter - detect if a name is a drive letter - * filter - implements include/exclude filtering - * fserrors - rclone specific error handling - * fshttp - http handling for rclone - * fspath - path handling for rclone - * hash - defines rclone's hash types and functions - * list - list a remote - * log - logging facilities - * march - iterates directories in lock step - * object - in memory Fs objects - * operations - primitives for sync, e.g. Copy, Move - * sync - sync directories - * walk - walk a directory - * fstest - provides integration test framework - * fstests - integration tests for the backends - * mockdir - mocks an fs.Directory - * mockobject - mocks an fs.Object - * test_all - Runs integration tests for everything - * graphics - the images used in the website, etc. - * lib - libraries used by the backend - * atexit - register functions to run when rclone exits - * dircache - directory ID to name caching - * oauthutil - helpers for using oauth - * pacer - retries with backoff and paces operations - * readers - a selection of useful io.Readers - * rest - a thin abstraction over net/http for REST - * vfs - Virtual FileSystem layer for implementing rclone mount and similar - -## Writing Documentation ## +- backend - the rclone backends for interfacing to cloud providers - + - all - import this to load all the cloud providers + - ...providers +- bin - scripts for use while building or maintaining rclone +- cmd - the rclone commands + - all - import this to load all the commands + - ...commands +- cmdtest - end-to-end tests of commands, flags, environment variables,... +- docs - the documentation and website + - content - adjust these docs only - everything else is autogenerated + - command - these are auto-generated - edit the corresponding .go file +- fs - main rclone definitions - minimal amount of code + - accounting - bandwidth limiting and statistics + - asyncreader - an io.Reader which reads ahead + - config - manage the config file and flags + - driveletter - detect if a name is a drive letter + - filter - implements include/exclude filtering + - fserrors - rclone specific error handling + - fshttp - http handling for rclone + - fspath - path handling for rclone + - hash - defines rclone's hash types and functions + - list - list a remote + - log - logging facilities + - march - iterates directories in lock step + - object - in memory Fs objects + - operations - primitives for sync, e.g. Copy, Move + - sync - sync directories + - walk - walk a directory +- fstest - provides integration test framework + - fstests - integration tests for the backends + - mockdir - mocks an fs.Directory + - mockobject - mocks an fs.Object + - test_all - Runs integration tests for everything +- graphics - the images used in the website, etc. +- lib - libraries used by the backend + - atexit - register functions to run when rclone exits + - dircache - directory ID to name caching + - oauthutil - helpers for using oauth + - pacer - retries with backoff and paces operations + - readers - a selection of useful io.Readers + - rest - a thin abstraction over net/http for REST +- librclone - in memory interface to rclone's API for embedding rclone +- vfs - Virtual FileSystem layer for implementing rclone mount and similar + +## Writing Documentation If you are adding a new feature then please update the documentation. @@ -277,22 +286,22 @@ alphabetical order. If you add a new backend option/flag, then it should be documented in the source file in the `Help:` field. - * Start with the most important information about the option, +- Start with the most important information about the option, as a single sentence on a single line. - * This text will be used for the command-line flag help. - * It will be combined with other information, such as any default value, + - This text will be used for the command-line flag help. + - It will be combined with other information, such as any default value, and the result will look odd if not written as a single sentence. - * It should end with a period/full stop character, which will be shown + - It should end with a period/full stop character, which will be shown in docs but automatically removed when producing the flag help. - * Try to keep it below 80 characters, to reduce text wrapping in the terminal. - * More details can be added in a new paragraph, after an empty line (`"\n\n"`). - * Like with docs generated from Markdown, a single line break is ignored + - Try to keep it below 80 characters, to reduce text wrapping in the terminal. +- More details can be added in a new paragraph, after an empty line (`"\n\n"`). + - Like with docs generated from Markdown, a single line break is ignored and two line breaks creates a new paragraph. - * This text will be shown to the user in `rclone config` + - This text will be shown to the user in `rclone config` and in the docs (where it will be added by `make backenddocs`, normally run some time before next release). - * To create options of enumeration type use the `Examples:` field. - * Each example value have their own `Help:` field, but they are treated +- To create options of enumeration type use the `Examples:` field. + - Each example value have their own `Help:` field, but they are treated a bit different than the main option help text. They will be shown as an unordered list, therefore a single line break is enough to create a new list item. Also, for enumeration texts like name of @@ -312,12 +321,12 @@ combined unmodified with other information (such as any default value). Note that you can use [GitHub's online editor](https://help.github.com/en/github/managing-files-in-a-repository/editing-files-in-another-users-repository) for small changes in the docs which makes it very easy. -## Making a release ## +## Making a release There are separate instructions for making a release in the RELEASE.md file. -## Commit messages ## +## Commit messages Please make the first line of your commit message a summary of the change that a user (not a developer) of rclone would like to read, and @@ -358,7 +367,7 @@ error fixing the hang. Fixes #1498 ``` -## Adding a dependency ## +## Adding a dependency rclone uses the [go modules](https://tip.golang.org/cmd/go/#hdr-Modules__module_versions__and_more) @@ -370,7 +379,7 @@ To add a dependency `github.com/ncw/new_dependency` see the instructions below. These will fetch the dependency and add it to `go.mod` and `go.sum`. - GO111MODULE=on go get github.com/ncw/new_dependency + go get github.com/ncw/new_dependency You can add constraints on that package when doing `go get` (see the go docs linked above), but don't unless you really need to. @@ -378,15 +387,15 @@ go docs linked above), but don't unless you really need to. Please check in the changes generated by `go mod` including `go.mod` and `go.sum` in the same commit as your other changes. -## Updating a dependency ## +## Updating a dependency If you need to update a dependency then run - GO111MODULE=on go get -u golang.org/x/crypto + go get golang.org/x/crypto Check in a single commit as above. -## Updating all the dependencies ## +## Updating all the dependencies In order to update all the dependencies then run `make update`. This just uses the go modules to update all the modules to their latest @@ -395,7 +404,7 @@ stable release. Check in the changes in a single commit as above. This should be done early in the release cycle to pick up new versions of packages in time for them to get some testing. -## Updating a backend ## +## Updating a backend If you update a backend then please run the unit tests and the integration tests for that backend. @@ -410,82 +419,133 @@ integration tests. The next section goes into more detail about the tests. -## Writing a new backend ## +## Writing a new backend Choose a name. The docs here will use `remote` as an example. Note that in rclone terminology a file system backend is called a remote or an fs. -Research +### Research - * Look at the interfaces defined in `fs/fs.go` - * Study one or more of the existing remotes +- Look at the interfaces defined in `fs/types.go` +- Study one or more of the existing remotes -Getting going +### Getting going - * Create `backend/remote/remote.go` (copy this from a similar remote) - * box is a good one to start from if you have a directory-based remote - * b2 is a good one to start from if you have a bucket-based remote - * Add your remote to the imports in `backend/all/all.go` - * HTTP based remotes are easiest to maintain if they use rclone's rest module, but if there is a really good go SDK then use that instead. - * Try to implement as many optional methods as possible as it makes the remote more usable. - * Use lib/encoder to make sure we can encode any path name and `rclone info` to help determine the encodings needed - * `rclone purge -v TestRemote:rclone-info` - * `rclone test info --all --remote-encoding None -vv --write-json remote.json TestRemote:rclone-info` - * `go run cmd/test/info/internal/build_csv/main.go -o remote.csv remote.json` - * open `remote.csv` in a spreadsheet and examine +- Create `backend/remote/remote.go` (copy this from a similar remote) + - box is a good one to start from if you have a directory-based remote (and shows how to use the directory cache) + - b2 is a good one to start from if you have a bucket-based remote +- Add your remote to the imports in `backend/all/all.go` +- HTTP based remotes are easiest to maintain if they use rclone's [lib/rest](https://pkg.go.dev/github.com/rclone/rclone/lib/rest) module, but if there is a really good Go SDK from the provider then use that instead. +- Try to implement as many optional methods as possible as it makes the remote more usable. +- Use [lib/encoder](https://pkg.go.dev/github.com/rclone/rclone/lib/encoder) to make sure we can encode any path name and `rclone info` to help determine the encodings needed + - `rclone purge -v TestRemote:rclone-info` + - `rclone test info --all --remote-encoding None -vv --write-json remote.json TestRemote:rclone-info` + - `go run cmd/test/info/internal/build_csv/main.go -o remote.csv remote.json` + - open `remote.csv` in a spreadsheet and examine -Unit tests +### Guidelines for a speedy merge - * Create a config entry called `TestRemote` for the unit tests to use - * Create a `backend/remote/remote_test.go` - copy and adjust your example remote - * Make sure all tests pass with `go test -v` +- **Do** use [lib/rest](https://pkg.go.dev/github.com/rclone/rclone/lib/rest) if you are implementing a REST like backend and parsing XML/JSON in the backend. +- **Do** use rclone's Client or Transport from [fs/fshttp](https://pkg.go.dev/github.com/rclone/rclone/fs/fshttp) if your backend is HTTP based - this adds features like `--dump bodies`, `--tpslimit`, `--user-agent` without you having to code anything! +- **Do** follow your example backend exactly - use the same code order, function names, layout, structure. **Don't** move stuff around and **Don't** delete the comments. +- **Do not** split your backend up into `fs.go` and `object.go` (there are a few backends like that - don't follow them!) +- **Do** put your API type definitions in a separate file - by preference `api/types.go` +- **Remember** we have >50 backends to maintain so keeping them as similar as possible to each other is a high priority! -Integration tests +### Unit tests - * Add your backend to `fstest/test_all/config.yaml` - * Once you've done that then you can use the integration test framework from the project root: - * go install ./... - * test_all -backends remote +- Create a config entry called `TestRemote` for the unit tests to use +- Create a `backend/remote/remote_test.go` - copy and adjust your example remote +- Make sure all tests pass with `go test -v` + +### Integration tests + +- Add your backend to `fstest/test_all/config.yaml` + - Once you've done that then you can use the integration test framework from the project root: + - go install ./... + - test_all -backends remote Or if you want to run the integration tests manually: - * Make sure integration tests pass with - * `cd fs/operations` - * `go test -v -remote TestRemote:` - * `cd fs/sync` - * `go test -v -remote TestRemote:` - * If your remote defines `ListR` check with this also - * `go test -v -remote TestRemote: -fast-list` +- Make sure integration tests pass with + - `cd fs/operations` + - `go test -v -remote TestRemote:` + - `cd fs/sync` + - `go test -v -remote TestRemote:` +- If your remote defines `ListR` check with this also + - `go test -v -remote TestRemote: -fast-list` See the [testing](#testing) section for more information on integration tests. -Add your fs to the docs - you'll need to pick an icon for it from +### Backend documentation + +Add your backend to the docs - you'll need to pick an icon for it from [fontawesome](http://fontawesome.io/icons/). Keep lists of remotes in alphabetical order of full name of remote (e.g. `drive` is ordered as `Google Drive`) but with the local file system last. - * `README.md` - main GitHub page - * `docs/content/remote.md` - main docs page (note the backend options are automatically added to this file with `make backenddocs`) - * make sure this has the `autogenerated options` comments in (see your reference backend docs) - * update them with `make backenddocs` - revert any changes in other backends - * `docs/content/overview.md` - overview docs - * `docs/content/docs.md` - list of remotes in config section - * `docs/content/_index.md` - front page of rclone.org - * `docs/layouts/chrome/navbar.html` - add it to the website navigation - * `bin/make_manual.py` - add the page to the `docs` constant +- `README.md` - main GitHub page +- `docs/content/remote.md` - main docs page (note the backend options are automatically added to this file with `make backenddocs`) + - make sure this has the `autogenerated options` comments in (see your reference backend docs) + - update them in your backend with `bin/make_backend_docs.py remote` +- `docs/content/overview.md` - overview docs +- `docs/content/docs.md` - list of remotes in config section +- `docs/content/_index.md` - front page of rclone.org +- `docs/layouts/chrome/navbar.html` - add it to the website navigation +- `bin/make_manual.py` - add the page to the `docs` constant Once you've written the docs, run `make serve` and check they look OK in the web browser and the links (internal and external) all work. -## Writing a plugin ## +## Adding a new s3 provider + +It is quite easy to add a new S3 provider to rclone. + +You'll need to modify the following files + +- `backend/s3/s3.go` + - Add the provider to `providerOption` at the top of the file + - Add endpoints and other config for your provider gated on the provider in `fs.RegInfo`. + - Exclude your provider from genric config questions (eg `region` and `endpoint). + - Add the provider to the `setQuirks` function - see the documentation there. +- `docs/content/s3.md` + - Add the provider at the top of the page. + - Add a section about the provider linked from there. + - Add a transcript of a trial `rclone config` session + - Edit the transcript to remove things which might change in subsequent versions + - **Do not** alter or add to the autogenerated parts of `s3.md` + - **Do not** run `make backenddocs` or `bin/make_backend_docs.py s3` +- `README.md` - this is the home page in github + - Add the provider and a link to the section you wrote in `docs/contents/s3.md` +- `docs/content/_index.md` - this is the home page of rclone.org + - Add the provider and a link to the section you wrote in `docs/contents/s3.md` + +When adding the provider, endpoints, quirks, docs etc keep them in +alphabetical order by `Provider` name, but with `AWS` first and +`Other` last. + +Once you've written the docs, run `make serve` and check they look OK +in the web browser and the links (internal and external) all work. + +Once you've written the code, test `rclone config` works to your +satisfaction, and check the integration tests work `go test -v -remote +NewS3Provider:`. You may need to adjust the quirks to get them to +pass. Some providers just can't pass the tests with control characters +in the names so if these fail and the provider doesn't support +`urlEncodeListings` in the quirks then ignore them. Note that the +`SetTier` test may also fail on non AWS providers. + +For an example of adding an s3 provider see [eb3082a1](https://github.com/rclone/rclone/commit/eb3082a1ebdb76d5625f14cedec3f5154a5e7b10). + +## Writing a plugin New features (backends, commands) can also be added "out-of-tree", through Go plugins. Changes will be kept in a dynamically loaded file instead of being compiled into the main binary. This is useful if you can't merge your changes upstream or don't want to maintain a fork of rclone. -Usage +### Usage - Naming - Plugins names must have the pattern `librcloneplugin_KIND_NAME.so`. @@ -500,7 +560,7 @@ Usage - Plugins must be compiled against the exact version of rclone to work. (The rclone used during building the plugin must be the same as the source of rclone) -Building +### Building To turn your existing additions into a Go plugin, move them to an external repository and change the top-level package name to `main`. diff --git a/MAINTAINERS.md b/MAINTAINERS.md index 8b24b3e3691bd..3ab1c22482203 100644 --- a/MAINTAINERS.md +++ b/MAINTAINERS.md @@ -16,6 +16,11 @@ Current active maintainers of rclone are: | Max Sum | @Max-Sum | union backend | | Fred | @creativeprojects | seafile backend | | Caleb Case | @calebcase | storj backend | +| wiserain | @wiserain | pikpak backend | +| albertony | @albertony | | +| Chun-Hung Tseng | @henrybear327 | Proton Drive Backend | +| Hideo Aoyama | @boukendesho | snap packaging | +| nielash | @nielash | bisync | **This is a work in progress Draft** diff --git a/MANUAL.html b/MANUAL.html index 39b3e2d3321de..d16296fa0acd4 100644 --- a/MANUAL.html +++ b/MANUAL.html @@ -13,13 +13,75 @@ div.column{display: inline-block; vertical-align: top; width: 50%;} div.hanging-indent{margin-left: 1.5em; text-indent: -1.5em;} ul.task-list{list-style: none;} + pre > code.sourceCode { white-space: pre; position: relative; } + pre > code.sourceCode > span { display: inline-block; line-height: 1.25; } + pre > code.sourceCode > span:empty { height: 1.2em; } + code.sourceCode > span { color: inherit; text-decoration: inherit; } + div.sourceCode { margin: 1em 0; } + pre.sourceCode { margin: 0; } + @media screen { + div.sourceCode { overflow: auto; } + } + @media print { + pre > code.sourceCode { white-space: pre-wrap; } + pre > code.sourceCode > span { text-indent: -5em; padding-left: 5em; } + } + pre.numberSource code + { counter-reset: source-line 0; } + pre.numberSource code > span + { position: relative; left: -4em; counter-increment: source-line; } + pre.numberSource code > span > a:first-child::before + { content: counter(source-line); + position: relative; left: -1em; text-align: right; vertical-align: baseline; + border: none; display: inline-block; + -webkit-touch-callout: none; -webkit-user-select: none; + -khtml-user-select: none; -moz-user-select: none; + -ms-user-select: none; user-select: none; + padding: 0 4px; width: 4em; + color: #aaaaaa; + } + pre.numberSource { margin-left: 3em; border-left: 1px solid #aaaaaa; padding-left: 4px; } + div.sourceCode + { } + @media screen { + pre > code.sourceCode > span > a:first-child::before { text-decoration: underline; } + } + code span.al { color: #ff0000; font-weight: bold; } /* Alert */ + code span.an { color: #60a0b0; font-weight: bold; font-style: italic; } /* Annotation */ + code span.at { color: #7d9029; } /* Attribute */ + code span.bn { color: #40a070; } /* BaseN */ + code span.bu { } /* BuiltIn */ + code span.cf { color: #007020; font-weight: bold; } /* ControlFlow */ + code span.ch { color: #4070a0; } /* Char */ + code span.cn { color: #880000; } /* Constant */ + code span.co { color: #60a0b0; font-style: italic; } /* Comment */ + code span.cv { color: #60a0b0; font-weight: bold; font-style: italic; } /* CommentVar */ + code span.do { color: #ba2121; font-style: italic; } /* Documentation */ + code span.dt { color: #902000; } /* DataType */ + code span.dv { color: #40a070; } /* DecVal */ + code span.er { color: #ff0000; font-weight: bold; } /* Error */ + code span.ex { } /* Extension */ + code span.fl { color: #40a070; } /* Float */ + code span.fu { color: #06287e; } /* Function */ + code span.im { } /* Import */ + code span.in { color: #60a0b0; font-weight: bold; font-style: italic; } /* Information */ + code span.kw { color: #007020; font-weight: bold; } /* Keyword */ + code span.op { color: #666666; } /* Operator */ + code span.ot { color: #007020; } /* Other */ + code span.pp { color: #bc7a00; } /* Preprocessor */ + code span.sc { color: #4070a0; } /* SpecialChar */ + code span.ss { color: #bb6688; } /* SpecialString */ + code span.st { color: #4070a0; } /* String */ + code span.va { color: #19177c; } /* Variable */ + code span.vs { color: #4070a0; } /* VerbatimString */ + code span.wa { color: #60a0b0; font-weight: bold; font-style: italic; } /* Warning */
Mar 14, 2023
+Nov 26, 2023
Rclone is a command-line program to manage files on cloud storage. It is a feature-rich alternative to cloud vendors' web storage interfaces. Over 40 cloud storage products support rclone including S3 object stores, business & consumer file storage services, as well as standard transfer protocols.
+Rclone is a command-line program to manage files on cloud storage. It is a feature-rich alternative to cloud vendors' web storage interfaces. Over 70 cloud storage products support rclone including S3 object stores, business & consumer file storage services, as well as standard transfer protocols.
Rclone has powerful cloud equivalents to the unix commands rsync, cp, mv, mount, ls, ncdu, tree, rm, and cat. Rclone's familiar syntax includes shell pipeline support, and --dry-run
protection. It is used at the command line, in scripts or via its API.
Users call rclone "The Swiss army knife of cloud storage", and "Technology indistinguishable from magic".
Rclone really looks after your data. It preserves timestamps and verifies checksums at all times. Transfers over limited bandwidth; intermittent connections, or subject to quota can be restarted, from the last good file transferred. You can check the integrity of your files. Where possible, rclone employs server-side transfers to minimise local bandwidth use and transfers from one provider to another without using local disk.
@@ -91,6 +153,7 @@See below for some expanded Linux / macOS / Windows instructions.
See the usage docs for how to use rclone, or run rclone -h
.
Already installed rclone can be easily updated to the latest version using the rclone selfupdate command.
+See the release signing docs for how to verify signatures on the release.
To install rclone on Linux/macOS/BSD systems, run:
sudo -v ; curl https://rclone.org/install.sh | sudo bash
@@ -204,6 +278,12 @@ NOTE: This version of rclone will not support mount
any more (see #5373). If mounting is wanted on macOS, either install a precompiled binary or enable the relevant option when installing from source.
Note that this is a third party installer not controlled by the rclone developers so it may be out of date. Its current version is as below.
+On macOS, rclone can also be installed via MacPorts:
+sudo port install rclone
+Note that this is a third party installer not controlled by the rclone developers so it may be out of date. Its current version is as below.
+ +More information here.
To avoid problems with macOS gatekeeper enforcing the binary to be signed and notarized it is enough to download with curl
.
Download the latest version of rclone.
@@ -241,7 +321,10 @@If you are planning to use the rclone mount feature then you will need to install the third party utility WinFsp also.
Winget comes pre-installed with the latest versions of Windows. If not, update the App Installer package from the Microsoft store.
+To install rclone
winget install Rclone.Rclone
+To uninstall rclone
+winget uninstall Rclone.Rclone --force
Make sure you have Choco installed
choco search rclone
@@ -289,10 +372,16 @@ Docker installation
# config on host at ~/.config/rclone/rclone.conf
# data on host at ~/data
+# add a remote interactively
+docker run --rm -it \
+ --volume ~/.config/rclone:/config/rclone \
+ --user $(id -u):$(id -g) \
+ rclone/rclone \
+ config
+
# make sure the config is ok by listing the remotes
docker run --rm \
--volume ~/.config/rclone:/config/rclone \
- --volume ~/data:/data:shared \
--user $(id -u):$(id -g) \
rclone/rclone \
listremotes
@@ -309,8 +398,23 @@ Docker installation
mount dropbox:Photos /data/mount &
ls ~/data/mount
kill %1
+Snap installation
+
+Make sure you have Snapd installed
+sudo snap install rclone $
+Due to the strict confinement of Snap, rclone snap cannot access real /home/$USER/.config/rclone directory, default config path is as below.
+
+- Default config directory:
+
+- /home/$USER/snap/rclone/current/.config/rclone
+
+
+Note: Due to the strict confinement of Snap, rclone mount
feature is not
supported.
+If mounting is wanted, either install a precompiled binary or enable the relevant option when installing from source.
+Note that this is controlled by community maintainer not the rclone developers so it may be out of date. Its current version is as below.
+
Source installation
-Make sure you have git and Go installed. Go version 1.17 or newer is required, latest release is recommended. You can get it from your package manager, or download it from golang.org/dl. Then you can run the following:
+Make sure you have git and Go installed. Go version 1.18 or newer is required, the latest release is recommended. You can get it from your package manager, or download it from golang.org/dl. Then you can run the following:
git clone https://github.com/rclone/rclone.git
cd rclone
go build
@@ -318,19 +422,22 @@ Source installation
Note that on macOS and Windows the mount command will not be available unless you specify an additional build tag cmount
.
go build -tags cmount
This assumes you have a GCC compatible C compiler (GCC or Clang) in your PATH, as it uses cgo. But on Windows, the cgofuse library that the cmount implementation is based on, also supports building without cgo, i.e. by setting environment variable CGO_ENABLED to value 0 (static linking). This is how the official Windows release of rclone is being built, starting with version 1.59. It is still possible to build with cgo on Windows as well, by using the MinGW port of GCC, e.g. by installing it in a MSYS2 distribution (make sure you install it in the classic mingw64 subsystem, the ucrt64 version is not compatible).
-Additionally, on Windows, you must install the third party utility WinFsp, with the "Developer" feature selected. If building with cgo, you must also set environment variable CPATH pointing to the fuse include directory within the WinFsp installation (normally C:\Program Files (x86)\WinFsp\inc\fuse
).
-You may also add arguments -ldflags -s
(with or without -tags cmount
), to omit symbol table and debug information, making the executable file smaller, and -trimpath
to remove references to local file system paths. This is how the official rclone releases are built.
+Additionally, to build with mount on Windows, you must install the third party utility WinFsp, with the "Developer" feature selected. If building with cgo, you must also set environment variable CPATH pointing to the fuse include directory within the WinFsp installation (normally C:\Program Files (x86)\WinFsp\inc\fuse
).
+You may add arguments -ldflags -s
to omit symbol table and debug information, making the executable file smaller, and -trimpath
to remove references to local file system paths. The official rclone releases are built with both of these.
go build -trimpath -ldflags -s -tags cmount
-Instead of executing the go build
command directly, you can run it via the Makefile. It changes the version number suffix from "-DEV" to "-beta" and appends commit details. It also copies the resulting rclone executable into your GOPATH bin folder ($(go env GOPATH)/bin
, which corresponds to ~/go/bin/rclone
by default).
+If you want to customize the version string, as reported by the rclone version
command, you can set one of the variables fs.Version
, fs.VersionTag
(to keep default suffix but customize the number), or fs.VersionSuffix
(to keep default number but customize the suffix). This can be done from the build command, by adding to the -ldflags
argument value as shown below.
+go build -trimpath -ldflags "-s -X github.com/rclone/rclone/fs.Version=v9.9.9-test" -tags cmount
+On Windows, the official executables also have the version information, as well as a file icon, embedded as binary resources. To get that with your own build you need to run the following command before the build command. It generates a Windows resource system object file, with extension .syso, e.g. resource_windows_amd64.syso
, that will be automatically picked up by future build commands.
+go run bin/resource_windows.go
+The above command will generate a resource file containing version information based on the fs.Version variable in source at the time you run the command, which means if the value of this variable changes you need to re-run the command for it to be reflected in the version information. Also, if you override this version variable in the build command as described above, you need to do that also when generating the resource file, or else it will still use the value from the source.
+go run bin/resource_windows.go -version v9.9.9-test
+Instead of executing the go build
command directly, you can run it via the Makefile. The default target changes the version suffix from "-DEV" to "-beta" followed by additional commit details, embeds version information binary resources on Windows, and copies the resulting rclone executable into your GOPATH bin folder ($(go env GOPATH)/bin
, which corresponds to ~/go/bin/rclone
by default).
make
To include mount command on macOS and Windows with Makefile build:
make GOTAGS=cmount
-There are other make targets that can be used for more advanced builds, such as cross-compiling for all supported os/architectures, embedding icon and version info resources into windows executable, and packaging results into release artifacts. See Makefile and cross-compile.go for details.
-Another alternative is to download the source, build and install rclone in one operation, as a regular Go package. The source will be stored it in the Go module cache, and the resulting executable will be in your GOPATH bin folder ($(go env GOPATH)/bin
, which corresponds to ~/go/bin/rclone
by default).
-With Go version 1.17 or newer:
+There are other make targets that can be used for more advanced builds, such as cross-compiling for all supported os/architectures, and packaging results into release artifacts. See Makefile and cross-compile.go for details.
+Another alternative method for source installation is to download the source, build and install rclone - all in one operation, as a regular Go package. The source will be stored it in the Go module cache, and the resulting executable will be in your GOPATH bin folder ($(go env GOPATH)/bin
, which corresponds to ~/go/bin/rclone
by default).
go install github.com/rclone/rclone@latest
-With Go versions older than 1.17 (do not use the -u
flag, it causes Go to try to update the dependencies that rclone uses and sometimes these don't work with the current version):
-go get github.com/rclone/rclone
Ansible installation
This can be done with Stefan Weichinger's ansible role.
Instructions
@@ -371,7 +478,7 @@ Mount command built-in servi
The WinFsp service infrastructure supports incorporating services for file system implementations, such as rclone, into its own launcher service, as kind of "child services". This has the additional advantage that it also implements a network provider that integrates into Windows standard methods for managing network drives. This is currently not officially supported by Rclone, but with WinFsp version 2019.3 B2 / v1.5B2 or later it should be possible through path rewriting as described here.
Third-party service integration
To Windows service running any rclone command, the excellent third-party utility NSSM, the "Non-Sucking Service Manager", can be used. It includes some advanced features such as adjusting process priority, defining process environment variables, redirect to file anything written to stdout, and customized response to different exit codes, with a GUI to configure everything from (although it can also be used from command line ).
-There are also several other alternatives. To mention one more, WinSW, "Windows Service Wrapper", is worth checking out. It requires .NET Framework, but it is preinstalled on newer versions of Windows, and it also provides alternative standalone distributions which includes necessary runtime (.NET 5). WinSW is a command-line only utility, where you have to manually create an XML file with service configuration. This may be a drawback for some, but it can also be an advantage as it is easy to back up and re-use the configuration settings, without having go through manual steps in a GUI. One thing to note is that by default it does not restart the service on error, one have to explicit enable this in the configuration file (via the "onfailure" parameter).
+There are also several other alternatives. To mention one more, WinSW, "Windows Service Wrapper", is worth checking out. It requires .NET Framework, but it is preinstalled on newer versions of Windows, and it also provides alternative standalone distributions which includes necessary runtime (.NET 5). WinSW is a command-line only utility, where you have to manually create an XML file with service configuration. This may be a drawback for some, but it can also be an advantage as it is easy to back up and reuse the configuration settings, without having go through manual steps in a GUI. One thing to note is that by default it does not restart the service on error, one have to explicit enable this in the configuration file (via the "onfailure" parameter).
Autostart on Linux
Start as a service
To always run rclone in background, relevant for mount commands etc, you can use systemd to set up rclone as a system or user service. Running as a system service ensures that it is run at startup even if the user it is running as has no active session. Running rclone as a user service ensures that it only starts after the configured user has logged into the system.
@@ -412,18 +519,23 @@ Configure
Internet Archive
Jottacloud
Koofr
+Linkbox
Mail.ru Cloud
Mega
Memory
Microsoft Azure Blob Storage
+Microsoft Azure Files Storage
Microsoft OneDrive
-OpenStack Swift / Rackspace Cloudfiles / Memset Memstore
+OpenStack Swift / Rackspace Cloudfiles / Blomp Cloud Storage / Memset Memstore
OpenDrive
Oracle Object Storage
Pcloud
+PikPak
premiumize.me
put.io
+Proton Drive
QingStor
+Quatrix by Maytech
Seafile
SFTP
Sia
@@ -457,18 +569,20 @@ Synopsis
Options
-h, --help help for config
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
- rclone config create - Create a new remote with name, type and options.
- rclone config delete - Delete an existing remote.
- rclone config disconnect - Disconnects user from remote
- rclone config dump - Dump the config file as JSON.
+- rclone config edit - Enter an interactive configuration session.
- rclone config file - Show path of configuration file in use.
- rclone config password - Update password in an existing remote.
- rclone config paths - Show paths used for configuration, cache, temp etc.
- rclone config providers - List in JSON format all the providers and options.
- rclone config reconnect - Re-authenticates user with remote.
+- rclone config redacted - Print redacted (decrypted) config file, or the redacted config for a single remote.
- rclone config show - Print (decrypted) config file, or the config for a single remote.
- rclone config touch - Ensure configuration file exists.
- rclone config update - Update options in an existing remote.
@@ -502,8 +616,74 @@ Synopsis
Options
--create-empty-src-dirs Create empty source dirs on destination after copy
-h, --help help for copy
+Copy Options
+Flags for anything which can Copy a file.
+ --check-first Do all the checks before starting transfers
+ -c, --checksum Check for changes with size & checksum (if available, or fallback to size only).
+ --compare-dest stringArray Include additional comma separated server-side paths during comparison
+ --copy-dest stringArray Implies --compare-dest but also copies files from paths into destination
+ --cutoff-mode HARD|SOFT|CAUTIOUS Mode to stop transfers when reaching the max transfer limit HARD|SOFT|CAUTIOUS (default HARD)
+ --ignore-case-sync Ignore case when synchronizing
+ --ignore-checksum Skip post copy check of checksums
+ --ignore-existing Skip all files that exist on destination
+ --ignore-size Ignore size when skipping use modtime or checksum
+ -I, --ignore-times Don't skip files that match size and time - transfer all files
+ --immutable Do not modify files, fail if existing files have been modified
+ --inplace Download directly to destination file instead of atomic download to temp/rename
+ --max-backlog int Maximum number of objects in sync or check backlog (default 10000)
+ --max-duration Duration Maximum duration rclone will transfer data for (default 0s)
+ --max-transfer SizeSuffix Maximum size of data to transfer (default off)
+ -M, --metadata If set, preserve metadata when copying objects
+ --modify-window Duration Max time diff to be considered the same (default 1ns)
+ --multi-thread-chunk-size SizeSuffix Chunk size for multi-thread downloads / uploads, if not set by filesystem (default 64Mi)
+ --multi-thread-cutoff SizeSuffix Use multi-thread downloads for files above this size (default 256Mi)
+ --multi-thread-streams int Number of streams to use for multi-thread downloads (default 4)
+ --multi-thread-write-buffer-size SizeSuffix In memory buffer size for writing when in multi-thread mode (default 128Ki)
+ --no-check-dest Don't check the destination, copy regardless
+ --no-traverse Don't traverse destination file system on copy
+ --no-update-modtime Don't update destination modtime if files identical
+ --order-by string Instructions on how to order the transfers, e.g. 'size,descending'
+ --partial-suffix string Add partial-suffix to temporary file name when --inplace is not used (default ".partial")
+ --refresh-times Refresh the modtime of remote files
+ --server-side-across-configs Allow server-side operations (e.g. copy) to work across different configs
+ --size-only Skip based on size only, not modtime or checksum
+ --streaming-upload-cutoff SizeSuffix Cutoff for switching to chunked upload if file size is unknown, upload starts after reaching cutoff or when file ends (default 100Ki)
+ -u, --update Skip files that are newer on the destination
+Important Options
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Listing Options
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
@@ -523,8 +703,87 @@ Synopsis
Options
--create-empty-src-dirs Create empty source dirs on destination after sync
-h, --help help for sync
+Copy Options
+Flags for anything which can Copy a file.
+ --check-first Do all the checks before starting transfers
+ -c, --checksum Check for changes with size & checksum (if available, or fallback to size only).
+ --compare-dest stringArray Include additional comma separated server-side paths during comparison
+ --copy-dest stringArray Implies --compare-dest but also copies files from paths into destination
+ --cutoff-mode HARD|SOFT|CAUTIOUS Mode to stop transfers when reaching the max transfer limit HARD|SOFT|CAUTIOUS (default HARD)
+ --ignore-case-sync Ignore case when synchronizing
+ --ignore-checksum Skip post copy check of checksums
+ --ignore-existing Skip all files that exist on destination
+ --ignore-size Ignore size when skipping use modtime or checksum
+ -I, --ignore-times Don't skip files that match size and time - transfer all files
+ --immutable Do not modify files, fail if existing files have been modified
+ --inplace Download directly to destination file instead of atomic download to temp/rename
+ --max-backlog int Maximum number of objects in sync or check backlog (default 10000)
+ --max-duration Duration Maximum duration rclone will transfer data for (default 0s)
+ --max-transfer SizeSuffix Maximum size of data to transfer (default off)
+ -M, --metadata If set, preserve metadata when copying objects
+ --modify-window Duration Max time diff to be considered the same (default 1ns)
+ --multi-thread-chunk-size SizeSuffix Chunk size for multi-thread downloads / uploads, if not set by filesystem (default 64Mi)
+ --multi-thread-cutoff SizeSuffix Use multi-thread downloads for files above this size (default 256Mi)
+ --multi-thread-streams int Number of streams to use for multi-thread downloads (default 4)
+ --multi-thread-write-buffer-size SizeSuffix In memory buffer size for writing when in multi-thread mode (default 128Ki)
+ --no-check-dest Don't check the destination, copy regardless
+ --no-traverse Don't traverse destination file system on copy
+ --no-update-modtime Don't update destination modtime if files identical
+ --order-by string Instructions on how to order the transfers, e.g. 'size,descending'
+ --partial-suffix string Add partial-suffix to temporary file name when --inplace is not used (default ".partial")
+ --refresh-times Refresh the modtime of remote files
+ --server-side-across-configs Allow server-side operations (e.g. copy) to work across different configs
+ --size-only Skip based on size only, not modtime or checksum
+ --streaming-upload-cutoff SizeSuffix Cutoff for switching to chunked upload if file size is unknown, upload starts after reaching cutoff or when file ends (default 100Ki)
+ -u, --update Skip files that are newer on the destination
+Sync Options
+Flags just used for rclone sync
.
+ --backup-dir string Make backups into hierarchy based in DIR
+ --delete-after When synchronizing, delete files on destination after transferring (default)
+ --delete-before When synchronizing, delete files on destination before transferring
+ --delete-during When synchronizing, delete files during transfer
+ --ignore-errors Delete even if there are I/O errors
+ --max-delete int When synchronizing, limit the number of deletes (default -1)
+ --max-delete-size SizeSuffix When synchronizing, limit the total size of deletes (default off)
+ --suffix string Suffix to add to changed files
+ --suffix-keep-extension Preserve the extension when using --suffix
+ --track-renames When synchronizing, track file renames and do a server-side move if possible
+ --track-renames-strategy string Strategies to use when synchronizing using track-renames hash|modtime|leaf (default "hash")
+Important Options
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Listing Options
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
@@ -544,8 +803,74 @@ Options
--create-empty-src-dirs Create empty source dirs on destination after move
--delete-empty-src-dirs Delete empty source dirs after move
-h, --help help for move
+Copy Options
+Flags for anything which can Copy a file.
+ --check-first Do all the checks before starting transfers
+ -c, --checksum Check for changes with size & checksum (if available, or fallback to size only).
+ --compare-dest stringArray Include additional comma separated server-side paths during comparison
+ --copy-dest stringArray Implies --compare-dest but also copies files from paths into destination
+ --cutoff-mode HARD|SOFT|CAUTIOUS Mode to stop transfers when reaching the max transfer limit HARD|SOFT|CAUTIOUS (default HARD)
+ --ignore-case-sync Ignore case when synchronizing
+ --ignore-checksum Skip post copy check of checksums
+ --ignore-existing Skip all files that exist on destination
+ --ignore-size Ignore size when skipping use modtime or checksum
+ -I, --ignore-times Don't skip files that match size and time - transfer all files
+ --immutable Do not modify files, fail if existing files have been modified
+ --inplace Download directly to destination file instead of atomic download to temp/rename
+ --max-backlog int Maximum number of objects in sync or check backlog (default 10000)
+ --max-duration Duration Maximum duration rclone will transfer data for (default 0s)
+ --max-transfer SizeSuffix Maximum size of data to transfer (default off)
+ -M, --metadata If set, preserve metadata when copying objects
+ --modify-window Duration Max time diff to be considered the same (default 1ns)
+ --multi-thread-chunk-size SizeSuffix Chunk size for multi-thread downloads / uploads, if not set by filesystem (default 64Mi)
+ --multi-thread-cutoff SizeSuffix Use multi-thread downloads for files above this size (default 256Mi)
+ --multi-thread-streams int Number of streams to use for multi-thread downloads (default 4)
+ --multi-thread-write-buffer-size SizeSuffix In memory buffer size for writing when in multi-thread mode (default 128Ki)
+ --no-check-dest Don't check the destination, copy regardless
+ --no-traverse Don't traverse destination file system on copy
+ --no-update-modtime Don't update destination modtime if files identical
+ --order-by string Instructions on how to order the transfers, e.g. 'size,descending'
+ --partial-suffix string Add partial-suffix to temporary file name when --inplace is not used (default ".partial")
+ --refresh-times Refresh the modtime of remote files
+ --server-side-across-configs Allow server-side operations (e.g. copy) to work across different configs
+ --size-only Skip based on size only, not modtime or checksum
+ --streaming-upload-cutoff SizeSuffix Cutoff for switching to chunked upload if file size is unknown, upload starts after reaching cutoff or when file ends (default 100Ki)
+ -u, --update Skip files that are newer on the destination
+Important Options
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Listing Options
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
@@ -566,8 +891,41 @@ Synopsis
Options
-h, --help help for delete
--rmdirs rmdirs removes empty directories but leaves root intact
+Important Options
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Listing Options
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
@@ -579,8 +937,13 @@ Synopsis
rclone purge remote:path [flags]
Options
-h, --help help for purge
+Important Options
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
@@ -589,8 +952,13 @@ rclone mkdir
rclone mkdir remote:path [flags]
Options
-h, --help help for mkdir
+Important Options
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
@@ -602,8 +970,13 @@ Synopsis
rclone rmdir remote:path [flags]
Options
-h, --help help for rmdir
+Important Options
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
@@ -611,7 +984,7 @@ rclone check
Checks the files in the source and destination match.
Synopsis
Checks the files in the source and destination match. It compares sizes and hashes (MD5 or SHA1) and logs a report of files that don't match. It doesn't alter the source or destination.
-For the crypt remote there is a dedicated command, cryptcheck, that are able to check the checksums of the crypted files.
+For the crypt remote there is a dedicated command, cryptcheck, that are able to check the checksums of the encrypted files.
If you supply the --size-only
flag, it will only compare the sizes not the hashes as well. Use this for a quick check.
If you supply the --download
flag, it will download the data from both remotes and check them against each other on the fly. This can be useful for remotes that don't support hashes or if you really want to check all the data.
If you supply the --checkfile HASH
flag with a valid hash name, the source:path
must point to a text file in the SUM format.
@@ -625,6 +998,7 @@ Synopsis
`* path` means path was present in source and destination but different.
! path
means there was an error reading or hashing the source or dest.
+The default number of parallel checks is 8. See the --checkers=N option for more information.
rclone check source:path dest:path [flags]
Options
-C, --checkfile string Treat source:path as a SUM file with hashes of given type
@@ -637,8 +1011,39 @@ Options
--missing-on-dst string Report all files missing from the destination to this file
--missing-on-src string Report all files missing from the source to this file
--one-way Check one way only, source files must exist on remote
+Check Options
+Flags used for rclone check
.
+ --max-backlog int Maximum number of objects in sync or check backlog (default 10000)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Listing Options
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
@@ -668,8 +1073,36 @@ Synopsis
rclone ls remote:path [flags]
Options
-h, --help help for ls
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Listing Options
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
@@ -704,8 +1137,36 @@ Synopsis
Options
-h, --help help for lsd
-R, --recursive Recurse into the listing
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Listing Options
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
@@ -735,8 +1196,36 @@ Synopsis
rclone lsl remote:path [flags]
Options
-h, --help help for lsl
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Listing Options
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
@@ -754,8 +1243,36 @@ Options
--download Download the file and hash it locally; if this flag is not specified, the hash is requested from the remote
-h, --help help for md5sum
--output-file string Output hashsums to a file rather than the terminal
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-Counts objects in the path and calculates the total size. Prints the result to standard output.
By default the output is in human-readable format, but shows values in both human-readable format as well as the raw numbers (global option --human-readable
is not considered). Use option --json
to format output as JSON instead.
Recurses by default, use --max-depth 1
to stop the recursion.
Some backends do not always provide file sizes, see for example Google Photos and Google Drive. Rclone will then show a notice in the log indicating how many such files were encountered, and count them in as empty files in the output of the size command.
+Some backends do not always provide file sizes, see for example Google Photos and Google Docs. Rclone will then show a notice in the log indicating how many such files were encountered, and count them in as empty files in the output of the size command.
rclone size remote:path [flags]
-h, --help help for size
--json Format output as JSON
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
- --check Check for new version
-h, --help help for version
See the global flags page for global options not listed here.
-rclone cleanup remote:path [flags]
-h, --help help for cleanup
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
See the global flags page for global options not listed here.
- --by-hash Find identical hashes rather than names
--dedupe-mode string Dedupe mode interactive|skip|first|newest|oldest|largest|smallest|rename (default "interactive")
-h, --help help for dedupe
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
See the global flags page for global options not listed here.
-See the global flags page for global options not listed here.
-See the global flags page for global options not listed here.
- -h, --help help for backend
--json Always output in JSON format
-o, --option stringArray Option in the form name=value or name
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
See the global flags page for global options not listed here.
-See full bisync description for details.
rclone bisync remote1:path1 remote2:path2 [flags]
--check-access Ensure expected RCLONE_TEST files are found on both Path1 and Path2 filesystems, else abort.
- --check-filename string Filename for --check-access (default: RCLONE_TEST)
- --check-sync string Controls comparison of final listings: true|false|only (default: true) (default "true")
- --filters-file string Read filtering patterns from a file
- --force Bypass --max-delete safety check and run the sync. Consider using with --verbose
- -h, --help help for bisync
- --localtime Use local time in listings (default: UTC)
- --no-cleanup Retain working files (useful for troubleshooting and testing).
- --remove-empty-dirs Remove empty directories at the final cleanup step.
- -1, --resync Performs the resync run. Path1 files may overwrite Path2 versions. Consider using --verbose or --dry-run first.
- --workdir string Use custom working dir - useful for testing. (default: $HOME/.cache/rclone/bisync)
+ --check-access Ensure expected RCLONE_TEST files are found on both Path1 and Path2 filesystems, else abort.
+ --check-filename string Filename for --check-access (default: RCLONE_TEST)
+ --check-sync string Controls comparison of final listings: true|false|only (default: true) (default "true")
+ --create-empty-src-dirs Sync creation and deletion of empty directories. (Not compatible with --remove-empty-dirs)
+ --filters-file string Read filtering patterns from a file
+ --force Bypass --max-delete safety check and run the sync. Consider using with --verbose
+ -h, --help help for bisync
+ --ignore-listing-checksum Do not use checksums for listings (add --ignore-checksum to additionally skip post-copy checksum checks)
+ --localtime Use local time in listings (default: UTC)
+ --no-cleanup Retain working files (useful for troubleshooting and testing).
+ --remove-empty-dirs Remove ALL empty directories at the final cleanup step.
+ --resilient Allow future runs to retry after certain less-serious errors, instead of requiring --resync. Use at your own risk!
+ -1, --resync Performs the resync run. Path1 files may overwrite Path2 versions. Consider using --verbose or --dry-run first.
+ --workdir string Use custom working dir - useful for testing. (default: $HOME/.cache/rclone/bisync)
+Flags for anything which can Copy a file.
+ --check-first Do all the checks before starting transfers
+ -c, --checksum Check for changes with size & checksum (if available, or fallback to size only).
+ --compare-dest stringArray Include additional comma separated server-side paths during comparison
+ --copy-dest stringArray Implies --compare-dest but also copies files from paths into destination
+ --cutoff-mode HARD|SOFT|CAUTIOUS Mode to stop transfers when reaching the max transfer limit HARD|SOFT|CAUTIOUS (default HARD)
+ --ignore-case-sync Ignore case when synchronizing
+ --ignore-checksum Skip post copy check of checksums
+ --ignore-existing Skip all files that exist on destination
+ --ignore-size Ignore size when skipping use modtime or checksum
+ -I, --ignore-times Don't skip files that match size and time - transfer all files
+ --immutable Do not modify files, fail if existing files have been modified
+ --inplace Download directly to destination file instead of atomic download to temp/rename
+ --max-backlog int Maximum number of objects in sync or check backlog (default 10000)
+ --max-duration Duration Maximum duration rclone will transfer data for (default 0s)
+ --max-transfer SizeSuffix Maximum size of data to transfer (default off)
+ -M, --metadata If set, preserve metadata when copying objects
+ --modify-window Duration Max time diff to be considered the same (default 1ns)
+ --multi-thread-chunk-size SizeSuffix Chunk size for multi-thread downloads / uploads, if not set by filesystem (default 64Mi)
+ --multi-thread-cutoff SizeSuffix Use multi-thread downloads for files above this size (default 256Mi)
+ --multi-thread-streams int Number of streams to use for multi-thread downloads (default 4)
+ --multi-thread-write-buffer-size SizeSuffix In memory buffer size for writing when in multi-thread mode (default 128Ki)
+ --no-check-dest Don't check the destination, copy regardless
+ --no-traverse Don't traverse destination file system on copy
+ --no-update-modtime Don't update destination modtime if files identical
+ --order-by string Instructions on how to order the transfers, e.g. 'size,descending'
+ --partial-suffix string Add partial-suffix to temporary file name when --inplace is not used (default ".partial")
+ --refresh-times Refresh the modtime of remote files
+ --server-side-across-configs Allow server-side operations (e.g. copy) to work across different configs
+ --size-only Skip based on size only, not modtime or checksum
+ --streaming-upload-cutoff SizeSuffix Cutoff for switching to chunked upload if file size is unknown, upload starts after reaching cutoff or when file ends (default 100Ki)
+ -u, --update Skip files that are newer on the destination
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
See the global flags page for global options not listed here.
-Or like this to output any .txt files in dir or its subdirectories.
rclone --include "*.txt" cat remote:path/to/dir
Use the --head
flag to print characters only at the start, --tail
for the end and --offset
and --count
to print a section in the middle. Note that if offset is negative it will count from the end, so --offset -1 --count 1
is equivalent to --tail 1
.
Use the --separator
flag to print a separator value between files. Be sure to shell-escape special characters. For example, to print a newline between files, use:
bash:
+rclone --include "*.txt" --separator $'\n' cat remote:path/to/dir
powershell:
+rclone --include "*.txt" --separator "`n" cat remote:path/to/dir
rclone cat remote:path [flags]
--count int Only print N characters (default -1)
- --discard Discard the output instead of printing
- --head int Only print the first N characters
- -h, --help help for cat
- --offset int Start printing at offset N (or from end if -ve)
- --tail int Only print the last N characters
+ --count int Only print N characters (default -1)
+ --discard Discard the output instead of printing
+ --head int Only print the first N characters
+ -h, --help help for cat
+ --offset int Start printing at offset N (or from end if -ve)
+ --separator string Separator to use between objects when printing multiple files
+ --tail int Only print the last N characters
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-Checks the files in the source against a SUM file.
+Checks the files in the destination against a SUM file.
Checks that hashsums of source files match the SUM file. It compares hashes (MD5, SHA1, etc) and logs a report of files which don't match. It doesn't alter the file system.
-If you supply the --download
flag, it will download the data from remote and calculate the contents hash on the fly. This can be useful for remotes that don't support hashes or if you really want to check all the data.
Checks that hashsums of destination files match the SUM file. It compares hashes (MD5, SHA1, etc) and logs a report of files which don't match. It doesn't alter the file system.
+The sumfile is treated as the source and the dst:path is treated as the destination for the purposes of the output.
+If you supply the --download
flag, it will download the data from the remote and calculate the content hash on the fly. This can be useful for remotes that don't support hashes or if you really want to check all the data.
Note that hash values in the SUM file are treated as case insensitive.
If you supply the --one-way
flag, it will only check that files in the source match the files in the destination, not the other way around. This means that extra files in the destination that are not in the source will not be detected.
The --differ
, --missing-on-dst
, --missing-on-src
, --match
and --error
flags write paths, one per line, to the file name (or stdout if it is -
) supplied. What they write is described in the help below. For example --differ
will write all paths which are present on both the source and destination but different.
! path
means there was an error reading or hashing the source or dest.rclone checksum <hash> sumfile src:path [flags]
+The default number of parallel checks is 8. See the --checkers=N option for more information.
+rclone checksum <hash> sumfile dst:path [flags]
--combined string Make a combined report of changes to this file
--differ string Report all non-matching files to this file
@@ -1083,104 +1774,123 @@ Options
--missing-on-dst string Report all files missing from the destination to this file
--missing-on-src string Report all files missing from the source to this file
--one-way Check one way only, source files must exist on remote
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-Generate the autocompletion script for the specified shell
+Output completion script for a given shell.
Generate the autocompletion script for rclone for the specified shell. See each sub-command's help for details on how to use the generated script.
+Generates a shell completion script for rclone. Run with --help
to list the supported shells.
-h, --help help for completion
See the global flags page for global options not listed here.
-Generate the autocompletion script for bash
+Output bash completion script for rclone.
Generate the autocompletion script for the bash shell.
-This script depends on the 'bash-completion' package. If it is not installed already, you can install it via your OS's package manager.
-To load completions in your current shell session:
-source <(rclone completion bash)
-To load completions for every new session, execute once:
-rclone completion bash > /etc/bash_completion.d/rclone
-rclone completion bash > $(brew --prefix)/etc/bash_completion.d/rclone
-You will need to start a new shell for this setup to take effect.
-rclone completion bash
+Generates a bash shell autocompletion script for rclone.
+This writes to /etc/bash_completion.d/rclone by default so will probably need to be run with sudo or as root, e.g.
+sudo rclone genautocomplete bash
+Logout and login again to use the autocompletion scripts, or source them directly
+. /etc/bash_completion
+If you supply a command line argument the script will be written there.
+If output_file is "-", then the output will be written to stdout.
+rclone completion bash [output_file] [flags]
-h, --help help for bash
- --no-descriptions disable completion descriptions
+ -h, --help help for bash
See the global flags page for global options not listed here.
-Generate the autocompletion script for fish
+Output fish completion script for rclone.
Generate the autocompletion script for the fish shell.
-To load completions in your current shell session:
-rclone completion fish | source
-To load completions for every new session, execute once:
-rclone completion fish > ~/.config/fish/completions/rclone.fish
-You will need to start a new shell for this setup to take effect.
-rclone completion fish [flags]
+Generates a fish autocompletion script for rclone.
+This writes to /etc/fish/completions/rclone.fish by default so will probably need to be run with sudo or as root, e.g.
+sudo rclone genautocomplete fish
+Logout and login again to use the autocompletion scripts, or source them directly
+. /etc/fish/completions/rclone.fish
+If you supply a command line argument the script will be written there.
+If output_file is "-", then the output will be written to stdout.
+rclone completion fish [output_file] [flags]
-h, --help help for fish
- --no-descriptions disable completion descriptions
+ -h, --help help for fish
See the global flags page for global options not listed here.
-Generate the autocompletion script for powershell
+Output powershell completion script for rclone.
Generate the autocompletion script for powershell.
To load completions in your current shell session:
rclone completion powershell | Out-String | Invoke-Expression
To load completions for every new session, add the output of the above command to your powershell profile.
-rclone completion powershell [flags]
+If output_file is "-" or missing, then the output will be written to stdout.
+rclone completion powershell [output_file] [flags]
-h, --help help for powershell
- --no-descriptions disable completion descriptions
+ -h, --help help for powershell
See the global flags page for global options not listed here.
-Generate the autocompletion script for zsh
+Output zsh completion script for rclone.
Generate the autocompletion script for the zsh shell.
-If shell completion is not already enabled in your environment you will need to enable it. You can execute the following once:
-echo "autoload -U compinit; compinit" >> ~/.zshrc
-To load completions in your current shell session:
-source <(rclone completion zsh); compdef _rclone rclone
-To load completions for every new session, execute once:
-rclone completion zsh > "${fpath[1]}/_rclone"
-rclone completion zsh > $(brew --prefix)/share/zsh/site-functions/_rclone
-You will need to start a new shell for this setup to take effect.
-rclone completion zsh [flags]
+Generates a zsh autocompletion script for rclone.
+This writes to /usr/share/zsh/vendor-completions/_rclone by default so will probably need to be run with sudo or as root, e.g.
+sudo rclone genautocomplete zsh
+Logout and login again to use the autocompletion scripts, or source them directly
+autoload -U compinit && compinit
+If you supply a command line argument the script will be written there.
+If output_file is "-", then the output will be written to stdout.
+rclone completion zsh [output_file] [flags]
-h, --help help for zsh
- --no-descriptions disable completion descriptions
+ -h, --help help for zsh
See the global flags page for global options not listed here.
-Create a new remote with name, type and options.
@@ -1249,7 +1959,7 @@See the global flags page for global options not listed here.
- -h, --help help for delete
See the global flags page for global options not listed here.
- -h, --help help for disconnect
See the global flags page for global options not listed here.
- -h, --help help for dump
See the global flags page for global options not listed here.
-Enter an interactive configuration session.
-Enter an interactive configuration session where you can setup new remotes and manage existing ones. You may also set or remove a password to protect your configuration.
rclone config edit [flags]
- -h, --help help for edit
See the global flags page for global options not listed here.
-h, --help help for file
See the global flags page for global options not listed here.
- -h, --help help for password
See the global flags page for global options not listed here.
- -h, --help help for paths
See the global flags page for global options not listed here.
- -h, --help help for providers
See the global flags page for global options not listed here.
- -h, --help help for reconnect
See the global flags page for global options not listed here.
-Print redacted (decrypted) config file, or the redacted config for a single remote.
+This prints a redacted copy of the config file, either the whole config file or for a given remote.
+The config file will be redacted by replacing all passwords and other sensitive info with XXX.
+This makes the config file suitable for posting online for support.
+It should be double checked before posting as the redaction may not be perfect.
+rclone config redacted [<remote>] [flags]
+ -h, --help help for redacted
+See the global flags page for global options not listed here.
+Print (decrypted) config file, or the config for a single remote.
rclone config show [<remote>] [flags]
- -h, --help help for show
See the global flags page for global options not listed here.
-Ensure configuration file exists.
rclone config touch [flags]
- -h, --help help for touch
See the global flags page for global options not listed here.
-Update options in an existing remote.
-Update an existing remote's options. The options should be passed in pairs of key
value
or as key=value
.
For example, to update the env_auth field of a remote of name myremote you would do:
rclone config update myremote env_auth true
@@ -1436,7 +2161,7 @@ Synopsis
If --all
is passed then rclone will ask all the config questions, not just the post config questions. Any parameters are used as defaults for questions as usual.
Note that bin/config.py
in the rclone source implements this protocol as a readable demonstration.
rclone config update name [key value]+ [flags]
-Options
+Options
--all Ask the full set of config questions
--continue Continue the configuration process with an answer
-h, --help help for update
@@ -1446,26 +2171,26 @@ Options
--result string Result - use with --continue
--state string State - use with --continue
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone config - Enter an interactive configuration session.
rclone config userinfo
Prints info about logged in user of remote.
-Synopsis
+Synopsis
This prints the details of the person logged in to the cloud storage system.
rclone config userinfo remote: [flags]
-Options
+Options
-h, --help help for userinfo
--json Format output as JSON
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone config - Enter an interactive configuration session.
rclone copyto
Copy files from source to dest, skipping identical files.
-Synopsis
+Synopsis
If source:path is a file or directory then it copies it to a file or directory named dest:path.
This can be used to upload single files to other than their current name. If the source is a directory then it acts exactly like the copy command.
So
@@ -1480,37 +2205,108 @@ Synopsis
This doesn't transfer files that are identical on src and dst, testing by size and modification time or MD5SUM. It doesn't delete files from the destination.
Note: Use the -P
/--progress
flag to view real-time transfer statistics
rclone copyto source:path dest:path [flags]
-Options
+Options
-h, --help help for copyto
+Copy Options
+Flags for anything which can Copy a file.
+ --check-first Do all the checks before starting transfers
+ -c, --checksum Check for changes with size & checksum (if available, or fallback to size only).
+ --compare-dest stringArray Include additional comma separated server-side paths during comparison
+ --copy-dest stringArray Implies --compare-dest but also copies files from paths into destination
+ --cutoff-mode HARD|SOFT|CAUTIOUS Mode to stop transfers when reaching the max transfer limit HARD|SOFT|CAUTIOUS (default HARD)
+ --ignore-case-sync Ignore case when synchronizing
+ --ignore-checksum Skip post copy check of checksums
+ --ignore-existing Skip all files that exist on destination
+ --ignore-size Ignore size when skipping use modtime or checksum
+ -I, --ignore-times Don't skip files that match size and time - transfer all files
+ --immutable Do not modify files, fail if existing files have been modified
+ --inplace Download directly to destination file instead of atomic download to temp/rename
+ --max-backlog int Maximum number of objects in sync or check backlog (default 10000)
+ --max-duration Duration Maximum duration rclone will transfer data for (default 0s)
+ --max-transfer SizeSuffix Maximum size of data to transfer (default off)
+ -M, --metadata If set, preserve metadata when copying objects
+ --modify-window Duration Max time diff to be considered the same (default 1ns)
+ --multi-thread-chunk-size SizeSuffix Chunk size for multi-thread downloads / uploads, if not set by filesystem (default 64Mi)
+ --multi-thread-cutoff SizeSuffix Use multi-thread downloads for files above this size (default 256Mi)
+ --multi-thread-streams int Number of streams to use for multi-thread downloads (default 4)
+ --multi-thread-write-buffer-size SizeSuffix In memory buffer size for writing when in multi-thread mode (default 128Ki)
+ --no-check-dest Don't check the destination, copy regardless
+ --no-traverse Don't traverse destination file system on copy
+ --no-update-modtime Don't update destination modtime if files identical
+ --order-by string Instructions on how to order the transfers, e.g. 'size,descending'
+ --partial-suffix string Add partial-suffix to temporary file name when --inplace is not used (default ".partial")
+ --refresh-times Refresh the modtime of remote files
+ --server-side-across-configs Allow server-side operations (e.g. copy) to work across different configs
+ --size-only Skip based on size only, not modtime or checksum
+ --streaming-upload-cutoff SizeSuffix Cutoff for switching to chunked upload if file size is unknown, upload starts after reaching cutoff or when file ends (default 100Ki)
+ -u, --update Skip files that are newer on the destination
+Important Options
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Listing Options
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone copyurl
Copy url content to dest.
-Synopsis
+Synopsis
Download a URL's content and copy it to the destination without saving it in temporary storage.
Setting --auto-filename
will attempt to automatically determine the filename from the URL (after any redirections) and used in the destination path. With --auto-filename-header
in addition, if a specific filename is set in HTTP headers, it will be used instead of the name from the URL. With --print-filename
in addition, the resulting file name will be printed.
Setting --no-clobber
will prevent overwriting file on the destination if there is one with the same name.
Setting --stdout
or making the output file name -
will cause the output to be written to standard output.
rclone copyurl https://example.com dest:path [flags]
-Options
+Options
-a, --auto-filename Get the file name from the URL and use it for destination file path
--header-filename Get the file name from the Content-Disposition header
-h, --help help for copyurl
--no-clobber Prevent overwriting file with same name
-p, --print-filename Print the resulting name from --auto-filename
--stdout Write the output to stdout rather than a file
+Important Options
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone cryptcheck
-Cryptcheck checks the integrity of a crypted remote.
-Synopsis
-rclone cryptcheck checks a remote against a crypted remote. This is the equivalent of running rclone check, but able to check the checksums of the crypted remote.
+Cryptcheck checks the integrity of an encrypted remote.
+Synopsis
+rclone cryptcheck checks a remote against a crypted remote. This is the equivalent of running rclone check, but able to check the checksums of the encrypted remote.
For it to work the underlying remote of the cryptedremote must support some kind of checksum.
It works by reading the nonce from each file on the cryptedremote: and using that to encrypt each file on the remote:. It then checks the checksum of the underlying file on the cryptedremote: against the checksum of the file it has just encrypted.
Use it like this
@@ -1528,8 +2324,9 @@ Synopsis
`* path` means path was present in source and destination but different.
! path
means there was an error reading or hashing the source or dest.
+The default number of parallel checks is 8. See the --checkers=N option for more information.
rclone cryptcheck remote:path cryptedremote:path [flags]
-Options
+Options
--combined string Make a combined report of changes to this file
--differ string Report all non-matching files to this file
--error string Report all files with errors (hashing or reading) to this file
@@ -1538,14 +2335,45 @@ Options
--missing-on-dst string Report all files missing from the destination to this file
--missing-on-src string Report all files missing from the source to this file
--one-way Check one way only, source files must exist on remote
+Check Options
+Flags used for rclone check
.
+ --max-backlog int Maximum number of objects in sync or check backlog (default 10000)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Listing Options
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone cryptdecode
Cryptdecode returns unencrypted file names.
-Synopsis
+Synopsis
rclone cryptdecode returns unencrypted file names when provided with a list of encrypted file names. List limit is 10 items.
If you supply the --reverse
flag, it will return encrypted file names.
use it like this
@@ -1554,34 +2382,39 @@ Synopsis
rclone cryptdecode --reverse encryptedremote: filename1 filename2
Another way to accomplish this is by using the rclone backend encode
(or decode
) command. See the documentation on the crypt overlay for more info.
rclone cryptdecode encryptedremote: encryptedfilename [flags]
- -h, --help help for cryptdecode
--reverse Reverse cryptdecode, encrypts filenames
See the global flags page for global options not listed here.
-Remove a single file from remote.
-Remove a single file from remote. Unlike delete
it cannot be used to remove a directory and it doesn't obey include/exclude filters - if the specified file exists, it will always be removed.
rclone deletefile remote:path [flags]
- -h, --help help for deletefile
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
See the global flags page for global options not listed here.
-Output completion script for a given shell.
-Generates a shell completion script for rclone. Run with --help
to list the supported shells.
-h, --help help for genautocomplete
See the global flags page for global options not listed here.
-Output bash completion script for rclone.
-Generates a bash shell autocompletion script for rclone.
This writes to /etc/bash_completion.d/rclone by default so will probably need to be run with sudo or as root, e.g.
sudo rclone genautocomplete bash
@@ -1599,16 +2432,16 @@ If you supply a command line argument the script will be written there.
If output_file is "-", then the output will be written to stdout.
rclone genautocomplete bash [output_file] [flags]
- -h, --help help for bash
See the global flags page for global options not listed here.
-Output fish completion script for rclone.
-Generates a fish autocompletion script for rclone.
This writes to /etc/fish/completions/rclone.fish by default so will probably need to be run with sudo or as root, e.g.
sudo rclone genautocomplete fish
@@ -1617,16 +2450,16 @@ If you supply a command line argument the script will be written there.
If output_file is "-", then the output will be written to stdout.
rclone genautocomplete fish [output_file] [flags]
- -h, --help help for fish
See the global flags page for global options not listed here.
-Output zsh completion script for rclone.
-Generates a zsh autocompletion script for rclone.
This writes to /usr/share/zsh/vendor-completions/_rclone by default so will probably need to be run with sudo or as root, e.g.
sudo rclone genautocomplete zsh
@@ -1635,28 +2468,28 @@ If you supply a command line argument the script will be written there.
If output_file is "-", then the output will be written to stdout.
rclone genautocomplete zsh [output_file] [flags]
- -h, --help help for zsh
See the global flags page for global options not listed here.
-Output markdown docs for rclone to the directory supplied.
-This produces markdown docs for the rclone commands to the directory supplied. These are in a format suitable for hugo to render into the rclone.org website.
rclone gendocs output_directory [flags]
- -h, --help help for gendocs
See the global flags page for global options not listed here.
-Produces a hashsum file for all the objects in the path.
-Produces a hash file for all the objects in the path using the hash named. The output is in the same format as the standard md5sum/sha1sum tool.
By default, the hash is requested from the remote. If the hash is not supported by the remote, no hash will be returned. With the download flag, the file will be downloaded from the remote and hashed locally enabling any hash for any remote.
For the MD5 and SHA1 algorithms there are also dedicated commands, md5sum and sha1sum.
@@ -1668,29 +2501,53 @@Then
$ rclone hashsum MD5 remote:path
Note that hash names are case insensitive and values are output in lower case.
-rclone hashsum <hash> remote:path [flags]
-rclone hashsum [<hash> remote:path] [flags]
+ --base64 Output base64 encoded hashsum
-C, --checkfile string Validate hashes against a given SUM file instead of printing them
--download Download the file and hash it locally; if this flag is not specified, the hash is requested from the remote
-h, --help help for hashsum
--output-file string Output hashsums to a file rather than the terminal
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-Generate public link to file/folder.
-rclone link will create, retrieve or remove a public link to the given file or folder.
rclone link remote:path/to/file
rclone link remote:path/to/folder/
@@ -1700,32 +2557,32 @@ Synopsis
Use the --unlink flag to remove existing public links to the file or folder. Note not all backends support "--unlink" flag - those that don't will just ignore it.
If successful, the last line of the output will contain the link. Exact capabilities depend on the remote, but the link will always by default be created with the least constraints – e.g. no expiry, no password protection, accessible without account.
rclone link remote:path [flags]
-Options
+Options
--expire Duration The amount of time that the link will be valid (default off)
-h, --help help for link
--unlink Remove existing public link to file/folder
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone listremotes
-List all the remotes in the config file.
-Synopsis
+List all the remotes in the config file and defined in environment variables.
+Synopsis
rclone listremotes lists all the available remotes from the config file.
When used with the --long
flag it lists the types too.
rclone listremotes [flags]
-Options
+Options
-h, --help help for listremotes
--long Show the type as well as names
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone lsf
List directories and objects in remote:path formatted for parsing.
-Synopsis
+Synopsis
List the contents of the source path (directories and objects) to standard output in a form which is easy to parse by scripts. By default this will just be the names of the objects and directories, one per line. The directories will have a / suffix.
Eg
$ rclone lsf swift:bucket
@@ -1796,7 +2653,7 @@ Synopsis
The other list commands lsd
,lsf
,lsjson
do not recurse by default - use -R
to make them recurse.
Listing a nonexistent directory will produce an error except for remotes which can't have empty directories (e.g. s3, swift, or gcs - the bucket-based remotes).
rclone lsf remote:path [flags]
-Options
+Options
--absolute Put a leading / in front of path names
--csv Output in CSV format
-d, --dir-slash Append a slash to directory names (default true)
@@ -1807,14 +2664,42 @@ Options
-h, --help help for lsf
-R, --recursive Recurse into the listing
-s, --separator string Separator for the items in the format (default ";")
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Listing Options
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone lsjson
List directories and objects in the path in JSON format.
-Synopsis
+Synopsis
List directories and objects in the path in JSON format.
The output is an array of Items, where each Item looks like this
{
@@ -1862,7 +2747,7 @@ Synopsis
The other list commands lsd
,lsf
,lsjson
do not recurse by default - use -R
to make them recurse.
Listing a nonexistent directory will produce an error except for remotes which can't have empty directories (e.g. s3, swift, or gcs - the bucket-based remotes).
rclone lsjson remote:path [flags]
-Options
+Options
--dirs-only Show only directories in the listing
--encrypted Show the encrypted names
--files-only Show only files in the listing
@@ -1875,14 +2760,42 @@ Options
--original Show the ID of the underlying Object
-R, --recursive Recurse into the listing
--stat Just return the info for the pointed to file
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Listing Options
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone mount
Mount the remote as file system on a mountpoint.
-Synopsis
+Synopsis
rclone mount allows Linux, FreeBSD, macOS and Windows to mount any of Rclone's cloud storage systems as a file system with FUSE.
First set up your remote using rclone config
. Check it works with rclone ls
etc.
On Linux and macOS, you can run mount in either foreground or background (aka daemon) mode. Mount runs in foreground mode by default. Use the --daemon
flag to force background mode. On Windows you can run mount in foreground only, the flag is ignored.
@@ -1943,7 +2856,14 @@ Windows caveats
It is also possible to make a drive mount available to everyone on the system, by running the process creating it as the built-in SYSTEM account. There are several ways to do this: One is to use the command-line utility PsExec, from Microsoft's Sysinternals suite, which has option -s
to start processes as the SYSTEM account. Another alternative is to run the mount command from a Windows Scheduled Task, or a Windows Service, configured to run as the SYSTEM account. A third alternative is to use the WinFsp.Launcher infrastructure). Read more in the install documentation. Note that when running rclone as another user, it will not use the configuration file from your profile unless you tell it to with the --config
option. Note also that it is now the SYSTEM account that will have the owner permissions, and other accounts will have permissions according to the group or others scopes. As mentioned above, these will then not get the "write extended attributes" permission, and this may prevent writing to files. You can work around this with the FileSecurity option, see example above.
Note that mapping to a directory path, instead of a drive letter, does not suffer from the same limitations.
Mounting on macOS
-Mounting on macOS can be done either via macFUSE (also known as osxfuse) or FUSE-T. macFUSE is a traditional FUSE driver utilizing a macOS kernel extension (kext). FUSE-T is an alternative FUSE system which "mounts" via an NFSv4 local server.
+Mounting on macOS can be done either via built-in NFS server, macFUSE (also known as osxfuse) or FUSE-T. macFUSE is a traditional FUSE driver utilizing a macOS kernel extension (kext). FUSE-T is an alternative FUSE system which "mounts" via an NFSv4 local server.
+NFS mount
+This method spins up an NFS server using serve nfs command and mounts it to the specified mountpoint. If you run this in background mode using |--daemon|, you will need to send SIGTERM signal to the rclone process using |kill| command to stop the mount.
+macFUSE Notes
+If installing macFUSE using dmg packages from the website, rclone will locate the macFUSE libraries without any further intervention. If however, macFUSE is installed using the macports package manager, the following addition steps are required.
+sudo mkdir /usr/local/lib
+cd /usr/local/lib
+sudo ln -s /opt/local/lib/libfuse.2.dylib
FUSE-T Limitations, Caveats, and Notes
There are some limitations, caveats, and notes about how it works. These are current as of FUSE-T version 1.0.14.
ModTime update on read
@@ -1958,7 +2878,7 @@ Unicode Normalization
Read Only mounts
When mounting with --read-only
, attempts to write to files will fail silently as opposed to with a clear warning as in macFUSE.
Limitations
-Without the use of --vfs-cache-mode
this can only write files sequentially, it can only seek when reading. This means that many applications won't work with their files on an rclone mount without --vfs-cache-mode writes
or --vfs-cache-mode full
. See the VFS File Caching section for more info.
+Without the use of --vfs-cache-mode
this can only write files sequentially, it can only seek when reading. This means that many applications won't work with their files on an rclone mount without --vfs-cache-mode writes
or --vfs-cache-mode full
. See the VFS File Caching section for more info. When using NFS mount on macOS, if you don't specify |--vfs-cache-mode| the mount point will be read-only.
The bucket-based remotes (e.g. Swift, S3, Google Compute Storage, B2) do not support the concept of empty directories, so empty directories will have a tendency to disappear once they fall out of the directory cache.
When rclone mount
is invoked on Unix with --daemon
flag, the main rclone program will wait for the background mount to become ready or until the timeout specified by the --daemon-wait
flag. On Linux it can check mount status using ProcFS so the flag in fact sets maximum time to wait, while the real wait can be less. On macOS / BSD the time to wait is constant and the check is performed only at the end. We advise you to set wait time on macOS reasonably.
Only supported on Linux, FreeBSD, OS X and Windows at the moment.
@@ -1985,17 +2905,16 @@ Rclone as Unix mount helper
or create systemd mount units:
# /etc/systemd/system/mnt-data.mount
[Unit]
-After=network-online.target
+Description=Mount for /mnt/data
[Mount]
Type=rclone
What=sftp1:subdir
Where=/mnt/data
-Options=rw,allow_other,args2env,vfs-cache-mode=writes,config=/etc/rclone.conf,cache-dir=/var/rclone
+Options=rw,_netdev,allow_other,args2env,vfs-cache-mode=writes,config=/etc/rclone.conf,cache-dir=/var/rclone
optionally accompanied by systemd automount unit
# /etc/systemd/system/mnt-data.automount
[Unit]
-After=network-online.target
-Before=remote-fs.target
+Description=AutoMount for /mnt/data
[Automount]
Where=/mnt/data
TimeoutIdleSec=600
@@ -2011,9 +2930,8 @@ Rclone as Unix mount helper
command=cmount
can be used to run cmount
or any other rclone command rather than the default mount
.
args2env
will pass mount options to the mount helper running in background via environment variables instead of command line arguments. This allows to hide secrets from such commands as ps
or pgrep
.
vv...
will be transformed into appropriate --verbose=N
-standard mount options like x-systemd.automount
, _netdev
, nosuid
and alike are intended only for Automountd and ignored by rclone.
+standard mount options like x-systemd.automount
, _netdev
, nosuid
and alike are intended only for Automountd and ignored by rclone. ## VFS - Virtual File System
-VFS - Virtual File System
This command uses the VFS layer. This adapts the cloud storage objects that rclone uses into something which looks much more like a disk filing system.
Cloud storage objects have lots of properties which aren't like disk files - you can't extend them or write to the middle of them, so the VFS layer has to deal with that. Because there is no one right way of doing this there are various options explained below.
The VFS layer also implements a directory cache - this caches info about files and directories (but not the data) in memory.
@@ -2037,16 +2955,18 @@ VFS File Caching
These flags control the VFS file caching options. File caching is necessary to make the VFS layer appear compatible with a normal file system. It can be disabled at the cost of some compatibility.
For example you'll need to enable VFS caching if you want to read and write simultaneously to a file. See below for more details.
Note that the VFS cache is separate from the cache backend and you may find that you need one or the other or both.
---cache-dir string Directory rclone will use for caching.
---vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
---vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
---vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
---vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
---vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
+--cache-dir string Directory rclone will use for caching.
+--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
+--vfs-cache-max-age duration Max time since last access of objects in the cache (default 1h0m0s)
+--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+--vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
+--vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+--vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
If run with -vv
rclone will print the location of the file cache. The files are stored in the user cache file area which is OS dependent but can be controlled with --cache-dir
or setting the appropriate environment variable.
The cache has 4 different modes selected by --vfs-cache-mode
. The higher the cache mode the more compatible rclone becomes at the cost of using disk space.
Note that files are written back to the remote only when they are closed and if they haven't been accessed for --vfs-write-back
seconds. If rclone is quit or dies with files that haven't been uploaded, these will be uploaded next time rclone is run with the same flags.
-If using --vfs-cache-max-size
note that the cache may exceed this size for two reasons. Firstly because it is only checked every --vfs-cache-poll-interval
. Secondly because open files cannot be evicted from the cache.
+If using --vfs-cache-max-size
or --vfs-cache-min-free-size
note that the cache may exceed these quotas for two reasons. Firstly because it is only checked every --vfs-cache-poll-interval
. Secondly because open files cannot be evicted from the cache. When --vfs-cache-max-size
or --vfs-cache-min-free-size
is exceeded, rclone will attempt to evict the least accessed files from the cache first. rclone will start with files that haven't been accessed for the longest. This cache flushing strategy is efficient and more relevant files are likely to remain cached.
+The --vfs-cache-max-age
will evict files from the cache after the set time since last access has passed. The default value of 1 hour will start evicting files from cache that haven't been accessed for 1 hour. When a cached file is accessed the 1 hour timer is reset to 0 and will wait for 1 more hour before evicting. Specify the time with standard notation, s, m, h, d, w .
You should not run two copies of rclone using the same VFS cache with the same or overlapping remotes if using --vfs-cache-mode > off
. This can potentially cause data corruption if you do. You can work around this by giving each rclone its own cache hierarchy with --cache-dir
. You don't need to worry about this if the remotes in use don't overlap.
--vfs-cache-mode off
In this mode (the default) the cache will read directly from the remote and write directly to the remote without caching anything on disk.
@@ -2129,7 +3049,7 @@ Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used. If you need this information to be available when running df
on the filesystem, then pass the flag --vfs-used-is-size
to rclone. With this flag set, instead of relying on the backend to report this information, rclone will scan the whole remote similar to rclone size
and compute the total used space itself.
WARNING. Contrary to rclone size
, this flag ignores filters so that the result is accurate. However, this is very inefficient and may cost lots of API calls resulting in extra charges. Use it as a last resort and only with caching.
rclone mount remote:path /path/to/mountpoint [flags]
-Options
+Options
--allow-non-empty Allow mounting over a non-empty directory (not supported on Windows)
--allow-other Allow access to other users (not supported on Windows)
--allow-root Allow access to root user (not supported on Windows)
@@ -2148,6 +3068,7 @@ Options
--gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
-h, --help help for mount
--max-read-ahead SizeSuffix The number of bytes that can be prefetched for sequential reads (not supported on Windows) (default 128Ki)
+ --mount-case-insensitive Tristate Tell the OS the mount is case insensitive (true) or sensitive (false) regardless of the backend (auto) (default unset)
--network-mode Mount as remote network drive, instead of fixed disk drive (supported on Windows only)
--no-checksum Don't compare checksums on up/download
--no-modtime Don't read/write the modification time (can speed things up)
@@ -2159,8 +3080,9 @@ Options
--read-only Only allow read-only access
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
- --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max time since last access of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+ --vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
--vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
@@ -2170,19 +3092,44 @@ Options
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
--vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-refresh Refreshes the directory cache recursively on start
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
--vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
--vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
--volname string Set the volume name (supported on Windows and OSX only)
--write-back-cache Makes kernel buffer writes before sending them to rclone (without this, writethrough caching is used) (not supported on Windows)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone moveto
Move file or directory from source to dest.
-Synopsis
+Synopsis
If source:path is a file or directory then it moves it to a file or directory named dest:path.
This can be used to rename files or upload single files to other than their existing name. If the source is a directory then it acts exactly like the move command.
So
@@ -2198,16 +3145,82 @@ Synopsis
Important: Since this can cause data loss, test first with the --dry-run
or the --interactive
/-i
flag.
Note: Use the -P
/--progress
flag to view real-time transfer statistics.
rclone moveto source:path dest:path [flags]
-Options
+Options
-h, --help help for moveto
+Copy Options
+Flags for anything which can Copy a file.
+ --check-first Do all the checks before starting transfers
+ -c, --checksum Check for changes with size & checksum (if available, or fallback to size only).
+ --compare-dest stringArray Include additional comma separated server-side paths during comparison
+ --copy-dest stringArray Implies --compare-dest but also copies files from paths into destination
+ --cutoff-mode HARD|SOFT|CAUTIOUS Mode to stop transfers when reaching the max transfer limit HARD|SOFT|CAUTIOUS (default HARD)
+ --ignore-case-sync Ignore case when synchronizing
+ --ignore-checksum Skip post copy check of checksums
+ --ignore-existing Skip all files that exist on destination
+ --ignore-size Ignore size when skipping use modtime or checksum
+ -I, --ignore-times Don't skip files that match size and time - transfer all files
+ --immutable Do not modify files, fail if existing files have been modified
+ --inplace Download directly to destination file instead of atomic download to temp/rename
+ --max-backlog int Maximum number of objects in sync or check backlog (default 10000)
+ --max-duration Duration Maximum duration rclone will transfer data for (default 0s)
+ --max-transfer SizeSuffix Maximum size of data to transfer (default off)
+ -M, --metadata If set, preserve metadata when copying objects
+ --modify-window Duration Max time diff to be considered the same (default 1ns)
+ --multi-thread-chunk-size SizeSuffix Chunk size for multi-thread downloads / uploads, if not set by filesystem (default 64Mi)
+ --multi-thread-cutoff SizeSuffix Use multi-thread downloads for files above this size (default 256Mi)
+ --multi-thread-streams int Number of streams to use for multi-thread downloads (default 4)
+ --multi-thread-write-buffer-size SizeSuffix In memory buffer size for writing when in multi-thread mode (default 128Ki)
+ --no-check-dest Don't check the destination, copy regardless
+ --no-traverse Don't traverse destination file system on copy
+ --no-update-modtime Don't update destination modtime if files identical
+ --order-by string Instructions on how to order the transfers, e.g. 'size,descending'
+ --partial-suffix string Add partial-suffix to temporary file name when --inplace is not used (default ".partial")
+ --refresh-times Refresh the modtime of remote files
+ --server-side-across-configs Allow server-side operations (e.g. copy) to work across different configs
+ --size-only Skip based on size only, not modtime or checksum
+ --streaming-upload-cutoff SizeSuffix Cutoff for switching to chunked upload if file size is unknown, upload starts after reaching cutoff or when file ends (default 100Ki)
+ -u, --update Skip files that are newer on the destination
+Important Options
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Listing Options
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone ncdu
Explore a remote with a text based user interface.
-Synopsis
+Synopsis
This displays a text based user interface allowing the navigation of a remote. It is most useful for answering the question - "What is using all my disk space?".
To make the user interface it first scans the entire remote given and builds an in memory representation. rclone ncdu can be used during this scanning phase and you will see it building up the directory structure as it goes along.
You can interact with the user interface using key presses, press '?' to toggle the help on and off. The supported keys are:
@@ -2227,6 +3240,7 @@ Synopsis
y copy current path to clipboard
Y display current path
^L refresh screen (fix screen corruption)
+ r recalculate file sizes
? to toggle help on and off
q/ESC/^c to quit
Listed files/directories may be prefixed by a one-character flag, some of them combined with a description in brackets at end of line. These flags have the following meaning:
@@ -2244,16 +3258,44 @@ Synopsis
Note that it might take some time to delete big files/directories. The UI won't respond in the meantime since the deletion is done synchronously.
For a non-interactive listing of the remote, see the tree command. To just get the total size of the remote you can also use the size command.
rclone ncdu remote:path [flags]
-Options
+Options
-h, --help help for ncdu
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Listing Options
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone obscure
Obscure password for use in the rclone config file.
-Synopsis
+Synopsis
In the rclone config file, human-readable passwords are obscured. Obscuring them is done by encrypting them and writing them out in base64. This is not a secure way of encrypting these passwords as rclone can decrypt them - it is to prevent "eyedropping" - namely someone seeing a password in the rclone config file by accident.
Many equally important things (like access tokens) are not obscured in the config file. However it is very hard to shoulder surf a 64 character hex token.
This command can also accept a password through STDIN instead of an argument by passing a hyphen as an argument. This will use the first line of STDIN as the password not including the trailing newline.
@@ -2261,16 +3303,16 @@ Synopsis
If there is no data on STDIN to read, rclone obscure will default to obfuscating the hyphen itself.
If you want to encrypt the config file then please use config file encryption - see rclone config for more info.
rclone obscure password [flags]
-Options
+Options
-h, --help help for obscure
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone rc
Run a command against a running rclone.
-Synopsis
+Synopsis
This runs a command against a running rclone. Use the --url
flag to specify an non default URL to connect on. This can be either a ":port" which is taken to mean "http://localhost:port" or a "host:port" which is taken to mean "http://host:port"
A username and password can be passed in with --user
and --pass
.
Note that --rc-addr
, --rc-user
, --rc-pass
will be read also for --url
, --user
, --pass
.
@@ -2289,7 +3331,7 @@ Synopsis
rclone rc --loopback operations/about fs=/
Use rclone rc
to see a list of all possible commands.
rclone rc commands parameter [flags]
-Options
+Options
-a, --arg stringArray Argument placed in the "arg" array
-h, --help help for rc
--json string Input JSON - use instead of key=value args
@@ -2300,13 +3342,13 @@ Options
--url string URL to connect to rclone remote control (default "http://localhost:5572/")
--user string Username to use to rclone remote control
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone rcat
Copies standard input to file on remote.
-Synopsis
+Synopsis
rclone rcat reads from standard input (stdin) and copies it to a single remote file.
echo "hello world" | rclone rcat remote:path/to/file
ffmpeg - | rclone rcat remote:path/to/file
@@ -2314,37 +3356,42 @@ Synopsis
rcat will try to upload small files in a single request, which is usually more efficient than the streaming/chunked upload endpoints, which use multiple requests. Exact behaviour depends on the remote. What is considered a small file may be set through --streaming-upload-cutoff
. Uploading only starts after the cutoff is reached or if the file ends before that. The data must fit into RAM. The cutoff needs to be small enough to adhere the limits of your remote, please see there. Generally speaking, setting this cutoff too high will decrease your performance.
Use the --size
flag to preallocate the file in advance at the remote end and actually stream it, even if remote backend doesn't support streaming.
--size
should be the exact size of the input stream in bytes. If the size of the stream is different in length to the --size
passed in then the transfer will likely fail.
-Note that the upload can also not be retried because the data is not kept around until the upload succeeds. If you need to transfer a lot of data, you're better off caching locally and then rclone move
it to the destination.
+Note that the upload cannot be retried because the data is not stored. If the backend supports multipart uploading then individual chunks can be retried. If you need to transfer a lot of data, you may be better off caching it locally and then rclone move
it to the destination which can use retries.
rclone rcat remote:path [flags]
-Options
+Options
-h, --help help for rcat
--size int File size hint to preallocate (default -1)
+Important Options
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone rcd
Run rclone listening to remote control commands only.
-Synopsis
+Synopsis
This runs rclone so that it only listens to remote control commands.
This is useful if you are controlling rclone via the rc API.
If you pass in a path to a directory, rclone will serve that directory for GET requests on the URL passed in. It will also open the URL in the browser when rclone is run.
See the rc documentation for more info on the rc flags.
Server options
-Use --addr
to specify which IP address and port the server should listen on, eg --addr 1.2.3.4:8000
or --addr :8080
to listen to all IPs. By default it only listens on localhost. You can use port :0 to let the OS choose an available port.
-If you set --addr
to listen on a public or LAN accessible IP address then using Authentication is advised - see the next section for info.
+Use --rc-addr
to specify which IP address and port the server should listen on, eg --rc-addr 1.2.3.4:8000
or --rc-addr :8080
to listen to all IPs. By default it only listens on localhost. You can use port :0 to let the OS choose an available port.
+If you set --rc-addr
to listen on a public or LAN accessible IP address then using Authentication is advised - see the next section for info.
You can use a unix socket by setting the url to unix:///path/to/socket
or just by using an absolute path name. Note that unix sockets bypass the authentication - this is expected to be done with file system permissions.
---addr
may be repeated to listen on multiple IPs/ports/sockets.
---server-read-timeout
and --server-write-timeout
can be used to control the timeouts on the server. Note that this is the total time for a transfer.
---max-header-bytes
controls the maximum number of bytes the server will accept in the HTTP header.
---baseurl
controls the URL prefix that rclone serves from. By default rclone will serve from the root. If you used --baseurl "/rclone"
then rclone would serve from a URL starting with "/rclone/". This is useful if you wish to proxy rclone serve. Rclone automatically inserts leading and trailing "/" on --baseurl
, so --baseurl "rclone"
, --baseurl "/rclone"
and --baseurl "/rclone/"
are all treated identically.
+--rc-addr
may be repeated to listen on multiple IPs/ports/sockets.
+--rc-server-read-timeout
and --rc-server-write-timeout
can be used to control the timeouts on the server. Note that this is the total time for a transfer.
+--rc-max-header-bytes
controls the maximum number of bytes the server will accept in the HTTP header.
+--rc-baseurl
controls the URL prefix that rclone serves from. By default rclone will serve from the root. If you used --rc-baseurl "/rclone"
then rclone would serve from a URL starting with "/rclone/". This is useful if you wish to proxy rclone serve. Rclone automatically inserts leading and trailing "/" on --rc-baseurl
, so --rc-baseurl "rclone"
, --rc-baseurl "/rclone"
and --rc-baseurl "/rclone/"
are all treated identically.
TLS (SSL)
-By default this will serve over http. If you want you can serve over https. You will need to supply the --cert
and --key
flags. If you wish to do client side certificate validation then you will need to supply --client-ca
also.
---cert
should be a either a PEM encoded certificate or a concatenation of that with the CA certificate. --key
should be the PEM encoded private key and --client-ca
should be the PEM encoded client certificate authority certificate.
---min-tls-version is minimum TLS version that is acceptable. Valid values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default "tls1.0").
+By default this will serve over http. If you want you can serve over https. You will need to supply the --rc-cert
and --rc-key
flags. If you wish to do client side certificate validation then you will need to supply --rc-client-ca
also.
+--rc-cert
should be a either a PEM encoded certificate or a concatenation of that with the CA certificate. --krc-ey
should be the PEM encoded private key and --rc-client-ca
should be the PEM encoded client certificate authority certificate.
+--rc-min-tls-version is minimum TLS version that is acceptable. Valid values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default "tls1.0").
Template
---template
allows a user to specify a custom markup template for HTTP and WebDAV serve functions. The server exports the following markup to be used within the template to server pages:
+--rc-template
allows a user to specify a custom markup template for HTTP and WebDAV serve functions. The server exports the following markup to be used within the template to server pages:
@@ -2423,54 +3470,122 @@ Template
+The server also makes the following functions available so that they can be used within the template. These functions help extend the options for dynamic rendering of HTML. They can be used to render HTML based on specific conditions.
+
+
+
+
+
+
+
+Function
+Description
+
+
+
+
+afterEpoch
+Returns the time since the epoch for the given time.
+
+
+contains
+Checks whether a given substring is present or not in a given string.
+
+
+hasPrefix
+Checks whether the given string begins with the specified prefix.
+
+
+hasSuffix
+Checks whether the given string end with the specified suffix.
+
+
+
Authentication
By default this will serve files without needing a login.
-You can either use an htpasswd file which can take lots of users, or set a single username and password with the --user
and --pass
flags.
-Use --htpasswd /path/to/htpasswd
to provide an htpasswd file. This is in standard apache format and supports MD5, SHA1 and BCrypt for basic authentication. Bcrypt is recommended.
+You can either use an htpasswd file which can take lots of users, or set a single username and password with the --rc-user
and --rc-pass
flags.
+If no static users are configured by either of the above methods, and client certificates are required by the --client-ca
flag passed to the server, the client certificate common name will be considered as the username.
+Use --rc-htpasswd /path/to/htpasswd
to provide an htpasswd file. This is in standard apache format and supports MD5, SHA1 and BCrypt for basic authentication. Bcrypt is recommended.
To create an htpasswd file:
touch htpasswd
htpasswd -B htpasswd user
htpasswd -B htpasswd anotherUser
The password file can be updated while rclone is running.
-Use --realm
to set the authentication realm.
-Use --salt
to change the password hashing salt from the default.
+Use --rc-realm
to set the authentication realm.
+Use --rc-salt
to change the password hashing salt from the default.
rclone rcd <path to files to serve>* [flags]
-Options
+Options
-h, --help help for rcd
+RC Options
+Flags to control the Remote Control API.
+ --rc Enable the remote control server
+ --rc-addr stringArray IPaddress:Port or :Port to bind server to (default [localhost:5572])
+ --rc-allow-origin string Origin which cross-domain request (CORS) can be executed from
+ --rc-baseurl string Prefix for URLs - leave blank for root
+ --rc-cert string TLS PEM key (concatenation of certificate and CA certificate)
+ --rc-client-ca string Client certificate authority to verify clients with
+ --rc-enable-metrics Enable prometheus metrics on /metrics
+ --rc-files string Path to local files to serve on the HTTP server
+ --rc-htpasswd string A htpasswd file - if not provided no authentication is done
+ --rc-job-expire-duration Duration Expire finished async jobs older than this value (default 1m0s)
+ --rc-job-expire-interval Duration Interval to check for expired async jobs (default 10s)
+ --rc-key string TLS PEM Private key
+ --rc-max-header-bytes int Maximum size of request header (default 4096)
+ --rc-min-tls-version string Minimum TLS version that is acceptable (default "tls1.0")
+ --rc-no-auth Don't require auth for certain methods
+ --rc-pass string Password for authentication
+ --rc-realm string Realm for authentication
+ --rc-salt string Password hashing salt (default "dlPL2MqE")
+ --rc-serve Enable the serving of remote objects
+ --rc-server-read-timeout Duration Timeout for server reading data (default 1h0m0s)
+ --rc-server-write-timeout Duration Timeout for server writing data (default 1h0m0s)
+ --rc-template string User-specified template
+ --rc-user string User name for authentication
+ --rc-web-fetch-url string URL to fetch the releases for webgui (default "https://api.github.com/repos/rclone/rclone-webui-react/releases/latest")
+ --rc-web-gui Launch WebGUI on localhost
+ --rc-web-gui-force-update Force update to latest version of web gui
+ --rc-web-gui-no-open-browser Don't open the browser automatically
+ --rc-web-gui-update Check and update to latest version of web gui
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone rmdirs
Remove empty directories under the path.
-Synopsis
+Synopsis
This recursively removes any empty directories (including directories that only contain empty directories), that it finds under the path. The root path itself will also be removed if it is empty, unless you supply the --leave-root
flag.
Use command rmdir to delete just the empty directory given by path, not recurse.
This is useful for tidying up remotes that rclone has left a lot of empty directories in. For example the delete command will delete files but leave the directory structure (unless used with option --rmdirs
).
-To delete a path and any objects in it, use purge command.
+This will delete --checkers
directories concurrently so if you have thousands of empty directories consider increasing this number.
+To delete a path and any objects in it, use the purge command.
rclone rmdirs remote:path [flags]
-Options
+Options
-h, --help help for rmdirs
--leave-root Do not remove root directory if empty
+Important Options
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone selfupdate
Update the rclone binary.
-Synopsis
-This command downloads the latest release of rclone and replaces the currently running binary. The download is verified with a hashsum and cryptographically signed signature.
+Synopsis
+This command downloads the latest release of rclone and replaces the currently running binary. The download is verified with a hashsum and cryptographically signed signature; see the release signing docs for details.
If used without flags (or with implied --stable
flag), this command will install the latest stable release. However, some issues may be fixed (or features added) only in the latest beta release. In such cases you should run the command with the --beta
flag, i.e. rclone selfupdate --beta
. You can check in advance what version would be installed by adding the --check
flag, then repeat the command without it when you are satisfied.
Sometimes the rclone team may recommend you a concrete beta or stable rclone release to troubleshoot your issue or add a bleeding edge feature. The --version VER
flag, if given, will update to the concrete version instead of the latest one. If you omit micro version from VER
(for example 1.53
), the latest matching micro version will be used.
Upon successful update rclone will print a message that contains a previous version number. You will need it if you later decide to revert your update for some reason. Then you'll have to note the previous version and run the following command: rclone selfupdate [--beta] OLDVER
. If the old version contains only dots and digits (for example v1.54.0
) then it's a stable release so you won't need the --beta
flag. Beta releases have an additional information similar to v1.54.0-beta.5111.06f1c0c61
. (if you are a developer and use a locally built rclone, the version number will end with -DEV
, you will have to rebuild it as it obviously can't be distributed).
If you previously installed rclone via a package manager, the package may include local documentation or configure services. You may wish to update with the flag --package deb
or --package rpm
(whichever is correct for your OS) to update these too. This command with the default --package zip
will update only the rclone executable so the local manual may become inaccurate after it.
-The rclone mount
command (https://rclone.org/commands/rclone_mount/) may or may not support extended FUSE options depending on the build and OS. selfupdate
will refuse to update if the capability would be discarded.
+The rclone mount command may or may not support extended FUSE options depending on the build and OS. selfupdate
will refuse to update if the capability would be discarded.
Note: Windows forbids deletion of a currently running executable so this command will rename the old executable to 'rclone.old.exe' upon success.
Please note that this command was not available before rclone version 1.55. If it fails for you with the message unknown command "selfupdate"
then you will need to update manually following the install instructions located at https://rclone.org/install/
rclone selfupdate [flags]
-Options
+Options
--beta Install beta release
--check Check for latest release, do not download
-h, --help help for selfupdate
@@ -2479,41 +3594,42 @@ Options
--stable Install stable release (this is the default)
--version string Install the given rclone version (default: latest)
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone serve
Serve a remote over a protocol.
-Synopsis
+Synopsis
Serve a remote over a given protocol. Requires the use of a subcommand to specify the protocol, e.g.
rclone serve http remote:
Each subcommand has its own options which you can see in their help.
rclone serve <protocol> [opts] <remote> [flags]
-Options
+Options
-h, --help help for serve
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
- rclone serve dlna - Serve remote:path over DLNA
- rclone serve docker - Serve any remote on docker's volume plugin API.
- rclone serve ftp - Serve remote:path over FTP.
- rclone serve http - Serve the remote over HTTP.
+- rclone serve nfs - Serve the remote as an NFS mount
- rclone serve restic - Serve the remote for restic's REST API.
+- rclone serve s3 - Serve remote:path over s3.
- rclone serve sftp - Serve the remote over SFTP.
- rclone serve webdav - Serve remote:path over WebDAV.
rclone serve dlna
Serve remote:path over DLNA
-Synopsis
+Synopsis
Run a DLNA media server for media stored in an rclone remote. Many devices, such as the Xbox and PlayStation, can automatically discover this server in the LAN and play audio/video from it. VLC is also supported. Service discovery uses UDP multicast packets (SSDP) and will thus only work on LANs.
Rclone will list all files present in the remote, without filtering based on media formats or file extensions. Additionally, there is no media transcoding support. This means that some players might show files that they are not able to play back correctly.
Server options
Use --addr
to specify which IP address and port the server should listen on, e.g. --addr 1.2.3.4:8000
or --addr :8080
to listen to all IPs.
Use --name
to choose the friendly server name, which is by default "rclone (hostname)".
-Use --log-trace
in conjunction with -vv
to enable additional debug logging of all UPNP traffic.
-VFS - Virtual File System
+Use --log-trace
in conjunction with -vv
to enable additional debug logging of all UPNP traffic. ## VFS - Virtual File System
This command uses the VFS layer. This adapts the cloud storage objects that rclone uses into something which looks much more like a disk filing system.
Cloud storage objects have lots of properties which aren't like disk files - you can't extend them or write to the middle of them, so the VFS layer has to deal with that. Because there is no one right way of doing this there are various options explained below.
The VFS layer also implements a directory cache - this caches info about files and directories (but not the data) in memory.
@@ -2537,16 +3653,18 @@ VFS File Caching
These flags control the VFS file caching options. File caching is necessary to make the VFS layer appear compatible with a normal file system. It can be disabled at the cost of some compatibility.
For example you'll need to enable VFS caching if you want to read and write simultaneously to a file. See below for more details.
Note that the VFS cache is separate from the cache backend and you may find that you need one or the other or both.
---cache-dir string Directory rclone will use for caching.
---vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
---vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
---vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
---vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
---vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
+--cache-dir string Directory rclone will use for caching.
+--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
+--vfs-cache-max-age duration Max time since last access of objects in the cache (default 1h0m0s)
+--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+--vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
+--vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+--vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
If run with -vv
rclone will print the location of the file cache. The files are stored in the user cache file area which is OS dependent but can be controlled with --cache-dir
or setting the appropriate environment variable.
The cache has 4 different modes selected by --vfs-cache-mode
. The higher the cache mode the more compatible rclone becomes at the cost of using disk space.
Note that files are written back to the remote only when they are closed and if they haven't been accessed for --vfs-write-back
seconds. If rclone is quit or dies with files that haven't been uploaded, these will be uploaded next time rclone is run with the same flags.
-If using --vfs-cache-max-size
note that the cache may exceed this size for two reasons. Firstly because it is only checked every --vfs-cache-poll-interval
. Secondly because open files cannot be evicted from the cache.
+If using --vfs-cache-max-size
or --vfs-cache-min-free-size
note that the cache may exceed these quotas for two reasons. Firstly because it is only checked every --vfs-cache-poll-interval
. Secondly because open files cannot be evicted from the cache. When --vfs-cache-max-size
or --vfs-cache-min-free-size
is exceeded, rclone will attempt to evict the least accessed files from the cache first. rclone will start with files that haven't been accessed for the longest. This cache flushing strategy is efficient and more relevant files are likely to remain cached.
+The --vfs-cache-max-age
will evict files from the cache after the set time since last access has passed. The default value of 1 hour will start evicting files from cache that haven't been accessed for 1 hour. When a cached file is accessed the 1 hour timer is reset to 0 and will wait for 1 more hour before evicting. Specify the time with standard notation, s, m, h, d, w .
You should not run two copies of rclone using the same VFS cache with the same or overlapping remotes if using --vfs-cache-mode > off
. This can potentially cause data corruption if you do. You can work around this by giving each rclone its own cache hierarchy with --cache-dir
. You don't need to worry about this if the remotes in use don't overlap.
--vfs-cache-mode off
In this mode (the default) the cache will read directly from the remote and write directly to the remote without caching anything on disk.
@@ -2629,7 +3747,7 @@ Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used. If you need this information to be available when running df
on the filesystem, then pass the flag --vfs-used-is-size
to rclone. With this flag set, instead of relying on the backend to report this information, rclone will scan the whole remote similar to rclone size
and compute the total used space itself.
WARNING. Contrary to rclone size
, this flag ignores filters so that the result is accurate. However, this is very inefficient and may cost lots of API calls resulting in extra charges. Use it as a last resort and only with caching.
rclone serve dlna remote:path [flags]
-Options
+Options
--addr string The ip:port or :port to bind the DLNA http server to (default ":7879")
--announce-interval Duration The interval between SSDP announcements (default 12m0s)
--dir-cache-time Duration Time to cache directory entries for (default 5m0s)
@@ -2647,8 +3765,9 @@ Options
--read-only Only allow read-only access
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
- --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max time since last access of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+ --vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
--vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
@@ -2658,25 +3777,49 @@ Options
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
--vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-refresh Refreshes the directory cache recursively on start
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
--vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
--vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone serve - Serve a remote over a protocol.
rclone serve docker
Serve any remote on docker's volume plugin API.
-Synopsis
+Synopsis
This command implements the Docker volume plugin API allowing docker to use rclone as a data storage mechanism for various cloud providers. rclone provides docker volume plugin based on it.
To create a docker plugin, one must create a Unix or TCP socket that Docker will look for when you use the plugin and then it listens for commands from docker daemon and runs the corresponding code when necessary. Docker plugins can run as a managed plugin under control of the docker daemon or as an independent native service. For testing, you can just run it directly from the command line, for example:
sudo rclone serve docker --base-dir /tmp/rclone-volumes --socket-addr localhost:8787 -vv
Running rclone serve docker
will create the said socket, listening for commands from Docker to create the necessary Volumes. Normally you need not give the --socket-addr
flag. The API will listen on the unix domain socket at /run/docker/plugins/rclone.sock
. In the example above rclone will create a TCP socket and a small file /etc/docker/plugins/rclone.spec
containing the socket address. We use sudo
because both paths are writeable only by the root user.
If you later decide to change listening socket, the docker daemon must be restarted to reconnect to /run/docker/plugins/rclone.sock
or parse new /etc/docker/plugins/rclone.spec
. Until you restart, any volume related docker commands will timeout trying to access the old socket. Running directly is supported on Linux only, not on Windows or MacOS. This is not a problem with managed plugin mode described in details in the full documentation.
The command will create volume mounts under the path given by --base-dir
(by default /var/lib/docker-volumes/rclone
available only to root) and maintain the JSON formatted file docker-plugin.state
in the rclone cache directory with book-keeping records of created and mounted volumes.
-All mount and VFS options are submitted by the docker daemon via API, but you can also provide defaults on the command line as well as set path to the config file and cache directory or adjust logging verbosity.
-VFS - Virtual File System
+All mount and VFS options are submitted by the docker daemon via API, but you can also provide defaults on the command line as well as set path to the config file and cache directory or adjust logging verbosity. ## VFS - Virtual File System
This command uses the VFS layer. This adapts the cloud storage objects that rclone uses into something which looks much more like a disk filing system.
Cloud storage objects have lots of properties which aren't like disk files - you can't extend them or write to the middle of them, so the VFS layer has to deal with that. Because there is no one right way of doing this there are various options explained below.
The VFS layer also implements a directory cache - this caches info about files and directories (but not the data) in memory.
@@ -2700,16 +3843,18 @@ VFS File Caching
These flags control the VFS file caching options. File caching is necessary to make the VFS layer appear compatible with a normal file system. It can be disabled at the cost of some compatibility.
For example you'll need to enable VFS caching if you want to read and write simultaneously to a file. See below for more details.
Note that the VFS cache is separate from the cache backend and you may find that you need one or the other or both.
---cache-dir string Directory rclone will use for caching.
---vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
---vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
---vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
---vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
---vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
+--cache-dir string Directory rclone will use for caching.
+--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
+--vfs-cache-max-age duration Max time since last access of objects in the cache (default 1h0m0s)
+--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+--vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
+--vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+--vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
If run with -vv
rclone will print the location of the file cache. The files are stored in the user cache file area which is OS dependent but can be controlled with --cache-dir
or setting the appropriate environment variable.
The cache has 4 different modes selected by --vfs-cache-mode
. The higher the cache mode the more compatible rclone becomes at the cost of using disk space.
Note that files are written back to the remote only when they are closed and if they haven't been accessed for --vfs-write-back
seconds. If rclone is quit or dies with files that haven't been uploaded, these will be uploaded next time rclone is run with the same flags.
-If using --vfs-cache-max-size
note that the cache may exceed this size for two reasons. Firstly because it is only checked every --vfs-cache-poll-interval
. Secondly because open files cannot be evicted from the cache.
+If using --vfs-cache-max-size
or --vfs-cache-min-free-size
note that the cache may exceed these quotas for two reasons. Firstly because it is only checked every --vfs-cache-poll-interval
. Secondly because open files cannot be evicted from the cache. When --vfs-cache-max-size
or --vfs-cache-min-free-size
is exceeded, rclone will attempt to evict the least accessed files from the cache first. rclone will start with files that haven't been accessed for the longest. This cache flushing strategy is efficient and more relevant files are likely to remain cached.
+The --vfs-cache-max-age
will evict files from the cache after the set time since last access has passed. The default value of 1 hour will start evicting files from cache that haven't been accessed for 1 hour. When a cached file is accessed the 1 hour timer is reset to 0 and will wait for 1 more hour before evicting. Specify the time with standard notation, s, m, h, d, w .
You should not run two copies of rclone using the same VFS cache with the same or overlapping remotes if using --vfs-cache-mode > off
. This can potentially cause data corruption if you do. You can work around this by giving each rclone its own cache hierarchy with --cache-dir
. You don't need to worry about this if the remotes in use don't overlap.
--vfs-cache-mode off
In this mode (the default) the cache will read directly from the remote and write directly to the remote without caching anything on disk.
@@ -2792,7 +3937,7 @@ Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used. If you need this information to be available when running df
on the filesystem, then pass the flag --vfs-used-is-size
to rclone. With this flag set, instead of relying on the backend to report this information, rclone will scan the whole remote similar to rclone size
and compute the total used space itself.
WARNING. Contrary to rclone size
, this flag ignores filters so that the result is accurate. However, this is very inefficient and may cost lots of API calls resulting in extra charges. Use it as a last resort and only with caching.
rclone serve docker [flags]
-Options
+Options
--allow-non-empty Allow mounting over a non-empty directory (not supported on Windows)
--allow-other Allow access to other users (not supported on Windows)
--allow-root Allow access to root user (not supported on Windows)
@@ -2813,6 +3958,7 @@ Options
--gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
-h, --help help for docker
--max-read-ahead SizeSuffix The number of bytes that can be prefetched for sequential reads (not supported on Windows) (default 128Ki)
+ --mount-case-insensitive Tristate Tell the OS the mount is case insensitive (true) or sensitive (false) regardless of the backend (auto) (default unset)
--network-mode Mount as remote network drive, instead of fixed disk drive (supported on Windows only)
--no-checksum Don't compare checksums on up/download
--no-modtime Don't read/write the modification time (can speed things up)
@@ -2827,8 +3973,9 @@ Options
--socket-gid int GID for unix socket (default: current process GID) (default 1000)
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
- --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max time since last access of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+ --vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
--vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
@@ -2838,27 +3985,51 @@ Options
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
--vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-refresh Refreshes the directory cache recursively on start
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
--vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
--vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
--volname string Set the volume name (supported on Windows and OSX only)
--write-back-cache Makes kernel buffer writes before sending them to rclone (without this, writethrough caching is used) (not supported on Windows)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone serve - Serve a remote over a protocol.
rclone serve ftp
Serve remote:path over FTP.
-Synopsis
+Synopsis
Run a basic FTP server to serve a remote over FTP protocol. This can be viewed with a FTP client or you can make a remote of type FTP to read and write it.
Server options
Use --addr to specify which IP address and port the server should listen on, e.g. --addr 1.2.3.4:8000 or --addr :8080 to listen to all IPs. By default it only listens on localhost. You can use port :0 to let the OS choose an available port.
If you set --addr to listen on a public or LAN accessible IP address then using Authentication is advised - see the next section for info.
Authentication
By default this will serve files without needing a login.
-You can set a single username and password with the --user and --pass flags.
-VFS - Virtual File System
+You can set a single username and password with the --user and --pass flags. ## VFS - Virtual File System
This command uses the VFS layer. This adapts the cloud storage objects that rclone uses into something which looks much more like a disk filing system.
Cloud storage objects have lots of properties which aren't like disk files - you can't extend them or write to the middle of them, so the VFS layer has to deal with that. Because there is no one right way of doing this there are various options explained below.
The VFS layer also implements a directory cache - this caches info about files and directories (but not the data) in memory.
@@ -2882,16 +4053,18 @@ VFS File Caching
These flags control the VFS file caching options. File caching is necessary to make the VFS layer appear compatible with a normal file system. It can be disabled at the cost of some compatibility.
For example you'll need to enable VFS caching if you want to read and write simultaneously to a file. See below for more details.
Note that the VFS cache is separate from the cache backend and you may find that you need one or the other or both.
---cache-dir string Directory rclone will use for caching.
---vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
---vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
---vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
---vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
---vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
+--cache-dir string Directory rclone will use for caching.
+--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
+--vfs-cache-max-age duration Max time since last access of objects in the cache (default 1h0m0s)
+--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+--vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
+--vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+--vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
If run with -vv
rclone will print the location of the file cache. The files are stored in the user cache file area which is OS dependent but can be controlled with --cache-dir
or setting the appropriate environment variable.
The cache has 4 different modes selected by --vfs-cache-mode
. The higher the cache mode the more compatible rclone becomes at the cost of using disk space.
Note that files are written back to the remote only when they are closed and if they haven't been accessed for --vfs-write-back
seconds. If rclone is quit or dies with files that haven't been uploaded, these will be uploaded next time rclone is run with the same flags.
-If using --vfs-cache-max-size
note that the cache may exceed this size for two reasons. Firstly because it is only checked every --vfs-cache-poll-interval
. Secondly because open files cannot be evicted from the cache.
+If using --vfs-cache-max-size
or --vfs-cache-min-free-size
note that the cache may exceed these quotas for two reasons. Firstly because it is only checked every --vfs-cache-poll-interval
. Secondly because open files cannot be evicted from the cache. When --vfs-cache-max-size
or --vfs-cache-min-free-size
is exceeded, rclone will attempt to evict the least accessed files from the cache first. rclone will start with files that haven't been accessed for the longest. This cache flushing strategy is efficient and more relevant files are likely to remain cached.
+The --vfs-cache-max-age
will evict files from the cache after the set time since last access has passed. The default value of 1 hour will start evicting files from cache that haven't been accessed for 1 hour. When a cached file is accessed the 1 hour timer is reset to 0 and will wait for 1 more hour before evicting. Specify the time with standard notation, s, m, h, d, w .
You should not run two copies of rclone using the same VFS cache with the same or overlapping remotes if using --vfs-cache-mode > off
. This can potentially cause data corruption if you do. You can work around this by giving each rclone its own cache hierarchy with --cache-dir
. You don't need to worry about this if the remotes in use don't overlap.
--vfs-cache-mode off
In this mode (the default) the cache will read directly from the remote and write directly to the remote without caching anything on disk.
@@ -3004,7 +4177,7 @@ Auth Proxy
Note that an internal cache is keyed on user
so only use that for configuration, don't use pass
or public_key
. This also means that if a user's password or public-key is changed the cache will need to expire (which takes 5 mins) before it takes effect.
This can be used to build general purpose proxies to any kind of backend that rclone supports.
rclone serve ftp remote:path [flags]
-Options
+Options
--addr string IPaddress:Port or :Port to bind server to (default "localhost:2121")
--auth-proxy string A program to use to create the backend from the auth
--cert string TLS PEM key (concatenation of certificate and CA certificate)
@@ -3025,8 +4198,9 @@ Options
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
--user string User name for authentication (default "anonymous")
- --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max time since last access of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+ --vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
--vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
@@ -3036,17 +4210,42 @@ Options
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
--vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-refresh Refreshes the directory cache recursively on start
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
--vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
--vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone serve - Serve a remote over a protocol.
rclone serve http
Serve the remote over HTTP.
-Synopsis
+Synopsis
Run a basic web server to serve a remote over HTTP. This can be viewed in a web browser or you can make a remote of type http read from it.
You can use the filter flags (e.g. --include
, --exclude
) to control what is served.
The server will log errors. Use -v
to see access logs.
@@ -3143,9 +4342,41 @@ Template
+The server also makes the following functions available so that they can be used within the template. These functions help extend the options for dynamic rendering of HTML. They can be used to render HTML based on specific conditions.
+
+
+
+
+
+
+
+Function
+Description
+
+
+
+
+afterEpoch
+Returns the time since the epoch for the given time.
+
+
+contains
+Checks whether a given substring is present or not in a given string.
+
+
+hasPrefix
+Checks whether the given string begins with the specified prefix.
+
+
+hasSuffix
+Checks whether the given string end with the specified suffix.
+
+
+
Authentication
By default this will serve files without needing a login.
You can either use an htpasswd file which can take lots of users, or set a single username and password with the --user
and --pass
flags.
+If no static users are configured by either of the above methods, and client certificates are required by the --client-ca
flag passed to the server, the client certificate common name will be considered as the username.
Use --htpasswd /path/to/htpasswd
to provide an htpasswd file. This is in standard apache format and supports MD5, SHA1 and BCrypt for basic authentication. Bcrypt is recommended.
To create an htpasswd file:
touch htpasswd
@@ -3153,8 +4384,7 @@ Authentication
htpasswd -B htpasswd anotherUser
The password file can be updated while rclone is running.
Use --realm
to set the authentication realm.
-Use --salt
to change the password hashing salt from the default.
-VFS - Virtual File System
+Use --salt
to change the password hashing salt from the default. ## VFS - Virtual File System
This command uses the VFS layer. This adapts the cloud storage objects that rclone uses into something which looks much more like a disk filing system.
Cloud storage objects have lots of properties which aren't like disk files - you can't extend them or write to the middle of them, so the VFS layer has to deal with that. Because there is no one right way of doing this there are various options explained below.
The VFS layer also implements a directory cache - this caches info about files and directories (but not the data) in memory.
@@ -3178,16 +4408,18 @@ VFS File Caching
These flags control the VFS file caching options. File caching is necessary to make the VFS layer appear compatible with a normal file system. It can be disabled at the cost of some compatibility.
For example you'll need to enable VFS caching if you want to read and write simultaneously to a file. See below for more details.
Note that the VFS cache is separate from the cache backend and you may find that you need one or the other or both.
---cache-dir string Directory rclone will use for caching.
---vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
---vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
---vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
---vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
---vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
+--cache-dir string Directory rclone will use for caching.
+--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
+--vfs-cache-max-age duration Max time since last access of objects in the cache (default 1h0m0s)
+--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+--vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
+--vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+--vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
If run with -vv
rclone will print the location of the file cache. The files are stored in the user cache file area which is OS dependent but can be controlled with --cache-dir
or setting the appropriate environment variable.
The cache has 4 different modes selected by --vfs-cache-mode
. The higher the cache mode the more compatible rclone becomes at the cost of using disk space.
Note that files are written back to the remote only when they are closed and if they haven't been accessed for --vfs-write-back
seconds. If rclone is quit or dies with files that haven't been uploaded, these will be uploaded next time rclone is run with the same flags.
-If using --vfs-cache-max-size
note that the cache may exceed this size for two reasons. Firstly because it is only checked every --vfs-cache-poll-interval
. Secondly because open files cannot be evicted from the cache.
+If using --vfs-cache-max-size
or --vfs-cache-min-free-size
note that the cache may exceed these quotas for two reasons. Firstly because it is only checked every --vfs-cache-poll-interval
. Secondly because open files cannot be evicted from the cache. When --vfs-cache-max-size
or --vfs-cache-min-free-size
is exceeded, rclone will attempt to evict the least accessed files from the cache first. rclone will start with files that haven't been accessed for the longest. This cache flushing strategy is efficient and more relevant files are likely to remain cached.
+The --vfs-cache-max-age
will evict files from the cache after the set time since last access has passed. The default value of 1 hour will start evicting files from cache that haven't been accessed for 1 hour. When a cached file is accessed the 1 hour timer is reset to 0 and will wait for 1 more hour before evicting. Specify the time with standard notation, s, m, h, d, w .
You should not run two copies of rclone using the same VFS cache with the same or overlapping remotes if using --vfs-cache-mode > off
. This can potentially cause data corruption if you do. You can work around this by giving each rclone its own cache hierarchy with --cache-dir
. You don't need to worry about this if the remotes in use don't overlap.
--vfs-cache-mode off
In this mode (the default) the cache will read directly from the remote and write directly to the remote without caching anything on disk.
@@ -3300,8 +4532,9 @@ Auth Proxy
Note that an internal cache is keyed on user
so only use that for configuration, don't use pass
or public_key
. This also means that if a user's password or public-key is changed the cache will need to expire (which takes 5 mins) before it takes effect.
This can be used to build general purpose proxies to any kind of backend that rclone supports.
rclone serve http remote:path [flags]
-Options
+Options
--addr stringArray IPaddress:Port or :Port to bind server to (default [127.0.0.1:8080])
+ --allow-origin string Origin which cross-domain request (CORS) can be executed from
--auth-proxy string A program to use to create the backend from the auth
--baseurl string Prefix for URLs - leave blank for root
--cert string TLS PEM key (concatenation of certificate and CA certificate)
@@ -3329,8 +4562,9 @@ Options
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
--user string User name for authentication
- --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max time since last access of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+ --vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
--vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
@@ -3340,42 +4574,258 @@ Options
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
--vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-refresh Refreshes the directory cache recursively on start
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
--vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
--vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone serve - Serve a remote over a protocol.
-rclone serve restic
-Serve the remote for restic's REST API.
-Synopsis
-Run a basic web server to serve a remote over restic's REST backend API over HTTP. This allows restic to use rclone as a data storage mechanism for cloud providers that restic does not support directly.
-Restic is a command-line program for doing backups.
-The server will log errors. Use -v to see access logs.
---bwlimit
will be respected for file transfers. Use --stats
to control the stats printing.
-Setting up rclone for use by restic
-First set up a remote for your chosen cloud provider.
-Once you have set up the remote, check it is working with, for example "rclone lsd remote:". You may have called the remote something other than "remote:" - just substitute whatever you called it in the following instructions.
-Now start the rclone restic server
-rclone serve restic -v remote:backup
-Where you can replace "backup" in the above by whatever path in the remote you wish to use.
-By default this will serve on "localhost:8080" you can change this with use of the --addr
flag.
-You might wish to start this server on boot.
-Adding --cache-objects=false
will cause rclone to stop caching objects returned from the List call. Caching is normally desirable as it speeds up downloading objects, saves transactions and uses very little memory.
-Setting up restic to use rclone
-Now you can follow the restic instructions on setting up restic.
-Note that you will need restic 0.8.2 or later to interoperate with rclone.
-For the example above you will want to use "http://localhost:8080/" as the URL for the REST server.
-For example:
-$ export RESTIC_REPOSITORY=rest:http://localhost:8080/
-$ export RESTIC_PASSWORD=yourpassword
-$ restic init
-created restic backend 8b1a4b56ae at rest:http://localhost:8080/
-
-Please note that knowledge of your password is required to access
-the repository. Losing your password means that your data is
+rclone serve nfs
+Serve the remote as an NFS mount
+Synopsis
+Create an NFS server that serves the given remote over the network.
+The primary purpose for this command is to enable mount command on recent macOS versions where installing FUSE is very cumbersome.
+Since this is running on NFSv3, no authentication method is available. Any client will be able to access the data. To limit access, you can use serve NFS on loopback address and rely on secure tunnels (such as SSH). For this reason, by default, a random TCP port is chosen and loopback interface is used for the listening address; meaning that it is only available to the local machine. If you want other machines to access the NFS mount over local network, you need to specify the listening address and port using --addr
flag.
+Modifying files through NFS protocol requires VFS caching. Usually you will need to specify --vfs-cache-mode
in order to be able to write to the mountpoint (full is recommended). If you don't specify VFS cache mode, the mount will be read-only.
+To serve NFS over the network use following command:
+rclone serve nfs remote: --addr 0.0.0.0:$PORT --vfs-cache-mode=full
+We specify a specific port that we can use in the mount command:
+To mount the server under Linux/macOS, use the following command:
+mount -oport=$PORT,mountport=$PORT $HOSTNAME: path/to/mountpoint
+Where $PORT
is the same port number we used in the serve nfs command.
+This feature is only available on Unix platforms.
+VFS - Virtual File System
+This command uses the VFS layer. This adapts the cloud storage objects that rclone uses into something which looks much more like a disk filing system.
+Cloud storage objects have lots of properties which aren't like disk files - you can't extend them or write to the middle of them, so the VFS layer has to deal with that. Because there is no one right way of doing this there are various options explained below.
+The VFS layer also implements a directory cache - this caches info about files and directories (but not the data) in memory.
+VFS Directory Cache
+Using the --dir-cache-time
flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the VFS will appear immediately or invalidate the cache.
+--dir-cache-time duration Time to cache directory entries for (default 5m0s)
+--poll-interval duration Time to wait between polling for changes. Must be smaller than dir-cache-time. Only on supported remotes. Set to 0 to disable (default 1m0s)
+However, changes made directly on the cloud storage by the web interface or a different copy of rclone will only be picked up once the directory cache expires if the backend configured does not support polling for changes. If the backend supports polling, changes will be picked up within the polling interval.
+You can send a SIGHUP
signal to rclone for it to flush all directory caches, regardless of how old they are. Assuming only one rclone instance is running, you can reset the cache like this:
+kill -SIGHUP $(pidof rclone)
+If you configure rclone with a remote control then you can use rclone rc to flush the whole directory cache:
+rclone rc vfs/forget
+Or individual files or directories:
+rclone rc vfs/forget file=path/to/file dir=path/to/dir
+VFS File Buffering
+The --buffer-size
flag determines the amount of memory, that will be used to buffer data in advance.
+Each open file will try to keep the specified amount of data in memory at all times. The buffered data is bound to one open file and won't be shared.
+This flag is a upper limit for the used memory per open file. The buffer will only use memory for data that is downloaded but not not yet read. If the buffer is empty, only a small amount of memory will be used.
+The maximum memory used by rclone for buffering can be up to --buffer-size * open files
.
+VFS File Caching
+These flags control the VFS file caching options. File caching is necessary to make the VFS layer appear compatible with a normal file system. It can be disabled at the cost of some compatibility.
+For example you'll need to enable VFS caching if you want to read and write simultaneously to a file. See below for more details.
+Note that the VFS cache is separate from the cache backend and you may find that you need one or the other or both.
+--cache-dir string Directory rclone will use for caching.
+--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
+--vfs-cache-max-age duration Max time since last access of objects in the cache (default 1h0m0s)
+--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+--vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
+--vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+--vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
+If run with -vv
rclone will print the location of the file cache. The files are stored in the user cache file area which is OS dependent but can be controlled with --cache-dir
or setting the appropriate environment variable.
+The cache has 4 different modes selected by --vfs-cache-mode
. The higher the cache mode the more compatible rclone becomes at the cost of using disk space.
+Note that files are written back to the remote only when they are closed and if they haven't been accessed for --vfs-write-back
seconds. If rclone is quit or dies with files that haven't been uploaded, these will be uploaded next time rclone is run with the same flags.
+If using --vfs-cache-max-size
or --vfs-cache-min-free-size
note that the cache may exceed these quotas for two reasons. Firstly because it is only checked every --vfs-cache-poll-interval
. Secondly because open files cannot be evicted from the cache. When --vfs-cache-max-size
or --vfs-cache-min-free-size
is exceeded, rclone will attempt to evict the least accessed files from the cache first. rclone will start with files that haven't been accessed for the longest. This cache flushing strategy is efficient and more relevant files are likely to remain cached.
+The --vfs-cache-max-age
will evict files from the cache after the set time since last access has passed. The default value of 1 hour will start evicting files from cache that haven't been accessed for 1 hour. When a cached file is accessed the 1 hour timer is reset to 0 and will wait for 1 more hour before evicting. Specify the time with standard notation, s, m, h, d, w .
+You should not run two copies of rclone using the same VFS cache with the same or overlapping remotes if using --vfs-cache-mode > off
. This can potentially cause data corruption if you do. You can work around this by giving each rclone its own cache hierarchy with --cache-dir
. You don't need to worry about this if the remotes in use don't overlap.
+--vfs-cache-mode off
+In this mode (the default) the cache will read directly from the remote and write directly to the remote without caching anything on disk.
+This will mean some operations are not possible
+
+- Files can't be opened for both read AND write
+- Files opened for write can't be seeked
+- Existing files opened for write must have O_TRUNC set
+- Files open for read with O_TRUNC will be opened write only
+- Files open for write only will behave as if O_TRUNC was supplied
+- Open modes O_APPEND, O_TRUNC are ignored
+- If an upload fails it can't be retried
+
+--vfs-cache-mode minimal
+This is very similar to "off" except that files opened for read AND write will be buffered to disk. This means that files opened for write will be a lot more compatible, but uses the minimal disk space.
+These operations are not possible
+
+- Files opened for write only can't be seeked
+- Existing files opened for write must have O_TRUNC set
+- Files opened for write only will ignore O_APPEND, O_TRUNC
+- If an upload fails it can't be retried
+
+--vfs-cache-mode writes
+In this mode files opened for read only are still read directly from the remote, write only and read/write files are buffered to disk first.
+This mode should support all normal file system operations.
+If an upload fails it will be retried at exponentially increasing intervals up to 1 minute.
+--vfs-cache-mode full
+In this mode all reads and writes are buffered to and from disk. When data is read from the remote this is buffered to disk as well.
+In this mode the files in the cache will be sparse files and rclone will keep track of which bits of the files it has downloaded.
+So if an application only reads the starts of each file, then rclone will only buffer the start of the file. These files will appear to be their full size in the cache, but they will be sparse files with only the data that has been downloaded present in them.
+This mode should support all normal file system operations and is otherwise identical to --vfs-cache-mode
writes.
+When reading a file rclone will read --buffer-size
plus --vfs-read-ahead
bytes ahead. The --buffer-size
is buffered in memory whereas the --vfs-read-ahead
is buffered on disk.
+When using this mode it is recommended that --buffer-size
is not set too large and --vfs-read-ahead
is set large if required.
+IMPORTANT not all file systems support sparse files. In particular FAT/exFAT do not. Rclone will perform very badly if the cache directory is on a filesystem which doesn't support sparse files and it will log an ERROR message if one is detected.
+Fingerprinting
+Various parts of the VFS use fingerprinting to see if a local file copy has changed relative to a remote file. Fingerprints are made from:
+
+- size
+- modification time
+- hash
+
+where available on an object.
+On some backends some of these attributes are slow to read (they take an extra API call per object, or extra work per object).
+For example hash
is slow with the local
and sftp
backends as they have to read the entire file and hash it, and modtime
is slow with the s3
, swift
, ftp
and qinqstor
backends because they need to do an extra API call to fetch it.
+If you use the --vfs-fast-fingerprint
flag then rclone will not include the slow operations in the fingerprint. This makes the fingerprinting less accurate but much faster and will improve the opening time of cached files.
+If you are running a vfs cache over local
, s3
or swift
backends then using this flag is recommended.
+Note that if you change the value of this flag, the fingerprints of the files in the cache may be invalidated and the files will need to be downloaded again.
+VFS Chunked Reading
+When rclone reads files from a remote it reads them in chunks. This means that rather than requesting the whole file rclone reads the chunk specified. This can reduce the used download quota for some remotes by requesting only chunks from the remote that are actually read, at the cost of an increased number of requests.
+These flags control the chunking:
+--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128M)
+--vfs-read-chunk-size-limit SizeSuffix Max chunk doubling size (default off)
+Rclone will start reading a chunk of size --vfs-read-chunk-size
, and then double the size for each read. When --vfs-read-chunk-size-limit
is specified, and greater than --vfs-read-chunk-size
, the chunk size for each open file will get doubled only until the specified value is reached. If the value is "off", which is the default, the limit is disabled and the chunk size will grow indefinitely.
+With --vfs-read-chunk-size 100M
and --vfs-read-chunk-size-limit 0
the following parts will be downloaded: 0-100M, 100M-200M, 200M-300M, 300M-400M and so on. When --vfs-read-chunk-size-limit 500M
is specified, the result would be 0-100M, 100M-300M, 300M-700M, 700M-1200M, 1200M-1700M and so on.
+Setting --vfs-read-chunk-size
to 0
or "off" disables chunked reading.
+VFS Performance
+These flags may be used to enable/disable features of the VFS for performance or other reasons. See also the chunked reading feature.
+In particular S3 and Swift benefit hugely from the --no-modtime
flag (or use --use-server-modtime
for a slightly different effect) as each read of the modification time takes a transaction.
+--no-checksum Don't compare checksums on up/download.
+--no-modtime Don't read/write the modification time (can speed things up).
+--no-seek Don't allow seeking in files.
+--read-only Only allow read-only access.
+Sometimes rclone is delivered reads or writes out of order. Rather than seeking rclone will wait a short time for the in sequence read or write to come in. These flags only come into effect when not using an on disk cache file.
+--vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+--vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+When using VFS write caching (--vfs-cache-mode
with value writes or full), the global flag --transfers
can be set to adjust the number of parallel uploads of modified files from the cache (the related global flag --checkers
has no effect on the VFS).
+--transfers int Number of file transfers to run in parallel (default 4)
+VFS Case Sensitivity
+Linux file systems are case-sensitive: two files can differ only by case, and the exact case must be used when opening a file.
+File systems in modern Windows are case-insensitive but case-preserving: although existing files can be opened using any case, the exact case used to create the file is preserved and available for programs to query. It is not allowed for two files in the same directory to differ only by case.
+Usually file systems on macOS are case-insensitive. It is possible to make macOS file systems case-sensitive but that is not the default.
+The --vfs-case-insensitive
VFS flag controls how rclone handles these two cases. If its value is "false", rclone passes file names to the remote as-is. If the flag is "true" (or appears without a value on the command line), rclone may perform a "fixup" as explained below.
+The user may specify a file name to open/delete/rename/etc with a case different than what is stored on the remote. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by the underlying remote.
+Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system presented by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
+If the flag is not provided on the command line, then its default value depends on the operating system where rclone runs: "true" on Windows and macOS, "false" otherwise. If the flag is provided without a value, then it is "true".
+VFS Disk Options
+This flag allows you to manually set the statistics about the filing system. It can be useful when those statistics cannot be read correctly automatically.
+--vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
+Alternate report of used bytes
+Some backends, most notably S3, do not report the amount of bytes used. If you need this information to be available when running df
on the filesystem, then pass the flag --vfs-used-is-size
to rclone. With this flag set, instead of relying on the backend to report this information, rclone will scan the whole remote similar to rclone size
and compute the total used space itself.
+WARNING. Contrary to rclone size
, this flag ignores filters so that the result is accurate. However, this is very inefficient and may cost lots of API calls resulting in extra charges. Use it as a last resort and only with caching.
+rclone serve nfs remote:path [flags]
+Options
+ --addr string IPaddress:Port or :Port to bind server to
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
+ --dir-perms FileMode Directory permissions (default 0777)
+ --file-perms FileMode File permissions (default 0666)
+ --gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
+ -h, --help help for nfs
+ --no-checksum Don't compare checksums on up/download
+ --no-modtime Don't read/write the modification time (can speed things up)
+ --no-seek Don't allow seeking in files
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
+ --uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
+ --umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
+ --vfs-cache-max-age Duration Max time since last access of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+ --vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
+ --vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
+ --vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
+ --vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
+ --vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-refresh Refreshes the directory cache recursively on start
+ --vfs-used-is-size rclone size Use the rclone size algorithm for Used size
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+See the global flags page for global options not listed here.
+SEE ALSO
+
+- rclone serve - Serve a remote over a protocol.
+
+rclone serve restic
+Serve the remote for restic's REST API.
+Synopsis
+Run a basic web server to serve a remote over restic's REST backend API over HTTP. This allows restic to use rclone as a data storage mechanism for cloud providers that restic does not support directly.
+Restic is a command-line program for doing backups.
+The server will log errors. Use -v to see access logs.
+--bwlimit
will be respected for file transfers. Use --stats
to control the stats printing.
+Setting up rclone for use by restic
+First set up a remote for your chosen cloud provider.
+Once you have set up the remote, check it is working with, for example "rclone lsd remote:". You may have called the remote something other than "remote:" - just substitute whatever you called it in the following instructions.
+Now start the rclone restic server
+rclone serve restic -v remote:backup
+Where you can replace "backup" in the above by whatever path in the remote you wish to use.
+By default this will serve on "localhost:8080" you can change this with use of the --addr
flag.
+You might wish to start this server on boot.
+Adding --cache-objects=false
will cause rclone to stop caching objects returned from the List call. Caching is normally desirable as it speeds up downloading objects, saves transactions and uses very little memory.
+Setting up restic to use rclone
+Now you can follow the restic instructions on setting up restic.
+Note that you will need restic 0.8.2 or later to interoperate with rclone.
+For the example above you will want to use "http://localhost:8080/" as the URL for the REST server.
+For example:
+$ export RESTIC_REPOSITORY=rest:http://localhost:8080/
+$ export RESTIC_PASSWORD=yourpassword
+$ restic init
+created restic backend 8b1a4b56ae at rest:http://localhost:8080/
+
+Please note that knowledge of your password is required to access
+the repository. Losing your password means that your data is
irrecoverably lost.
$ restic backup /path/to/files/to/backup
scan [/path/to/files/to/backup]
@@ -3406,6 +4856,7 @@ TLS (SSL)
Authentication
By default this will serve files without needing a login.
You can either use an htpasswd file which can take lots of users, or set a single username and password with the --user
and --pass
flags.
+If no static users are configured by either of the above methods, and client certificates are required by the --client-ca
flag passed to the server, the client certificate common name will be considered as the username.
Use --htpasswd /path/to/htpasswd
to provide an htpasswd file. This is in standard apache format and supports MD5, SHA1 and BCrypt for basic authentication. Bcrypt is recommended.
To create an htpasswd file:
touch htpasswd
@@ -3415,8 +4866,9 @@ Authentication
Use --realm
to set the authentication realm.
Use --salt
to change the password hashing salt from the default.
rclone serve restic remote:path [flags]
-Options
+Options
--addr stringArray IPaddress:Port or :Port to bind server to (default [127.0.0.1:8080])
+ --allow-origin string Origin which cross-domain request (CORS) can be executed from
--append-only Disallow deletion of repository data
--baseurl string Prefix for URLs - leave blank for root
--cache-objects Cache listed objects (default true)
@@ -3436,32 +4888,84 @@ Options
--stdio Run an HTTP2 server on stdin/stdout
--user string User name for authentication
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone serve - Serve a remote over a protocol.
-rclone serve sftp
-Serve the remote over SFTP.
-Synopsis
-Run an SFTP server to serve a remote over SFTP. This can be used with an SFTP client or you can make a remote of type sftp to use with it.
-You can use the filter flags (e.g. --include
, --exclude
) to control what is served.
-The server will respond to a small number of shell commands, mainly md5sum, sha1sum and df, which enable it to provide support for checksums and the about feature when accessed from an sftp remote.
-Note that this server uses standard 32 KiB packet payload size, which means you must not configure the client to expect anything else, e.g. with the chunk_size option on an sftp remote.
-The server will log errors. Use -v
to see access logs.
---bwlimit
will be respected for file transfers. Use --stats
to control the stats printing.
-You must provide some means of authentication, either with --user
/--pass
, an authorized keys file (specify location with --authorized-keys
- the default is the same as ssh), an --auth-proxy
, or set the --no-auth
flag for no authentication when logging in.
-If you don't supply a host --key
then rclone will generate rsa, ecdsa and ed25519 variants, and cache them for later use in rclone's cache directory (see rclone help flags cache-dir
) in the "serve-sftp" directory.
-By default the server binds to localhost:2022 - if you want it to be reachable externally then supply --addr :2022
for example.
-Note that the default of --vfs-cache-mode off
is fine for the rclone sftp backend, but it may not be with other SFTP clients.
-If --stdio
is specified, rclone will serve SFTP over stdio, which can be used with sshd via ~/.ssh/authorized_keys, for example:
-restrict,command="rclone serve sftp --stdio ./photos" ssh-rsa ...
-On the client you need to set --transfers 1
when using --stdio
. Otherwise multiple instances of the rclone server are started by OpenSSH which can lead to "corrupted on transfer" errors. This is the case because the client chooses indiscriminately which server to send commands to while the servers all have different views of the state of the filing system.
-The "restrict" in authorized_keys prevents SHA1SUMs and MD5SUMs from beeing used. Omitting "restrict" and using --sftp-path-override
to enable checksumming is possible but less secure and you could use the SFTP server provided by OpenSSH in this case.
-VFS - Virtual File System
+rclone serve s3
+Serve remote:path over s3.
+Synopsis
+serve s3
implements a basic s3 server that serves a remote via s3. This can be viewed with an s3 client, or you can make an s3 type remote to read and write to it with rclone.
+serve s3
is considered Experimental so use with care.
+S3 server supports Signature Version 4 authentication. Just use --auth-key accessKey,secretKey
and set the Authorization
header correctly in the request. (See the AWS docs).
+--auth-key
can be repeated for multiple auth pairs. If --auth-key
is not provided then serve s3
will allow anonymous access.
+Please note that some clients may require HTTPS endpoints. See the SSL docs for more information.
+This command uses the VFS directory cache. All the functionality will work with --vfs-cache-mode off
. Using --vfs-cache-mode full
(or writes
) can be used to cache objects locally to improve performance.
+Use --force-path-style=false
if you want to use the bucket name as a part of the hostname (such as mybucket.local)
+Use --etag-hash
if you want to change the hash uses for the ETag
. Note that using anything other than MD5
(the default) is likely to cause problems for S3 clients which rely on the Etag being the MD5.
+Quickstart
+For a simple set up, to serve remote:path
over s3, run the server like this:
+rclone serve s3 --auth-key ACCESS_KEY_ID,SECRET_ACCESS_KEY remote:path
+This will be compatible with an rclone remote which is defined like this:
+[serves3]
+type = s3
+provider = Rclone
+endpoint = http://127.0.0.1:8080/
+access_key_id = ACCESS_KEY_ID
+secret_access_key = SECRET_ACCESS_KEY
+use_multipart_uploads = false
+Note that setting disable_multipart_uploads = true
is to work around a bug which will be fixed in due course.
+Bugs
+When uploading multipart files serve s3
holds all the parts in memory (see #7453). This is a limitaton of the library rclone uses for serving S3 and will hopefully be fixed at some point.
+Multipart server side copies do not work (see #7454). These take a very long time and eventually fail. The default threshold for multipart server side copies is 5G which is the maximum it can be, so files above this side will fail to be server side copied.
+For a current list of serve s3
bugs see the serve s3 bug category on GitHub.
+Limitations
+serve s3
will treat all directories in the root as buckets and ignore all files in the root. You can use CreateBucket
to create folders under the root, but you can't create empty folders under other folders not in the root.
+When using PutObject
or DeleteObject
, rclone will automatically create or clean up empty folders. If you don't want to clean up empty folders automatically, use --no-cleanup
.
+When using ListObjects
, rclone will use /
when the delimiter is empty. This reduces backend requests with no effect on most operations, but if the delimiter is something other than /
and empty, rclone will do a full recursive search of the backend, which can take some time.
+Versioning is not currently supported.
+Metadata will only be saved in memory other than the rclone mtime
metadata which will be set as the modification time of the file.
+Supported operations
+serve s3
currently supports the following operations.
+
+- Bucket
+
+ListBuckets
+CreateBucket
+DeleteBucket
+
+- Object
+
+HeadObject
+ListObjects
+GetObject
+PutObject
+DeleteObject
+DeleteObjects
+CreateMultipartUpload
+CompleteMultipartUpload
+AbortMultipartUpload
+CopyObject
+UploadPart
+
+
+Other operations will return error Unimplemented
.
+Server options
+Use --addr
to specify which IP address and port the server should listen on, eg --addr 1.2.3.4:8000
or --addr :8080
to listen to all IPs. By default it only listens on localhost. You can use port :0 to let the OS choose an available port.
+If you set --addr
to listen on a public or LAN accessible IP address then using Authentication is advised - see the next section for info.
+You can use a unix socket by setting the url to unix:///path/to/socket
or just by using an absolute path name. Note that unix sockets bypass the authentication - this is expected to be done with file system permissions.
+--addr
may be repeated to listen on multiple IPs/ports/sockets.
+--server-read-timeout
and --server-write-timeout
can be used to control the timeouts on the server. Note that this is the total time for a transfer.
+--max-header-bytes
controls the maximum number of bytes the server will accept in the HTTP header.
+--baseurl
controls the URL prefix that rclone serves from. By default rclone will serve from the root. If you used --baseurl "/rclone"
then rclone would serve from a URL starting with "/rclone/". This is useful if you wish to proxy rclone serve. Rclone automatically inserts leading and trailing "/" on --baseurl
, so --baseurl "rclone"
, --baseurl "/rclone"
and --baseurl "/rclone/"
are all treated identically.
+TLS (SSL)
+By default this will serve over http. If you want you can serve over https. You will need to supply the --cert
and --key
flags. If you wish to do client side certificate validation then you will need to supply --client-ca
also.
+--cert
should be a either a PEM encoded certificate or a concatenation of that with the CA certificate. --key
should be the PEM encoded private key and --client-ca
should be the PEM encoded client certificate authority certificate.
+--min-tls-version is minimum TLS version that is acceptable. Valid values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default "tls1.0"). ## VFS - Virtual File System
This command uses the VFS layer. This adapts the cloud storage objects that rclone uses into something which looks much more like a disk filing system.
Cloud storage objects have lots of properties which aren't like disk files - you can't extend them or write to the middle of them, so the VFS layer has to deal with that. Because there is no one right way of doing this there are various options explained below.
The VFS layer also implements a directory cache - this caches info about files and directories (but not the data) in memory.
-VFS Directory Cache
+VFS Directory Cache
Using the --dir-cache-time
flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the VFS will appear immediately or invalidate the cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
--poll-interval duration Time to wait between polling for changes. Must be smaller than dir-cache-time. Only on supported remotes. Set to 0 to disable (default 1m0s)
@@ -3472,27 +4976,29 @@ VFS Directory Cache
rclone rc vfs/forget
Or individual files or directories:
rclone rc vfs/forget file=path/to/file dir=path/to/dir
-VFS File Buffering
+VFS File Buffering
The --buffer-size
flag determines the amount of memory, that will be used to buffer data in advance.
Each open file will try to keep the specified amount of data in memory at all times. The buffered data is bound to one open file and won't be shared.
This flag is a upper limit for the used memory per open file. The buffer will only use memory for data that is downloaded but not not yet read. If the buffer is empty, only a small amount of memory will be used.
The maximum memory used by rclone for buffering can be up to --buffer-size * open files
.
-VFS File Caching
+VFS File Caching
These flags control the VFS file caching options. File caching is necessary to make the VFS layer appear compatible with a normal file system. It can be disabled at the cost of some compatibility.
For example you'll need to enable VFS caching if you want to read and write simultaneously to a file. See below for more details.
Note that the VFS cache is separate from the cache backend and you may find that you need one or the other or both.
---cache-dir string Directory rclone will use for caching.
---vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
---vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
---vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
---vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
---vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
+--cache-dir string Directory rclone will use for caching.
+--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
+--vfs-cache-max-age duration Max time since last access of objects in the cache (default 1h0m0s)
+--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+--vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
+--vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+--vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
If run with -vv
rclone will print the location of the file cache. The files are stored in the user cache file area which is OS dependent but can be controlled with --cache-dir
or setting the appropriate environment variable.
The cache has 4 different modes selected by --vfs-cache-mode
. The higher the cache mode the more compatible rclone becomes at the cost of using disk space.
Note that files are written back to the remote only when they are closed and if they haven't been accessed for --vfs-write-back
seconds. If rclone is quit or dies with files that haven't been uploaded, these will be uploaded next time rclone is run with the same flags.
-If using --vfs-cache-max-size
note that the cache may exceed this size for two reasons. Firstly because it is only checked every --vfs-cache-poll-interval
. Secondly because open files cannot be evicted from the cache.
+If using --vfs-cache-max-size
or --vfs-cache-min-free-size
note that the cache may exceed these quotas for two reasons. Firstly because it is only checked every --vfs-cache-poll-interval
. Secondly because open files cannot be evicted from the cache. When --vfs-cache-max-size
or --vfs-cache-min-free-size
is exceeded, rclone will attempt to evict the least accessed files from the cache first. rclone will start with files that haven't been accessed for the longest. This cache flushing strategy is efficient and more relevant files are likely to remain cached.
+The --vfs-cache-max-age
will evict files from the cache after the set time since last access has passed. The default value of 1 hour will start evicting files from cache that haven't been accessed for 1 hour. When a cached file is accessed the 1 hour timer is reset to 0 and will wait for 1 more hour before evicting. Specify the time with standard notation, s, m, h, d, w .
You should not run two copies of rclone using the same VFS cache with the same or overlapping remotes if using --vfs-cache-mode > off
. This can potentially cause data corruption if you do. You can work around this by giving each rclone its own cache hierarchy with --cache-dir
. You don't need to worry about this if the remotes in use don't overlap.
---vfs-cache-mode off
+--vfs-cache-mode off
In this mode (the default) the cache will read directly from the remote and write directly to the remote without caching anything on disk.
This will mean some operations are not possible
@@ -3504,7 +5010,7 @@ --vfs-cache-mode off
- Open modes O_APPEND, O_TRUNC are ignored
- If an upload fails it can't be retried
---vfs-cache-mode minimal
+--vfs-cache-mode minimal
This is very similar to "off" except that files opened for read AND write will be buffered to disk. This means that files opened for write will be a lot more compatible, but uses the minimal disk space.
These operations are not possible
@@ -3513,11 +5019,11 @@ --vfs-cache-mode minimal
- Files opened for write only will ignore O_APPEND, O_TRUNC
- If an upload fails it can't be retried
---vfs-cache-mode writes
+--vfs-cache-mode writes
In this mode files opened for read only are still read directly from the remote, write only and read/write files are buffered to disk first.
This mode should support all normal file system operations.
If an upload fails it will be retried at exponentially increasing intervals up to 1 minute.
---vfs-cache-mode full
+--vfs-cache-mode full
In this mode all reads and writes are buffered to and from disk. When data is read from the remote this is buffered to disk as well.
In this mode the files in the cache will be sparse files and rclone will keep track of which bits of the files it has downloaded.
So if an application only reads the starts of each file, then rclone will only buffer the start of the file. These files will appear to be their full size in the cache, but they will be sparse files with only the data that has been downloaded present in them.
@@ -3525,7 +5031,7 @@ --vfs-cache-mode full
When reading a file rclone will read --buffer-size
plus --vfs-read-ahead
bytes ahead. The --buffer-size
is buffered in memory whereas the --vfs-read-ahead
is buffered on disk.
When using this mode it is recommended that --buffer-size
is not set too large and --vfs-read-ahead
is set large if required.
IMPORTANT not all file systems support sparse files. In particular FAT/exFAT do not. Rclone will perform very badly if the cache directory is on a filesystem which doesn't support sparse files and it will log an ERROR message if one is detected.
-Fingerprinting
+Fingerprinting
Various parts of the VFS use fingerprinting to see if a local file copy has changed relative to a remote file. Fingerprints are made from:
- size
@@ -3538,7 +5044,7 @@ Fingerprinting
If you use the --vfs-fast-fingerprint
flag then rclone will not include the slow operations in the fingerprint. This makes the fingerprinting less accurate but much faster and will improve the opening time of cached files.
If you are running a vfs cache over local
, s3
or swift
backends then using this flag is recommended.
Note that if you change the value of this flag, the fingerprints of the files in the cache may be invalidated and the files will need to be downloaded again.
-VFS Chunked Reading
+VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This means that rather than requesting the whole file rclone reads the chunk specified. This can reduce the used download quota for some remotes by requesting only chunks from the remote that are actually read, at the cost of an increased number of requests.
These flags control the chunking:
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128M)
@@ -3546,7 +5052,7 @@ VFS Chunked Reading
Rclone will start reading a chunk of size --vfs-read-chunk-size
, and then double the size for each read. When --vfs-read-chunk-size-limit
is specified, and greater than --vfs-read-chunk-size
, the chunk size for each open file will get doubled only until the specified value is reached. If the value is "off", which is the default, the limit is disabled and the chunk size will grow indefinitely.
With --vfs-read-chunk-size 100M
and --vfs-read-chunk-size-limit 0
the following parts will be downloaded: 0-100M, 100M-200M, 200M-300M, 300M-400M and so on. When --vfs-read-chunk-size-limit 500M
is specified, the result would be 0-100M, 100M-300M, 300M-700M, 700M-1200M, 1200M-1700M and so on.
Setting --vfs-read-chunk-size
to 0
or "off" disables chunked reading.
-VFS Performance
+VFS Performance
These flags may be used to enable/disable features of the VFS for performance or other reasons. See also the chunked reading feature.
In particular S3 and Swift benefit hugely from the --no-modtime
flag (or use --use-server-modtime
for a slightly different effect) as each read of the modification time takes a transaction.
--no-checksum Don't compare checksums on up/download.
@@ -3558,7 +5064,7 @@ VFS Performance
--vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
When using VFS write caching (--vfs-cache-mode
with value writes or full), the global flag --transfers
can be set to adjust the number of parallel uploads of modified files from the cache (the related global flag --checkers
has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
-VFS Case Sensitivity
+VFS Case Sensitivity
Linux file systems are case-sensitive: two files can differ only by case, and the exact case must be used when opening a file.
File systems in modern Windows are case-insensitive but case-preserving: although existing files can be opened using any case, the exact case used to create the file is preserved and available for programs to query. It is not allowed for two files in the same directory to differ only by case.
Usually file systems on macOS are case-insensitive. It is possible to make macOS file systems case-sensitive but that is not the default.
@@ -3566,44 +5072,251 @@ VFS Case Sensitivity
The user may specify a file name to open/delete/rename/etc with a case different than what is stored on the remote. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by the underlying remote.
Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system presented by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
If the flag is not provided on the command line, then its default value depends on the operating system where rclone runs: "true" on Windows and macOS, "false" otherwise. If the flag is provided without a value, then it is "true".
-VFS Disk Options
+VFS Disk Options
This flag allows you to manually set the statistics about the filing system. It can be useful when those statistics cannot be read correctly automatically.
--vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
-Alternate report of used bytes
+Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used. If you need this information to be available when running df
on the filesystem, then pass the flag --vfs-used-is-size
to rclone. With this flag set, instead of relying on the backend to report this information, rclone will scan the whole remote similar to rclone size
and compute the total used space itself.
WARNING. Contrary to rclone size
, this flag ignores filters so that the result is accurate. However, this is very inefficient and may cost lots of API calls resulting in extra charges. Use it as a last resort and only with caching.
-Auth Proxy
-If you supply the parameter --auth-proxy /path/to/program
then rclone will use that program to generate backends on the fly which then are used to authenticate incoming requests. This uses a simple JSON based protocol with input on STDIN and output on STDOUT.
-PLEASE NOTE: --auth-proxy
and --authorized-keys
cannot be used together, if --auth-proxy
is set the authorized keys option will be ignored.
-There is an example program bin/test_proxy.py in the rclone source code.
-The program's job is to take a user
and pass
on the input and turn those into the config for a backend on STDOUT in JSON format. This config will have any default parameters for the backend added, but it won't use configuration from environment variables or command line options - it is the job of the proxy program to make a complete config.
-This config generated must have this extra parameter - _root
- root to use for the backend
-And it may have this parameter - _obscure
- comma separated strings for parameters to obscure
-If password authentication was used by the client, input to the proxy process (on STDIN) would look similar to this:
-{
- "user": "me",
- "pass": "mypassword"
-}
-If public-key authentication was used by the client, input to the proxy process (on STDIN) would look similar to this:
-{
- "user": "me",
- "public_key": "AAAAB3NzaC1yc2EAAAADAQABAAABAQDuwESFdAe14hVS6omeyX7edc...JQdf"
-}
-And as an example return this on STDOUT
-{
- "type": "sftp",
- "_root": "",
- "_obscure": "pass",
- "user": "me",
- "pass": "mypassword",
- "host": "sftp.example.com"
-}
+rclone serve s3 remote:path [flags]
+Options
+ --addr stringArray IPaddress:Port or :Port to bind server to (default [127.0.0.1:8080])
+ --allow-origin string Origin which cross-domain request (CORS) can be executed from
+ --auth-key stringArray Set key pair for v4 authorization: access_key_id,secret_access_key
+ --baseurl string Prefix for URLs - leave blank for root
+ --cert string TLS PEM key (concatenation of certificate and CA certificate)
+ --client-ca string Client certificate authority to verify clients with
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
+ --dir-perms FileMode Directory permissions (default 0777)
+ --etag-hash string Which hash to use for the ETag, or auto or blank for off (default "MD5")
+ --file-perms FileMode File permissions (default 0666)
+ --force-path-style If true use path style access if false use virtual hosted style (default true) (default true)
+ --gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
+ -h, --help help for s3
+ --key string TLS PEM Private key
+ --max-header-bytes int Maximum size of request header (default 4096)
+ --min-tls-version string Minimum TLS version that is acceptable (default "tls1.0")
+ --no-checksum Don't compare checksums on up/download
+ --no-cleanup Not to cleanup empty folder after object is deleted
+ --no-modtime Don't read/write the modification time (can speed things up)
+ --no-seek Don't allow seeking in files
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
+ --server-read-timeout Duration Timeout for server reading data (default 1h0m0s)
+ --server-write-timeout Duration Timeout for server writing data (default 1h0m0s)
+ --uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
+ --umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
+ --vfs-cache-max-age Duration Max time since last access of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+ --vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
+ --vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
+ --vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
+ --vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
+ --vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-refresh Refreshes the directory cache recursively on start
+ --vfs-used-is-size rclone size Use the rclone size algorithm for Used size
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+See the global flags page for global options not listed here.
+SEE ALSO
+
+- rclone serve - Serve a remote over a protocol.
+
+rclone serve sftp
+Serve the remote over SFTP.
+Synopsis
+Run an SFTP server to serve a remote over SFTP. This can be used with an SFTP client or you can make a remote of type sftp to use with it.
+You can use the filter flags (e.g. --include
, --exclude
) to control what is served.
+The server will respond to a small number of shell commands, mainly md5sum, sha1sum and df, which enable it to provide support for checksums and the about feature when accessed from an sftp remote.
+Note that this server uses standard 32 KiB packet payload size, which means you must not configure the client to expect anything else, e.g. with the chunk_size option on an sftp remote.
+The server will log errors. Use -v
to see access logs.
+--bwlimit
will be respected for file transfers. Use --stats
to control the stats printing.
+You must provide some means of authentication, either with --user
/--pass
, an authorized keys file (specify location with --authorized-keys
- the default is the same as ssh), an --auth-proxy
, or set the --no-auth
flag for no authentication when logging in.
+If you don't supply a host --key
then rclone will generate rsa, ecdsa and ed25519 variants, and cache them for later use in rclone's cache directory (see rclone help flags cache-dir
) in the "serve-sftp" directory.
+By default the server binds to localhost:2022 - if you want it to be reachable externally then supply --addr :2022
for example.
+Note that the default of --vfs-cache-mode off
is fine for the rclone sftp backend, but it may not be with other SFTP clients.
+If --stdio
is specified, rclone will serve SFTP over stdio, which can be used with sshd via ~/.ssh/authorized_keys, for example:
+restrict,command="rclone serve sftp --stdio ./photos" ssh-rsa ...
+On the client you need to set --transfers 1
when using --stdio
. Otherwise multiple instances of the rclone server are started by OpenSSH which can lead to "corrupted on transfer" errors. This is the case because the client chooses indiscriminately which server to send commands to while the servers all have different views of the state of the filing system.
+The "restrict" in authorized_keys prevents SHA1SUMs and MD5SUMs from being used. Omitting "restrict" and using --sftp-path-override
to enable checksumming is possible but less secure and you could use the SFTP server provided by OpenSSH in this case.
+VFS - Virtual File System
+This command uses the VFS layer. This adapts the cloud storage objects that rclone uses into something which looks much more like a disk filing system.
+Cloud storage objects have lots of properties which aren't like disk files - you can't extend them or write to the middle of them, so the VFS layer has to deal with that. Because there is no one right way of doing this there are various options explained below.
+The VFS layer also implements a directory cache - this caches info about files and directories (but not the data) in memory.
+VFS Directory Cache
+Using the --dir-cache-time
flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the VFS will appear immediately or invalidate the cache.
+--dir-cache-time duration Time to cache directory entries for (default 5m0s)
+--poll-interval duration Time to wait between polling for changes. Must be smaller than dir-cache-time. Only on supported remotes. Set to 0 to disable (default 1m0s)
+However, changes made directly on the cloud storage by the web interface or a different copy of rclone will only be picked up once the directory cache expires if the backend configured does not support polling for changes. If the backend supports polling, changes will be picked up within the polling interval.
+You can send a SIGHUP
signal to rclone for it to flush all directory caches, regardless of how old they are. Assuming only one rclone instance is running, you can reset the cache like this:
+kill -SIGHUP $(pidof rclone)
+If you configure rclone with a remote control then you can use rclone rc to flush the whole directory cache:
+rclone rc vfs/forget
+Or individual files or directories:
+rclone rc vfs/forget file=path/to/file dir=path/to/dir
+VFS File Buffering
+The --buffer-size
flag determines the amount of memory, that will be used to buffer data in advance.
+Each open file will try to keep the specified amount of data in memory at all times. The buffered data is bound to one open file and won't be shared.
+This flag is a upper limit for the used memory per open file. The buffer will only use memory for data that is downloaded but not not yet read. If the buffer is empty, only a small amount of memory will be used.
+The maximum memory used by rclone for buffering can be up to --buffer-size * open files
.
+VFS File Caching
+These flags control the VFS file caching options. File caching is necessary to make the VFS layer appear compatible with a normal file system. It can be disabled at the cost of some compatibility.
+For example you'll need to enable VFS caching if you want to read and write simultaneously to a file. See below for more details.
+Note that the VFS cache is separate from the cache backend and you may find that you need one or the other or both.
+--cache-dir string Directory rclone will use for caching.
+--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
+--vfs-cache-max-age duration Max time since last access of objects in the cache (default 1h0m0s)
+--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+--vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
+--vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+--vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
+If run with -vv
rclone will print the location of the file cache. The files are stored in the user cache file area which is OS dependent but can be controlled with --cache-dir
or setting the appropriate environment variable.
+The cache has 4 different modes selected by --vfs-cache-mode
. The higher the cache mode the more compatible rclone becomes at the cost of using disk space.
+Note that files are written back to the remote only when they are closed and if they haven't been accessed for --vfs-write-back
seconds. If rclone is quit or dies with files that haven't been uploaded, these will be uploaded next time rclone is run with the same flags.
+If using --vfs-cache-max-size
or --vfs-cache-min-free-size
note that the cache may exceed these quotas for two reasons. Firstly because it is only checked every --vfs-cache-poll-interval
. Secondly because open files cannot be evicted from the cache. When --vfs-cache-max-size
or --vfs-cache-min-free-size
is exceeded, rclone will attempt to evict the least accessed files from the cache first. rclone will start with files that haven't been accessed for the longest. This cache flushing strategy is efficient and more relevant files are likely to remain cached.
+The --vfs-cache-max-age
will evict files from the cache after the set time since last access has passed. The default value of 1 hour will start evicting files from cache that haven't been accessed for 1 hour. When a cached file is accessed the 1 hour timer is reset to 0 and will wait for 1 more hour before evicting. Specify the time with standard notation, s, m, h, d, w .
+You should not run two copies of rclone using the same VFS cache with the same or overlapping remotes if using --vfs-cache-mode > off
. This can potentially cause data corruption if you do. You can work around this by giving each rclone its own cache hierarchy with --cache-dir
. You don't need to worry about this if the remotes in use don't overlap.
+--vfs-cache-mode off
+In this mode (the default) the cache will read directly from the remote and write directly to the remote without caching anything on disk.
+This will mean some operations are not possible
+
+- Files can't be opened for both read AND write
+- Files opened for write can't be seeked
+- Existing files opened for write must have O_TRUNC set
+- Files open for read with O_TRUNC will be opened write only
+- Files open for write only will behave as if O_TRUNC was supplied
+- Open modes O_APPEND, O_TRUNC are ignored
+- If an upload fails it can't be retried
+
+--vfs-cache-mode minimal
+This is very similar to "off" except that files opened for read AND write will be buffered to disk. This means that files opened for write will be a lot more compatible, but uses the minimal disk space.
+These operations are not possible
+
+- Files opened for write only can't be seeked
+- Existing files opened for write must have O_TRUNC set
+- Files opened for write only will ignore O_APPEND, O_TRUNC
+- If an upload fails it can't be retried
+
+--vfs-cache-mode writes
+In this mode files opened for read only are still read directly from the remote, write only and read/write files are buffered to disk first.
+This mode should support all normal file system operations.
+If an upload fails it will be retried at exponentially increasing intervals up to 1 minute.
+--vfs-cache-mode full
+In this mode all reads and writes are buffered to and from disk. When data is read from the remote this is buffered to disk as well.
+In this mode the files in the cache will be sparse files and rclone will keep track of which bits of the files it has downloaded.
+So if an application only reads the starts of each file, then rclone will only buffer the start of the file. These files will appear to be their full size in the cache, but they will be sparse files with only the data that has been downloaded present in them.
+This mode should support all normal file system operations and is otherwise identical to --vfs-cache-mode
writes.
+When reading a file rclone will read --buffer-size
plus --vfs-read-ahead
bytes ahead. The --buffer-size
is buffered in memory whereas the --vfs-read-ahead
is buffered on disk.
+When using this mode it is recommended that --buffer-size
is not set too large and --vfs-read-ahead
is set large if required.
+IMPORTANT not all file systems support sparse files. In particular FAT/exFAT do not. Rclone will perform very badly if the cache directory is on a filesystem which doesn't support sparse files and it will log an ERROR message if one is detected.
+Fingerprinting
+Various parts of the VFS use fingerprinting to see if a local file copy has changed relative to a remote file. Fingerprints are made from:
+
+- size
+- modification time
+- hash
+
+where available on an object.
+On some backends some of these attributes are slow to read (they take an extra API call per object, or extra work per object).
+For example hash
is slow with the local
and sftp
backends as they have to read the entire file and hash it, and modtime
is slow with the s3
, swift
, ftp
and qinqstor
backends because they need to do an extra API call to fetch it.
+If you use the --vfs-fast-fingerprint
flag then rclone will not include the slow operations in the fingerprint. This makes the fingerprinting less accurate but much faster and will improve the opening time of cached files.
+If you are running a vfs cache over local
, s3
or swift
backends then using this flag is recommended.
+Note that if you change the value of this flag, the fingerprints of the files in the cache may be invalidated and the files will need to be downloaded again.
+VFS Chunked Reading
+When rclone reads files from a remote it reads them in chunks. This means that rather than requesting the whole file rclone reads the chunk specified. This can reduce the used download quota for some remotes by requesting only chunks from the remote that are actually read, at the cost of an increased number of requests.
+These flags control the chunking:
+--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128M)
+--vfs-read-chunk-size-limit SizeSuffix Max chunk doubling size (default off)
+Rclone will start reading a chunk of size --vfs-read-chunk-size
, and then double the size for each read. When --vfs-read-chunk-size-limit
is specified, and greater than --vfs-read-chunk-size
, the chunk size for each open file will get doubled only until the specified value is reached. If the value is "off", which is the default, the limit is disabled and the chunk size will grow indefinitely.
+With --vfs-read-chunk-size 100M
and --vfs-read-chunk-size-limit 0
the following parts will be downloaded: 0-100M, 100M-200M, 200M-300M, 300M-400M and so on. When --vfs-read-chunk-size-limit 500M
is specified, the result would be 0-100M, 100M-300M, 300M-700M, 700M-1200M, 1200M-1700M and so on.
+Setting --vfs-read-chunk-size
to 0
or "off" disables chunked reading.
+VFS Performance
+These flags may be used to enable/disable features of the VFS for performance or other reasons. See also the chunked reading feature.
+In particular S3 and Swift benefit hugely from the --no-modtime
flag (or use --use-server-modtime
for a slightly different effect) as each read of the modification time takes a transaction.
+--no-checksum Don't compare checksums on up/download.
+--no-modtime Don't read/write the modification time (can speed things up).
+--no-seek Don't allow seeking in files.
+--read-only Only allow read-only access.
+Sometimes rclone is delivered reads or writes out of order. Rather than seeking rclone will wait a short time for the in sequence read or write to come in. These flags only come into effect when not using an on disk cache file.
+--vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+--vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+When using VFS write caching (--vfs-cache-mode
with value writes or full), the global flag --transfers
can be set to adjust the number of parallel uploads of modified files from the cache (the related global flag --checkers
has no effect on the VFS).
+--transfers int Number of file transfers to run in parallel (default 4)
+VFS Case Sensitivity
+Linux file systems are case-sensitive: two files can differ only by case, and the exact case must be used when opening a file.
+File systems in modern Windows are case-insensitive but case-preserving: although existing files can be opened using any case, the exact case used to create the file is preserved and available for programs to query. It is not allowed for two files in the same directory to differ only by case.
+Usually file systems on macOS are case-insensitive. It is possible to make macOS file systems case-sensitive but that is not the default.
+The --vfs-case-insensitive
VFS flag controls how rclone handles these two cases. If its value is "false", rclone passes file names to the remote as-is. If the flag is "true" (or appears without a value on the command line), rclone may perform a "fixup" as explained below.
+The user may specify a file name to open/delete/rename/etc with a case different than what is stored on the remote. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by the underlying remote.
+Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system presented by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
+If the flag is not provided on the command line, then its default value depends on the operating system where rclone runs: "true" on Windows and macOS, "false" otherwise. If the flag is provided without a value, then it is "true".
+VFS Disk Options
+This flag allows you to manually set the statistics about the filing system. It can be useful when those statistics cannot be read correctly automatically.
+--vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
+Alternate report of used bytes
+Some backends, most notably S3, do not report the amount of bytes used. If you need this information to be available when running df
on the filesystem, then pass the flag --vfs-used-is-size
to rclone. With this flag set, instead of relying on the backend to report this information, rclone will scan the whole remote similar to rclone size
and compute the total used space itself.
+WARNING. Contrary to rclone size
, this flag ignores filters so that the result is accurate. However, this is very inefficient and may cost lots of API calls resulting in extra charges. Use it as a last resort and only with caching.
+Auth Proxy
+If you supply the parameter --auth-proxy /path/to/program
then rclone will use that program to generate backends on the fly which then are used to authenticate incoming requests. This uses a simple JSON based protocol with input on STDIN and output on STDOUT.
+PLEASE NOTE: --auth-proxy
and --authorized-keys
cannot be used together, if --auth-proxy
is set the authorized keys option will be ignored.
+There is an example program bin/test_proxy.py in the rclone source code.
+The program's job is to take a user
and pass
on the input and turn those into the config for a backend on STDOUT in JSON format. This config will have any default parameters for the backend added, but it won't use configuration from environment variables or command line options - it is the job of the proxy program to make a complete config.
+This config generated must have this extra parameter - _root
- root to use for the backend
+And it may have this parameter - _obscure
- comma separated strings for parameters to obscure
+If password authentication was used by the client, input to the proxy process (on STDIN) would look similar to this:
+{
+ "user": "me",
+ "pass": "mypassword"
+}
+If public-key authentication was used by the client, input to the proxy process (on STDIN) would look similar to this:
+{
+ "user": "me",
+ "public_key": "AAAAB3NzaC1yc2EAAAADAQABAAABAQDuwESFdAe14hVS6omeyX7edc...JQdf"
+}
+And as an example return this on STDOUT
+{
+ "type": "sftp",
+ "_root": "",
+ "_obscure": "pass",
+ "user": "me",
+ "pass": "mypassword",
+ "host": "sftp.example.com"
+}
This would mean that an SFTP backend would be created on the fly for the user
and pass
/public_key
returned in the output to the host given. Note that since _obscure
is set to pass
, rclone will obscure the pass
parameter before creating the backend (which is required for sftp backends).
The program can manipulate the supplied user
in any way, for example to make proxy to many different sftp backends, you could make the user
be user@example.com
and then set the host
to example.com
in the output and the user to user
. For security you'd probably want to restrict the host
to a limited list.
Note that an internal cache is keyed on user
so only use that for configuration, don't use pass
or public_key
. This also means that if a user's password or public-key is changed the cache will need to expire (which takes 5 mins) before it takes effect.
This can be used to build general purpose proxies to any kind of backend that rclone supports.
rclone serve sftp remote:path [flags]
-Options
+Options
--addr string IPaddress:Port or :Port to bind server to (default "localhost:2022")
--auth-proxy string A program to use to create the backend from the auth
--authorized-keys string Authorized keys file (default "~/.ssh/authorized_keys")
@@ -3624,8 +5337,9 @@ Options
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
--user string User name for authentication
- --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max time since last access of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+ --vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
--vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
@@ -3635,17 +5349,42 @@ Options
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
--vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-refresh Refreshes the directory cache recursively on start
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
--vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
--vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone serve - Serve a remote over a protocol.
rclone serve webdav
Serve remote:path over WebDAV.
-Synopsis
+Synopsis
Run a basic WebDAV server to serve a remote over HTTP via the WebDAV protocol. This can be viewed with a WebDAV client, through a web browser, or you can make a remote of type WebDAV to read and write it.
WebDAV options
--etag-hash
@@ -3656,7 +5395,7 @@ Access WebDAV on Windows
Access Office applications on WebDAV
Navigate to following registry HKEY_CURRENT_USER[14.0/15.0/16.0] Create a new DWORD BasicAuthLevel with value 2. 0 - Basic authentication disabled 1 - Basic authentication enabled for SSL connections only 2 - Basic authentication enabled for SSL and for non-SSL connections
https://learn.microsoft.com/en-us/office/troubleshoot/powerpoint/office-opens-blank-from-sharepoint
-Server options
+Server options
Use --addr
to specify which IP address and port the server should listen on, eg --addr 1.2.3.4:8000
or --addr :8080
to listen to all IPs. By default it only listens on localhost. You can use port :0 to let the OS choose an available port.
If you set --addr
to listen on a public or LAN accessible IP address then using Authentication is advised - see the next section for info.
You can use a unix socket by setting the url to unix:///path/to/socket
or just by using an absolute path name. Note that unix sockets bypass the authentication - this is expected to be done with file system permissions.
@@ -3664,7 +5403,7 @@ Server options
--server-read-timeout
and --server-write-timeout
can be used to control the timeouts on the server. Note that this is the total time for a transfer.
--max-header-bytes
controls the maximum number of bytes the server will accept in the HTTP header.
--baseurl
controls the URL prefix that rclone serves from. By default rclone will serve from the root. If you used --baseurl "/rclone"
then rclone would serve from a URL starting with "/rclone/". This is useful if you wish to proxy rclone serve. Rclone automatically inserts leading and trailing "/" on --baseurl
, so --baseurl "rclone"
, --baseurl "/rclone"
and --baseurl "/rclone/"
are all treated identically.
-TLS (SSL)
+TLS (SSL)
By default this will serve over http. If you want you can serve over https. You will need to supply the --cert
and --key
flags. If you wish to do client side certificate validation then you will need to supply --client-ca
also.
--cert
should be a either a PEM encoded certificate or a concatenation of that with the CA certificate. --key
should be the PEM encoded private key and --client-ca
should be the PEM encoded client certificate authority certificate.
--min-tls-version is minimum TLS version that is acceptable. Valid values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default "tls1.0").
@@ -3748,9 +5487,41 @@ Template
+The server also makes the following functions available so that they can be used within the template. These functions help extend the options for dynamic rendering of HTML. They can be used to render HTML based on specific conditions.
+
+
+
+
+
+
+
+Function
+Description
+
+
+
+
+afterEpoch
+Returns the time since the epoch for the given time.
+
+
+contains
+Checks whether a given substring is present or not in a given string.
+
+
+hasPrefix
+Checks whether the given string begins with the specified prefix.
+
+
+hasSuffix
+Checks whether the given string end with the specified suffix.
+
+
+
Authentication
By default this will serve files without needing a login.
You can either use an htpasswd file which can take lots of users, or set a single username and password with the --user
and --pass
flags.
+If no static users are configured by either of the above methods, and client certificates are required by the --client-ca
flag passed to the server, the client certificate common name will be considered as the username.
Use --htpasswd /path/to/htpasswd
to provide an htpasswd file. This is in standard apache format and supports MD5, SHA1 and BCrypt for basic authentication. Bcrypt is recommended.
To create an htpasswd file:
touch htpasswd
@@ -3758,12 +5529,11 @@ Authentication
htpasswd -B htpasswd anotherUser
The password file can be updated while rclone is running.
Use --realm
to set the authentication realm.
-Use --salt
to change the password hashing salt from the default.
-VFS - Virtual File System
+Use --salt
to change the password hashing salt from the default. ## VFS - Virtual File System
This command uses the VFS layer. This adapts the cloud storage objects that rclone uses into something which looks much more like a disk filing system.
Cloud storage objects have lots of properties which aren't like disk files - you can't extend them or write to the middle of them, so the VFS layer has to deal with that. Because there is no one right way of doing this there are various options explained below.
The VFS layer also implements a directory cache - this caches info about files and directories (but not the data) in memory.
-VFS Directory Cache
+VFS Directory Cache
Using the --dir-cache-time
flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the VFS will appear immediately or invalidate the cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
--poll-interval duration Time to wait between polling for changes. Must be smaller than dir-cache-time. Only on supported remotes. Set to 0 to disable (default 1m0s)
@@ -3774,27 +5544,29 @@ VFS Directory Cache
rclone rc vfs/forget
Or individual files or directories:
rclone rc vfs/forget file=path/to/file dir=path/to/dir
-VFS File Buffering
+VFS File Buffering
The --buffer-size
flag determines the amount of memory, that will be used to buffer data in advance.
Each open file will try to keep the specified amount of data in memory at all times. The buffered data is bound to one open file and won't be shared.
This flag is a upper limit for the used memory per open file. The buffer will only use memory for data that is downloaded but not not yet read. If the buffer is empty, only a small amount of memory will be used.
The maximum memory used by rclone for buffering can be up to --buffer-size * open files
.
-VFS File Caching
+VFS File Caching
These flags control the VFS file caching options. File caching is necessary to make the VFS layer appear compatible with a normal file system. It can be disabled at the cost of some compatibility.
For example you'll need to enable VFS caching if you want to read and write simultaneously to a file. See below for more details.
Note that the VFS cache is separate from the cache backend and you may find that you need one or the other or both.
---cache-dir string Directory rclone will use for caching.
---vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
---vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
---vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
---vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
---vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
+--cache-dir string Directory rclone will use for caching.
+--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
+--vfs-cache-max-age duration Max time since last access of objects in the cache (default 1h0m0s)
+--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+--vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
+--vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+--vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
If run with -vv
rclone will print the location of the file cache. The files are stored in the user cache file area which is OS dependent but can be controlled with --cache-dir
or setting the appropriate environment variable.
The cache has 4 different modes selected by --vfs-cache-mode
. The higher the cache mode the more compatible rclone becomes at the cost of using disk space.
Note that files are written back to the remote only when they are closed and if they haven't been accessed for --vfs-write-back
seconds. If rclone is quit or dies with files that haven't been uploaded, these will be uploaded next time rclone is run with the same flags.
-If using --vfs-cache-max-size
note that the cache may exceed this size for two reasons. Firstly because it is only checked every --vfs-cache-poll-interval
. Secondly because open files cannot be evicted from the cache.
+If using --vfs-cache-max-size
or --vfs-cache-min-free-size
note that the cache may exceed these quotas for two reasons. Firstly because it is only checked every --vfs-cache-poll-interval
. Secondly because open files cannot be evicted from the cache. When --vfs-cache-max-size
or --vfs-cache-min-free-size
is exceeded, rclone will attempt to evict the least accessed files from the cache first. rclone will start with files that haven't been accessed for the longest. This cache flushing strategy is efficient and more relevant files are likely to remain cached.
+The --vfs-cache-max-age
will evict files from the cache after the set time since last access has passed. The default value of 1 hour will start evicting files from cache that haven't been accessed for 1 hour. When a cached file is accessed the 1 hour timer is reset to 0 and will wait for 1 more hour before evicting. Specify the time with standard notation, s, m, h, d, w .
You should not run two copies of rclone using the same VFS cache with the same or overlapping remotes if using --vfs-cache-mode > off
. This can potentially cause data corruption if you do. You can work around this by giving each rclone its own cache hierarchy with --cache-dir
. You don't need to worry about this if the remotes in use don't overlap.
---vfs-cache-mode off
+--vfs-cache-mode off
In this mode (the default) the cache will read directly from the remote and write directly to the remote without caching anything on disk.
This will mean some operations are not possible
@@ -3806,7 +5578,7 @@ --vfs-cache-mode off
- Open modes O_APPEND, O_TRUNC are ignored
- If an upload fails it can't be retried
---vfs-cache-mode minimal
+--vfs-cache-mode minimal
This is very similar to "off" except that files opened for read AND write will be buffered to disk. This means that files opened for write will be a lot more compatible, but uses the minimal disk space.
These operations are not possible
@@ -3815,11 +5587,11 @@ --vfs-cache-mode minimal
- Files opened for write only will ignore O_APPEND, O_TRUNC
- If an upload fails it can't be retried
---vfs-cache-mode writes
+--vfs-cache-mode writes
In this mode files opened for read only are still read directly from the remote, write only and read/write files are buffered to disk first.
This mode should support all normal file system operations.
If an upload fails it will be retried at exponentially increasing intervals up to 1 minute.
---vfs-cache-mode full
+--vfs-cache-mode full
In this mode all reads and writes are buffered to and from disk. When data is read from the remote this is buffered to disk as well.
In this mode the files in the cache will be sparse files and rclone will keep track of which bits of the files it has downloaded.
So if an application only reads the starts of each file, then rclone will only buffer the start of the file. These files will appear to be their full size in the cache, but they will be sparse files with only the data that has been downloaded present in them.
@@ -3827,7 +5599,7 @@ --vfs-cache-mode full
When reading a file rclone will read --buffer-size
plus --vfs-read-ahead
bytes ahead. The --buffer-size
is buffered in memory whereas the --vfs-read-ahead
is buffered on disk.
When using this mode it is recommended that --buffer-size
is not set too large and --vfs-read-ahead
is set large if required.
IMPORTANT not all file systems support sparse files. In particular FAT/exFAT do not. Rclone will perform very badly if the cache directory is on a filesystem which doesn't support sparse files and it will log an ERROR message if one is detected.
-Fingerprinting
+Fingerprinting
Various parts of the VFS use fingerprinting to see if a local file copy has changed relative to a remote file. Fingerprints are made from:
- size
@@ -3840,7 +5612,7 @@ Fingerprinting
If you use the --vfs-fast-fingerprint
flag then rclone will not include the slow operations in the fingerprint. This makes the fingerprinting less accurate but much faster and will improve the opening time of cached files.
If you are running a vfs cache over local
, s3
or swift
backends then using this flag is recommended.
Note that if you change the value of this flag, the fingerprints of the files in the cache may be invalidated and the files will need to be downloaded again.
-VFS Chunked Reading
+VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This means that rather than requesting the whole file rclone reads the chunk specified. This can reduce the used download quota for some remotes by requesting only chunks from the remote that are actually read, at the cost of an increased number of requests.
These flags control the chunking:
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128M)
@@ -3848,7 +5620,7 @@ VFS Chunked Reading
Rclone will start reading a chunk of size --vfs-read-chunk-size
, and then double the size for each read. When --vfs-read-chunk-size-limit
is specified, and greater than --vfs-read-chunk-size
, the chunk size for each open file will get doubled only until the specified value is reached. If the value is "off", which is the default, the limit is disabled and the chunk size will grow indefinitely.
With --vfs-read-chunk-size 100M
and --vfs-read-chunk-size-limit 0
the following parts will be downloaded: 0-100M, 100M-200M, 200M-300M, 300M-400M and so on. When --vfs-read-chunk-size-limit 500M
is specified, the result would be 0-100M, 100M-300M, 300M-700M, 700M-1200M, 1200M-1700M and so on.
Setting --vfs-read-chunk-size
to 0
or "off" disables chunked reading.
-VFS Performance
+VFS Performance
These flags may be used to enable/disable features of the VFS for performance or other reasons. See also the chunked reading feature.
In particular S3 and Swift benefit hugely from the --no-modtime
flag (or use --use-server-modtime
for a slightly different effect) as each read of the modification time takes a transaction.
--no-checksum Don't compare checksums on up/download.
@@ -3860,7 +5632,7 @@ VFS Performance
--vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
When using VFS write caching (--vfs-cache-mode
with value writes or full), the global flag --transfers
can be set to adjust the number of parallel uploads of modified files from the cache (the related global flag --checkers
has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
-VFS Case Sensitivity
+VFS Case Sensitivity
Linux file systems are case-sensitive: two files can differ only by case, and the exact case must be used when opening a file.
File systems in modern Windows are case-insensitive but case-preserving: although existing files can be opened using any case, the exact case used to create the file is preserved and available for programs to query. It is not allowed for two files in the same directory to differ only by case.
Usually file systems on macOS are case-insensitive. It is possible to make macOS file systems case-sensitive but that is not the default.
@@ -3868,10 +5640,10 @@ VFS Case Sensitivity
The user may specify a file name to open/delete/rename/etc with a case different than what is stored on the remote. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by the underlying remote.
Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system presented by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
If the flag is not provided on the command line, then its default value depends on the operating system where rclone runs: "true" on Windows and macOS, "false" otherwise. If the flag is provided without a value, then it is "true".
-VFS Disk Options
+VFS Disk Options
This flag allows you to manually set the statistics about the filing system. It can be useful when those statistics cannot be read correctly automatically.
--vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
-Alternate report of used bytes
+Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used. If you need this information to be available when running df
on the filesystem, then pass the flag --vfs-used-is-size
to rclone. With this flag set, instead of relying on the backend to report this information, rclone will scan the whole remote similar to rclone size
and compute the total used space itself.
WARNING. Contrary to rclone size
, this flag ignores filters so that the result is accurate. However, this is very inefficient and may cost lots of API calls resulting in extra charges. Use it as a last resort and only with caching.
Auth Proxy
@@ -3905,8 +5677,9 @@ Auth Proxy
Note that an internal cache is keyed on user
so only use that for configuration, don't use pass
or public_key
. This also means that if a user's password or public-key is changed the cache will need to expire (which takes 5 mins) before it takes effect.
This can be used to build general purpose proxies to any kind of backend that rclone supports.
rclone serve webdav remote:path [flags]
-Options
+Options
--addr stringArray IPaddress:Port or :Port to bind server to (default [127.0.0.1:8080])
+ --allow-origin string Origin which cross-domain request (CORS) can be executed from
--auth-proxy string A program to use to create the backend from the auth
--baseurl string Prefix for URLs - leave blank for root
--cert string TLS PEM key (concatenation of certificate and CA certificate)
@@ -3936,8 +5709,9 @@ Options
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
--user string User name for authentication
- --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max time since last access of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
+ --vfs-cache-min-free-space SizeSuffix Target minimum free space on the disk containing the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
--vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
@@ -3947,17 +5721,42 @@ Options
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
--vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-refresh Refreshes the directory cache recursively on start
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
--vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
--vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone serve - Serve a remote over a protocol.
rclone settier
Changes storage class/tier of objects in remote.
-Synopsis
+Synopsis
rclone settier changes storage tier or class at remote if supported. Few cloud storage services provides different storage classes on objects, for example AWS S3 and Glacier, Azure Blob storage - Hot, Cool and Archive, Google Cloud Storage, Regional Storage, Nearline, Coldline etc.
Note that, certain tier changes make objects not available to access immediately. For example tiering to archive in azure blob storage makes objects in frozen state, user can restore by setting tier to Hot/Cool, similarly S3 to Glacier makes object inaccessible.true
You can use it to tier single object
@@ -3967,25 +5766,25 @@ Synopsis
Or just provide remote directory and all files in directory will be tiered
rclone settier tier remote:path/dir
rclone settier tier remote:path [flags]
-Options
+Options
-h, --help help for settier
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone test
Run a test command
-Synopsis
+Synopsis
Rclone test is used to run test commands.
-Select which test comand you want with the subcommand, eg
+Select which test command you want with the subcommand, eg
rclone test memory remote:
Each subcommand has its own options which you can see in their help.
NB Be careful running these commands, they may do strange things so reading their documentation first is recommended.
-Options
+Options
-h, --help help for test
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
- rclone test changenotify - Log any change notify requests for the remote passed in.
@@ -3998,35 +5797,36 @@ SEE ALSO
rclone test changenotify
Log any change notify requests for the remote passed in.
rclone test changenotify remote: [flags]
-Options
+Options
-h, --help help for changenotify
--poll-interval Duration Time to wait between polling for changes (default 10s)
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone test - Run a test command
rclone test histogram
Makes a histogram of file name characters.
-Synopsis
+Synopsis
This command outputs JSON which shows the histogram of characters used in filenames in the remote:path specified.
The data doesn't contain any identifying information but is useful for the rclone developers when developing filename compression.
rclone test histogram [remote:path] [flags]
-Options
+Options
-h, --help help for histogram
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone test - Run a test command
rclone test info
Discovers file name or other limitations for paths.
-Synopsis
+Synopsis
rclone info discovers what filenames and upload methods are possible to write to the paths passed in and how long they can be. It can take some time. It will write test files into the remote:path passed in. It outputs a bit of go code for each one.
NB this can create undeletable files and other hazards - use with care
rclone test info [remote:path]+ [flags]
-Options
+Options
--all Run all tests
+ --check-base32768 Check can store all possible base32768 characters
--check-control Check control characters
--check-length Check max filename length
--check-normalization Check UTF-8 Normalization
@@ -4035,14 +5835,14 @@ Options
--upload-wait Duration Wait after writing a file (default 0s)
--write-json string Write results to file
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone test - Run a test command
rclone test makefile
Make files with random contents of the size given
rclone test makefile <size> [<file>]+ [flags]
-Options
+Options
--ascii Fill files with random ASCII printable bytes only
--chargen Fill files with a ASCII chargen pattern
-h, --help help for makefile
@@ -4051,14 +5851,14 @@ Options
--sparse Make the files sparse (appear to be filled with ASCII 0x00)
--zero Fill files with ASCII 0x00
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone test - Run a test command
rclone test makefiles
Make a random file hierarchy in a directory
rclone test makefiles <dir> [flags]
-Options
+Options
--ascii Fill files with random ASCII printable bytes only
--chargen Fill files with a ASCII chargen pattern
--files int Number of files to create (default 1000)
@@ -4074,23 +5874,23 @@ Options
--sparse Make the files sparse (appear to be filled with ASCII 0x00)
--zero Fill files with ASCII 0x00
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone test - Run a test command
rclone test memory
Load all the objects at remote:path into memory and report memory stats.
rclone test memory remote:path [flags]
-Options
+Options
-h, --help help for memory
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone test - Run a test command
rclone touch
Create new file or change file modification time.
-Synopsis
+Synopsis
Set the modification time on file(s) as specified by remote:path to have the current time.
If remote:path does not exist then a zero sized file will be created, unless --no-create
or --recursive
is provided.
If --recursive
is used then recursively sets the modification time on all existing files that is found under the path. Filters are supported, and you can test with the --dry-run
or the --interactive
/-i
flag.
@@ -4102,20 +5902,53 @@ Synopsis
Note that value of --timestamp
is in UTC. If you want local time then add the --localtime
flag.
rclone touch remote:path [flags]
-Options
+Options
-h, --help help for touch
--localtime Use localtime for timestamp, not UTC
-C, --no-create Do not create the file if it does not exist (implied with --recursive)
-R, --recursive Recursively touch all files
-t, --timestamp string Use specified time instead of the current time of day
+Important Options
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Listing Options
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
rclone tree
List the contents of the remote in a tree like fashion.
-Synopsis
+Synopsis
rclone tree lists the contents of a remote in a similar way to the unix tree command.
For example
$ rclone tree remote:path
@@ -4132,7 +5965,7 @@ Synopsis
The tree command has many options for controlling the listing which are compatible with the tree command, for example you can include file sizes with --size
. Note that not all of them have short options as they conflict with rclone's short options.
For a more interactive navigation of the remote see the ncdu command.
rclone tree remote:path [flags]
-Options
+Options
-a, --all All files are listed (list . files too)
-d, --dirs-only List directories only
--dirsfirst List directories before files (-U disables)
@@ -4152,8 +5985,36 @@ Options
-r, --sort-reverse Reverse the order of the sort
-U, --unsorted Leave files unsorted
--version Sort files alphanumerically by version
+Filter Options
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Listing Options
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
See the global flags page for global options not listed here.
-SEE ALSO
+SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
@@ -4234,6 +6095,7 @@ Connection strings, config and lo
Valid remote names
Remote names are case sensitive, and must adhere to the following rules: - May contain number, letter, _
, -
, .
, +
, @
and space. - May not start with -
or space. - May not end with space.
Starting with rclone version 1.61, any Unicode numbers and letters are allowed, while in older versions it was limited to plain ASCII (0-9, A-Z, a-z). If you use the same rclone configuration from different shells, which may be configured with different character encoding, you must be cautious to use characters that are possible to write in all of them. This is mostly a problem on Windows, where the console traditionally uses a non-Unicode character set - defined by the so-called "code page".
+Do not use single character names on Windows as it creates ambiguity with Windows drives' names, e.g.: remote called C
is indistinguishable from C
drive. Rclone will always assume that single letter name refers to a drive.
Quoting and the shell
When you are typing commands to your computer you are using something called the command line shell. This interprets various characters in an OS specific way.
Here are some gotchas which may help users unfamiliar with the shell rules
@@ -4273,6 +6135,7 @@ Metadata support
Rclone only supports a one-time sync of metadata. This means that metadata will be synced from the source object to the destination object only when the source object has changed and needs to be re-uploaded. If the metadata subsequently changes on the source object without changing the object itself then it won't be synced to the destination object. This is in line with the way rclone syncs Content-Type
without the --metadata
flag.
Using --metadata
when syncing from local to local will preserve file attributes such as file mode, owner, extended attributes (not Windows).
Note that arbitrary metadata may be added to objects using the --metadata-set key=value
flag when the object is first uploaded. This flag can be repeated as many times as necessary.
+The --metadata-mapper flag can be used to pass the name of a program in which can transform metadata when it is being copied from source to destination.
Types of metadata
Metadata is divided into two type. System metadata and User metadata.
Metadata which the backend uses itself is called system metadata. For example on the local backend the system metadata uid
will store the user ID of the file when used on a unix based platform.
@@ -4350,26 +6213,31 @@ Standard system metadata
2006-01-02T15:04:05.999999999Z07:00
+utime
+Time of file upload: RFC 3339
+2006-01-02T15:04:05.999999999Z07:00
+
+
cache-control
Cache-Control header
no-cache
-
+
content-disposition
Content-Disposition header
inline
-
+
content-encoding
Content-Encoding header
gzip
-
+
content-language
Content-Language header
en-US
-
+
content-type
Content-Type header
text/plain
@@ -4378,7 +6246,7 @@ Standard system metadata
The metadata keys mtime
and content-type
will take precedence if supplied in the metadata over reading the Content-Type
or modification time of the source object.
Hashes are not included in system metadata as there is a well defined way of reading those already.
-Options
+Options
Rclone has a number of options to control its behaviour.
Options that take parameters can have the values passed in two ways, --option=value
or --option value
. However boolean (true/false) options behave slightly differently to the other options in that --boolean
sets the option to true
and the absence of the flag sets it to false
. It is also possible to specify --boolean=false
or --boolean=true
. Note that --boolean false
is not valid - this is parsed as --boolean
and the false
is parsed as an extra command line argument for rclone.
Time or duration options
@@ -4414,6 +6282,7 @@ --backup-dir=DIR
See --compare-dest
and --copy-dest
.
--bind string
Local address to bind to for outgoing connections. This can be an IPv4 address (1.2.3.4), an IPv6 address (1234::789A) or host name. If the host name doesn't resolve or resolves to more than one IP address it will give an error.
+You can use --bind 0.0.0.0
to force rclone to use IPv4 addresses and --bind ::0
to force rclone to use IPv6 addresses.
--bwlimit=BANDWIDTH_SPEC
This option controls the bandwidth limit. For example
--bwlimit 10M
@@ -4479,7 +6348,7 @@ -c, --checksum
Eg rclone --checksum sync s3:/bucket swift:/bucket
would run much quicker than without the --checksum
flag.
When using this flag, rclone won't update mtimes of remote files if they are incorrect as it would normally.
--color WHEN
-Specifiy when colors (and other ANSI codes) should be added to the output.
+Specify when colors (and other ANSI codes) should be added to the output.
AUTO
(default) only allows ANSI codes when the output is a terminal
NEVER
never allow ANSI codes
ALWAYS
always add ANSI codes, regardless of the output format (terminal or file)
@@ -4525,6 +6394,8 @@ --config=CONFIG_FILE
Note that passwords are in obscured form. Also, many storage systems uses token-based authentication instead of passwords, and this requires additional steps. It is easier, and safer, to use the interactive command rclone config
instead of manually editing the configuration file.
The configuration file will typically contain login information, and should therefore have restricted permissions so that only the current user can read it. Rclone tries to ensure this when it writes the file. You may also choose to encrypt the file.
When token-based authentication are used, the configuration file must be writable, because rclone needs to update the tokens inside it.
+To reduce risk of corrupting an existing configuration file, rclone will not write directly to it when saving changes. Instead it will first write to a new, temporary, file. If a configuration file already existed, it will (on Unix systems) try to mirror its permissions to the new file. Then it will rename the existing file to a temporary name as backup. Next, rclone will rename the new file to the correct name, before finally cleaning up by deleting the backup file.
+If the configuration file path used by rclone is a symbolic link, then this will be evaluated and rclone will write to the resolved path, instead of overwriting the symbolic link. Temporary files used in the process (described above) will be written to the same parent directory as that of the resolved configuration file, but if this directory is also a symbolic link it will not be resolved and the temporary files will be written to the location of the directory symbolic link.
--contimeout=TIME
Set the connection timeout. This should be in go time format which looks like 5s
for 5 seconds, 10m
for 10 minutes, or 3h30m
.
The connection timeout is the amount of time rclone will wait for a connection to go through to a remote object storage system. It is 1m
by default.
@@ -4535,13 +6406,21 @@ --copy-dest=DIR
--dedupe-mode MODE
Mode to run dedupe command in. One of interactive
, skip
, first
, newest
, oldest
, rename
. The default is interactive
.
See the dedupe command for more information as to what these options mean.
+--default-time TIME
+If a file or directory does have a modification time rclone can read then rclone will display this fixed time instead.
+The default is 2000-01-01 00:00:00 UTC
. This can be configured in any of the ways shown in the time or duration options.
+For example --default-time 2020-06-01
to set the default time to the 1st of June 2020 or --default-time 0s
to set the default time to the time rclone started up.
--disable FEATURE,FEATURE,...
This disables a comma separated list of optional features. For example to disable server-side move and server-side copy use:
--disable move,copy
The features can be put in any case.
To see a list of which features can be disabled use:
--disable help
+The features a remote has can be seen in JSON format with:
+rclone backend features remote:
See the overview features and optional features to get an idea of which feature does what.
+Note that some features can be set to true
if they are true
/false
feature flag features by prefixing them with !
. For example the CaseInsensitive
feature can be forced to false
with --disable CaseInsensitive
and forced to true
with --disable '!CaseInsensitive'
. In general it isn't a good idea doing this but it may be useful in extremis.
+(Note that !
is a shell command which you will need to escape with single quotes or a backslash on unix like platforms.)
This flag can be useful for debugging and in exceptional circumstances (e.g. Google Drive limiting the total volume of Server Side Copies to 100 GiB/day).
--disable-http2
This stops rclone from trying to use HTTP/2 if available. This can sometimes speed up transfers due to a problem in the Go standard library.
@@ -4610,6 +6489,22 @@ --immutable
With this option set, files will be created and deleted as requested, but existing files will never be updated. If an existing file does not match between the source and destination, rclone will give the error Source and destination exist but do not match: immutable file modified
.
Note that only commands which transfer files (e.g. sync
, copy
, move
) are affected by this behavior, and only modification is disallowed. Files may still be deleted explicitly (e.g. delete
, purge
) or implicitly (e.g. sync
, move
). Use copy --immutable
if it is desired to avoid deletion as well as modification.
This can be useful as an additional layer of protection for immutable or append-only data sets (notably backup archives), where modification implies corruption and should not be propagated.
+--inplace
+The --inplace
flag changes the behaviour of rclone when uploading files to some backends (backends with the PartialUploads
feature flag set) such as:
+
+- local
+- ftp
+- sftp
+
+Without --inplace
(the default) rclone will first upload to a temporary file with an extension like this, where XXXXXX
represents a random string and .partial
is --partial-suffix value (.partial
by default).
+original-file-name.XXXXXX.partial
+(rclone will make sure the final name is no longer than 100 characters by truncating the original-file-name
part if necessary).
+When the upload is complete, rclone will rename the .partial
file to the correct name, overwriting any existing file at that point. If the upload fails then the .partial
file will be deleted.
+This prevents other users of the backend from seeing partially uploaded files in their new names and prevents overwriting the old file until the new one is completely uploaded.
+If the --inplace
flag is supplied, rclone will upload directly to the final name without creating a .partial
file.
+This means that an incomplete file will be visible in the directory listings while the upload is in progress and any existing files will be overwritten as soon as the upload starts. If the transfer fails then the file will be deleted. This can cause data loss of the existing file if the transfer fails.
+Note that on the local file system if you don't use --inplace
hard links (Unix only) will be broken. And if you do use --inplace
you won't be able to update in use executables.
+Note also that versions of rclone prior to v1.63.0 behave as if the --inplace
flag is always supplied.
-i, --interactive
This flag can be used to tell rclone that you wish a manual confirmation before destructive operations.
It is recommended that you use this flag while learning rclone especially with rclone sync
.
@@ -4669,46 +6564,119 @@ --max-depth=N
You can use this command to disable recursion (with --max-depth 1
).
Note that if you use this with sync
and --delete-excluded
the files not recursed through are considered excluded and will be deleted on the destination. Test first with --dry-run
if you are not sure what will happen.
--max-duration=TIME
-Rclone will stop scheduling new transfers when it has run for the duration specified.
-Defaults to off.
-When the limit is reached any existing transfers will complete.
-Rclone won't exit with an error if the transfer limit is reached.
+Rclone will stop transferring when it has run for the duration specified. Defaults to off.
+When the limit is reached all transfers will stop immediately. Use --cutoff-mode
to modify this behaviour.
+Rclone will exit with exit code 10 if the duration limit is reached.
--max-transfer=SIZE
Rclone will stop transferring when it has reached the size specified. Defaults to off.
-When the limit is reached all transfers will stop immediately.
+When the limit is reached all transfers will stop immediately. Use --cutoff-mode
to modify this behaviour.
Rclone will exit with exit code 8 if the transfer limit is reached.
--M, --metadata
-Setting this flag enables rclone to copy the metadata from the source to the destination. For local backends this is ownership, permissions, xattr etc. See the #metadata for more info.
---metadata-set key=value
-Add metadata key
= value
when uploading. This can be repeated as many times as required. See the #metadata for more info.
--cutoff-mode=hard|soft|cautious
-This modifies the behavior of --max-transfer
Defaults to --cutoff-mode=hard
.
+This modifies the behavior of --max-transfer
and --max-duration
Defaults to --cutoff-mode=hard
.
Specifying --cutoff-mode=hard
will stop transferring immediately when Rclone reaches the limit.
Specifying --cutoff-mode=soft
will stop starting new transfers when Rclone reaches the limit.
-Specifying --cutoff-mode=cautious
will try to prevent Rclone from reaching the limit.
+Specifying --cutoff-mode=cautious
will try to prevent Rclone from reaching the limit. Only applicable for --max-transfer
+-M, --metadata
+Setting this flag enables rclone to copy the metadata from the source to the destination. For local backends this is ownership, permissions, xattr etc. See the metadata section for more info.
+--metadata-mapper SpaceSepList
+If you supply the parameter --metadata-mapper /path/to/program
then rclone will use that program to map metadata from source object to destination object.
+The argument to this flag should be a command with an optional space separated list of arguments. If one of the arguments has a space in then enclose it in "
, if you want a literal "
in an argument then enclose the argument in "
and double the "
. See CSV encoding for more info.
+--metadata-mapper "python bin/test_metadata_mapper.py"
+--metadata-mapper 'python bin/test_metadata_mapper.py "argument with a space"'
+--metadata-mapper 'python bin/test_metadata_mapper.py "argument with ""two"" quotes"'
+This uses a simple JSON based protocol with input on STDIN and output on STDOUT. This will be called for every file and directory copied and may be called concurrently.
+The program's job is to take a metadata blob on the input and turn it into a metadata blob on the output suitable for the destination backend.
+Input to the program (via STDIN) might look like this. This provides some context for the Metadata
which may be important.
+
+SrcFs
is the config string for the remote that the object is currently on.
+SrcFsType
is the name of the source backend.
+DstFs
is the config string for the remote that the object is being copied to
+DstFsType
is the name of the destination backend.
+Remote
is the path of the file relative to the root.
+Size
, MimeType
, ModTime
are attributes of the file.
+IsDir
is true
if this is a directory (not yet implemented).
+ID
is the source ID
of the file if known.
+Metadata
is the backend specific metadata as described in the backend docs.
+
+{
+"SrcFs": "gdrive:",
+ "SrcFsType": "drive",
+ "DstFs": "newdrive:user",
+ "DstFsType": "onedrive",
+ "Remote": "test.txt",
+ "Size": 6,
+ "MimeType": "text/plain; charset=utf-8",
+ "ModTime": "2022-10-11T17:53:10.286745272+01:00",
+ "IsDir": false,
+ "ID": "xyz",
+ "Metadata": {
+ "btime": "2022-10-11T16:53:11Z",
+ "content-type": "text/plain; charset=utf-8",
+ "mtime": "2022-10-11T17:53:10.286745272+01:00",
+ "owner": "user1@domain1.com",
+ "permissions": "...",
+ "description": "my nice file",
+ "starred": "false"
+ }
+ }
+The program should then modify the input as desired and send it to STDOUT. The returned Metadata
field will be used in its entirety for the destination object. Any other fields will be ignored. Note in this example we translate user names and permissions and add something to the description:
+{
+"Metadata": {
+ "btime": "2022-10-11T16:53:11Z",
+ "content-type": "text/plain; charset=utf-8",
+ "mtime": "2022-10-11T17:53:10.286745272+01:00",
+ "owner": "user1@domain2.com",
+ "permissions": "...",
+ "description": "my nice file [migrated from domain1]",
+ "starred": "false"
+ }
+ }
+Metadata can be removed here too.
+An example python program might look something like this to implement the above transformations.
+import sys, json
+
+= json.load(sys.stdin)
+ i = i["Metadata"]
+ metadata # Add tag to description
+if "description" in metadata:
+"description"] += " [migrated from domain1]"
+ metadata[else:
+"description"] = "[migrated from domain1]"
+ metadata[# Modify owner
+if "owner" in metadata:
+"owner"] = metadata["owner"].replace("domain1.com", "domain2.com")
+ metadata[= { "Metadata": metadata }
+ o ="\t") json.dump(o, sys.stdout, indent
+You can find this example (slightly expanded) in the rclone source code at bin/test_metadata_mapper.py.
+If you want to see the input to the metadata mapper and the output returned from it in the log you can use -vv --dump mapper
.
+See the metadata section for more info.
+--metadata-set key=value
+Add metadata key
= value
when uploading. This can be repeated as many times as required. See the metadata section for more info.
--modify-window=TIME
When checking whether a file has been modified, this is the maximum allowed time difference that a file can have and still be considered equivalent.
The default is 1ns
unless this is overridden by a remote. For example OS X only stores modification times to the nearest second so if you are reading and writing to an OS X filing system this will be 1s
by default.
This command line flag allows you to override that computed default.
---multi-thread-cutoff=SIZE
-When downloading files to the local backend above this size, rclone will use multiple threads to download the file (default 250M).
-Rclone preallocates the file (using fallocate(FALLOC_FL_KEEP_SIZE)
on unix or NTSetInformationFile
on Windows both of which takes no time) then each thread writes directly into the file at the correct place. This means that rclone won't create fragmented or sparse files and there won't be any assembly time at the end of the transfer.
-The number of threads used to download is controlled by --multi-thread-streams
.
+--multi-thread-write-buffer-size=SIZE
+When transferring with multiple threads, rclone will buffer SIZE bytes in memory before writing to disk for each thread.
+This can improve performance if the underlying filesystem does not deal well with a lot of small writes in different positions of the file, so if you see transfers being limited by disk write speed, you might want to experiment with different values. Specially for magnetic drives and remote file systems a higher value can be useful.
+Nevertheless, the default of 128k
should be fine for almost all use cases, so before changing it ensure that network is not really your bottleneck.
+As a final hint, size is not the only factor: block size (or similar concept) can have an impact. In one case, we observed that exact multiples of 16k performed much better than other values.
+--multi-thread-chunk-size=SizeSuffix
+Normally the chunk size for multi thread transfers is set by the backend. However some backends such as local
and smb
(which implement OpenWriterAt
but not OpenChunkWriter
) don't have a natural chunk size.
+In this case the value of this option is used (default 64Mi).
+--multi-thread-cutoff=SIZE
+When transferring files above SIZE to capable backends, rclone will use multiple threads to transfer the file (default 256M).
+Capable backends are marked in the overview as MultithreadUpload
. (They need to implement either the OpenWriterAt
or OpenChunkedWriter
internal interfaces). These include include, local
, s3
, azureblob
, b2
, oracleobjectstorage
and smb
at the time of writing.
+On the local disk, rclone preallocates the file (using fallocate(FALLOC_FL_KEEP_SIZE)
on unix or NTSetInformationFile
on Windows both of which takes no time) then each thread writes directly into the file at the correct place. This means that rclone won't create fragmented or sparse files and there won't be any assembly time at the end of the transfer.
+The number of threads used to transfer is controlled by --multi-thread-streams
.
Use -vv
if you wish to see info about the threads.
-This will work with the sync
/copy
/move
commands and friends copyto
/moveto
. Multi thread downloads will be used with rclone mount
and rclone serve
if --vfs-cache-mode
is set to writes
or above.
-NB that this only works for a local destination but will work with any source.
-NB that multi thread copies are disabled for local to local copies as they are faster without unless --multi-thread-streams
is set explicitly.
-NB on Windows using multi-thread downloads will cause the resulting files to be sparse. Use --local-no-sparse
to disable sparse files (which may cause long delays at the start of downloads) or disable multi-thread downloads with --multi-thread-streams 0
+This will work with the sync
/copy
/move
commands and friends copyto
/moveto
. Multi thread transfers will be used with rclone mount
and rclone serve
if --vfs-cache-mode
is set to writes
or above.
+NB that this only works with supported backends as the destination but will work with any backend as the source.
+NB that multi-thread copies are disabled for local to local copies as they are faster without unless --multi-thread-streams
is set explicitly.
+NB on Windows using multi-thread transfers to the local disk will cause the resulting files to be sparse. Use --local-no-sparse
to disable sparse files (which may cause long delays at the start of transfers) or disable multi-thread transfers with --multi-thread-streams 0
--multi-thread-streams=N
-When using multi thread downloads (see above --multi-thread-cutoff
) this sets the maximum number of streams to use. Set to 0
to disable multi thread downloads (Default 4).
-Exactly how many streams rclone uses for the download depends on the size of the file. To calculate the number of download streams Rclone divides the size of the file by the --multi-thread-cutoff
and rounds up, up to the maximum set with --multi-thread-streams
.
-So if --multi-thread-cutoff 250M
and --multi-thread-streams 4
are in effect (the defaults):
-
-- 0..250 MiB files will be downloaded with 1 stream
-- 250..500 MiB files will be downloaded with 2 streams
-- 500..750 MiB files will be downloaded with 3 streams
-- 750+ MiB files will be downloaded with 4 streams
-
+When using multi thread transfers (see above --multi-thread-cutoff
) this sets the number of streams to use. Set to 0
to disable multi thread transfers (Default 4).
+If the backend has a --backend-upload-concurrency
setting (eg --s3-upload-concurrency
) then this setting will be used as the number of transfers instead if it is larger than the value of --multi-thread-streams
or --multi-thread-streams
isn't set.
--no-check-dest
The --no-check-dest
can be used with move
or copy
and it causes rclone not to check the destination at all when copying files.
This means that:
@@ -4758,7 +6726,7 @@ --order-by string
--order-by name
- send the files with alphabetically by path first
If the --order-by
flag is not supplied or it is supplied with an empty string then the default ordering will be used which is as scanned. With --checkers 1
this is mostly alphabetical, however with the default --checkers 8
it is somewhat random.
-Limitations
+Limitations
The --order-by
flag does not do a separate pass over the data. This means that it may transfer some files out of the order specified if
- there are no files in the backlog or the source has not been fully scanned yet
@@ -4766,13 +6734,17 @@ Limitations
Rclone will do its best to transfer the best file it has so in practice this should not cause a problem. Think of --order-by
as being more of a best efforts flag rather than a perfect ordering.
If you want perfect ordering then you will need to specify --check-first which will find all the files which need transferring first before transferring any.
+--partial-suffix
+When --inplace is not used, it causes rclone to use the --partial-suffix
as suffix for temporary files.
+Suffix length limit is 16 characters.
+The default is .partial
.
--password-command SpaceSepList
This flag supplies a program which should supply the config password when run. This is an alternative to rclone prompting for the password or setting the RCLONE_CONFIG_PASS
variable.
The argument to this should be a command with a space separated list of arguments. If one of the arguments has a space in then enclose it in "
, if you want a literal "
in an argument then enclose the argument in "
and double the "
. See CSV encoding for more info.
Eg
---password-command echo hello
---password-command echo "hello with space"
---password-command echo "hello with ""quotes"" and space"
+--password-command "echo hello"
+--password-command 'echo "hello with space"'
+--password-command 'echo "hello with ""quotes"" and space"'
See the Configuration Encryption for more info.
See a Windows PowerShell example on the Wiki.
-P, --progress
@@ -4843,6 +6815,7 @@ --suffix=SUFFIX
--suffix-keep-extension
When using --suffix
, setting this causes rclone put the SUFFIX before the extension of the files that it backs up rather than after.
So let's say we had --suffix -2019-01-01
, without the flag file.txt
would be backed up to file.txt-2019-01-01
and with the flag it would be backed up to file-2019-01-01.txt
. This can be helpful to make sure the suffixed files can still be opened.
+If a file has two (or more) extensions and the second (or subsequent) extension is recognised as a valid mime type, then the suffix will go before that extension. So file.tar.gz
would be backed up to file-2019-01-01.tar.gz
whereas file.badextension.gz
would be backed up to file.badextension-2019-01-01.gz
.
--syslog
On capable OSes (not Windows or Plan9) send all log output to syslog.
This can be useful for running rclone in a script or rclone mount
.
@@ -4894,18 +6867,12 @@ --delete-(before,during,after)
Specifying --delete-during
will delete files while checking and uploading files. This is the fastest option and uses the least memory.
Specifying --delete-after
(the default value) will delay deletion of files until all new/updated files have been successfully transferred. The files to be deleted are collected in the copy pass then deleted after the copy pass has completed successfully. The files to be deleted are held in memory so this mode may use more memory. This is the safest mode as it will only delete files if there have been no errors subsequent to that. If there have been errors before the deletions start then you will get the message not deleting files as there were IO errors
.
--fast-list
-When doing anything which involves a directory listing (e.g. sync
, copy
, ls
- in fact nearly every command), rclone normally lists a directory and processes it before using more directory lists to process any subdirectories. This can be parallelised and works very quickly using the least amount of memory.
-However, some remotes have a way of listing all files beneath a directory in one (or a small number) of transactions. These tend to be the bucket-based remotes (e.g. S3, B2, GCS, Swift).
-If you use the --fast-list
flag then rclone will use this method for listing directories. This will have the following consequences for the listing:
-
-- It will use fewer transactions (important if you pay for them)
-- It will use more memory. Rclone has to load the whole listing into memory.
-- It may be faster because it uses fewer transactions
-- It may be slower because it can't be parallelized
-
-rclone should always give identical results with and without --fast-list
.
-If you pay for transactions and can fit your entire sync listing into memory then --fast-list
is recommended. If you have a very big sync to do then don't use --fast-list
otherwise you will run out of memory.
-If you use --fast-list
on a remote which doesn't support it, then rclone will just ignore it.
+When doing anything which involves a directory listing (e.g. sync
, copy
, ls
- in fact nearly every command), rclone has different strategies to choose from.
+The basic strategy is to list one directory and processes it before using more directory lists to process any subdirectories. This is a mandatory backend feature, called List
, which means it is supported by all backends. This strategy uses small amount of memory, and because it can be parallelised it is fast for operations involving processing of the list results.
+Some backends provide the support for an alternative strategy, where all files beneath a directory can be listed in one (or a small number) of transactions. Rclone supports this alternative strategy through an optional backend feature called ListR
. You can see in the storage system overview documentation's optional features section which backends it is enabled for (these tend to be the bucket-based ones, e.g. S3, B2, GCS, Swift). This strategy requires fewer transactions for highly recursive operations, which is important on backends where this is charged or heavily rate limited. It may be faster (due to fewer transactions) or slower (because it can't be parallelized) depending on different parameters, and may require more memory if rclone has to keep the whole listing in memory.
+Which listing strategy rclone picks for a given operation is complicated, but in general it tries to choose the best possible. It will prefer ListR
in situations where it doesn't need to store the listed files in memory, e.g. for unlimited recursive ls
command variants. In other situations it will prefer List
, e.g. for sync
and copy
, where it needs to keep the listed files in memory, and is performing operations on them where parallelization may be a huge advantage.
+Rclone is not able to take all relevant parameters into account for deciding the best strategy, and therefore allows you to influence the choice in two ways: You can stop rclone from using ListR
by disabling the feature, using the --disable option (--disable ListR
), or you can allow rclone to use ListR
where it would normally choose not to do so due to higher memory usage, using the --fast-list
option. Rclone should always produce identical results either way. Using --disable ListR
or --fast-list
on a remote which doesn't support ListR
does nothing, rclone will just ignore it.
+A rule of thumb is that if you pay for transactions and can fit your entire sync listing into memory, then --fast-list
is recommended. If you have a very big sync to do, then don't use --fast-list
, otherwise you will run out of memory. Run some tests and compare before you decide, and if in doubt then just leave the default, let rclone decide, i.e. not use --fast-list
.
--timeout=TIME
This sets the IO idle timeout. If a transfer has started but then becomes idle for this long it is considered broken and disconnected.
The default is 5m
. Set to 0
to disable.
@@ -5022,6 +6989,8 @@ --dump goroutines
This dumps a list of the running go-routines at the end of the command to standard output.
--dump openfiles
This dumps a list of the open files at the end of the command. It uses the lsof
command to do that so you'll need that installed to use it.
+--dump mapper
+This shows the JSON blobs being sent to the program supplied with --metadata-mapper
and received from it. It can be useful for debugging the metadata mapper interface.
--memprofile=FILE
Write memory profile to file. This can be analysed with go tool pprof
.
Filtering
@@ -5084,10 +7053,11 @@ List of exit codes
7
- Fatal error (one that more retries won't fix, like account suspended) (Fatal errors)
8
- Transfer exceeded - limit set by --max-transfer reached
9
- Operation successful, but no files transferred
+10
- Duration exceeded - limit set by --max-duration reached
Environment Variables
Rclone can be configured entirely using environment variables. These can be used to set defaults for options or config file entries.
-Options
+Options
Every option in rclone can have its default set by environment variable.
To find the name of the environment variable, first, take the long option name, strip the leading --
, change -
to _
, make upper case and prepend RCLONE_
.
For example, to always set --stats 5s
, set the environment variable RCLONE_STATS=5s
. If you set stats on the command line this will override the environment variable setting.
@@ -5097,7 +7067,7 @@ Options
The options set by environment variables can be seen with the -vv
flag, e.g. rclone version -vv
.
Config file
You can set defaults for values in the config file on an individual remote basis. The names of the config items are documented in the page for each backend.
-To find the name of the environment variable, you need to set, take RCLONE_CONFIG_
+ name of remote + _
+ name of config file option and make it all uppercase.
+To find the name of the environment variable, you need to set, take RCLONE_CONFIG_
+ name of remote + _
+ name of config file option and make it all uppercase. Note one implication here is the remote's name must be convertible into a valid environment variable name, so it can only contain letters, digits, or the _
(underscore) character.
For example, to configure an S3 remote named mys3:
without a config file (using unix ways of setting environment variables):
$ export RCLONE_CONFIG_MYS3_TYPE=s3
$ export RCLONE_CONFIG_MYS3_ACCESS_KEY_ID=XXX
@@ -5224,7 +7194,7 @@ Filtering, includes and excludes
To test filters without risk of damage to data, apply them to rclone ls
, or with the --dry-run
and -vv
flags.
Rclone filter patterns can only be used in filter command line options, not in the specification of a remote.
E.g. rclone copy "remote:dir*.jpg" /path/to/dir
does not have a filter effect. rclone copy remote:dir /path/to/dir --include "*.jpg"
does.
-Important Avoid mixing any two of --include...
, --exclude...
or --filter...
flags in an rclone command. The results may not be what you expect. Instead use a --filter...
flag.
+Important Avoid mixing any two of --include...
, --exclude...
or --filter...
flags in an rclone command. The results might not be what you expect. Instead use a --filter...
flag.
Patterns for matching path/file names
Pattern syntax
Here is a formal definition of the pattern syntax, examples are below.
@@ -5261,7 +7231,7 @@ Pattern syntax
/file.jpg - matches "file.jpg" in the root directory of the remote
- doesn't match "afile.jpg"
- doesn't match "directory/file.jpg"
-The top level of the remote may not be the top level of the drive.
+The top level of the remote might not be the top level of the drive.
E.g. for a Microsoft Windows local directory structure
F:
├── bkp
@@ -5296,7 +7266,7 @@ Using regular expressions in filter patterns
Not
{{start.*end\.jpg}}
Which will match a directory called start
with a file called end.jpg
in it as the .*
will match /
characters.
-Note that you can use -vv --dump filters
to show the filter patterns in regexp format - rclone implements the glob patters by transforming them into regular expressions.
+Note that you can use -vv --dump filters
to show the filter patterns in regexp format - rclone implements the glob patterns by transforming them into regular expressions.
Filter pattern examples
@@ -5490,7 +7460,7 @@ --exclude
- Exclu
--exclude
has no effect when combined with --files-from
or --files-from-raw
flags.
E.g. rclone ls remote: --exclude *.bak
excludes all .bak files from listing.
E.g. rclone size remote: "--exclude /dir/**"
returns the total size of all files on remote:
excluding those in root directory dir
and sub directories.
-E.g. on Microsoft Windows rclone ls remote: --exclude "*\[{JP,KR,HK}\]*"
lists the files in remote:
with [JP]
or [KR]
or [HK]
in their name. Quotes prevent the shell from interpreting the \
characters.\
characters escape the [
and ]
so an rclone filter treats them literally rather than as a character-range. The {
and }
define an rclone pattern list. For other operating systems single quotes are required ie rclone ls remote: --exclude '*\[{JP,KR,HK}\]*'
+E.g. on Microsoft Windows rclone ls remote: --exclude "*\[{JP,KR,HK}\]*"
lists the files in remote:
without [JP]
or [KR]
or [HK]
in their name. Quotes prevent the shell from interpreting the \
characters.\
characters escape the [
and ]
so an rclone filter treats them literally rather than as a character-range. The {
and }
define an rclone pattern list. For other operating systems single quotes are required ie rclone ls remote: --exclude '*\[{JP,KR,HK}\]*'
--exclude-from
- Read exclude patterns from file
Excludes path/file names from an rclone command based on rules in a named file. The file contains a list of remarks and pattern rules.
For an example exclude-file.txt
:
@@ -5901,7 +7871,7 @@ Setting config flags with _config
For example, if you wished to run a sync with the --checksum
parameter, you would pass this parameter in your JSON blob.
"_config":{"CheckSum": true}
If using rclone rc
this could be passed as
-rclone rc operations/sync ... _config='{"CheckSum": true}'
+rclone rc sync/sync ... _config='{"CheckSum": true}'
Any config parameters you don't set will inherit the global defaults which were set with command line flags or environment variables.
Note that it is possible to set some values as strings or integers - see data types for more info. Here is an example setting the equivalent of --buffer-size
in string or integer format.
"_config":{"BufferSize": "42M"}
@@ -6052,7 +8022,7 @@ config/get: Get a remote in the config file.
See the config dump command for more information on the above.
Authentication is required for this call.
-config/listremotes: Lists the remotes in the config file.
+config/listremotes: Lists the remotes in the config file and defined in environment variables.
Returns - remotes - array of remote names
See the listremotes command for more information on the above.
Authentication is required for this call.
@@ -6164,6 +8134,21 @@ core/command: Run a rclone terminal command over rc.
}
Authentication is required for this call.
+core/du: Returns disk usage of a locally attached disk.
+This returns the disk usage for the local directory passed in as dir.
+If the directory is not passed in, it defaults to the directory pointed to by --cache-dir.
+
+- dir - string (optional)
+
+Returns:
+{
+ "dir": "/",
+ "info": {
+ "Available": 361769115648,
+ "Free": 361785892864,
+ "Total": 982141468672
+ }
+}
core/gc: Runs a garbage collection.
This tells the go runtime to do a garbage collection run. It isn't necessary to call this normally, but it can be useful for debugging memory problems.
core/group-list: Returns list of stats.
@@ -6215,6 +8200,10 @@ core/stats: Returns stats about current transfers.
"lastError": last error string,
"renames" : number of files renamed,
"retryError": boolean showing whether there has been at least one non-NoRetryError,
+ "serverSideCopies": number of server side copies done,
+ "serverSideCopyBytes": number bytes server side copied,
+ "serverSideMoves": number of server side moves done,
+ "serverSideMoveBytes": number bytes server side moved,
"speed": average speed in bytes per second since start of the group,
"totalBytes": total number of bytes in the group,
"totalChecks": total number of checks in the group,
@@ -6340,7 +8329,8 @@ job/list: Lists the IDs of the running jobs
Parameters: None.
Results:
-- jobids - array of integer job ids.
+- executeId - string id of rclone executing (change after restart)
+- jobids - array of integer job ids (starting at 1 on each restart)
job/status: Reads the status of the job ID
Parameters:
@@ -6430,6 +8420,40 @@ operations/about: Return the space used on the remote<
The result is as returned from rclone about --json
See the about command for more information on the above.
Authentication is required for this call.
+operations/check: check the source and destination are the same
+Checks the files in the source and destination match. It compares sizes and hashes and logs a report of files that don't match. It doesn't alter the source or destination.
+This takes the following parameters:
+
+- srcFs - a remote name string e.g. "drive:" for the source, "/" for local filesystem
+- dstFs - a remote name string e.g. "drive2:" for the destination, "/" for local filesystem
+- download - check by downloading rather than with hash
+- checkFileHash - treat checkFileFs:checkFileRemote as a SUM file with hashes of given type
+- checkFileFs - treat checkFileFs:checkFileRemote as a SUM file with hashes of given type
+- checkFileRemote - treat checkFileFs:checkFileRemote as a SUM file with hashes of given type
+- oneWay - check one way only, source files must exist on remote
+- combined - make a combined report of changes (default false)
+- missingOnSrc - report all files missing from the source (default true)
+- missingOnDst - report all files missing from the destination (default true)
+- match - report all matching files (default false)
+- differ - report all non-matching files (default true)
+- error - report all files with errors (hashing or reading) (default true)
+
+If you supply the download flag, it will download the data from both remotes and check them against each other on the fly. This can be useful for remotes that don't support hashes or if you really want to check all the data.
+If you supply the size-only global flag, it will only compare the sizes not the hashes as well. Use this for a quick check.
+If you supply the checkFileHash option with a valid hash name, the checkFileFs:checkFileRemote must point to a text file in the SUM format. This treats the checksum file as the source and dstFs as the destination. Note that srcFs is not used and should not be supplied in this case.
+Returns:
+
+- success - true if no error, false otherwise
+- status - textual summary of check, OK or text string
+- hashType - hash used in check, may be missing
+- combined - array of strings of combined report of changes
+- missingOnSrc - array of strings of all files missing from the source
+- missingOnDst - array of strings of all files missing from the destination
+- match - array of strings of all matching files
+- differ - array of strings of all non-matching files
+- error - array of strings of all files with errors (hashing or reading)
+
+Authentication is required for this call.
operations/cleanup: Remove trashed files in the remote or path
This takes the following parameters:
@@ -6440,9 +8464,9 @@ operations/cleanup: Remove trashed files in the remo
operations/copyfile: Copy a file from source remote to destination remote
This takes the following parameters:
-- srcFs - a remote name string e.g. "drive:" for the source
+- srcFs - a remote name string e.g. "drive:" for the source, "/" for local filesystem
- srcRemote - a path within that remote e.g. "file.txt" for the source
-- dstFs - a remote name string e.g. "drive2:" for the destination
+- dstFs - a remote name string e.g. "drive2:" for the destination, "/" for local filesystem
- dstRemote - a path within that remote e.g. "file2.txt" for the destination
Authentication is required for this call.
@@ -6617,9 +8641,9 @@ operations/mkdir: Make a destination directory or cont
operations/movefile: Move a file from source remote to destination remote
This takes the following parameters:
-- srcFs - a remote name string e.g. "drive:" for the source
+- srcFs - a remote name string e.g. "drive:" for the source, "/" for local filesystem
- srcRemote - a path within that remote e.g. "file.txt" for the source
-- dstFs - a remote name string e.g. "drive2:" for the destination
+- dstFs - a remote name string e.g. "drive2:" for the destination, "/" for local filesystem
- dstRemote - a path within that remote e.g. "file2.txt" for the destination
Authentication is required for this call.
@@ -6662,6 +8686,21 @@ operations/rmdirs: Remove all the empty directories i
See the rmdirs command for more information on the above.
Authentication is required for this call.
+operations/settier: Changes storage tier or class on all files in the path
+This takes the following parameters:
+
+- fs - a remote name string e.g. "drive:"
+
+See the settier command for more information on the above.
+Authentication is required for this call.
+operations/settierfile: Changes storage tier or class on the single file pointed to
+This takes the following parameters:
+
+- fs - a remote name string e.g. "drive:"
+- remote - a path within that remote e.g. "dir"
+
+See the settierfile command for more information on the above.
+Authentication is required for this call.
operations/size: Count the number of bytes and files in remote
This takes the following parameters:
@@ -6809,10 +8848,13 @@ sync/bisync: Perform bidirectional synchronization between
- checkAccess - abort if RCLONE_TEST files are not found on both filesystems
- checkFilename - file name for checkAccess (default: RCLONE_TEST)
- maxDelete - abort sync if percentage of deleted files is above this threshold (default: 50)
-- force - maxDelete safety check and run the sync
+- force - Bypass maxDelete safety check and run the sync
- checkSync -
true
by default, false
disables comparison of final listings, only
will skip sync, only compare listings from the last run
+- createEmptySrcDirs - Sync creation and deletion of empty directories. (Not compatible with --remove-empty-dirs)
- removeEmptyDirs - remove empty directories at the final cleanup step
- filtersFile - read filtering patterns from a file
+- ignoreListingChecksum - Do not use checksums for listings
+- resilient - Allow future runs to retry after certain less-serious errors, instead of requiring resync. Use at your own risk!
- workdir - server directory for history files (default: /home/ncw/.cache/rclone/bisync)
- noCleanup - retain working files
@@ -7140,7 +9182,7 @@ Features
Google Drive
-MD5
+MD5, SHA1, SHA256
R/W
No
Yes
@@ -7199,7 +9241,7 @@ Features
Yes
No
R
--
+RW
Koofr
@@ -7211,6 +9253,15 @@ Features
-
+Linkbox
+-
+R
+No
+No
+-
+-
+
+
Mail.ru Cloud
Mailru ⁶
R/W
@@ -7219,7 +9270,7 @@ Features
-
-
-
+
Mega
-
-
@@ -7228,7 +9279,7 @@ Features
-
-
-
+
Memory
MD5
R/W
@@ -7237,7 +9288,7 @@ Features
-
-
-
+
Microsoft Azure Blob Storage
MD5
R/W
@@ -7246,6 +9297,15 @@ Features
R/W
-
+
+Microsoft Azure Files Storage
+MD5
+R/W
+Yes
+No
+R/W
+-
+
Microsoft OneDrive
QuickXorHash ⁵
@@ -7292,6 +9352,15 @@ Features
-
+PikPak
+MD5
+R
+No
+No
+R
+-
+
+
premiumize.me
-
-
@@ -7300,7 +9369,7 @@ Features
R
-
-
+
put.io
CRC-32
R/W
@@ -7309,6 +9378,15 @@ Features
R
-
+
+Proton Drive
+SHA1
+R/W
+No
+No
+R
+-
+
QingStor
MD5
@@ -7319,6 +9397,15 @@ Features
-
+Quatrix by Maytech
+-
+R/W
+No
+No
+-
+-
+
+
Seafile
-
-
@@ -7327,7 +9414,7 @@ Features
-
-
-
+
SFTP
MD5, SHA1 ²
R/W
@@ -7336,7 +9423,7 @@ Features
-
-
-
+
Sia
-
-
@@ -7345,16 +9432,16 @@ Features
-
-
-
+
SMB
-
--
+R/W
Yes
No
-
-
-
+
SugarSync
-
-
@@ -7363,7 +9450,7 @@ Features
-
-
-
+
Storj
-
R
@@ -7372,7 +9459,7 @@ Features
-
-
-
+
Uptobox
-
-
@@ -7381,7 +9468,7 @@ Features
-
-
-
+
WebDAV
MD5, SHA1 ³
R ⁴
@@ -7390,7 +9477,7 @@ Features
-
-
-
+
Yandex Disk
MD5
R/W
@@ -7399,7 +9486,7 @@ Features
R
-
-
+
Zoho WorkDrive
-
-
@@ -7408,7 +9495,7 @@ Features
-
-
-
+
The local filesystem
All
R/W
@@ -7419,17 +9506,16 @@ Features
-Notes
¹ Dropbox supports its own custom hash. This is an SHA256 sum of all the 4 MiB block SHA256s.
² SFTP supports checksums if the same login has shell access and md5sum
or sha1sum
as well as echo
are in the remote's PATH.
-³ WebDAV supports hashes when used with Owncloud and Nextcloud only.
-⁴ WebDAV supports modtimes when used with Owncloud and Nextcloud only.
+³ WebDAV supports hashes when used with Fastmail Files, Owncloud and Nextcloud only.
+⁴ WebDAV supports modtimes when used with Fastmail Files, Owncloud and Nextcloud only.
⁵ QuickXorHash is Microsoft's own hash.
⁶ Mail.ru uses its own modified SHA1 hash
⁷ pCloud only supports SHA1 (not MD5) in its EU region
⁸ Opendrive does not support creation of duplicate files using their web client interface or other stock clients, but the underlying storage platform has been determined to allow duplicate files, and it is possible to create them with rclone
. It may be that this is a mistake or an unsupported feature.
⁹ QingStor does not support SetModTime for objects bigger than 5 GiB.
-¹⁰ FTP supports modtimes for the major FTP servers, and also others if they advertised required protocol extensions. See this for more details.
+¹⁰ FTP supports modtimes for the major FTP servers, and also others if they advertised required protocol extensions. See this for more details.
¹¹ Internet Archive requires option wait_archive
to be set to a non-zero value for full modtime support.
¹² HiDrive supports its own custom hash. It combines SHA1 sums for each 4 KiB block hierarchically to a single top-level sum.
Hash
@@ -7885,7 +9971,21 @@ Metadata
See the metadata docs for more info.
Optional Features
All rclone remotes support a base command set. Other features depend upon backend-specific capabilities.
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
Name
@@ -7896,6 +9996,7 @@ Optional Features
CleanUp
ListR
StreamUpload
+MultithreadUpload
LinkSharing
About
EmptyDir
@@ -7911,6 +10012,7 @@ Optional Features
No
No
No
+No
Yes
No
Yes
@@ -7924,6 +10026,7 @@ Optional Features
No
Yes
Yes
+No
No
No
Yes
@@ -7937,6 +10040,7 @@ Optional Features
No
No
No
+No
No
No
Yes
@@ -7950,6 +10054,7 @@ Optional Features
Yes
Yes
Yes
+Yes
Yes
No
No
@@ -7963,6 +10068,7 @@ Optional Features
Yes
Yes
Yes
+Yes
Yes
No
No
@@ -7973,9 +10079,10 @@ Optional Features
Yes
Yes
Yes
-Yes ‡‡
+Yes
No
Yes
+No
Yes
Yes
Yes
@@ -7988,7 +10095,8 @@ Optional Features
Yes
No
No
-Yes
+No
+No
No
No
Yes
@@ -8002,6 +10110,7 @@ Optional Features
No
No
Yes
+No
Yes
Yes
Yes
@@ -8015,6 +10124,7 @@ Optional Features
Yes
No
No
+No
No
No
Yes
@@ -8028,6 +10138,7 @@ Optional Features
No
No
Yes
+No
No
No
Yes
@@ -8041,6 +10152,7 @@ Optional Features
No
Yes
Yes
+No
No
No
No
@@ -8054,6 +10166,7 @@ Optional Features
Yes
Yes
Yes
+No
Yes
Yes
Yes
@@ -8067,6 +10180,7 @@ Optional Features
No
No
No
+No
No
No
No
@@ -8080,6 +10194,7 @@ Optional Features
No
No
Yes
+No
No
Yes
Yes
@@ -8093,6 +10208,7 @@ Optional Features
No
No
Yes
+No
No
No
Yes
@@ -8106,6 +10222,7 @@ Optional Features
No
No
No
+No
No
No
Yes
@@ -8119,6 +10236,7 @@ Optional Features
Yes
Yes
No
+No
Yes
Yes
No
@@ -8132,6 +10250,7 @@ Optional Features
Yes
Yes
No
+No
Yes
Yes
Yes
@@ -8145,6 +10264,7 @@ Optional Features
No
No
Yes
+No
Yes
Yes
Yes
@@ -8158,6 +10278,7 @@ Optional Features
Yes
No
No
+No
Yes
Yes
Yes
@@ -8171,6 +10292,7 @@ Optional Features
Yes
No
No
+No
Yes
Yes
Yes
@@ -8184,6 +10306,7 @@ Optional Features
No
Yes
Yes
+No
No
No
No
@@ -8197,24 +10320,40 @@ Optional Features
No
Yes
Yes
+Yes
No
No
No
+Microsoft Azure Files Storage
+No
+Yes
+Yes
+Yes
+No
+No
+Yes
+Yes
+No
+Yes
+Yes
+
+
Microsoft OneDrive
Yes
Yes
Yes
Yes
Yes
+Yes ⁵
No
-No
+No
Yes
Yes
Yes
-
+
OpenDrive
Yes
Yes
@@ -8223,24 +10362,26 @@ Optional Features
No
No
No
+No
No
No
Yes
-
+
OpenStack Swift
-Yes †
+Yes ¹
Yes
No
No
No
Yes
Yes
+No
No
Yes
No
-
+
Oracle Object Storage
No
Yes
@@ -8249,11 +10390,12 @@ Optional Features
Yes
Yes
Yes
+Yes
No
No
No
-
+
pCloud
Yes
Yes
@@ -8262,6 +10404,21 @@ Optional Features
Yes
No
No
+No
+Yes
+Yes
+Yes
+
+
+PikPak
+Yes
+Yes
+Yes
+Yes
+Yes
+No
+No
+No
Yes
Yes
Yes
@@ -8275,6 +10432,7 @@ Optional Features
No
No
No
+No
Yes
Yes
Yes
@@ -8288,11 +10446,26 @@ Optional Features
Yes
No
Yes
+No
No
Yes
Yes
+Proton Drive
+Yes
+No
+Yes
+Yes
+Yes
+No
+No
+No
+No
+Yes
+Yes
+
+
QingStor
No
Yes
@@ -8301,9 +10474,24 @@ Optional Features
Yes
Yes
No
+No
+No
+No
+No
+
+
+Quatrix by Maytech
+Yes
+Yes
+Yes
+Yes
+No
No
No
+No
No
+Yes
+Yes
Seafile
@@ -8314,6 +10502,7 @@ Optional Features
Yes
Yes
Yes
+No
Yes
Yes
Yes
@@ -8321,12 +10510,13 @@ Optional Features
SFTP
No
-No
+Yes ⁴
Yes
Yes
No
No
Yes
+No
No
Yes
Yes
@@ -8340,6 +10530,7 @@ Optional Features
No
No
Yes
+No
No
No
Yes
@@ -8353,6 +10544,7 @@ Optional Features
No
No
Yes
+Yes
No
No
Yes
@@ -8366,19 +10558,21 @@ Optional Features
No
No
Yes
+No
Yes
No
Yes
Storj
-Yes ☨
+Yes ²
Yes
Yes
No
No
Yes
Yes
+No
Yes
No
No
@@ -8392,6 +10586,7 @@ Optional Features
No
No
No
+No
No
No
No
@@ -8404,7 +10599,8 @@ Optional Features
Yes
No
No
-Yes ‡
+Yes ³
+No
No
Yes
Yes
@@ -8418,6 +10614,7 @@ Optional Features
Yes
No
Yes
+No
Yes
Yes
Yes
@@ -8431,6 +10628,7 @@ Optional Features
No
No
No
+No
No
Yes
Yes
@@ -8444,17 +10642,20 @@ Optional Features
No
No
Yes
+Yes
No
Yes
Yes
+¹ Note Swift implements this in order to delete directory markers but it doesn't actually have a quicker way of deleting files other than deleting them individually.
+² Storj implements this efficiently only for entire buckets. If purging a directory inside a bucket, files are deleted individually.
+³ StreamUpload is not supported with Nextcloud
+⁴ Use the --sftp-copy-is-hardlink
flag to enable.
+⁵ Use the --onedrive-delta
flag to enable.
Purge
This deletes a directory quicker than just deleting all the files in the directory.
-† Note Swift implements this in order to delete directory markers but they don't actually have a quicker way of deleting files other than deleting them individually.
-☨ Storj implements this efficiently only for entire buckets. If purging a directory inside a bucket, files are deleted individually.
-‡ StreamUpload is not supported with Nextcloud
Copy
Used when copying an object to and from the same remote. This known as a server-side copy so you can copy a file without downloading it and uploading it again. It is used if you use rclone copy
or rclone move
if the remote doesn't support Move
directly.
If the server doesn't support Copy
directly then for copy operations the file is downloaded then re-uploaded.
@@ -8471,6 +10672,8 @@ ListR
The remote supports a recursive list to list all the contents beneath a directory quickly. This enables the --fast-list
flag to work. See the rclone docs for more details.
StreamUpload
Some remotes allow files to be uploaded without knowing the file size in advance. This allows certain operations to work without spooling the file to local disk first, e.g. rclone rcat
.
+MultithreadUpload
+Some remotes allow transfers to the remote to be sent as chunks in parallel. If this is supported then rclone will use multi-thread copying to transfer files much faster.
LinkSharing
Sets the necessary permissions on a file or folder and prints a link that allows others to access them, even if they don't have an account on the particular cloud provider.
About
@@ -8481,719 +10684,876 @@ About
EmptyDir
The remote supports empty directories. See Limitations for details. Most Object/Bucket-based remotes do not support this.
Global Flags
-This describes the global flags available to every rclone command split into two groups, non backend and backend flags.
-Non Backend Flags
-These flags are available for every command.
- --ask-password Allow prompt for password for encrypted configuration (default true)
- --auto-confirm If enabled, do not request console confirmation
- --backup-dir string Make backups into hierarchy based in DIR
- --bind string Local address to bind to for outgoing connections, IPv4, IPv6 or name
- --buffer-size SizeSuffix In memory buffer size when reading files for each --transfer (default 16Mi)
- --bwlimit BwTimetable Bandwidth limit in KiB/s, or use suffix B|K|M|G|T|P or a full timetable
- --bwlimit-file BwTimetable Bandwidth limit per file in KiB/s, or use suffix B|K|M|G|T|P or a full timetable
- --ca-cert stringArray CA certificate used to verify servers
- --cache-dir string Directory rclone will use for caching (default "$HOME/.cache/rclone")
- --check-first Do all the checks before starting transfers
- --checkers int Number of checkers to run in parallel (default 8)
- -c, --checksum Skip based on checksum (if available) & size, not mod-time & size
- --client-cert string Client SSL certificate (PEM) for mutual TLS auth
- --client-key string Client SSL private key (PEM) for mutual TLS auth
- --color string When to show colors (and other ANSI codes) AUTO|NEVER|ALWAYS (default "AUTO")
- --compare-dest stringArray Include additional comma separated server-side paths during comparison
- --config string Config file (default "$HOME/.config/rclone/rclone.conf")
- --contimeout Duration Connect timeout (default 1m0s)
- --copy-dest stringArray Implies --compare-dest but also copies files from paths into destination
- --cpuprofile string Write cpu profile to file
- --cutoff-mode string Mode to stop transfers when reaching the max transfer limit HARD|SOFT|CAUTIOUS (default "HARD")
- --delete-after When synchronizing, delete files on destination after transferring (default)
- --delete-before When synchronizing, delete files on destination before transferring
- --delete-during When synchronizing, delete files during transfer
- --delete-excluded Delete files on dest excluded from sync
- --disable string Disable a comma separated list of features (use --disable help to see a list)
- --disable-http-keep-alives Disable HTTP keep-alives and use each connection once.
- --disable-http2 Disable HTTP/2 in the global transport
- -n, --dry-run Do a trial run with no permanent changes
- --dscp string Set DSCP value to connections, value or name, e.g. CS1, LE, DF, AF21
- --dump DumpFlags List of items to dump from: headers,bodies,requests,responses,auth,filters,goroutines,openfiles
- --dump-bodies Dump HTTP headers and bodies - may contain sensitive info
- --dump-headers Dump HTTP headers - may contain sensitive info
- --error-on-no-transfer Sets exit code 9 if no files are transferred, useful in scripts
- --exclude stringArray Exclude files matching pattern
- --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
- --exclude-if-present stringArray Exclude directories if filename is present
- --expect-continue-timeout Duration Timeout when using expect / 100-continue in HTTP (default 1s)
- --fast-list Use recursive list if available; uses more memory but fewer transactions
- --files-from stringArray Read list of source-file names from file (use - to read from stdin)
- --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
- -f, --filter stringArray Add a file filtering rule
- --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
- --fs-cache-expire-duration Duration Cache remotes for this long (0 to disable caching) (default 5m0s)
- --fs-cache-expire-interval Duration Interval to check for expired remotes (default 1m0s)
- --header stringArray Set HTTP header for all transactions
- --header-download stringArray Set HTTP header for download transactions
- --header-upload stringArray Set HTTP header for upload transactions
- --human-readable Print numbers in a human-readable format, sizes with suffix Ki|Mi|Gi|Ti|Pi
- --ignore-case Ignore case in filters (case insensitive)
- --ignore-case-sync Ignore case when synchronizing
- --ignore-checksum Skip post copy check of checksums
- --ignore-errors Delete even if there are I/O errors
- --ignore-existing Skip all files that exist on destination
- --ignore-size Ignore size when skipping use mod-time or checksum
- -I, --ignore-times Don't skip files that match size and time - transfer all files
- --immutable Do not modify files, fail if existing files have been modified
- --include stringArray Include files matching pattern
- --include-from stringArray Read file include patterns from file (use - to read from stdin)
- -i, --interactive Enable interactive mode
- --kv-lock-time Duration Maximum time to keep key-value database locked by process (default 1s)
- --log-file string Log everything to this file
- --log-format string Comma separated list of log format options (default "date,time")
- --log-level string Log level DEBUG|INFO|NOTICE|ERROR (default "NOTICE")
- --log-systemd Activate systemd integration for the logger
- --low-level-retries int Number of low level retries to do (default 10)
- --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
- --max-backlog int Maximum number of objects in sync or check backlog (default 10000)
- --max-delete int When synchronizing, limit the number of deletes (default -1)
- --max-delete-size SizeSuffix When synchronizing, limit the total size of deletes (default off)
- --max-depth int If set limits the recursion depth to this (default -1)
- --max-duration Duration Maximum duration rclone will transfer data for (default 0s)
- --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
- --max-stats-groups int Maximum number of stats groups to keep in memory, on max oldest is discarded (default 1000)
- --max-transfer SizeSuffix Maximum size of data to transfer (default off)
- --memprofile string Write memory profile to file
- -M, --metadata If set, preserve metadata when copying objects
- --metadata-exclude stringArray Exclude metadatas matching pattern
- --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
- --metadata-filter stringArray Add a metadata filtering rule
- --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
- --metadata-include stringArray Include metadatas matching pattern
- --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
- --metadata-set stringArray Add metadata key=value when uploading
- --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
- --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
- --modify-window Duration Max time diff to be considered the same (default 1ns)
- --multi-thread-cutoff SizeSuffix Use multi-thread downloads for files above this size (default 250Mi)
- --multi-thread-streams int Max number of streams to use for multi-thread downloads (default 4)
- --no-check-certificate Do not verify the server SSL certificate (insecure)
- --no-check-dest Don't check the destination, copy regardless
- --no-console Hide console window (supported on Windows only)
- --no-gzip-encoding Don't set Accept-Encoding: gzip
- --no-traverse Don't traverse destination file system on copy
- --no-unicode-normalization Don't normalize unicode characters in filenames
- --no-update-modtime Don't update destination mod-time if files identical
- --order-by string Instructions on how to order the transfers, e.g. 'size,descending'
- --password-command SpaceSepList Command for supplying password for encrypted configuration
- -P, --progress Show progress during transfer
- --progress-terminal-title Show progress on the terminal title (requires -P/--progress)
- -q, --quiet Print as little stuff as possible
- --rc Enable the remote control server
- --rc-addr stringArray IPaddress:Port or :Port to bind server to (default [localhost:5572])
- --rc-allow-origin string Set the allowed origin for CORS
- --rc-baseurl string Prefix for URLs - leave blank for root
- --rc-cert string TLS PEM key (concatenation of certificate and CA certificate)
- --rc-client-ca string Client certificate authority to verify clients with
- --rc-enable-metrics Enable prometheus metrics on /metrics
- --rc-files string Path to local files to serve on the HTTP server
- --rc-htpasswd string A htpasswd file - if not provided no authentication is done
- --rc-job-expire-duration Duration Expire finished async jobs older than this value (default 1m0s)
- --rc-job-expire-interval Duration Interval to check for expired async jobs (default 10s)
- --rc-key string TLS PEM Private key
- --rc-max-header-bytes int Maximum size of request header (default 4096)
- --rc-min-tls-version string Minimum TLS version that is acceptable (default "tls1.0")
- --rc-no-auth Don't require auth for certain methods
- --rc-pass string Password for authentication
- --rc-realm string Realm for authentication
- --rc-salt string Password hashing salt (default "dlPL2MqE")
- --rc-serve Enable the serving of remote objects
- --rc-server-read-timeout Duration Timeout for server reading data (default 1h0m0s)
- --rc-server-write-timeout Duration Timeout for server writing data (default 1h0m0s)
- --rc-template string User-specified template
- --rc-user string User name for authentication
- --rc-web-fetch-url string URL to fetch the releases for webgui (default "https://api.github.com/repos/rclone/rclone-webui-react/releases/latest")
- --rc-web-gui Launch WebGUI on localhost
- --rc-web-gui-force-update Force update to latest version of web gui
- --rc-web-gui-no-open-browser Don't open the browser automatically
- --rc-web-gui-update Check and update to latest version of web gui
- --refresh-times Refresh the modtime of remote files
- --retries int Retry operations this many times if they fail (default 3)
- --retries-sleep Duration Interval between retrying operations if they fail, e.g. 500ms, 60s, 5m (0 to disable) (default 0s)
- --server-side-across-configs Allow server-side operations (e.g. copy) to work across different configs
- --size-only Skip based on size only, not mod-time or checksum
- --stats Duration Interval between printing stats, e.g. 500ms, 60s, 5m (0 to disable) (default 1m0s)
- --stats-file-name-length int Max file name length in stats (0 for no limit) (default 45)
- --stats-log-level string Log level to show --stats output DEBUG|INFO|NOTICE|ERROR (default "INFO")
- --stats-one-line Make the stats fit on one line
- --stats-one-line-date Enable --stats-one-line and add current date/time prefix
- --stats-one-line-date-format string Enable --stats-one-line-date and use custom formatted date: Enclose date string in double quotes ("), see https://golang.org/pkg/time/#Time.Format
- --stats-unit string Show data rate in stats as either 'bits' or 'bytes' per second (default "bytes")
- --streaming-upload-cutoff SizeSuffix Cutoff for switching to chunked upload if file size is unknown, upload starts after reaching cutoff or when file ends (default 100Ki)
- --suffix string Suffix to add to changed files
- --suffix-keep-extension Preserve the extension when using --suffix
- --syslog Use Syslog for logging
- --syslog-facility string Facility for syslog, e.g. KERN,USER,... (default "DAEMON")
- --temp-dir string Directory rclone will use for temporary files (default "/tmp")
- --timeout Duration IO idle timeout (default 5m0s)
- --tpslimit float Limit HTTP transactions per second to this
- --tpslimit-burst int Max burst of transactions for --tpslimit (default 1)
- --track-renames When synchronizing, track file renames and do a server-side move if possible
- --track-renames-strategy string Strategies to use when synchronizing using track-renames hash|modtime|leaf (default "hash")
- --transfers int Number of file transfers to run in parallel (default 4)
- -u, --update Skip files that are newer on the destination
- --use-cookies Enable session cookiejar
- --use-json-log Use json log format
- --use-mmap Use mmap allocator (see docs)
- --use-server-modtime Use server modified time instead of object metadata
- --user-agent string Set the user-agent to a specified string (default "rclone/v1.62.0")
- -v, --verbose count Print lots more stuff (repeat for more)
-Backend Flags
-These flags are available for every command. They control the backends and may be set in the config file.
- --acd-auth-url string Auth server URL
- --acd-client-id string OAuth Client Id
- --acd-client-secret string OAuth Client Secret
- --acd-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
- --acd-templink-threshold SizeSuffix Files >= this size will be downloaded via their tempLink (default 9Gi)
- --acd-token string OAuth Access Token as a JSON blob
- --acd-token-url string Token server url
- --acd-upload-wait-per-gb Duration Additional time per GiB to wait after a failed complete upload to see if it appears (default 3m0s)
- --alias-remote string Remote or path to alias
- --azureblob-access-tier string Access tier of blob: hot, cool or archive
- --azureblob-account string Azure Storage Account Name
- --azureblob-archive-tier-delete Delete archive tier blobs before overwriting
- --azureblob-chunk-size SizeSuffix Upload chunk size (default 4Mi)
- --azureblob-client-certificate-password string Password for the certificate file (optional) (obscured)
- --azureblob-client-certificate-path string Path to a PEM or PKCS12 certificate file including the private key
- --azureblob-client-id string The ID of the client in use
- --azureblob-client-secret string One of the service principal's client secrets
- --azureblob-client-send-certificate-chain Send the certificate chain when using certificate auth
- --azureblob-disable-checksum Don't store MD5 checksum with object metadata
- --azureblob-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,RightPeriod,InvalidUtf8)
- --azureblob-endpoint string Endpoint for the service
- --azureblob-env-auth Read credentials from runtime (environment variables, CLI or MSI)
- --azureblob-key string Storage Account Shared Key
- --azureblob-list-chunk int Size of blob list (default 5000)
- --azureblob-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
- --azureblob-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
- --azureblob-msi-client-id string Object ID of the user-assigned MSI to use, if any
- --azureblob-msi-mi-res-id string Azure resource ID of the user-assigned MSI to use, if any
- --azureblob-msi-object-id string Object ID of the user-assigned MSI to use, if any
- --azureblob-no-check-container If set, don't attempt to check the container exists or create it
- --azureblob-no-head-object If set, do not do HEAD before GET when getting objects
- --azureblob-password string The user's password (obscured)
- --azureblob-public-access string Public access level of a container: blob or container
- --azureblob-sas-url string SAS URL for container level access only
- --azureblob-service-principal-file string Path to file containing credentials for use with a service principal
- --azureblob-tenant string ID of the service principal's tenant. Also called its directory ID
- --azureblob-upload-concurrency int Concurrency for multipart uploads (default 16)
- --azureblob-upload-cutoff string Cutoff for switching to chunked upload (<= 256 MiB) (deprecated)
- --azureblob-use-emulator Uses local storage emulator if provided as 'true'
- --azureblob-use-msi Use a managed service identity to authenticate (only works in Azure)
- --azureblob-username string User name (usually an email address)
- --b2-account string Account ID or Application Key ID
- --b2-chunk-size SizeSuffix Upload chunk size (default 96Mi)
- --b2-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4Gi)
- --b2-disable-checksum Disable checksums for large (> upload cutoff) files
- --b2-download-auth-duration Duration Time before the authorization token will expire in s or suffix ms|s|m|h|d (default 1w)
- --b2-download-url string Custom endpoint for downloads
- --b2-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --b2-endpoint string Endpoint for the service
- --b2-hard-delete Permanently delete files on remote removal, otherwise hide files
- --b2-key string Application Key
- --b2-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
- --b2-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
- --b2-test-mode string A flag string for X-Bz-Test-Mode header for debugging
- --b2-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
- --b2-version-at Time Show file versions as they were at the specified time (default off)
- --b2-versions Include old versions in directory listings
- --box-access-token string Box App Primary Access Token
- --box-auth-url string Auth server URL
- --box-box-config-file string Box App config.json location
- --box-box-sub-type string (default "user")
- --box-client-id string OAuth Client Id
- --box-client-secret string OAuth Client Secret
- --box-commit-retries int Max number of times to try committing a multipart file (default 100)
- --box-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,RightSpace,InvalidUtf8,Dot)
- --box-list-chunk int Size of listing chunk 1-1000 (default 1000)
- --box-owned-by string Only show items owned by the login (email address) passed in
- --box-root-folder-id string Fill in for rclone to use a non root folder as its starting point
- --box-token string OAuth Access Token as a JSON blob
- --box-token-url string Token server url
- --box-upload-cutoff SizeSuffix Cutoff for switching to multipart upload (>= 50 MiB) (default 50Mi)
- --cache-chunk-clean-interval Duration How often should the cache perform cleanups of the chunk storage (default 1m0s)
- --cache-chunk-no-memory Disable the in-memory cache for storing chunks during streaming
- --cache-chunk-path string Directory to cache chunk files (default "$HOME/.cache/rclone/cache-backend")
- --cache-chunk-size SizeSuffix The size of a chunk (partial file data) (default 5Mi)
- --cache-chunk-total-size SizeSuffix The total size that the chunks can take up on the local disk (default 10Gi)
- --cache-db-path string Directory to store file structure metadata DB (default "$HOME/.cache/rclone/cache-backend")
- --cache-db-purge Clear all the cached data for this remote on start
- --cache-db-wait-time Duration How long to wait for the DB to be available - 0 is unlimited (default 1s)
- --cache-info-age Duration How long to cache file structure information (directory listings, file size, times, etc.) (default 6h0m0s)
- --cache-plex-insecure string Skip all certificate verification when connecting to the Plex server
- --cache-plex-password string The password of the Plex user (obscured)
- --cache-plex-url string The URL of the Plex server
- --cache-plex-username string The username of the Plex user
- --cache-read-retries int How many times to retry a read from a cache storage (default 10)
- --cache-remote string Remote to cache
- --cache-rps int Limits the number of requests per second to the source FS (-1 to disable) (default -1)
- --cache-tmp-upload-path string Directory to keep temporary files until they are uploaded
- --cache-tmp-wait-time Duration How long should files be stored in local cache before being uploaded (default 15s)
- --cache-workers int How many workers should run in parallel to download chunks (default 4)
- --cache-writes Cache file data on writes through the FS
- --chunker-chunk-size SizeSuffix Files larger than chunk size will be split in chunks (default 2Gi)
- --chunker-fail-hard Choose how chunker should handle files with missing or invalid chunks
- --chunker-hash-type string Choose how chunker handles hash sums (default "md5")
- --chunker-remote string Remote to chunk/unchunk
- --combine-upstreams SpaceSepList Upstreams for combining
- --compress-level int GZIP compression level (-2 to 9) (default -1)
- --compress-mode string Compression mode (default "gzip")
- --compress-ram-cache-limit SizeSuffix Some remotes don't allow the upload of files with unknown size (default 20Mi)
- --compress-remote string Remote to compress
- -L, --copy-links Follow symlinks and copy the pointed to item
- --crypt-directory-name-encryption Option to either encrypt directory names or leave them intact (default true)
- --crypt-filename-encoding string How to encode the encrypted filename to text string (default "base32")
- --crypt-filename-encryption string How to encrypt the filenames (default "standard")
- --crypt-no-data-encryption Option to either encrypt file data or leave it unencrypted
- --crypt-password string Password or pass phrase for encryption (obscured)
- --crypt-password2 string Password or pass phrase for salt (obscured)
- --crypt-remote string Remote to encrypt/decrypt
- --crypt-server-side-across-configs Allow server-side operations (e.g. copy) to work across different crypt configs
- --crypt-show-mapping For all files listed show how the names encrypt
- --drive-acknowledge-abuse Set to allow files which return cannotDownloadAbusiveFile to be downloaded
- --drive-allow-import-name-change Allow the filetype to change when uploading Google docs
- --drive-auth-owner-only Only consider files owned by the authenticated user
- --drive-auth-url string Auth server URL
- --drive-chunk-size SizeSuffix Upload chunk size (default 8Mi)
- --drive-client-id string Google Application Client Id
- --drive-client-secret string OAuth Client Secret
- --drive-copy-shortcut-content Server side copy contents of shortcuts instead of the shortcut
- --drive-disable-http2 Disable drive using http2 (default true)
- --drive-encoding MultiEncoder The encoding for the backend (default InvalidUtf8)
- --drive-export-formats string Comma separated list of preferred formats for downloading Google docs (default "docx,xlsx,pptx,svg")
- --drive-formats string Deprecated: See export_formats
- --drive-impersonate string Impersonate this user when using a service account
- --drive-import-formats string Comma separated list of preferred formats for uploading Google docs
- --drive-keep-revision-forever Keep new head revision of each file forever
- --drive-list-chunk int Size of listing chunk 100-1000, 0 to disable (default 1000)
- --drive-pacer-burst int Number of API calls to allow without sleeping (default 100)
- --drive-pacer-min-sleep Duration Minimum time to sleep between API calls (default 100ms)
- --drive-resource-key string Resource key for accessing a link-shared file
- --drive-root-folder-id string ID of the root folder
- --drive-scope string Scope that rclone should use when requesting access from drive
- --drive-server-side-across-configs Allow server-side operations (e.g. copy) to work across different drive configs
- --drive-service-account-credentials string Service Account Credentials JSON blob
- --drive-service-account-file string Service Account Credentials JSON file path
- --drive-shared-with-me Only show files that are shared with me
- --drive-size-as-quota Show sizes as storage quota usage, not actual size
- --drive-skip-checksum-gphotos Skip MD5 checksum on Google photos and videos only
- --drive-skip-dangling-shortcuts If set skip dangling shortcut files
- --drive-skip-gdocs Skip google documents in all listings
- --drive-skip-shortcuts If set skip shortcut files
- --drive-starred-only Only show files that are starred
- --drive-stop-on-download-limit Make download limit errors be fatal
- --drive-stop-on-upload-limit Make upload limit errors be fatal
- --drive-team-drive string ID of the Shared Drive (Team Drive)
- --drive-token string OAuth Access Token as a JSON blob
- --drive-token-url string Token server url
- --drive-trashed-only Only show files that are in the trash
- --drive-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 8Mi)
- --drive-use-created-date Use file created date instead of modified date
- --drive-use-shared-date Use date file was shared instead of modified date
- --drive-use-trash Send files to the trash instead of deleting permanently (default true)
- --drive-v2-download-min-size SizeSuffix If Object's are greater, use drive v2 API to download (default off)
- --dropbox-auth-url string Auth server URL
- --dropbox-batch-commit-timeout Duration Max time to wait for a batch to finish committing (default 10m0s)
- --dropbox-batch-mode string Upload file batching sync|async|off (default "sync")
- --dropbox-batch-size int Max number of files in upload batch
- --dropbox-batch-timeout Duration Max time to allow an idle upload batch before uploading (default 0s)
- --dropbox-chunk-size SizeSuffix Upload chunk size (< 150Mi) (default 48Mi)
- --dropbox-client-id string OAuth Client Id
- --dropbox-client-secret string OAuth Client Secret
- --dropbox-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,RightSpace,InvalidUtf8,Dot)
- --dropbox-impersonate string Impersonate this user when using a business account
- --dropbox-shared-files Instructs rclone to work on individual shared files
- --dropbox-shared-folders Instructs rclone to work on shared folders
- --dropbox-token string OAuth Access Token as a JSON blob
- --dropbox-token-url string Token server url
- --fichier-api-key string Your API Key, get it from https://1fichier.com/console/params.pl
- --fichier-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,SingleQuote,BackQuote,Dollar,BackSlash,Del,Ctl,LeftSpace,RightSpace,InvalidUtf8,Dot)
- --fichier-file-password string If you want to download a shared file that is password protected, add this parameter (obscured)
- --fichier-folder-password string If you want to list the files in a shared folder that is password protected, add this parameter (obscured)
- --fichier-shared-folder string If you want to download a shared folder, add this parameter
- --filefabric-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,InvalidUtf8,Dot)
- --filefabric-permanent-token string Permanent Authentication Token
- --filefabric-root-folder-id string ID of the root folder
- --filefabric-token string Session Token
- --filefabric-token-expiry string Token expiry time
- --filefabric-url string URL of the Enterprise File Fabric to connect to
- --filefabric-version string Version read from the file fabric
- --ftp-ask-password Allow asking for FTP password when needed
- --ftp-close-timeout Duration Maximum time to wait for a response to close (default 1m0s)
- --ftp-concurrency int Maximum number of FTP simultaneous connections, 0 for unlimited
- --ftp-disable-epsv Disable using EPSV even if server advertises support
- --ftp-disable-mlsd Disable using MLSD even if server advertises support
- --ftp-disable-tls13 Disable TLS 1.3 (workaround for FTP servers with buggy TLS)
- --ftp-disable-utf8 Disable using UTF-8 even if server advertises support
- --ftp-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,RightSpace,Dot)
- --ftp-explicit-tls Use Explicit FTPS (FTP over TLS)
- --ftp-force-list-hidden Use LIST -a to force listing of hidden files and folders. This will disable the use of MLSD
- --ftp-host string FTP host to connect to
- --ftp-idle-timeout Duration Max time before closing idle connections (default 1m0s)
- --ftp-no-check-certificate Do not verify the TLS certificate of the server
- --ftp-pass string FTP password (obscured)
- --ftp-port int FTP port number (default 21)
- --ftp-shut-timeout Duration Maximum time to wait for data connection closing status (default 1m0s)
- --ftp-tls Use Implicit FTPS (FTP over TLS)
- --ftp-tls-cache-size int Size of TLS session cache for all control and data connections (default 32)
- --ftp-user string FTP username (default "$USER")
- --ftp-writing-mdtm Use MDTM to set modification time (VsFtpd quirk)
- --gcs-anonymous Access public buckets and objects without credentials
- --gcs-auth-url string Auth server URL
- --gcs-bucket-acl string Access Control List for new buckets
- --gcs-bucket-policy-only Access checks should use bucket-level IAM policies
- --gcs-client-id string OAuth Client Id
- --gcs-client-secret string OAuth Client Secret
- --gcs-decompress If set this will decompress gzip encoded objects
- --gcs-encoding MultiEncoder The encoding for the backend (default Slash,CrLf,InvalidUtf8,Dot)
- --gcs-endpoint string Endpoint for the service
- --gcs-env-auth Get GCP IAM credentials from runtime (environment variables or instance meta data if no env vars)
- --gcs-location string Location for the newly created buckets
- --gcs-no-check-bucket If set, don't attempt to check the bucket exists or create it
- --gcs-object-acl string Access Control List for new objects
- --gcs-project-number string Project number
- --gcs-service-account-file string Service Account Credentials JSON file path
- --gcs-storage-class string The storage class to use when storing objects in Google Cloud Storage
- --gcs-token string OAuth Access Token as a JSON blob
- --gcs-token-url string Token server url
- --gphotos-auth-url string Auth server URL
- --gphotos-client-id string OAuth Client Id
- --gphotos-client-secret string OAuth Client Secret
- --gphotos-encoding MultiEncoder The encoding for the backend (default Slash,CrLf,InvalidUtf8,Dot)
- --gphotos-include-archived Also view and download archived media
- --gphotos-read-only Set to make the Google Photos backend read only
- --gphotos-read-size Set to read the size of media items
- --gphotos-start-year int Year limits the photos to be downloaded to those which are uploaded after the given year (default 2000)
- --gphotos-token string OAuth Access Token as a JSON blob
- --gphotos-token-url string Token server url
- --hasher-auto-size SizeSuffix Auto-update checksum for files smaller than this size (disabled by default)
- --hasher-hashes CommaSepList Comma separated list of supported checksum types (default md5,sha1)
- --hasher-max-age Duration Maximum time to keep checksums in cache (0 = no cache, off = cache forever) (default off)
- --hasher-remote string Remote to cache checksums for (e.g. myRemote:path)
- --hdfs-data-transfer-protection string Kerberos data transfer protection: authentication|integrity|privacy
- --hdfs-encoding MultiEncoder The encoding for the backend (default Slash,Colon,Del,Ctl,InvalidUtf8,Dot)
- --hdfs-namenode string Hadoop name node and port
- --hdfs-service-principal-name string Kerberos service principal name for the namenode
- --hdfs-username string Hadoop user name
- --hidrive-auth-url string Auth server URL
- --hidrive-chunk-size SizeSuffix Chunksize for chunked uploads (default 48Mi)
- --hidrive-client-id string OAuth Client Id
- --hidrive-client-secret string OAuth Client Secret
- --hidrive-disable-fetching-member-count Do not fetch number of objects in directories unless it is absolutely necessary
- --hidrive-encoding MultiEncoder The encoding for the backend (default Slash,Dot)
- --hidrive-endpoint string Endpoint for the service (default "https://api.hidrive.strato.com/2.1")
- --hidrive-root-prefix string The root/parent folder for all paths (default "/")
- --hidrive-scope-access string Access permissions that rclone should use when requesting access from HiDrive (default "rw")
- --hidrive-scope-role string User-level that rclone should use when requesting access from HiDrive (default "user")
- --hidrive-token string OAuth Access Token as a JSON blob
- --hidrive-token-url string Token server url
- --hidrive-upload-concurrency int Concurrency for chunked uploads (default 4)
- --hidrive-upload-cutoff SizeSuffix Cutoff/Threshold for chunked uploads (default 96Mi)
- --http-headers CommaSepList Set HTTP headers for all transactions
- --http-no-head Don't use HEAD requests
- --http-no-slash Set this if the site doesn't end directories with /
- --http-url string URL of HTTP host to connect to
- --internetarchive-access-key-id string IAS3 Access Key
- --internetarchive-disable-checksum Don't ask the server to test against MD5 checksum calculated by rclone (default true)
- --internetarchive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,CrLf,Del,Ctl,InvalidUtf8,Dot)
- --internetarchive-endpoint string IAS3 Endpoint (default "https://s3.us.archive.org")
- --internetarchive-front-endpoint string Host of InternetArchive Frontend (default "https://archive.org")
- --internetarchive-secret-access-key string IAS3 Secret Key (password)
- --internetarchive-wait-archive Duration Timeout for waiting the server's processing tasks (specifically archive and book_op) to finish (default 0s)
- --jottacloud-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,Del,Ctl,InvalidUtf8,Dot)
- --jottacloud-hard-delete Delete files permanently rather than putting them into the trash
- --jottacloud-md5-memory-limit SizeSuffix Files bigger than this will be cached on disk to calculate the MD5 if required (default 10Mi)
- --jottacloud-no-versions Avoid server side versioning by deleting files and recreating files instead of overwriting them
- --jottacloud-trashed-only Only show files that are in the trash
- --jottacloud-upload-resume-limit SizeSuffix Files bigger than this can be resumed if the upload fail's (default 10Mi)
- --koofr-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --koofr-endpoint string The Koofr API endpoint to use
- --koofr-mountid string Mount ID of the mount to use
- --koofr-password string Your password for rclone (generate one at https://app.koofr.net/app/admin/preferences/password) (obscured)
- --koofr-provider string Choose your storage provider
- --koofr-setmtime Does the backend support setting modification time (default true)
- --koofr-user string Your user name
- -l, --links Translate symlinks to/from regular files with a '.rclonelink' extension
- --local-case-insensitive Force the filesystem to report itself as case insensitive
- --local-case-sensitive Force the filesystem to report itself as case sensitive
- --local-encoding MultiEncoder The encoding for the backend (default Slash,Dot)
- --local-no-check-updated Don't check to see if the files change during upload
- --local-no-preallocate Disable preallocation of disk space for transferred files
- --local-no-set-modtime Disable setting modtime
- --local-no-sparse Disable sparse files for multi-thread downloads
- --local-nounc Disable UNC (long path names) conversion on Windows
- --local-unicode-normalization Apply unicode NFC normalization to paths and filenames
- --local-zero-size-links Assume the Stat size of links is zero (and read them instead) (deprecated)
- --mailru-check-hash What should copy do if file checksum is mismatched or invalid (default true)
- --mailru-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --mailru-pass string Password (obscured)
- --mailru-speedup-enable Skip full upload if there is another file with same data hash (default true)
- --mailru-speedup-file-patterns string Comma separated list of file name patterns eligible for speedup (put by hash) (default "*.mkv,*.avi,*.mp4,*.mp3,*.zip,*.gz,*.rar,*.pdf")
- --mailru-speedup-max-disk SizeSuffix This option allows you to disable speedup (put by hash) for large files (default 3Gi)
- --mailru-speedup-max-memory SizeSuffix Files larger than the size given below will always be hashed on disk (default 32Mi)
- --mailru-user string User name (usually email)
- --mega-debug Output more debug from Mega
- --mega-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
- --mega-hard-delete Delete files permanently rather than putting them into the trash
- --mega-pass string Password (obscured)
- --mega-use-https Use HTTPS for transfers
- --mega-user string User name
- --netstorage-account string Set the NetStorage account name
- --netstorage-host string Domain+path of NetStorage host to connect to
- --netstorage-protocol string Select between HTTP or HTTPS protocol (default "https")
- --netstorage-secret string Set the NetStorage account secret/G2O key for authentication (obscured)
- -x, --one-file-system Don't cross filesystem boundaries (unix/macOS only)
- --onedrive-access-scopes SpaceSepList Set scopes to be requested by rclone (default Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All Sites.Read.All offline_access)
- --onedrive-auth-url string Auth server URL
- --onedrive-chunk-size SizeSuffix Chunk size to upload files with - must be multiple of 320k (327,680 bytes) (default 10Mi)
- --onedrive-client-id string OAuth Client Id
- --onedrive-client-secret string OAuth Client Secret
- --onedrive-drive-id string The ID of the drive to use
- --onedrive-drive-type string The type of the drive (personal | business | documentLibrary)
- --onedrive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,LeftSpace,LeftTilde,RightSpace,RightPeriod,InvalidUtf8,Dot)
- --onedrive-expose-onenote-files Set to make OneNote files show up in directory listings
- --onedrive-hash-type string Specify the hash in use for the backend (default "auto")
- --onedrive-link-password string Set the password for links created by the link command
- --onedrive-link-scope string Set the scope of the links created by the link command (default "anonymous")
- --onedrive-link-type string Set the type of the links created by the link command (default "view")
- --onedrive-list-chunk int Size of listing chunk (default 1000)
- --onedrive-no-versions Remove all versions on modifying operations
- --onedrive-region string Choose national cloud region for OneDrive (default "global")
- --onedrive-root-folder-id string ID of the root folder
- --onedrive-server-side-across-configs Allow server-side operations (e.g. copy) to work across different onedrive configs
- --onedrive-token string OAuth Access Token as a JSON blob
- --onedrive-token-url string Token server url
- --oos-chunk-size SizeSuffix Chunk size to use for uploading (default 5Mi)
- --oos-compartment string Object storage compartment OCID
- --oos-config-file string Path to OCI config file (default "~/.oci/config")
- --oos-config-profile string Profile name inside the oci config file (default "Default")
- --oos-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4.656Gi)
- --oos-copy-timeout Duration Timeout for copy (default 1m0s)
- --oos-disable-checksum Don't store MD5 checksum with object metadata
- --oos-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
- --oos-endpoint string Endpoint for Object storage API
- --oos-leave-parts-on-error If true avoid calling abort upload on a failure, leaving all successfully uploaded parts on S3 for manual recovery
- --oos-namespace string Object storage namespace
- --oos-no-check-bucket If set, don't attempt to check the bucket exists or create it
- --oos-provider string Choose your Auth Provider (default "env_auth")
- --oos-region string Object storage Region
- --oos-sse-customer-algorithm string If using SSE-C, the optional header that specifies "AES256" as the encryption algorithm
- --oos-sse-customer-key string To use SSE-C, the optional header that specifies the base64-encoded 256-bit encryption key to use to
- --oos-sse-customer-key-file string To use SSE-C, a file containing the base64-encoded string of the AES-256 encryption key associated
- --oos-sse-customer-key-sha256 string If using SSE-C, The optional header that specifies the base64-encoded SHA256 hash of the encryption
- --oos-sse-kms-key-id string if using using your own master key in vault, this header specifies the
- --oos-storage-tier string The storage class to use when storing new objects in storage. https://docs.oracle.com/en-us/iaas/Content/Object/Concepts/understandingstoragetiers.htm (default "Standard")
- --oos-upload-concurrency int Concurrency for multipart uploads (default 10)
- --oos-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
- --opendrive-chunk-size SizeSuffix Files will be uploaded in chunks this size (default 10Mi)
- --opendrive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,LeftSpace,LeftCrLfHtVt,RightSpace,RightCrLfHtVt,InvalidUtf8,Dot)
- --opendrive-password string Password (obscured)
- --opendrive-username string Username
- --pcloud-auth-url string Auth server URL
- --pcloud-client-id string OAuth Client Id
- --pcloud-client-secret string OAuth Client Secret
- --pcloud-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --pcloud-hostname string Hostname to connect to (default "api.pcloud.com")
- --pcloud-password string Your pcloud password (obscured)
- --pcloud-root-folder-id string Fill in for rclone to use a non root folder as its starting point (default "d0")
- --pcloud-token string OAuth Access Token as a JSON blob
- --pcloud-token-url string Token server url
- --pcloud-username string Your pcloud username
- --premiumizeme-encoding MultiEncoder The encoding for the backend (default Slash,DoubleQuote,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --putio-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --qingstor-access-key-id string QingStor Access Key ID
- --qingstor-chunk-size SizeSuffix Chunk size to use for uploading (default 4Mi)
- --qingstor-connection-retries int Number of connection retries (default 3)
- --qingstor-encoding MultiEncoder The encoding for the backend (default Slash,Ctl,InvalidUtf8)
- --qingstor-endpoint string Enter an endpoint URL to connection QingStor API
- --qingstor-env-auth Get QingStor credentials from runtime
- --qingstor-secret-access-key string QingStor Secret Access Key (password)
- --qingstor-upload-concurrency int Concurrency for multipart uploads (default 1)
- --qingstor-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
- --qingstor-zone string Zone to connect to
- --s3-access-key-id string AWS Access Key ID
- --s3-acl string Canned ACL used when creating buckets and storing or copying objects
- --s3-bucket-acl string Canned ACL used when creating buckets
- --s3-chunk-size SizeSuffix Chunk size to use for uploading (default 5Mi)
- --s3-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4.656Gi)
- --s3-decompress If set this will decompress gzip encoded objects
- --s3-disable-checksum Don't store MD5 checksum with object metadata
- --s3-disable-http2 Disable usage of http2 for S3 backends
- --s3-download-url string Custom endpoint for downloads
- --s3-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
- --s3-endpoint string Endpoint for S3 API
- --s3-env-auth Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars)
- --s3-force-path-style If true use path style access if false use virtual hosted style (default true)
- --s3-leave-parts-on-error If true avoid calling abort upload on a failure, leaving all successfully uploaded parts on S3 for manual recovery
- --s3-list-chunk int Size of listing chunk (response list for each ListObject S3 request) (default 1000)
- --s3-list-url-encode Tristate Whether to url encode listings: true/false/unset (default unset)
- --s3-list-version int Version of ListObjects to use: 1,2 or 0 for auto
- --s3-location-constraint string Location constraint - must be set to match the Region
- --s3-max-upload-parts int Maximum number of parts in a multipart upload (default 10000)
- --s3-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
- --s3-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
- --s3-might-gzip Tristate Set this if the backend might gzip objects (default unset)
- --s3-no-check-bucket If set, don't attempt to check the bucket exists or create it
- --s3-no-head If set, don't HEAD uploaded objects to check integrity
- --s3-no-head-object If set, do not do HEAD before GET when getting objects
- --s3-no-system-metadata Suppress setting and reading of system metadata
- --s3-profile string Profile to use in the shared credentials file
- --s3-provider string Choose your S3 provider
- --s3-region string Region to connect to
- --s3-requester-pays Enables requester pays option when interacting with S3 bucket
- --s3-secret-access-key string AWS Secret Access Key (password)
- --s3-server-side-encryption string The server-side encryption algorithm used when storing this object in S3
- --s3-session-token string An AWS session token
- --s3-shared-credentials-file string Path to the shared credentials file
- --s3-sse-customer-algorithm string If using SSE-C, the server-side encryption algorithm used when storing this object in S3
- --s3-sse-customer-key string To use SSE-C you may provide the secret encryption key used to encrypt/decrypt your data
- --s3-sse-customer-key-base64 string If using SSE-C you must provide the secret encryption key encoded in base64 format to encrypt/decrypt your data
- --s3-sse-customer-key-md5 string If using SSE-C you may provide the secret encryption key MD5 checksum (optional)
- --s3-sse-kms-key-id string If using KMS ID you must provide the ARN of Key
- --s3-storage-class string The storage class to use when storing new objects in S3
- --s3-sts-endpoint string Endpoint for STS
- --s3-upload-concurrency int Concurrency for multipart uploads (default 4)
- --s3-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
- --s3-use-accelerate-endpoint If true use the AWS S3 accelerated endpoint
- --s3-use-multipart-etag Tristate Whether to use ETag in multipart uploads for verification (default unset)
- --s3-use-presigned-request Whether to use a presigned request or PutObject for single part uploads
- --s3-v2-auth If true use v2 authentication
- --s3-version-at Time Show file versions as they were at the specified time (default off)
- --s3-versions Include old versions in directory listings
- --seafile-2fa Two-factor authentication ('true' if the account has 2FA enabled)
- --seafile-create-library Should rclone create a library if it doesn't exist
- --seafile-encoding MultiEncoder The encoding for the backend (default Slash,DoubleQuote,BackSlash,Ctl,InvalidUtf8)
- --seafile-library string Name of the library
- --seafile-library-key string Library password (for encrypted libraries only) (obscured)
- --seafile-pass string Password (obscured)
- --seafile-url string URL of seafile host to connect to
- --seafile-user string User name (usually email address)
- --sftp-ask-password Allow asking for SFTP password when needed
- --sftp-chunk-size SizeSuffix Upload and download chunk size (default 32Ki)
- --sftp-ciphers SpaceSepList Space separated list of ciphers to be used for session encryption, ordered by preference
- --sftp-concurrency int The maximum number of outstanding requests for one file (default 64)
- --sftp-disable-concurrent-reads If set don't use concurrent reads
- --sftp-disable-concurrent-writes If set don't use concurrent writes
- --sftp-disable-hashcheck Disable the execution of SSH commands to determine if remote file hashing is available
- --sftp-host string SSH host to connect to
- --sftp-idle-timeout Duration Max time before closing idle connections (default 1m0s)
- --sftp-key-exchange SpaceSepList Space separated list of key exchange algorithms, ordered by preference
- --sftp-key-file string Path to PEM-encoded private key file
- --sftp-key-file-pass string The passphrase to decrypt the PEM-encoded private key file (obscured)
- --sftp-key-pem string Raw PEM-encoded private key
- --sftp-key-use-agent When set forces the usage of the ssh-agent
- --sftp-known-hosts-file string Optional path to known_hosts file
- --sftp-macs SpaceSepList Space separated list of MACs (message authentication code) algorithms, ordered by preference
- --sftp-md5sum-command string The command used to read md5 hashes
- --sftp-pass string SSH password, leave blank to use ssh-agent (obscured)
- --sftp-path-override string Override path used by SSH shell commands
- --sftp-port int SSH port number (default 22)
- --sftp-pubkey-file string Optional path to public key file
- --sftp-server-command string Specifies the path or command to run a sftp server on the remote host
- --sftp-set-env SpaceSepList Environment variables to pass to sftp and commands
- --sftp-set-modtime Set the modified time on the remote if set (default true)
- --sftp-sha1sum-command string The command used to read sha1 hashes
- --sftp-shell-type string The type of SSH shell on remote server, if any
- --sftp-skip-links Set to skip any symlinks and any other non regular files
- --sftp-subsystem string Specifies the SSH2 subsystem on the remote host (default "sftp")
- --sftp-use-fstat If set use fstat instead of stat
- --sftp-use-insecure-cipher Enable the use of insecure ciphers and key exchange methods
- --sftp-user string SSH username (default "$USER")
- --sharefile-chunk-size SizeSuffix Upload chunk size (default 64Mi)
- --sharefile-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,LeftSpace,LeftPeriod,RightSpace,RightPeriod,InvalidUtf8,Dot)
- --sharefile-endpoint string Endpoint for API calls
- --sharefile-root-folder-id string ID of the root folder
- --sharefile-upload-cutoff SizeSuffix Cutoff for switching to multipart upload (default 128Mi)
- --sia-api-password string Sia Daemon API Password (obscured)
- --sia-api-url string Sia daemon API URL, like http://sia.daemon.host:9980 (default "http://127.0.0.1:9980")
- --sia-encoding MultiEncoder The encoding for the backend (default Slash,Question,Hash,Percent,Del,Ctl,InvalidUtf8,Dot)
- --sia-user-agent string Siad User Agent (default "Sia-Agent")
- --skip-links Don't warn about skipped symlinks
- --smb-case-insensitive Whether the server is configured to be case-insensitive (default true)
- --smb-domain string Domain name for NTLM authentication (default "WORKGROUP")
- --smb-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,RightSpace,RightPeriod,InvalidUtf8,Dot)
- --smb-hide-special-share Hide special shares (e.g. print$) which users aren't supposed to access (default true)
- --smb-host string SMB server hostname to connect to
- --smb-idle-timeout Duration Max time before closing idle connections (default 1m0s)
- --smb-pass string SMB password (obscured)
- --smb-port int SMB port number (default 445)
- --smb-spn string Service principal name
- --smb-user string SMB username (default "$USER")
- --storj-access-grant string Access grant
- --storj-api-key string API key
- --storj-passphrase string Encryption passphrase
- --storj-provider string Choose an authentication method (default "existing")
- --storj-satellite-address string Satellite address (default "us1.storj.io")
- --sugarsync-access-key-id string Sugarsync Access Key ID
- --sugarsync-app-id string Sugarsync App ID
- --sugarsync-authorization string Sugarsync authorization
- --sugarsync-authorization-expiry string Sugarsync authorization expiry
- --sugarsync-deleted-id string Sugarsync deleted folder id
- --sugarsync-encoding MultiEncoder The encoding for the backend (default Slash,Ctl,InvalidUtf8,Dot)
- --sugarsync-hard-delete Permanently delete files if true
- --sugarsync-private-access-key string Sugarsync Private Access Key
- --sugarsync-refresh-token string Sugarsync refresh token
- --sugarsync-root-id string Sugarsync root id
- --sugarsync-user string Sugarsync user
- --swift-application-credential-id string Application Credential ID (OS_APPLICATION_CREDENTIAL_ID)
- --swift-application-credential-name string Application Credential Name (OS_APPLICATION_CREDENTIAL_NAME)
- --swift-application-credential-secret string Application Credential Secret (OS_APPLICATION_CREDENTIAL_SECRET)
- --swift-auth string Authentication URL for server (OS_AUTH_URL)
- --swift-auth-token string Auth Token from alternate authentication - optional (OS_AUTH_TOKEN)
- --swift-auth-version int AuthVersion - optional - set to (1,2,3) if your auth URL has no version (ST_AUTH_VERSION)
- --swift-chunk-size SizeSuffix Above this size files will be chunked into a _segments container (default 5Gi)
- --swift-domain string User domain - optional (v3 auth) (OS_USER_DOMAIN_NAME)
- --swift-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8)
- --swift-endpoint-type string Endpoint type to choose from the service catalogue (OS_ENDPOINT_TYPE) (default "public")
- --swift-env-auth Get swift credentials from environment variables in standard OpenStack form
- --swift-key string API key or password (OS_PASSWORD)
- --swift-leave-parts-on-error If true avoid calling abort upload on a failure
- --swift-no-chunk Don't chunk files during streaming upload
- --swift-no-large-objects Disable support for static and dynamic large objects
- --swift-region string Region name - optional (OS_REGION_NAME)
- --swift-storage-policy string The storage policy to use when creating a new container
- --swift-storage-url string Storage URL - optional (OS_STORAGE_URL)
- --swift-tenant string Tenant name - optional for v1 auth, this or tenant_id required otherwise (OS_TENANT_NAME or OS_PROJECT_NAME)
- --swift-tenant-domain string Tenant domain - optional (v3 auth) (OS_PROJECT_DOMAIN_NAME)
- --swift-tenant-id string Tenant ID - optional for v1 auth, this or tenant required otherwise (OS_TENANT_ID)
- --swift-user string User name to log in (OS_USERNAME)
- --swift-user-id string User ID to log in - optional - most swift systems use user and leave this blank (v3 auth) (OS_USER_ID)
- --union-action-policy string Policy to choose upstream on ACTION category (default "epall")
- --union-cache-time int Cache time of usage and free space (in seconds) (default 120)
- --union-create-policy string Policy to choose upstream on CREATE category (default "epmfs")
- --union-min-free-space SizeSuffix Minimum viable free space for lfs/eplfs policies (default 1Gi)
- --union-search-policy string Policy to choose upstream on SEARCH category (default "ff")
- --union-upstreams string List of space separated upstreams
- --uptobox-access-token string Your access token
- --uptobox-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,BackQuote,Del,Ctl,LeftSpace,InvalidUtf8,Dot)
- --webdav-bearer-token string Bearer token instead of user/pass (e.g. a Macaroon)
- --webdav-bearer-token-command string Command to run to get a bearer token
- --webdav-encoding string The encoding for the backend
- --webdav-headers CommaSepList Set HTTP headers for all transactions
- --webdav-pass string Password (obscured)
- --webdav-url string URL of http host to connect to
- --webdav-user string User name
- --webdav-vendor string Name of the WebDAV site/service/software you are using
- --yandex-auth-url string Auth server URL
- --yandex-client-id string OAuth Client Id
- --yandex-client-secret string OAuth Client Secret
- --yandex-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,InvalidUtf8,Dot)
- --yandex-hard-delete Delete files permanently rather than putting them into the trash
- --yandex-token string OAuth Access Token as a JSON blob
- --yandex-token-url string Token server url
- --zoho-auth-url string Auth server URL
- --zoho-client-id string OAuth Client Id
- --zoho-client-secret string OAuth Client Secret
- --zoho-encoding MultiEncoder The encoding for the backend (default Del,Ctl,InvalidUtf8)
- --zoho-region string Zoho region to connect to
- --zoho-token string OAuth Access Token as a JSON blob
- --zoho-token-url string Token server url
+This describes the global flags available to every rclone command split into groups.
+Copy
+Flags for anything which can Copy a file.
+ --check-first Do all the checks before starting transfers
+ -c, --checksum Check for changes with size & checksum (if available, or fallback to size only).
+ --compare-dest stringArray Include additional comma separated server-side paths during comparison
+ --copy-dest stringArray Implies --compare-dest but also copies files from paths into destination
+ --cutoff-mode HARD|SOFT|CAUTIOUS Mode to stop transfers when reaching the max transfer limit HARD|SOFT|CAUTIOUS (default HARD)
+ --ignore-case-sync Ignore case when synchronizing
+ --ignore-checksum Skip post copy check of checksums
+ --ignore-existing Skip all files that exist on destination
+ --ignore-size Ignore size when skipping use modtime or checksum
+ -I, --ignore-times Don't skip files that match size and time - transfer all files
+ --immutable Do not modify files, fail if existing files have been modified
+ --inplace Download directly to destination file instead of atomic download to temp/rename
+ --max-backlog int Maximum number of objects in sync or check backlog (default 10000)
+ --max-duration Duration Maximum duration rclone will transfer data for (default 0s)
+ --max-transfer SizeSuffix Maximum size of data to transfer (default off)
+ -M, --metadata If set, preserve metadata when copying objects
+ --modify-window Duration Max time diff to be considered the same (default 1ns)
+ --multi-thread-chunk-size SizeSuffix Chunk size for multi-thread downloads / uploads, if not set by filesystem (default 64Mi)
+ --multi-thread-cutoff SizeSuffix Use multi-thread downloads for files above this size (default 256Mi)
+ --multi-thread-streams int Number of streams to use for multi-thread downloads (default 4)
+ --multi-thread-write-buffer-size SizeSuffix In memory buffer size for writing when in multi-thread mode (default 128Ki)
+ --no-check-dest Don't check the destination, copy regardless
+ --no-traverse Don't traverse destination file system on copy
+ --no-update-modtime Don't update destination modtime if files identical
+ --order-by string Instructions on how to order the transfers, e.g. 'size,descending'
+ --partial-suffix string Add partial-suffix to temporary file name when --inplace is not used (default ".partial")
+ --refresh-times Refresh the modtime of remote files
+ --server-side-across-configs Allow server-side operations (e.g. copy) to work across different configs
+ --size-only Skip based on size only, not modtime or checksum
+ --streaming-upload-cutoff SizeSuffix Cutoff for switching to chunked upload if file size is unknown, upload starts after reaching cutoff or when file ends (default 100Ki)
+ -u, --update Skip files that are newer on the destination
+Sync
+Flags just used for rclone sync
.
+ --backup-dir string Make backups into hierarchy based in DIR
+ --delete-after When synchronizing, delete files on destination after transferring (default)
+ --delete-before When synchronizing, delete files on destination before transferring
+ --delete-during When synchronizing, delete files during transfer
+ --ignore-errors Delete even if there are I/O errors
+ --max-delete int When synchronizing, limit the number of deletes (default -1)
+ --max-delete-size SizeSuffix When synchronizing, limit the total size of deletes (default off)
+ --suffix string Suffix to add to changed files
+ --suffix-keep-extension Preserve the extension when using --suffix
+ --track-renames When synchronizing, track file renames and do a server-side move if possible
+ --track-renames-strategy string Strategies to use when synchronizing using track-renames hash|modtime|leaf (default "hash")
+Important
+Important flags useful for most commands.
+ -n, --dry-run Do a trial run with no permanent changes
+ -i, --interactive Enable interactive mode
+ -v, --verbose count Print lots more stuff (repeat for more)
+Check
+Flags used for rclone check
.
+ --max-backlog int Maximum number of objects in sync or check backlog (default 10000)
+Networking
+General networking and HTTP stuff.
+ --bind string Local address to bind to for outgoing connections, IPv4, IPv6 or name
+ --bwlimit BwTimetable Bandwidth limit in KiB/s, or use suffix B|K|M|G|T|P or a full timetable
+ --bwlimit-file BwTimetable Bandwidth limit per file in KiB/s, or use suffix B|K|M|G|T|P or a full timetable
+ --ca-cert stringArray CA certificate used to verify servers
+ --client-cert string Client SSL certificate (PEM) for mutual TLS auth
+ --client-key string Client SSL private key (PEM) for mutual TLS auth
+ --contimeout Duration Connect timeout (default 1m0s)
+ --disable-http-keep-alives Disable HTTP keep-alives and use each connection once.
+ --disable-http2 Disable HTTP/2 in the global transport
+ --dscp string Set DSCP value to connections, value or name, e.g. CS1, LE, DF, AF21
+ --expect-continue-timeout Duration Timeout when using expect / 100-continue in HTTP (default 1s)
+ --header stringArray Set HTTP header for all transactions
+ --header-download stringArray Set HTTP header for download transactions
+ --header-upload stringArray Set HTTP header for upload transactions
+ --no-check-certificate Do not verify the server SSL certificate (insecure)
+ --no-gzip-encoding Don't set Accept-Encoding: gzip
+ --timeout Duration IO idle timeout (default 5m0s)
+ --tpslimit float Limit HTTP transactions per second to this
+ --tpslimit-burst int Max burst of transactions for --tpslimit (default 1)
+ --use-cookies Enable session cookiejar
+ --user-agent string Set the user-agent to a specified string (default "rclone/v1.65.0")
+Performance
+Flags helpful for increasing performance.
+ --buffer-size SizeSuffix In memory buffer size when reading files for each --transfer (default 16Mi)
+ --checkers int Number of checkers to run in parallel (default 8)
+ --transfers int Number of file transfers to run in parallel (default 4)
+Config
+General configuration of rclone.
+ --ask-password Allow prompt for password for encrypted configuration (default true)
+ --auto-confirm If enabled, do not request console confirmation
+ --cache-dir string Directory rclone will use for caching (default "$HOME/.cache/rclone")
+ --color AUTO|NEVER|ALWAYS When to show colors (and other ANSI codes) AUTO|NEVER|ALWAYS (default AUTO)
+ --config string Config file (default "$HOME/.config/rclone/rclone.conf")
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --disable string Disable a comma separated list of features (use --disable help to see a list)
+ -n, --dry-run Do a trial run with no permanent changes
+ --error-on-no-transfer Sets exit code 9 if no files are transferred, useful in scripts
+ --fs-cache-expire-duration Duration Cache remotes for this long (0 to disable caching) (default 5m0s)
+ --fs-cache-expire-interval Duration Interval to check for expired remotes (default 1m0s)
+ --human-readable Print numbers in a human-readable format, sizes with suffix Ki|Mi|Gi|Ti|Pi
+ -i, --interactive Enable interactive mode
+ --kv-lock-time Duration Maximum time to keep key-value database locked by process (default 1s)
+ --low-level-retries int Number of low level retries to do (default 10)
+ --no-console Hide console window (supported on Windows only)
+ --no-unicode-normalization Don't normalize unicode characters in filenames
+ --password-command SpaceSepList Command for supplying password for encrypted configuration
+ --retries int Retry operations this many times if they fail (default 3)
+ --retries-sleep Duration Interval between retrying operations if they fail, e.g. 500ms, 60s, 5m (0 to disable) (default 0s)
+ --temp-dir string Directory rclone will use for temporary files (default "/tmp")
+ --use-mmap Use mmap allocator (see docs)
+ --use-server-modtime Use server modified time instead of object metadata
+Debugging
+Flags for developers.
+ --cpuprofile string Write cpu profile to file
+ --dump DumpFlags List of items to dump from: headers, bodies, requests, responses, auth, filters, goroutines, openfiles, mapper
+ --dump-bodies Dump HTTP headers and bodies - may contain sensitive info
+ --dump-headers Dump HTTP headers - may contain sensitive info
+ --memprofile string Write memory profile to file
+Filter
+Flags for filtering directory listings.
+ --delete-excluded Delete files on dest excluded from sync
+ --exclude stringArray Exclude files matching pattern
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --files-from stringArray Read list of source-file names from file (use - to read from stdin)
+ --files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --ignore-case Ignore case in filters (case insensitive)
+ --include stringArray Include files matching pattern
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
+ --max-age Duration Only transfer files younger than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --max-depth int If set limits the recursion depth to this (default -1)
+ --max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
+ --min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
+Listing
+Flags for listing directories.
+ --default-time Time Time to show if modtime is unknown for files and directories (default 2000-01-01T00:00:00Z)
+ --fast-list Use recursive list if available; uses more memory but fewer transactions
+Logging
+Logging and statistics.
+ --log-file string Log everything to this file
+ --log-format string Comma separated list of log format options (default "date,time")
+ --log-level LogLevel Log level DEBUG|INFO|NOTICE|ERROR (default NOTICE)
+ --log-systemd Activate systemd integration for the logger
+ --max-stats-groups int Maximum number of stats groups to keep in memory, on max oldest is discarded (default 1000)
+ -P, --progress Show progress during transfer
+ --progress-terminal-title Show progress on the terminal title (requires -P/--progress)
+ -q, --quiet Print as little stuff as possible
+ --stats Duration Interval between printing stats, e.g. 500ms, 60s, 5m (0 to disable) (default 1m0s)
+ --stats-file-name-length int Max file name length in stats (0 for no limit) (default 45)
+ --stats-log-level LogLevel Log level to show --stats output DEBUG|INFO|NOTICE|ERROR (default INFO)
+ --stats-one-line Make the stats fit on one line
+ --stats-one-line-date Enable --stats-one-line and add current date/time prefix
+ --stats-one-line-date-format string Enable --stats-one-line-date and use custom formatted date: Enclose date string in double quotes ("), see https://golang.org/pkg/time/#Time.Format
+ --stats-unit string Show data rate in stats as either 'bits' or 'bytes' per second (default "bytes")
+ --syslog Use Syslog for logging
+ --syslog-facility string Facility for syslog, e.g. KERN,USER,... (default "DAEMON")
+ --use-json-log Use json log format
+ -v, --verbose count Print lots more stuff (repeat for more)
+Metadata
+Flags to control metadata.
+ -M, --metadata If set, preserve metadata when copying objects
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --metadata-mapper SpaceSepList Program to run to transforming metadata before upload
+ --metadata-set stringArray Add metadata key=value when uploading
+RC
+Flags to control the Remote Control API.
+ --rc Enable the remote control server
+ --rc-addr stringArray IPaddress:Port or :Port to bind server to (default [localhost:5572])
+ --rc-allow-origin string Origin which cross-domain request (CORS) can be executed from
+ --rc-baseurl string Prefix for URLs - leave blank for root
+ --rc-cert string TLS PEM key (concatenation of certificate and CA certificate)
+ --rc-client-ca string Client certificate authority to verify clients with
+ --rc-enable-metrics Enable prometheus metrics on /metrics
+ --rc-files string Path to local files to serve on the HTTP server
+ --rc-htpasswd string A htpasswd file - if not provided no authentication is done
+ --rc-job-expire-duration Duration Expire finished async jobs older than this value (default 1m0s)
+ --rc-job-expire-interval Duration Interval to check for expired async jobs (default 10s)
+ --rc-key string TLS PEM Private key
+ --rc-max-header-bytes int Maximum size of request header (default 4096)
+ --rc-min-tls-version string Minimum TLS version that is acceptable (default "tls1.0")
+ --rc-no-auth Don't require auth for certain methods
+ --rc-pass string Password for authentication
+ --rc-realm string Realm for authentication
+ --rc-salt string Password hashing salt (default "dlPL2MqE")
+ --rc-serve Enable the serving of remote objects
+ --rc-server-read-timeout Duration Timeout for server reading data (default 1h0m0s)
+ --rc-server-write-timeout Duration Timeout for server writing data (default 1h0m0s)
+ --rc-template string User-specified template
+ --rc-user string User name for authentication
+ --rc-web-fetch-url string URL to fetch the releases for webgui (default "https://api.github.com/repos/rclone/rclone-webui-react/releases/latest")
+ --rc-web-gui Launch WebGUI on localhost
+ --rc-web-gui-force-update Force update to latest version of web gui
+ --rc-web-gui-no-open-browser Don't open the browser automatically
+ --rc-web-gui-update Check and update to latest version of web gui
+Backend
+Backend only flags. These can be set in the config file also.
+ --acd-auth-url string Auth server URL
+ --acd-client-id string OAuth Client Id
+ --acd-client-secret string OAuth Client Secret
+ --acd-encoding Encoding The encoding for the backend (default Slash,InvalidUtf8,Dot)
+ --acd-templink-threshold SizeSuffix Files >= this size will be downloaded via their tempLink (default 9Gi)
+ --acd-token string OAuth Access Token as a JSON blob
+ --acd-token-url string Token server url
+ --acd-upload-wait-per-gb Duration Additional time per GiB to wait after a failed complete upload to see if it appears (default 3m0s)
+ --alias-remote string Remote or path to alias
+ --azureblob-access-tier string Access tier of blob: hot, cool, cold or archive
+ --azureblob-account string Azure Storage Account Name
+ --azureblob-archive-tier-delete Delete archive tier blobs before overwriting
+ --azureblob-chunk-size SizeSuffix Upload chunk size (default 4Mi)
+ --azureblob-client-certificate-password string Password for the certificate file (optional) (obscured)
+ --azureblob-client-certificate-path string Path to a PEM or PKCS12 certificate file including the private key
+ --azureblob-client-id string The ID of the client in use
+ --azureblob-client-secret string One of the service principal's client secrets
+ --azureblob-client-send-certificate-chain Send the certificate chain when using certificate auth
+ --azureblob-directory-markers Upload an empty object with a trailing slash when a new directory is created
+ --azureblob-disable-checksum Don't store MD5 checksum with object metadata
+ --azureblob-encoding Encoding The encoding for the backend (default Slash,BackSlash,Del,Ctl,RightPeriod,InvalidUtf8)
+ --azureblob-endpoint string Endpoint for the service
+ --azureblob-env-auth Read credentials from runtime (environment variables, CLI or MSI)
+ --azureblob-key string Storage Account Shared Key
+ --azureblob-list-chunk int Size of blob list (default 5000)
+ --azureblob-msi-client-id string Object ID of the user-assigned MSI to use, if any
+ --azureblob-msi-mi-res-id string Azure resource ID of the user-assigned MSI to use, if any
+ --azureblob-msi-object-id string Object ID of the user-assigned MSI to use, if any
+ --azureblob-no-check-container If set, don't attempt to check the container exists or create it
+ --azureblob-no-head-object If set, do not do HEAD before GET when getting objects
+ --azureblob-password string The user's password (obscured)
+ --azureblob-public-access string Public access level of a container: blob or container
+ --azureblob-sas-url string SAS URL for container level access only
+ --azureblob-service-principal-file string Path to file containing credentials for use with a service principal
+ --azureblob-tenant string ID of the service principal's tenant. Also called its directory ID
+ --azureblob-upload-concurrency int Concurrency for multipart uploads (default 16)
+ --azureblob-upload-cutoff string Cutoff for switching to chunked upload (<= 256 MiB) (deprecated)
+ --azureblob-use-emulator Uses local storage emulator if provided as 'true'
+ --azureblob-use-msi Use a managed service identity to authenticate (only works in Azure)
+ --azureblob-username string User name (usually an email address)
+ --azurefiles-account string Azure Storage Account Name
+ --azurefiles-chunk-size SizeSuffix Upload chunk size (default 4Mi)
+ --azurefiles-client-certificate-password string Password for the certificate file (optional) (obscured)
+ --azurefiles-client-certificate-path string Path to a PEM or PKCS12 certificate file including the private key
+ --azurefiles-client-id string The ID of the client in use
+ --azurefiles-client-secret string One of the service principal's client secrets
+ --azurefiles-client-send-certificate-chain Send the certificate chain when using certificate auth
+ --azurefiles-connection-string string Azure Files Connection String
+ --azurefiles-encoding Encoding The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,RightPeriod,InvalidUtf8,Dot)
+ --azurefiles-endpoint string Endpoint for the service
+ --azurefiles-env-auth Read credentials from runtime (environment variables, CLI or MSI)
+ --azurefiles-key string Storage Account Shared Key
+ --azurefiles-max-stream-size SizeSuffix Max size for streamed files (default 10Gi)
+ --azurefiles-msi-client-id string Object ID of the user-assigned MSI to use, if any
+ --azurefiles-msi-mi-res-id string Azure resource ID of the user-assigned MSI to use, if any
+ --azurefiles-msi-object-id string Object ID of the user-assigned MSI to use, if any
+ --azurefiles-password string The user's password (obscured)
+ --azurefiles-sas-url string SAS URL
+ --azurefiles-service-principal-file string Path to file containing credentials for use with a service principal
+ --azurefiles-share-name string Azure Files Share Name
+ --azurefiles-tenant string ID of the service principal's tenant. Also called its directory ID
+ --azurefiles-upload-concurrency int Concurrency for multipart uploads (default 16)
+ --azurefiles-use-msi Use a managed service identity to authenticate (only works in Azure)
+ --azurefiles-username string User name (usually an email address)
+ --b2-account string Account ID or Application Key ID
+ --b2-chunk-size SizeSuffix Upload chunk size (default 96Mi)
+ --b2-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4Gi)
+ --b2-disable-checksum Disable checksums for large (> upload cutoff) files
+ --b2-download-auth-duration Duration Time before the authorization token will expire in s or suffix ms|s|m|h|d (default 1w)
+ --b2-download-url string Custom endpoint for downloads
+ --b2-encoding Encoding The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --b2-endpoint string Endpoint for the service
+ --b2-hard-delete Permanently delete files on remote removal, otherwise hide files
+ --b2-key string Application Key
+ --b2-lifecycle int Set the number of days deleted files should be kept when creating a bucket
+ --b2-test-mode string A flag string for X-Bz-Test-Mode header for debugging
+ --b2-upload-concurrency int Concurrency for multipart uploads (default 4)
+ --b2-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
+ --b2-version-at Time Show file versions as they were at the specified time (default off)
+ --b2-versions Include old versions in directory listings
+ --box-access-token string Box App Primary Access Token
+ --box-auth-url string Auth server URL
+ --box-box-config-file string Box App config.json location
+ --box-box-sub-type string (default "user")
+ --box-client-id string OAuth Client Id
+ --box-client-secret string OAuth Client Secret
+ --box-commit-retries int Max number of times to try committing a multipart file (default 100)
+ --box-encoding Encoding The encoding for the backend (default Slash,BackSlash,Del,Ctl,RightSpace,InvalidUtf8,Dot)
+ --box-impersonate string Impersonate this user ID when using a service account
+ --box-list-chunk int Size of listing chunk 1-1000 (default 1000)
+ --box-owned-by string Only show items owned by the login (email address) passed in
+ --box-root-folder-id string Fill in for rclone to use a non root folder as its starting point
+ --box-token string OAuth Access Token as a JSON blob
+ --box-token-url string Token server url
+ --box-upload-cutoff SizeSuffix Cutoff for switching to multipart upload (>= 50 MiB) (default 50Mi)
+ --cache-chunk-clean-interval Duration How often should the cache perform cleanups of the chunk storage (default 1m0s)
+ --cache-chunk-no-memory Disable the in-memory cache for storing chunks during streaming
+ --cache-chunk-path string Directory to cache chunk files (default "$HOME/.cache/rclone/cache-backend")
+ --cache-chunk-size SizeSuffix The size of a chunk (partial file data) (default 5Mi)
+ --cache-chunk-total-size SizeSuffix The total size that the chunks can take up on the local disk (default 10Gi)
+ --cache-db-path string Directory to store file structure metadata DB (default "$HOME/.cache/rclone/cache-backend")
+ --cache-db-purge Clear all the cached data for this remote on start
+ --cache-db-wait-time Duration How long to wait for the DB to be available - 0 is unlimited (default 1s)
+ --cache-info-age Duration How long to cache file structure information (directory listings, file size, times, etc.) (default 6h0m0s)
+ --cache-plex-insecure string Skip all certificate verification when connecting to the Plex server
+ --cache-plex-password string The password of the Plex user (obscured)
+ --cache-plex-url string The URL of the Plex server
+ --cache-plex-username string The username of the Plex user
+ --cache-read-retries int How many times to retry a read from a cache storage (default 10)
+ --cache-remote string Remote to cache
+ --cache-rps int Limits the number of requests per second to the source FS (-1 to disable) (default -1)
+ --cache-tmp-upload-path string Directory to keep temporary files until they are uploaded
+ --cache-tmp-wait-time Duration How long should files be stored in local cache before being uploaded (default 15s)
+ --cache-workers int How many workers should run in parallel to download chunks (default 4)
+ --cache-writes Cache file data on writes through the FS
+ --chunker-chunk-size SizeSuffix Files larger than chunk size will be split in chunks (default 2Gi)
+ --chunker-fail-hard Choose how chunker should handle files with missing or invalid chunks
+ --chunker-hash-type string Choose how chunker handles hash sums (default "md5")
+ --chunker-remote string Remote to chunk/unchunk
+ --combine-upstreams SpaceSepList Upstreams for combining
+ --compress-level int GZIP compression level (-2 to 9) (default -1)
+ --compress-mode string Compression mode (default "gzip")
+ --compress-ram-cache-limit SizeSuffix Some remotes don't allow the upload of files with unknown size (default 20Mi)
+ --compress-remote string Remote to compress
+ -L, --copy-links Follow symlinks and copy the pointed to item
+ --crypt-directory-name-encryption Option to either encrypt directory names or leave them intact (default true)
+ --crypt-filename-encoding string How to encode the encrypted filename to text string (default "base32")
+ --crypt-filename-encryption string How to encrypt the filenames (default "standard")
+ --crypt-no-data-encryption Option to either encrypt file data or leave it unencrypted
+ --crypt-pass-bad-blocks If set this will pass bad blocks through as all 0
+ --crypt-password string Password or pass phrase for encryption (obscured)
+ --crypt-password2 string Password or pass phrase for salt (obscured)
+ --crypt-remote string Remote to encrypt/decrypt
+ --crypt-server-side-across-configs Deprecated: use --server-side-across-configs instead
+ --crypt-show-mapping For all files listed show how the names encrypt
+ --crypt-suffix string If this is set it will override the default suffix of ".bin" (default ".bin")
+ --drive-acknowledge-abuse Set to allow files which return cannotDownloadAbusiveFile to be downloaded
+ --drive-allow-import-name-change Allow the filetype to change when uploading Google docs
+ --drive-auth-owner-only Only consider files owned by the authenticated user
+ --drive-auth-url string Auth server URL
+ --drive-chunk-size SizeSuffix Upload chunk size (default 8Mi)
+ --drive-client-id string Google Application Client Id
+ --drive-client-secret string OAuth Client Secret
+ --drive-copy-shortcut-content Server side copy contents of shortcuts instead of the shortcut
+ --drive-disable-http2 Disable drive using http2 (default true)
+ --drive-encoding Encoding The encoding for the backend (default InvalidUtf8)
+ --drive-env-auth Get IAM credentials from runtime (environment variables or instance meta data if no env vars)
+ --drive-export-formats string Comma separated list of preferred formats for downloading Google docs (default "docx,xlsx,pptx,svg")
+ --drive-fast-list-bug-fix Work around a bug in Google Drive listing (default true)
+ --drive-formats string Deprecated: See export_formats
+ --drive-impersonate string Impersonate this user when using a service account
+ --drive-import-formats string Comma separated list of preferred formats for uploading Google docs
+ --drive-keep-revision-forever Keep new head revision of each file forever
+ --drive-list-chunk int Size of listing chunk 100-1000, 0 to disable (default 1000)
+ --drive-metadata-labels Bits Control whether labels should be read or written in metadata (default off)
+ --drive-metadata-owner Bits Control whether owner should be read or written in metadata (default read)
+ --drive-metadata-permissions Bits Control whether permissions should be read or written in metadata (default off)
+ --drive-pacer-burst int Number of API calls to allow without sleeping (default 100)
+ --drive-pacer-min-sleep Duration Minimum time to sleep between API calls (default 100ms)
+ --drive-resource-key string Resource key for accessing a link-shared file
+ --drive-root-folder-id string ID of the root folder
+ --drive-scope string Comma separated list of scopes that rclone should use when requesting access from drive
+ --drive-server-side-across-configs Deprecated: use --server-side-across-configs instead
+ --drive-service-account-credentials string Service Account Credentials JSON blob
+ --drive-service-account-file string Service Account Credentials JSON file path
+ --drive-shared-with-me Only show files that are shared with me
+ --drive-show-all-gdocs Show all Google Docs including non-exportable ones in listings
+ --drive-size-as-quota Show sizes as storage quota usage, not actual size
+ --drive-skip-checksum-gphotos Skip checksums on Google photos and videos only
+ --drive-skip-dangling-shortcuts If set skip dangling shortcut files
+ --drive-skip-gdocs Skip google documents in all listings
+ --drive-skip-shortcuts If set skip shortcut files
+ --drive-starred-only Only show files that are starred
+ --drive-stop-on-download-limit Make download limit errors be fatal
+ --drive-stop-on-upload-limit Make upload limit errors be fatal
+ --drive-team-drive string ID of the Shared Drive (Team Drive)
+ --drive-token string OAuth Access Token as a JSON blob
+ --drive-token-url string Token server url
+ --drive-trashed-only Only show files that are in the trash
+ --drive-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 8Mi)
+ --drive-use-created-date Use file created date instead of modified date
+ --drive-use-shared-date Use date file was shared instead of modified date
+ --drive-use-trash Send files to the trash instead of deleting permanently (default true)
+ --drive-v2-download-min-size SizeSuffix If Object's are greater, use drive v2 API to download (default off)
+ --dropbox-auth-url string Auth server URL
+ --dropbox-batch-commit-timeout Duration Max time to wait for a batch to finish committing (default 10m0s)
+ --dropbox-batch-mode string Upload file batching sync|async|off (default "sync")
+ --dropbox-batch-size int Max number of files in upload batch
+ --dropbox-batch-timeout Duration Max time to allow an idle upload batch before uploading (default 0s)
+ --dropbox-chunk-size SizeSuffix Upload chunk size (< 150Mi) (default 48Mi)
+ --dropbox-client-id string OAuth Client Id
+ --dropbox-client-secret string OAuth Client Secret
+ --dropbox-encoding Encoding The encoding for the backend (default Slash,BackSlash,Del,RightSpace,InvalidUtf8,Dot)
+ --dropbox-impersonate string Impersonate this user when using a business account
+ --dropbox-pacer-min-sleep Duration Minimum time to sleep between API calls (default 10ms)
+ --dropbox-shared-files Instructs rclone to work on individual shared files
+ --dropbox-shared-folders Instructs rclone to work on shared folders
+ --dropbox-token string OAuth Access Token as a JSON blob
+ --dropbox-token-url string Token server url
+ --fichier-api-key string Your API Key, get it from https://1fichier.com/console/params.pl
+ --fichier-cdn Set if you wish to use CDN download links
+ --fichier-encoding Encoding The encoding for the backend (default Slash,LtGt,DoubleQuote,SingleQuote,BackQuote,Dollar,BackSlash,Del,Ctl,LeftSpace,RightSpace,InvalidUtf8,Dot)
+ --fichier-file-password string If you want to download a shared file that is password protected, add this parameter (obscured)
+ --fichier-folder-password string If you want to list the files in a shared folder that is password protected, add this parameter (obscured)
+ --fichier-shared-folder string If you want to download a shared folder, add this parameter
+ --filefabric-encoding Encoding The encoding for the backend (default Slash,Del,Ctl,InvalidUtf8,Dot)
+ --filefabric-permanent-token string Permanent Authentication Token
+ --filefabric-root-folder-id string ID of the root folder
+ --filefabric-token string Session Token
+ --filefabric-token-expiry string Token expiry time
+ --filefabric-url string URL of the Enterprise File Fabric to connect to
+ --filefabric-version string Version read from the file fabric
+ --ftp-ask-password Allow asking for FTP password when needed
+ --ftp-close-timeout Duration Maximum time to wait for a response to close (default 1m0s)
+ --ftp-concurrency int Maximum number of FTP simultaneous connections, 0 for unlimited
+ --ftp-disable-epsv Disable using EPSV even if server advertises support
+ --ftp-disable-mlsd Disable using MLSD even if server advertises support
+ --ftp-disable-tls13 Disable TLS 1.3 (workaround for FTP servers with buggy TLS)
+ --ftp-disable-utf8 Disable using UTF-8 even if server advertises support
+ --ftp-encoding Encoding The encoding for the backend (default Slash,Del,Ctl,RightSpace,Dot)
+ --ftp-explicit-tls Use Explicit FTPS (FTP over TLS)
+ --ftp-force-list-hidden Use LIST -a to force listing of hidden files and folders. This will disable the use of MLSD
+ --ftp-host string FTP host to connect to
+ --ftp-idle-timeout Duration Max time before closing idle connections (default 1m0s)
+ --ftp-no-check-certificate Do not verify the TLS certificate of the server
+ --ftp-pass string FTP password (obscured)
+ --ftp-port int FTP port number (default 21)
+ --ftp-shut-timeout Duration Maximum time to wait for data connection closing status (default 1m0s)
+ --ftp-socks-proxy string Socks 5 proxy host
+ --ftp-tls Use Implicit FTPS (FTP over TLS)
+ --ftp-tls-cache-size int Size of TLS session cache for all control and data connections (default 32)
+ --ftp-user string FTP username (default "$USER")
+ --ftp-writing-mdtm Use MDTM to set modification time (VsFtpd quirk)
+ --gcs-anonymous Access public buckets and objects without credentials
+ --gcs-auth-url string Auth server URL
+ --gcs-bucket-acl string Access Control List for new buckets
+ --gcs-bucket-policy-only Access checks should use bucket-level IAM policies
+ --gcs-client-id string OAuth Client Id
+ --gcs-client-secret string OAuth Client Secret
+ --gcs-decompress If set this will decompress gzip encoded objects
+ --gcs-directory-markers Upload an empty object with a trailing slash when a new directory is created
+ --gcs-encoding Encoding The encoding for the backend (default Slash,CrLf,InvalidUtf8,Dot)
+ --gcs-endpoint string Endpoint for the service
+ --gcs-env-auth Get GCP IAM credentials from runtime (environment variables or instance meta data if no env vars)
+ --gcs-location string Location for the newly created buckets
+ --gcs-no-check-bucket If set, don't attempt to check the bucket exists or create it
+ --gcs-object-acl string Access Control List for new objects
+ --gcs-project-number string Project number
+ --gcs-service-account-file string Service Account Credentials JSON file path
+ --gcs-storage-class string The storage class to use when storing objects in Google Cloud Storage
+ --gcs-token string OAuth Access Token as a JSON blob
+ --gcs-token-url string Token server url
+ --gcs-user-project string User project
+ --gphotos-auth-url string Auth server URL
+ --gphotos-batch-commit-timeout Duration Max time to wait for a batch to finish committing (default 10m0s)
+ --gphotos-batch-mode string Upload file batching sync|async|off (default "sync")
+ --gphotos-batch-size int Max number of files in upload batch
+ --gphotos-batch-timeout Duration Max time to allow an idle upload batch before uploading (default 0s)
+ --gphotos-client-id string OAuth Client Id
+ --gphotos-client-secret string OAuth Client Secret
+ --gphotos-encoding Encoding The encoding for the backend (default Slash,CrLf,InvalidUtf8,Dot)
+ --gphotos-include-archived Also view and download archived media
+ --gphotos-read-only Set to make the Google Photos backend read only
+ --gphotos-read-size Set to read the size of media items
+ --gphotos-start-year int Year limits the photos to be downloaded to those which are uploaded after the given year (default 2000)
+ --gphotos-token string OAuth Access Token as a JSON blob
+ --gphotos-token-url string Token server url
+ --hasher-auto-size SizeSuffix Auto-update checksum for files smaller than this size (disabled by default)
+ --hasher-hashes CommaSepList Comma separated list of supported checksum types (default md5,sha1)
+ --hasher-max-age Duration Maximum time to keep checksums in cache (0 = no cache, off = cache forever) (default off)
+ --hasher-remote string Remote to cache checksums for (e.g. myRemote:path)
+ --hdfs-data-transfer-protection string Kerberos data transfer protection: authentication|integrity|privacy
+ --hdfs-encoding Encoding The encoding for the backend (default Slash,Colon,Del,Ctl,InvalidUtf8,Dot)
+ --hdfs-namenode CommaSepList Hadoop name nodes and ports
+ --hdfs-service-principal-name string Kerberos service principal name for the namenode
+ --hdfs-username string Hadoop user name
+ --hidrive-auth-url string Auth server URL
+ --hidrive-chunk-size SizeSuffix Chunksize for chunked uploads (default 48Mi)
+ --hidrive-client-id string OAuth Client Id
+ --hidrive-client-secret string OAuth Client Secret
+ --hidrive-disable-fetching-member-count Do not fetch number of objects in directories unless it is absolutely necessary
+ --hidrive-encoding Encoding The encoding for the backend (default Slash,Dot)
+ --hidrive-endpoint string Endpoint for the service (default "https://api.hidrive.strato.com/2.1")
+ --hidrive-root-prefix string The root/parent folder for all paths (default "/")
+ --hidrive-scope-access string Access permissions that rclone should use when requesting access from HiDrive (default "rw")
+ --hidrive-scope-role string User-level that rclone should use when requesting access from HiDrive (default "user")
+ --hidrive-token string OAuth Access Token as a JSON blob
+ --hidrive-token-url string Token server url
+ --hidrive-upload-concurrency int Concurrency for chunked uploads (default 4)
+ --hidrive-upload-cutoff SizeSuffix Cutoff/Threshold for chunked uploads (default 96Mi)
+ --http-headers CommaSepList Set HTTP headers for all transactions
+ --http-no-head Don't use HEAD requests
+ --http-no-slash Set this if the site doesn't end directories with /
+ --http-url string URL of HTTP host to connect to
+ --imagekit-encoding Encoding The encoding for the backend (default Slash,LtGt,DoubleQuote,Dollar,Question,Hash,Percent,BackSlash,Del,Ctl,InvalidUtf8,Dot,SquareBracket)
+ --imagekit-endpoint string You can find your ImageKit.io URL endpoint in your [dashboard](https://imagekit.io/dashboard/developer/api-keys)
+ --imagekit-only-signed Restrict unsigned image URLs If you have configured Restrict unsigned image URLs in your dashboard settings, set this to true
+ --imagekit-private-key string You can find your ImageKit.io private key in your [dashboard](https://imagekit.io/dashboard/developer/api-keys)
+ --imagekit-public-key string You can find your ImageKit.io public key in your [dashboard](https://imagekit.io/dashboard/developer/api-keys)
+ --imagekit-upload-tags string Tags to add to the uploaded files, e.g. "tag1,tag2"
+ --imagekit-versions Include old versions in directory listings
+ --internetarchive-access-key-id string IAS3 Access Key
+ --internetarchive-disable-checksum Don't ask the server to test against MD5 checksum calculated by rclone (default true)
+ --internetarchive-encoding Encoding The encoding for the backend (default Slash,LtGt,CrLf,Del,Ctl,InvalidUtf8,Dot)
+ --internetarchive-endpoint string IAS3 Endpoint (default "https://s3.us.archive.org")
+ --internetarchive-front-endpoint string Host of InternetArchive Frontend (default "https://archive.org")
+ --internetarchive-secret-access-key string IAS3 Secret Key (password)
+ --internetarchive-wait-archive Duration Timeout for waiting the server's processing tasks (specifically archive and book_op) to finish (default 0s)
+ --jottacloud-auth-url string Auth server URL
+ --jottacloud-client-id string OAuth Client Id
+ --jottacloud-client-secret string OAuth Client Secret
+ --jottacloud-encoding Encoding The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,Del,Ctl,InvalidUtf8,Dot)
+ --jottacloud-hard-delete Delete files permanently rather than putting them into the trash
+ --jottacloud-md5-memory-limit SizeSuffix Files bigger than this will be cached on disk to calculate the MD5 if required (default 10Mi)
+ --jottacloud-no-versions Avoid server side versioning by deleting files and recreating files instead of overwriting them
+ --jottacloud-token string OAuth Access Token as a JSON blob
+ --jottacloud-token-url string Token server url
+ --jottacloud-trashed-only Only show files that are in the trash
+ --jottacloud-upload-resume-limit SizeSuffix Files bigger than this can be resumed if the upload fail's (default 10Mi)
+ --koofr-encoding Encoding The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --koofr-endpoint string The Koofr API endpoint to use
+ --koofr-mountid string Mount ID of the mount to use
+ --koofr-password string Your password for rclone (generate one at https://app.koofr.net/app/admin/preferences/password) (obscured)
+ --koofr-provider string Choose your storage provider
+ --koofr-setmtime Does the backend support setting modification time (default true)
+ --koofr-user string Your user name
+ --linkbox-token string Token from https://www.linkbox.to/admin/account
+ -l, --links Translate symlinks to/from regular files with a '.rclonelink' extension
+ --local-case-insensitive Force the filesystem to report itself as case insensitive
+ --local-case-sensitive Force the filesystem to report itself as case sensitive
+ --local-encoding Encoding The encoding for the backend (default Slash,Dot)
+ --local-no-check-updated Don't check to see if the files change during upload
+ --local-no-preallocate Disable preallocation of disk space for transferred files
+ --local-no-set-modtime Disable setting modtime
+ --local-no-sparse Disable sparse files for multi-thread downloads
+ --local-nounc Disable UNC (long path names) conversion on Windows
+ --local-unicode-normalization Apply unicode NFC normalization to paths and filenames
+ --local-zero-size-links Assume the Stat size of links is zero (and read them instead) (deprecated)
+ --mailru-auth-url string Auth server URL
+ --mailru-check-hash What should copy do if file checksum is mismatched or invalid (default true)
+ --mailru-client-id string OAuth Client Id
+ --mailru-client-secret string OAuth Client Secret
+ --mailru-encoding Encoding The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --mailru-pass string Password (obscured)
+ --mailru-speedup-enable Skip full upload if there is another file with same data hash (default true)
+ --mailru-speedup-file-patterns string Comma separated list of file name patterns eligible for speedup (put by hash) (default "*.mkv,*.avi,*.mp4,*.mp3,*.zip,*.gz,*.rar,*.pdf")
+ --mailru-speedup-max-disk SizeSuffix This option allows you to disable speedup (put by hash) for large files (default 3Gi)
+ --mailru-speedup-max-memory SizeSuffix Files larger than the size given below will always be hashed on disk (default 32Mi)
+ --mailru-token string OAuth Access Token as a JSON blob
+ --mailru-token-url string Token server url
+ --mailru-user string User name (usually email)
+ --mega-debug Output more debug from Mega
+ --mega-encoding Encoding The encoding for the backend (default Slash,InvalidUtf8,Dot)
+ --mega-hard-delete Delete files permanently rather than putting them into the trash
+ --mega-pass string Password (obscured)
+ --mega-use-https Use HTTPS for transfers
+ --mega-user string User name
+ --netstorage-account string Set the NetStorage account name
+ --netstorage-host string Domain+path of NetStorage host to connect to
+ --netstorage-protocol string Select between HTTP or HTTPS protocol (default "https")
+ --netstorage-secret string Set the NetStorage account secret/G2O key for authentication (obscured)
+ -x, --one-file-system Don't cross filesystem boundaries (unix/macOS only)
+ --onedrive-access-scopes SpaceSepList Set scopes to be requested by rclone (default Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All Sites.Read.All offline_access)
+ --onedrive-auth-url string Auth server URL
+ --onedrive-av-override Allows download of files the server thinks has a virus
+ --onedrive-chunk-size SizeSuffix Chunk size to upload files with - must be multiple of 320k (327,680 bytes) (default 10Mi)
+ --onedrive-client-id string OAuth Client Id
+ --onedrive-client-secret string OAuth Client Secret
+ --onedrive-delta If set rclone will use delta listing to implement recursive listings
+ --onedrive-drive-id string The ID of the drive to use
+ --onedrive-drive-type string The type of the drive (personal | business | documentLibrary)
+ --onedrive-encoding Encoding The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,LeftSpace,LeftTilde,RightSpace,RightPeriod,InvalidUtf8,Dot)
+ --onedrive-expose-onenote-files Set to make OneNote files show up in directory listings
+ --onedrive-hash-type string Specify the hash in use for the backend (default "auto")
+ --onedrive-link-password string Set the password for links created by the link command
+ --onedrive-link-scope string Set the scope of the links created by the link command (default "anonymous")
+ --onedrive-link-type string Set the type of the links created by the link command (default "view")
+ --onedrive-list-chunk int Size of listing chunk (default 1000)
+ --onedrive-no-versions Remove all versions on modifying operations
+ --onedrive-region string Choose national cloud region for OneDrive (default "global")
+ --onedrive-root-folder-id string ID of the root folder
+ --onedrive-server-side-across-configs Deprecated: use --server-side-across-configs instead
+ --onedrive-token string OAuth Access Token as a JSON blob
+ --onedrive-token-url string Token server url
+ --oos-attempt-resume-upload If true attempt to resume previously started multipart upload for the object
+ --oos-chunk-size SizeSuffix Chunk size to use for uploading (default 5Mi)
+ --oos-compartment string Object storage compartment OCID
+ --oos-config-file string Path to OCI config file (default "~/.oci/config")
+ --oos-config-profile string Profile name inside the oci config file (default "Default")
+ --oos-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4.656Gi)
+ --oos-copy-timeout Duration Timeout for copy (default 1m0s)
+ --oos-disable-checksum Don't store MD5 checksum with object metadata
+ --oos-encoding Encoding The encoding for the backend (default Slash,InvalidUtf8,Dot)
+ --oos-endpoint string Endpoint for Object storage API
+ --oos-leave-parts-on-error If true avoid calling abort upload on a failure, leaving all successfully uploaded parts for manual recovery
+ --oos-max-upload-parts int Maximum number of parts in a multipart upload (default 10000)
+ --oos-namespace string Object storage namespace
+ --oos-no-check-bucket If set, don't attempt to check the bucket exists or create it
+ --oos-provider string Choose your Auth Provider (default "env_auth")
+ --oos-region string Object storage Region
+ --oos-sse-customer-algorithm string If using SSE-C, the optional header that specifies "AES256" as the encryption algorithm
+ --oos-sse-customer-key string To use SSE-C, the optional header that specifies the base64-encoded 256-bit encryption key to use to
+ --oos-sse-customer-key-file string To use SSE-C, a file containing the base64-encoded string of the AES-256 encryption key associated
+ --oos-sse-customer-key-sha256 string If using SSE-C, The optional header that specifies the base64-encoded SHA256 hash of the encryption
+ --oos-sse-kms-key-id string if using your own master key in vault, this header specifies the
+ --oos-storage-tier string The storage class to use when storing new objects in storage. https://docs.oracle.com/en-us/iaas/Content/Object/Concepts/understandingstoragetiers.htm (default "Standard")
+ --oos-upload-concurrency int Concurrency for multipart uploads (default 10)
+ --oos-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
+ --opendrive-chunk-size SizeSuffix Files will be uploaded in chunks this size (default 10Mi)
+ --opendrive-encoding Encoding The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,LeftSpace,LeftCrLfHtVt,RightSpace,RightCrLfHtVt,InvalidUtf8,Dot)
+ --opendrive-password string Password (obscured)
+ --opendrive-username string Username
+ --pcloud-auth-url string Auth server URL
+ --pcloud-client-id string OAuth Client Id
+ --pcloud-client-secret string OAuth Client Secret
+ --pcloud-encoding Encoding The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --pcloud-hostname string Hostname to connect to (default "api.pcloud.com")
+ --pcloud-password string Your pcloud password (obscured)
+ --pcloud-root-folder-id string Fill in for rclone to use a non root folder as its starting point (default "d0")
+ --pcloud-token string OAuth Access Token as a JSON blob
+ --pcloud-token-url string Token server url
+ --pcloud-username string Your pcloud username
+ --pikpak-auth-url string Auth server URL
+ --pikpak-client-id string OAuth Client Id
+ --pikpak-client-secret string OAuth Client Secret
+ --pikpak-encoding Encoding The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,LeftSpace,RightSpace,RightPeriod,InvalidUtf8,Dot)
+ --pikpak-hash-memory-limit SizeSuffix Files bigger than this will be cached on disk to calculate hash if required (default 10Mi)
+ --pikpak-pass string Pikpak password (obscured)
+ --pikpak-root-folder-id string ID of the root folder
+ --pikpak-token string OAuth Access Token as a JSON blob
+ --pikpak-token-url string Token server url
+ --pikpak-trashed-only Only show files that are in the trash
+ --pikpak-use-trash Send files to the trash instead of deleting permanently (default true)
+ --pikpak-user string Pikpak username
+ --premiumizeme-auth-url string Auth server URL
+ --premiumizeme-client-id string OAuth Client Id
+ --premiumizeme-client-secret string OAuth Client Secret
+ --premiumizeme-encoding Encoding The encoding for the backend (default Slash,DoubleQuote,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --premiumizeme-token string OAuth Access Token as a JSON blob
+ --premiumizeme-token-url string Token server url
+ --protondrive-2fa string The 2FA code
+ --protondrive-app-version string The app version string (default "macos-drive@1.0.0-alpha.1+rclone")
+ --protondrive-enable-caching Caches the files and folders metadata to reduce API calls (default true)
+ --protondrive-encoding Encoding The encoding for the backend (default Slash,LeftSpace,RightSpace,InvalidUtf8,Dot)
+ --protondrive-mailbox-password string The mailbox password of your two-password proton account (obscured)
+ --protondrive-original-file-size Return the file size before encryption (default true)
+ --protondrive-password string The password of your proton account (obscured)
+ --protondrive-replace-existing-draft Create a new revision when filename conflict is detected
+ --protondrive-username string The username of your proton account
+ --putio-auth-url string Auth server URL
+ --putio-client-id string OAuth Client Id
+ --putio-client-secret string OAuth Client Secret
+ --putio-encoding Encoding The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --putio-token string OAuth Access Token as a JSON blob
+ --putio-token-url string Token server url
+ --qingstor-access-key-id string QingStor Access Key ID
+ --qingstor-chunk-size SizeSuffix Chunk size to use for uploading (default 4Mi)
+ --qingstor-connection-retries int Number of connection retries (default 3)
+ --qingstor-encoding Encoding The encoding for the backend (default Slash,Ctl,InvalidUtf8)
+ --qingstor-endpoint string Enter an endpoint URL to connection QingStor API
+ --qingstor-env-auth Get QingStor credentials from runtime
+ --qingstor-secret-access-key string QingStor Secret Access Key (password)
+ --qingstor-upload-concurrency int Concurrency for multipart uploads (default 1)
+ --qingstor-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
+ --qingstor-zone string Zone to connect to
+ --quatrix-api-key string API key for accessing Quatrix account
+ --quatrix-effective-upload-time string Wanted upload time for one chunk (default "4s")
+ --quatrix-encoding Encoding The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --quatrix-hard-delete Delete files permanently rather than putting them into the trash
+ --quatrix-host string Host name of Quatrix account
+ --quatrix-maximal-summary-chunk-size SizeSuffix The maximal summary for all chunks. It should not be less than 'transfers'*'minimal_chunk_size' (default 95.367Mi)
+ --quatrix-minimal-chunk-size SizeSuffix The minimal size for one chunk (default 9.537Mi)
+ --s3-access-key-id string AWS Access Key ID
+ --s3-acl string Canned ACL used when creating buckets and storing or copying objects
+ --s3-bucket-acl string Canned ACL used when creating buckets
+ --s3-chunk-size SizeSuffix Chunk size to use for uploading (default 5Mi)
+ --s3-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4.656Gi)
+ --s3-decompress If set this will decompress gzip encoded objects
+ --s3-directory-markers Upload an empty object with a trailing slash when a new directory is created
+ --s3-disable-checksum Don't store MD5 checksum with object metadata
+ --s3-disable-http2 Disable usage of http2 for S3 backends
+ --s3-download-url string Custom endpoint for downloads
+ --s3-encoding Encoding The encoding for the backend (default Slash,InvalidUtf8,Dot)
+ --s3-endpoint string Endpoint for S3 API
+ --s3-env-auth Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars)
+ --s3-force-path-style If true use path style access if false use virtual hosted style (default true)
+ --s3-leave-parts-on-error If true avoid calling abort upload on a failure, leaving all successfully uploaded parts on S3 for manual recovery
+ --s3-list-chunk int Size of listing chunk (response list for each ListObject S3 request) (default 1000)
+ --s3-list-url-encode Tristate Whether to url encode listings: true/false/unset (default unset)
+ --s3-list-version int Version of ListObjects to use: 1,2 or 0 for auto
+ --s3-location-constraint string Location constraint - must be set to match the Region
+ --s3-max-upload-parts int Maximum number of parts in a multipart upload (default 10000)
+ --s3-might-gzip Tristate Set this if the backend might gzip objects (default unset)
+ --s3-no-check-bucket If set, don't attempt to check the bucket exists or create it
+ --s3-no-head If set, don't HEAD uploaded objects to check integrity
+ --s3-no-head-object If set, do not do HEAD before GET when getting objects
+ --s3-no-system-metadata Suppress setting and reading of system metadata
+ --s3-profile string Profile to use in the shared credentials file
+ --s3-provider string Choose your S3 provider
+ --s3-region string Region to connect to
+ --s3-requester-pays Enables requester pays option when interacting with S3 bucket
+ --s3-secret-access-key string AWS Secret Access Key (password)
+ --s3-server-side-encryption string The server-side encryption algorithm used when storing this object in S3
+ --s3-session-token string An AWS session token
+ --s3-shared-credentials-file string Path to the shared credentials file
+ --s3-sse-customer-algorithm string If using SSE-C, the server-side encryption algorithm used when storing this object in S3
+ --s3-sse-customer-key string To use SSE-C you may provide the secret encryption key used to encrypt/decrypt your data
+ --s3-sse-customer-key-base64 string If using SSE-C you must provide the secret encryption key encoded in base64 format to encrypt/decrypt your data
+ --s3-sse-customer-key-md5 string If using SSE-C you may provide the secret encryption key MD5 checksum (optional)
+ --s3-sse-kms-key-id string If using KMS ID you must provide the ARN of Key
+ --s3-storage-class string The storage class to use when storing new objects in S3
+ --s3-sts-endpoint string Endpoint for STS
+ --s3-upload-concurrency int Concurrency for multipart uploads (default 4)
+ --s3-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
+ --s3-use-accelerate-endpoint If true use the AWS S3 accelerated endpoint
+ --s3-use-accept-encoding-gzip Accept-Encoding: gzip Whether to send Accept-Encoding: gzip header (default unset)
+ --s3-use-already-exists Tristate Set if rclone should report BucketAlreadyExists errors on bucket creation (default unset)
+ --s3-use-multipart-etag Tristate Whether to use ETag in multipart uploads for verification (default unset)
+ --s3-use-multipart-uploads Tristate Set if rclone should use multipart uploads (default unset)
+ --s3-use-presigned-request Whether to use a presigned request or PutObject for single part uploads
+ --s3-v2-auth If true use v2 authentication
+ --s3-version-at Time Show file versions as they were at the specified time (default off)
+ --s3-versions Include old versions in directory listings
+ --seafile-2fa Two-factor authentication ('true' if the account has 2FA enabled)
+ --seafile-create-library Should rclone create a library if it doesn't exist
+ --seafile-encoding Encoding The encoding for the backend (default Slash,DoubleQuote,BackSlash,Ctl,InvalidUtf8)
+ --seafile-library string Name of the library
+ --seafile-library-key string Library password (for encrypted libraries only) (obscured)
+ --seafile-pass string Password (obscured)
+ --seafile-url string URL of seafile host to connect to
+ --seafile-user string User name (usually email address)
+ --sftp-ask-password Allow asking for SFTP password when needed
+ --sftp-chunk-size SizeSuffix Upload and download chunk size (default 32Ki)
+ --sftp-ciphers SpaceSepList Space separated list of ciphers to be used for session encryption, ordered by preference
+ --sftp-concurrency int The maximum number of outstanding requests for one file (default 64)
+ --sftp-copy-is-hardlink Set to enable server side copies using hardlinks
+ --sftp-disable-concurrent-reads If set don't use concurrent reads
+ --sftp-disable-concurrent-writes If set don't use concurrent writes
+ --sftp-disable-hashcheck Disable the execution of SSH commands to determine if remote file hashing is available
+ --sftp-host string SSH host to connect to
+ --sftp-host-key-algorithms SpaceSepList Space separated list of host key algorithms, ordered by preference
+ --sftp-idle-timeout Duration Max time before closing idle connections (default 1m0s)
+ --sftp-key-exchange SpaceSepList Space separated list of key exchange algorithms, ordered by preference
+ --sftp-key-file string Path to PEM-encoded private key file
+ --sftp-key-file-pass string The passphrase to decrypt the PEM-encoded private key file (obscured)
+ --sftp-key-pem string Raw PEM-encoded private key
+ --sftp-key-use-agent When set forces the usage of the ssh-agent
+ --sftp-known-hosts-file string Optional path to known_hosts file
+ --sftp-macs SpaceSepList Space separated list of MACs (message authentication code) algorithms, ordered by preference
+ --sftp-md5sum-command string The command used to read md5 hashes
+ --sftp-pass string SSH password, leave blank to use ssh-agent (obscured)
+ --sftp-path-override string Override path used by SSH shell commands
+ --sftp-port int SSH port number (default 22)
+ --sftp-pubkey-file string Optional path to public key file
+ --sftp-server-command string Specifies the path or command to run a sftp server on the remote host
+ --sftp-set-env SpaceSepList Environment variables to pass to sftp and commands
+ --sftp-set-modtime Set the modified time on the remote if set (default true)
+ --sftp-sha1sum-command string The command used to read sha1 hashes
+ --sftp-shell-type string The type of SSH shell on remote server, if any
+ --sftp-skip-links Set to skip any symlinks and any other non regular files
+ --sftp-socks-proxy string Socks 5 proxy host
+ --sftp-ssh SpaceSepList Path and arguments to external ssh binary
+ --sftp-subsystem string Specifies the SSH2 subsystem on the remote host (default "sftp")
+ --sftp-use-fstat If set use fstat instead of stat
+ --sftp-use-insecure-cipher Enable the use of insecure ciphers and key exchange methods
+ --sftp-user string SSH username (default "$USER")
+ --sharefile-auth-url string Auth server URL
+ --sharefile-chunk-size SizeSuffix Upload chunk size (default 64Mi)
+ --sharefile-client-id string OAuth Client Id
+ --sharefile-client-secret string OAuth Client Secret
+ --sharefile-encoding Encoding The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,LeftSpace,LeftPeriod,RightSpace,RightPeriod,InvalidUtf8,Dot)
+ --sharefile-endpoint string Endpoint for API calls
+ --sharefile-root-folder-id string ID of the root folder
+ --sharefile-token string OAuth Access Token as a JSON blob
+ --sharefile-token-url string Token server url
+ --sharefile-upload-cutoff SizeSuffix Cutoff for switching to multipart upload (default 128Mi)
+ --sia-api-password string Sia Daemon API Password (obscured)
+ --sia-api-url string Sia daemon API URL, like http://sia.daemon.host:9980 (default "http://127.0.0.1:9980")
+ --sia-encoding Encoding The encoding for the backend (default Slash,Question,Hash,Percent,Del,Ctl,InvalidUtf8,Dot)
+ --sia-user-agent string Siad User Agent (default "Sia-Agent")
+ --skip-links Don't warn about skipped symlinks
+ --smb-case-insensitive Whether the server is configured to be case-insensitive (default true)
+ --smb-domain string Domain name for NTLM authentication (default "WORKGROUP")
+ --smb-encoding Encoding The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,RightSpace,RightPeriod,InvalidUtf8,Dot)
+ --smb-hide-special-share Hide special shares (e.g. print$) which users aren't supposed to access (default true)
+ --smb-host string SMB server hostname to connect to
+ --smb-idle-timeout Duration Max time before closing idle connections (default 1m0s)
+ --smb-pass string SMB password (obscured)
+ --smb-port int SMB port number (default 445)
+ --smb-spn string Service principal name
+ --smb-user string SMB username (default "$USER")
+ --storj-access-grant string Access grant
+ --storj-api-key string API key
+ --storj-passphrase string Encryption passphrase
+ --storj-provider string Choose an authentication method (default "existing")
+ --storj-satellite-address string Satellite address (default "us1.storj.io")
+ --sugarsync-access-key-id string Sugarsync Access Key ID
+ --sugarsync-app-id string Sugarsync App ID
+ --sugarsync-authorization string Sugarsync authorization
+ --sugarsync-authorization-expiry string Sugarsync authorization expiry
+ --sugarsync-deleted-id string Sugarsync deleted folder id
+ --sugarsync-encoding Encoding The encoding for the backend (default Slash,Ctl,InvalidUtf8,Dot)
+ --sugarsync-hard-delete Permanently delete files if true
+ --sugarsync-private-access-key string Sugarsync Private Access Key
+ --sugarsync-refresh-token string Sugarsync refresh token
+ --sugarsync-root-id string Sugarsync root id
+ --sugarsync-user string Sugarsync user
+ --swift-application-credential-id string Application Credential ID (OS_APPLICATION_CREDENTIAL_ID)
+ --swift-application-credential-name string Application Credential Name (OS_APPLICATION_CREDENTIAL_NAME)
+ --swift-application-credential-secret string Application Credential Secret (OS_APPLICATION_CREDENTIAL_SECRET)
+ --swift-auth string Authentication URL for server (OS_AUTH_URL)
+ --swift-auth-token string Auth Token from alternate authentication - optional (OS_AUTH_TOKEN)
+ --swift-auth-version int AuthVersion - optional - set to (1,2,3) if your auth URL has no version (ST_AUTH_VERSION)
+ --swift-chunk-size SizeSuffix Above this size files will be chunked into a _segments container (default 5Gi)
+ --swift-domain string User domain - optional (v3 auth) (OS_USER_DOMAIN_NAME)
+ --swift-encoding Encoding The encoding for the backend (default Slash,InvalidUtf8)
+ --swift-endpoint-type string Endpoint type to choose from the service catalogue (OS_ENDPOINT_TYPE) (default "public")
+ --swift-env-auth Get swift credentials from environment variables in standard OpenStack form
+ --swift-key string API key or password (OS_PASSWORD)
+ --swift-leave-parts-on-error If true avoid calling abort upload on a failure
+ --swift-no-chunk Don't chunk files during streaming upload
+ --swift-no-large-objects Disable support for static and dynamic large objects
+ --swift-region string Region name - optional (OS_REGION_NAME)
+ --swift-storage-policy string The storage policy to use when creating a new container
+ --swift-storage-url string Storage URL - optional (OS_STORAGE_URL)
+ --swift-tenant string Tenant name - optional for v1 auth, this or tenant_id required otherwise (OS_TENANT_NAME or OS_PROJECT_NAME)
+ --swift-tenant-domain string Tenant domain - optional (v3 auth) (OS_PROJECT_DOMAIN_NAME)
+ --swift-tenant-id string Tenant ID - optional for v1 auth, this or tenant required otherwise (OS_TENANT_ID)
+ --swift-user string User name to log in (OS_USERNAME)
+ --swift-user-id string User ID to log in - optional - most swift systems use user and leave this blank (v3 auth) (OS_USER_ID)
+ --union-action-policy string Policy to choose upstream on ACTION category (default "epall")
+ --union-cache-time int Cache time of usage and free space (in seconds) (default 120)
+ --union-create-policy string Policy to choose upstream on CREATE category (default "epmfs")
+ --union-min-free-space SizeSuffix Minimum viable free space for lfs/eplfs policies (default 1Gi)
+ --union-search-policy string Policy to choose upstream on SEARCH category (default "ff")
+ --union-upstreams string List of space separated upstreams
+ --uptobox-access-token string Your access token
+ --uptobox-encoding Encoding The encoding for the backend (default Slash,LtGt,DoubleQuote,BackQuote,Del,Ctl,LeftSpace,InvalidUtf8,Dot)
+ --uptobox-private Set to make uploaded files private
+ --webdav-bearer-token string Bearer token instead of user/pass (e.g. a Macaroon)
+ --webdav-bearer-token-command string Command to run to get a bearer token
+ --webdav-encoding string The encoding for the backend
+ --webdav-headers CommaSepList Set HTTP headers for all transactions
+ --webdav-nextcloud-chunk-size SizeSuffix Nextcloud upload chunk size (default 10Mi)
+ --webdav-pacer-min-sleep Duration Minimum time to sleep between API calls (default 10ms)
+ --webdav-pass string Password (obscured)
+ --webdav-url string URL of http host to connect to
+ --webdav-user string User name
+ --webdav-vendor string Name of the WebDAV site/service/software you are using
+ --yandex-auth-url string Auth server URL
+ --yandex-client-id string OAuth Client Id
+ --yandex-client-secret string OAuth Client Secret
+ --yandex-encoding Encoding The encoding for the backend (default Slash,Del,Ctl,InvalidUtf8,Dot)
+ --yandex-hard-delete Delete files permanently rather than putting them into the trash
+ --yandex-token string OAuth Access Token as a JSON blob
+ --yandex-token-url string Token server url
+ --zoho-auth-url string Auth server URL
+ --zoho-client-id string OAuth Client Id
+ --zoho-client-secret string OAuth Client Secret
+ --zoho-encoding Encoding The encoding for the backend (default Del,Ctl,InvalidUtf8)
+ --zoho-region string Zoho region to connect to
+ --zoho-token string OAuth Access Token as a JSON blob
+ --zoho-token-url string Token server url
Docker Volume Plugin
Introduction
Docker 1.9 has added support for creating named volumes via command-line interface and mounting them in containers as a way to share data between them. Since Docker 1.10 you can create named volumes with Docker Compose by descriptions in docker-compose.yml files for use by container groups on a single host. As of Docker 1.12 volumes are supported by Docker Swarm included with Docker Engine and created from descriptions in swarm compose v3 files for use with swarm stacks across multiple cluster nodes.
@@ -9449,10 +11809,16 @@ Command line syntax
If exceeded, the bisync run will abort. (default: 50%)
--force Bypass `--max-delete` safety check and run the sync.
Consider using with `--verbose`
+ --create-empty-src-dirs Sync creation and deletion of empty directories.
+ (Not compatible with --remove-empty-dirs)
--remove-empty-dirs Remove empty directories at the final cleanup step.
-1, --resync Performs the resync run.
Warning: Path1 files may overwrite Path2 versions.
Consider using `--verbose` or `--dry-run` first.
+ --ignore-listing-checksum Do not use checksums for listings
+ (add --ignore-checksum to additionally skip post-copy checksum checks)
+ --resilient Allow future runs to retry after certain less-serious errors,
+ instead of requiring --resync. Use at your own risk!
--localtime Use local time in listings (default: UTC)
--no-cleanup Retain working files (useful for troubleshooting and testing).
--workdir PATH Use custom working directory (useful for testing).
@@ -9464,31 +11830,54 @@ Command line syntax
Arbitrary rclone flags may be specified on the bisync command line, for example rclone bisync ./testdir/path1/ gdrive:testdir/path2/ --drive-skip-gdocs -v -v --timeout 10s
Note that interactions of various rclone flags with bisync process flow has not been fully tested yet.
Paths
Path1 and Path2 arguments may be references to any mix of local directory paths (absolute or relative), UNC paths (//server/share/path
), Windows drive paths (with a drive letter and :
) or configured remotes with optional subdirectory paths. Cloud references are distinguished by having a :
in the argument (see Windows support below).
-Path1 and Path2 are treated equally, in that neither has priority for file changes, and access efficiency does not change whether a remote is on Path1 or Path2.
+Path1 and Path2 are treated equally, in that neither has priority for file changes (except during --resync
), and access efficiency does not change whether a remote is on Path1 or Path2.
The listings in bisync working directory (default: ~/.cache/rclone/bisync
) are named based on the Path1 and Path2 arguments so that separate syncs to individual directories within the tree may be set up, e.g.: path_to_local_tree..dropbox_subdir.lst
.
-Any empty directories after the sync on both the Path1 and Path2 filesystems are not deleted by default. If the --remove-empty-dirs
flag is specified, then both paths will have any empty directories purged as the last step in the process.
+Any empty directories after the sync on both the Path1 and Path2 filesystems are not deleted by default, unless --create-empty-src-dirs
is specified. If the --remove-empty-dirs
flag is specified, then both paths will have ALL empty directories purged as the last step in the process.
Command-line flags
--resync
-This will effectively make both Path1 and Path2 filesystems contain a matching superset of all files. Path2 files that do not exist in Path1 will be copied to Path1, and the process will then sync the Path1 tree to Path2.
-The base directories on the both Path1 and Path2 filesystems must exist or bisync will fail. This is required for safety - that bisync can verify that both paths are valid.
-When using --resync
, a newer version of a file either on Path1 or Path2 filesystem, will overwrite the file on the other path (only the last version will be kept). Carefully evaluate deltas using --dry-run.
+This will effectively make both Path1 and Path2 filesystems contain a matching superset of all files. Path2 files that do not exist in Path1 will be copied to Path1, and the process will then copy the Path1 tree to Path2.
+The --resync
sequence is roughly equivalent to:
+rclone copy Path2 Path1 --ignore-existing
+rclone copy Path1 Path2
+Or, if using --create-empty-src-dirs
:
+rclone copy Path2 Path1 --ignore-existing
+rclone copy Path1 Path2 --create-empty-src-dirs
+rclone copy Path2 Path1 --create-empty-src-dirs
+The base directories on both Path1 and Path2 filesystems must exist or bisync will fail. This is required for safety - that bisync can verify that both paths are valid.
+When using --resync
, a newer version of a file on the Path2 filesystem will be overwritten by the Path1 filesystem version. (Note that this is NOT entirely symmetrical.) Carefully evaluate deltas using --dry-run.
For a resync run, one of the paths may be empty (no files in the path tree). The resync run should result in files on both paths, else a normal non-resync run will fail.
For a non-resync run, either path being empty (no files in the tree) fails with Empty current PathN listing. Cannot sync to an empty directory: X.pathN.lst
This is a safety check that an unexpected empty path does not result in deleting everything in the other path.
--check-access
-Access check files are an additional safety measure against data loss. bisync will ensure it can find matching RCLONE_TEST
files in the same places in the Path1 and Path2 filesystems. RCLONE_TEST
files are not generated automatically. For --check-access
to succeed, you must first either: A) Place one or more RCLONE_TEST
files in the Path1 or Path2 filesystem and then do either a run without --check-access
or a --resync to set matching files on both filesystems, or B) Set --check-filename
to a filename already in use in various locations throughout your sync'd fileset. Time stamps and file contents are not important, just the names and locations. If you have symbolic links in your sync tree it is recommended to place RCLONE_TEST
files in the linked-to directory tree to protect against bisync assuming a bunch of deleted files if the linked-to tree should not be accessible. See also the --check-filename flag.
+Access check files are an additional safety measure against data loss. bisync will ensure it can find matching RCLONE_TEST
files in the same places in the Path1 and Path2 filesystems. RCLONE_TEST
files are not generated automatically. For --check-access
to succeed, you must first either: A) Place one or more RCLONE_TEST
files in both systems, or B) Set --check-filename
to a filename already in use in various locations throughout your sync'd fileset. Recommended methods for A) include: * rclone touch Path1/RCLONE_TEST
(create a new file) * rclone copyto Path1/RCLONE_TEST Path2/RCLONE_TEST
(copy an existing file) * rclone copy Path1/RCLONE_TEST Path2/RCLONE_TEST --include "RCLONE_TEST"
(copy multiple files at once, recursively) * create the files manually (outside of rclone) * run bisync
once without --check-access
to set matching files on both filesystems will also work, but is not preferred, due to potential for user error (you are temporarily disabling the safety feature).
+Note that --check-access
is still enforced on --resync
, so bisync --resync --check-access
will not work as a method of initially setting the files (this is to ensure that bisync can't inadvertently circumvent its own safety switch.)
+Time stamps and file contents for RCLONE_TEST
files are not important, just the names and locations. If you have symbolic links in your sync tree it is recommended to place RCLONE_TEST
files in the linked-to directory tree to protect against bisync assuming a bunch of deleted files if the linked-to tree should not be accessible. See also the --check-filename flag.
--check-filename
Name of the file(s) used in access health validation. The default --check-filename
is RCLONE_TEST
. One or more files having this filename must exist, synchronized between your source and destination filesets, in order for --check-access
to succeed. See --check-access for additional details.
--max-delete
-As a safety check, if greater than the --max-delete
percent of files were deleted on either the Path1 or Path2 filesystem, then bisync will abort with a warning message, without making any changes. The default --max-delete
is 50%
. One way to trigger this limit is to rename a directory that contains more than half of your files. This will appear to bisync as a bunch of deleted files and a bunch of new files. This safety check is intended to block bisync from deleting all of the files on both filesystems due to a temporary network access issue, or if the user had inadvertently deleted the files on one side or the other. To force the sync either set a different delete percentage limit, e.g. --max-delete 75
(allows up to 75% deletion), or use --force
to bypass the check.
+As a safety check, if greater than the --max-delete
percent of files were deleted on either the Path1 or Path2 filesystem, then bisync will abort with a warning message, without making any changes. The default --max-delete
is 50%
. One way to trigger this limit is to rename a directory that contains more than half of your files. This will appear to bisync as a bunch of deleted files and a bunch of new files. This safety check is intended to block bisync from deleting all of the files on both filesystems due to a temporary network access issue, or if the user had inadvertently deleted the files on one side or the other. To force the sync, either set a different delete percentage limit, e.g. --max-delete 75
(allows up to 75% deletion), or use --force
to bypass the check.
Also see the all files changed check.
--filters-file
By using rclone filter features you can exclude file types or directory sub-trees from the sync. See the bisync filters section and generic --filter-from documentation. An example filters file contains filters for non-allowed files for synching with Dropbox.
-If you make changes to your filters file then bisync requires a run with --resync
. This is a safety feature, which avoids existing files on the Path1 and/or Path2 side from seeming to disappear from view (since they are excluded in the new listings), which would fool bisync into seeing them as deleted (as compared to the prior run listings), and then bisync would proceed to delete them for real.
-To block this from happening bisync calculates an MD5 hash of the filters file and stores the hash in a .md5
file in the same place as your filters file. On the next runs with --filters-file
set, bisync re-calculates the MD5 hash of the current filters file and compares it to the hash stored in .md5
file. If they don't match the run aborts with a critical error and thus forces you to do a --resync
, likely avoiding a disaster.
+If you make changes to your filters file then bisync requires a run with --resync
. This is a safety feature, which prevents existing files on the Path1 and/or Path2 side from seeming to disappear from view (since they are excluded in the new listings), which would fool bisync into seeing them as deleted (as compared to the prior run listings), and then bisync would proceed to delete them for real.
+To block this from happening, bisync calculates an MD5 hash of the filters file and stores the hash in a .md5
file in the same place as your filters file. On the next run with --filters-file
set, bisync re-calculates the MD5 hash of the current filters file and compares it to the hash stored in the .md5
file. If they don't match, the run aborts with a critical error and thus forces you to do a --resync
, likely avoiding a disaster.
--check-sync
Enabled by default, the check-sync function checks that all of the same files exist in both the Path1 and Path2 history listings. This check-sync integrity check is performed at the end of the sync run by default. Any untrapped failing copy/deletes between the two paths might result in differences between the two listings and in the untracked file content differences between the two paths. A resync run would correct the error.
Note that the default-enabled integrity check locally executes a load of both the final Path1 and Path2 listings, and thus adds to the run time of a sync. Using --check-sync=false
will disable it and may significantly reduce the sync run times for very large numbers of files.
The check may be run manually with --check-sync=only
. It runs only the integrity check and terminates without actually synching.
+See also: Concurrent modifications
+--ignore-listing-checksum
+By default, bisync will retrieve (or generate) checksums (for backends that support them) when creating the listings for both paths, and store the checksums in the listing files. --ignore-listing-checksum
will disable this behavior, which may speed things up considerably, especially on backends (such as local) where hashes must be computed on the fly instead of retrieved. Please note the following:
+
+- While checksums are (by default) generated and stored in the listing files, they are NOT currently used for determining diffs (deltas). It is anticipated that full checksum support will be added in a future version.
+--ignore-listing-checksum
is NOT the same as --ignore-checksum
, and you may wish to use one or the other, or both. In a nutshell: --ignore-listing-checksum
controls whether checksums are considered when scanning for diffs, while --ignore-checksum
controls whether checksums are considered during the copy/sync operations that follow, if there ARE diffs.
+- Unless
--ignore-listing-checksum
is passed, bisync currently computes hashes for one path even when there's no common hash with the other path (for example, a crypt remote.)
+- If both paths support checksums and have a common hash, AND
--ignore-listing-checksum
was not specified when creating the listings, --check-sync=only
can be used to compare Path1 vs. Path2 checksums (as of the time the previous listings were created.) However, --check-sync=only
will NOT include checksums if the previous listings were generated on a run using --ignore-listing-checksum
. For a more robust integrity check of the current state, consider using check
(or cryptcheck
, if at least one path is a crypt
remote.)
+
+--resilient
+Caution: this is an experimental feature. Use at your own risk!
+By default, most errors or interruptions will cause bisync to abort and require --resync
to recover. This is a safety feature, to prevent bisync from running again until a user checks things out. However, in some cases, bisync can go too far and enforce a lockout when one isn't actually necessary, like for certain less-serious errors that might resolve themselves on the next run. When --resilient
is specified, bisync tries its best to recover and self-correct, and only requires --resync
as a last resort when a human's involvement is absolutely necessary. The intended use case is for running bisync as a background process (such as via scheduled cron).
+When using --resilient
mode, bisync will still report the error and abort, however it will not lock out future runs -- allowing the possibility of retrying at the next normally scheduled time, without requiring a --resync
first. Examples of such retryable errors include access test failures, missing listing files, and filter change detections. These safety features will still prevent the current run from proceeding -- the difference is that if conditions have improved by the time of the next run, that next run will be allowed to proceed. Certain more serious errors will still enforce a --resync
lockout, even in --resilient
mode, to prevent data loss.
+Behavior of --resilient
may change in a future version.
Operation
Runtime flow details
bisync retains the listings of the Path1
and Path2
filesystems from the prior run. On each successive run it will:
@@ -9589,30 +11978,36 @@ Unusual sync checks
+Path1 new/changed AND Path2 new/changed AND Path1 == Path2
+File is new/changed on Path1 AND new/changed on Path2 AND Path1 version is currently identical to Path2
+No change
+None
+
+
Path1 new AND Path2 new
-File is new on Path1 AND new on Path2
+File is new on Path1 AND new on Path2 (and Path1 version is NOT identical to Path2)
Files renamed to _Path1 and _Path2
rclone copy
_Path2 file to Path1, rclone copy
_Path1 file to Path2
-
+
Path2 newer AND Path1 changed
-File is newer on Path2 AND also changed (newer/older/size) on Path1
+File is newer on Path2 AND also changed (newer/older/size) on Path1 (and Path1 version is NOT identical to Path2)
Files renamed to _Path1 and _Path2
rclone copy
_Path2 file to Path1, rclone copy
_Path1 file to Path2
-
+
Path2 newer AND Path1 deleted
File is newer on Path2 AND also deleted on Path1
Path2 version survives
rclone copy
Path2 to Path1
-
+
Path2 deleted AND Path1 changed
File is deleted on Path2 AND changed (newer/older/size) on Path1
Path1 version survives
rclone copy
Path1 to Path2
-
+
Path1 deleted AND Path2 changed
File is deleted on Path1 AND changed (newer/older/size) on Path2
Path2 version survives
@@ -9620,9 +12015,10 @@ Unusual sync checks
+As of rclone v1.64
, bisync is now better at detecting false positive sync conflicts, which would previously have resulted in unnecessary renames and duplicates. Now, when bisync comes to a file that it wants to rename (because it is new/changed on both sides), it first checks whether the Path1 and Path2 versions are currently identical (using the same underlying function as check
.) If bisync concludes that the files are identical, it will skip them and move on. Otherwise, it will create renamed ..Path1
and ..Path2
duplicates, as before. This behavior also improves the experience of renaming directories, as a --resync
is no longer required, so long as the same change has been made on both sides.
All files changed check
-if all prior existing files on either of the filesystems have changed (e.g. timestamps have changed due to changing the system's timezone) then bisync will abort without making any changes. Any new files are not considered for this check. You could use --force
to force the sync (whichever side has the changed timestamp files wins). Alternately, a --resync
may be used (Path1 versions will be pushed to Path2). Consider the situation carefully and perhaps use --dry-run
before you commit to the changes.
-Modification time
+If all prior existing files on either of the filesystems have changed (e.g. timestamps have changed due to changing the system's timezone) then bisync will abort without making any changes. Any new files are not considered for this check. You could use --force
to force the sync (whichever side has the changed timestamp files wins). Alternately, a --resync
may be used (Path1 versions will be pushed to Path2). Consider the situation carefully and perhaps use --dry-run
before you commit to the changes.
+Modification times
Bisync relies on file timestamps to identify changed files and will refuse to operate if backend lacks the modification time support.
If you or your application should change the content of a file without changing the modification time then bisync will not notice the change, and thus will not copy it to the other side.
Note that on some cloud storage systems it is not possible to have file timestamps that match precisely between the local and other filesystems.
@@ -9630,30 +12026,48 @@ Modification time
Error handling
Certain bisync critical errors, such as file copy/move failing, will result in a bisync lockout of following runs. The lockout is asserted because the sync status and history of the Path1 and Path2 filesystems cannot be trusted, so it is safer to block any further changes until someone checks things out. The recovery is to do a --resync
again.
It is recommended to use --resync --dry-run --verbose
initially and carefully review what changes will be made before running the --resync
without --dry-run
.
-Most of these events come up due to a error status from an internal call. On such a critical error the {...}.path1.lst
and {...}.path2.lst
listing files are renamed to extension .lst-err
, which blocks any future bisync runs (since the normal .lst
files are not found). Bisync keeps them under bisync
subdirectory of the rclone cache directory, typically at ${HOME}/.cache/rclone/bisync/
on Linux.
+Most of these events come up due to an error status from an internal call. On such a critical error the {...}.path1.lst
and {...}.path2.lst
listing files are renamed to extension .lst-err
, which blocks any future bisync runs (since the normal .lst
files are not found). Bisync keeps them under bisync
subdirectory of the rclone cache directory, typically at ${HOME}/.cache/rclone/bisync/
on Linux.
Some errors are considered temporary and re-running the bisync is not blocked. The critical return blocks further bisync runs.
+See also: --resilient
Lock file
When bisync is running, a lock file is created in the bisync working directory, typically at ~/.cache/rclone/bisync/PATH1..PATH2.lck
on Linux. If bisync should crash or hang, the lock file will remain in place and block any further runs of bisync for the same paths. Delete the lock file as part of debugging the situation. The lock file effectively blocks follow-on (e.g., scheduled by cron) runs when the prior invocation is taking a long time. The lock file contains PID of the blocking process, which may help in debug.
Note that while concurrent bisync runs are allowed, be very cautious that there is no overlap in the trees being synched between concurrent runs, lest there be replicated files, deleted files and general mayhem.
Return codes
rclone bisync
returns the following codes to calling program: - 0
on a successful run, - 1
for a non-critical failing run (a rerun may be successful), - 2
for a critically aborted run (requires a --resync
to recover).
-Limitations
+Limitations
Supported backends
Bisync is considered BETA and has been tested with the following backends: - Local filesystem - Google Drive - Dropbox - OneDrive - S3 - SFTP - Yandex Disk
It has not been fully tested with other services yet. If it works, or sorta works, please let us know and we'll update the list. Run the test suite to check for proper operation as described below.
-First release of rclone bisync
requires that underlying backend supported the modification time feature and will refuse to run otherwise. This limitation will be lifted in a future rclone bisync
release.
+First release of rclone bisync
requires that underlying backend supports the modification time feature and will refuse to run otherwise. This limitation will be lifted in a future rclone bisync
release.
Concurrent modifications
When using Local, FTP or SFTP remotes rclone does not create temporary files at the destination when copying, and thus if the connection is lost the created file may be corrupt, which will likely propagate back to the original path on the next sync, resulting in data loss. This will be solved in a future release, there is no workaround at the moment.
-Files that change during a bisync run may result in data loss. This has been seen in a highly dynamic environment, where the filesystem is getting hammered by running processes during the sync. The solution is to sync at quiet times or filter out unnecessary directories and files.
+Files that change during a bisync run may result in data loss. This has been seen in a highly dynamic environment, where the filesystem is getting hammered by running processes during the sync. The currently recommended solution is to sync at quiet times or filter out unnecessary directories and files.
+As an alternative approach, consider using --check-sync=false
(and possibly --resilient
) to make bisync more forgiving of filesystems that change during the sync. Be advised that this may cause bisync to miss events that occur during a bisync run, so it is a good idea to supplement this with a periodic independent integrity check, and corrective sync if diffs are found. For example, a possible sequence could look like this:
+
+- Normally scheduled bisync run:
+
+rclone bisync Path1 Path2 -MPc --check-access --max-delete 10 --filters-file /path/to/filters.txt -v --check-sync=false --no-cleanup --ignore-listing-checksum --disable ListR --checkers=16 --drive-pacer-min-sleep=10ms --create-empty-src-dirs --resilient
+
+- Periodic independent integrity check (perhaps scheduled nightly or weekly):
+
+rclone check -MvPc Path1 Path2 --filter-from /path/to/filters.txt
+
+- If diffs are found, you have some choices to correct them. If one side is more up-to-date and you want to make the other side match it, you could run:
+
+rclone sync Path1 Path2 --filter-from /path/to/filters.txt --create-empty-src-dirs -MPc -v
+(or switch Path1 and Path2 to make Path2 the source-of-truth)
+Or, if neither side is totally up-to-date, you could run a --resync
to bring them back into agreement (but remember that this could cause deleted files to re-appear.)
+*Note also that rclone check
does not currently include empty directories, so if you want to know if any empty directories are out of sync, consider alternatively running the above rclone sync
command with --dry-run
added.
Empty directories
-New empty directories on one path are not propagated to the other side. This is because bisync (and rclone) natively works on files not directories. The following sequence is a workaround but will not propagate the delete of an empty directory to the other side:
-rclone bisync PATH1 PATH2
-rclone copy PATH1 PATH2 --filter "+ */" --filter "- **" --create-empty-src-dirs
-rclone copy PATH2 PATH2 --filter "+ */" --filter "- **" --create-empty-src-dirs
+By default, new/deleted empty directories on one path are not propagated to the other side. This is because bisync (and rclone) natively works on files, not directories. However, this can be changed with the --create-empty-src-dirs
flag, which works in much the same way as in sync
and copy
. When used, empty directories created or deleted on one side will also be created or deleted on the other side. The following should be noted: * --create-empty-src-dirs
is not compatible with --remove-empty-dirs
. Use only one or the other (or neither). * It is not recommended to switch back and forth between --create-empty-src-dirs
and the default (no --create-empty-src-dirs
) without running --resync
. This is because it may appear as though all directories (not just the empty ones) were created/deleted, when actually you've just toggled between making them visible/invisible to bisync. It looks scarier than it is, but it's still probably best to stick to one or the other, and use --resync
when you need to switch.
Renamed directories
-Renaming a folder on the Path1 side results is deleting all files on the Path2 side and then copying all files again from Path1 to Path2. Bisync sees this as all files in the old directory name as deleted and all files in the new directory name as new. Similarly, renaming a directory on both sides to the same name will result in creating ..path1
and ..path2
files on both sides. Currently the most effective and efficient method of renaming a directory is to rename it on both sides, then do a --resync
.
+Renaming a folder on the Path1 side results in deleting all files on the Path2 side and then copying all files again from Path1 to Path2. Bisync sees this as all files in the old directory name as deleted and all files in the new directory name as new. Currently, the most effective and efficient method of renaming a directory is to rename it to the same name on both sides. (As of rclone v1.64
, a --resync
is no longer required after doing so, as bisync will automatically detect that Path1 and Path2 are in agreement.)
+--fast-list
used by default
+Unlike most other rclone commands, bisync uses --fast-list
by default, for backends that support it. In many cases this is desirable, however, there are some scenarios in which bisync could be faster without --fast-list
, and there is also a known issue concerning Google Drive users with many empty directories. For now, the recommended way to avoid using --fast-list
is to add --disable ListR
to all bisync commands. The default behavior may change in a future version.
+Overridden Configs
+When rclone detects an overridden config, it adds a suffix like {ABCDE}
on the fly to the internal name of the remote. Bisync follows suit by including this suffix in its listing filenames. However, this suffix does not necessarily persist from run to run, especially if different flags are provided. So if next time the suffix assigned is {FGHIJ}
, bisync will get confused, because it's looking for a listing file with {FGHIJ}
, when the file it wants has {ABCDE}
. As a result, it throws Bisync critical error: cannot find prior Path1 or Path2 listings, likely due to critical error on prior run
and refuses to run again until the user runs a --resync
(unless using --resilient
). The best workaround at the moment is to set any backend-specific flags in the config file instead of specifying them with command flags. (You can still override them as needed for other rclone commands.)
Case sensitivity
-Synching with case-insensitive filesystems, such as Windows or Box
, can result in file name conflicts. This will be fixed in a future release. The near term workaround is to make sure that files on both sides don't have spelling case differences (Smile.jpg
vs. smile.jpg
).
+Synching with case-insensitive filesystems, such as Windows or Box
, can result in file name conflicts. This will be fixed in a future release. The near-term workaround is to make sure that files on both sides don't have spelling case differences (Smile.jpg
vs. smile.jpg
).
Windows support
Bisync has been tested on Windows 8.1, Windows 10 Pro 64-bit and on Windows GitHub runners.
Drive letters are allowed, including drive letters mapped to network drives (rclone bisync J:\localsync GDrive:
). If a drive letter is omitted, the shell current drive is the default. Drive letters are a single character follows by :
, so cloud names must be more than one character long.
@@ -9678,7 +12092,7 @@ Filters file writing guidelines
Excluding such dirs first will make rclone operations (much) faster.
Specific files may also be excluded, as with the Dropbox exclusions example below.
-Decide if its easier (or cleaner) to:
+ Decide if it's easier (or cleaner) to:
- Include select directories and therefore exclude everything else -- or --
- Exclude select directories and therefore include everything else
@@ -9695,7 +12109,7 @@ Filters file writing guidelines
- Exclude select directories:
- Add more lines like in step 1. For example:
-/Desktop/tempfiles/
, or `- /testdir/. Again, a
**` on the end is not necessary.
-- Do not add a `- **` in the file. Without this line, everything will be included that has not be explicitly excluded.
+- Do not add a `- **` in the file. Without this line, everything will be included that has not been explicitly excluded.
- Disregard step 3.
@@ -9743,7 +12157,7 @@ Example filters file for Dropbox
# NOTICE: If you make changes to this file you MUST do a --resync run.
# Run with --dry-run to see what changes will be made.
-# Dropbox wont sync some files so filter them away here.
+# Dropbox won't sync some files so filter them away here.
# See https://help.dropbox.com/installs-integrations/sync-uploads/files-not-syncing
- .dropbox.attr
- ~*.tmp
@@ -9783,11 +12197,11 @@ Reading bisync logs
2021/05/16 00:36:52 INFO : Validating listings for Path1 "/path/to/local/tree/" vs Path2 "dropbox:/"
2021/05/16 00:36:52 INFO : Bisync successful
Dry run oddity
-The --dry-run
messages may indicate that it would try to delete some files. For example, if a file is new on Path2 and does not exist on Path1 then it would normally be copied to Path1, but with --dry-run
enabled those copies don't happen, which leads to the attempted delete on the Path2, blocked again by --dry-run: ... Not deleting as --dry-run
.
+The --dry-run
messages may indicate that it would try to delete some files. For example, if a file is new on Path2 and does not exist on Path1 then it would normally be copied to Path1, but with --dry-run
enabled those copies don't happen, which leads to the attempted delete on Path2, blocked again by --dry-run: ... Not deleting as --dry-run
.
This whole confusing situation is an artifact of the --dry-run
flag. Scrutinize the proposed deletes carefully, and if the files would have been copied to Path1 then the threatened deletes on Path2 may be disregarded.
Retries
-Rclone has built in retries. If you run with --verbose
you'll see error and retry messages such as shown below. This is usually not a bug. If at the end of the run you see Bisync successful
and not Bisync critical error
or Bisync aborted
then the run was successful, and you can ignore the error messages.
-The following run shows an intermittent fail. Lines 5 and _6- are low level messages. Line 6 is a bubbled-up warning message, conveying the error. Rclone normally retries failing commands, so there may be numerous such messages in the log.
+Rclone has built-in retries. If you run with --verbose
you'll see error and retry messages such as shown below. This is usually not a bug. If at the end of the run, you see Bisync successful
and not Bisync critical error
or Bisync aborted
then the run was successful, and you can ignore the error messages.
+The following run shows an intermittent fail. Lines 5 and _6- are low-level messages. Line 6 is a bubbled-up warning message, conveying the error. Rclone normally retries failing commands, so there may be numerous such messages in the log.
Since there are no final error/warning messages on line 7, rclone has recovered from failure after a retry, and the overall sync was successful.
1: 2021/05/14 00:44:12 INFO : Synching Path1 "/path/to/local/tree" with Path2 "dropbox:"
2: 2021/05/14 00:44:12 INFO : Path1 checking for diffs
@@ -9823,7 +12237,7 @@ Cron
# Day of Week (0-6 or Sun-Sat)
# Command
*/5 * * * * /path/to/rclone bisync /local/files MyCloud: --check-access --filters-file /path/to/bysync-filters.txt --log-file /path/to//bisync.log
-See crontab syntax). for the details of crontab time interval expressions.
+See crontab syntax for the details of crontab time interval expressions.
If you run rclone bisync
as a cron job, redirect stdout/stderr to a file. The 2nd example runs a sync to Dropbox every hour and logs all stdout (via the >>
) and stderr (via 2>&1
) to a log file.
0 * * * * /path/to/rclone bisync /path/to/local/dropbox Dropbox: --check-access --filters-file /home/user/filters.txt >> /path/to/logs/dropbox-run.log 2>&1
Sharing an encrypted folder tree between hosts
@@ -9912,7 +12326,7 @@ Notes about testing
path1
and/or path2
subdirectories are created in a temporary directory under the respective local or cloud test remote.
By default, the Path1 and Path2 test dirs and workdir will be deleted after each test run. The -no-cleanup
flag disables purging these directories when validating and debugging a given test. These directories will be flushed before running another test, independent of the -no-cleanup
usage.
You will likely want to add `- /testdir/to your normal bisync
--filters-fileso that normal syncs do not attempt to sync the test temporary directories, which may have
RCLONE_TESTmiscompares in some testcases which would otherwise trip the
--check-accesssystem. The
--check-accessmechanism is hard-coded to ignore
RCLONE_TESTfiles beneath
bisync/testdata`, so the test cases may reside on the synched tree even if there are check file mismatches in the test tree.
-Some Dropbox tests can fail, notably printing the following message: src and dst identical but can't set mod time without deleting and re-uploading
This is expected and happens due a way Dropbox handles modification times. You should use the -refresh-times
test flag to make up for this.
+Some Dropbox tests can fail, notably printing the following message: src and dst identical but can't set mod time without deleting and re-uploading
This is expected and happens due to the way Dropbox handles modification times. You should use the -refresh-times
test flag to make up for this.
If Dropbox tests hit request limit for you and print error message too_many_requests/...: Too many requests or write operations.
then follow the Dropbox App ID instructions.
Updating golden results
@@ -9933,7 +12347,7 @@ Supported test commands
move-listings <prefix>
Similar to copy-listings
but removes the source
purge-children <dir>
This will delete all child files and purge all child subdirs under given directory but keep the parent intact. This behavior is important for tests with Google Drive because removing and re-creating the parent would change its ID.
delete-file <file>
Delete a single file.
-delete-glob <dir> <pattern>
Delete a group of files located one level deep in the given directory with names maching a given glob pattern.
+delete-glob <dir> <pattern>
Delete a group of files located one level deep in the given directory with names matching a given glob pattern.
touch-glob YYYY-MM-DD <dir> <pattern>
Change modification time on a group of files.
touch-copy YYYY-MM-DD <source-file> <dest-dir>
Change file modification time then copy it to destination.
copy-file <source-file> <dest-dir>
Copy a single file to given directory.
@@ -10023,8 +12437,111 @@ References
jwink3101/syncrclone
DavideRossi/upback
-Bisync adopts the differential synchronization technique, which is based on keeping history of changes performed by both synchronizing sides. See the Dual Shadow Method section in the Neil Fraser's article.
+Bisync adopts the differential synchronization technique, which is based on keeping history of changes performed by both synchronizing sides. See the Dual Shadow Method section in Neil Fraser's article.
Also note a number of academic publications by Benjamin Pierce about Unison and synchronization in general.
+Changelog
+v1.64
+
+- Fixed an issue causing dry runs to inadvertently commit filter changes
+- Fixed an issue causing
--resync
to erroneously delete empty folders and duplicate files unique to Path2
+--check-access
is now enforced during --resync
, preventing data loss in certain user error scenarios
+- Fixed an issue causing bisync to consider more files than necessary due to overbroad filters during delete operations
+- Improved detection of false positive change conflicts (identical files are now left alone instead of renamed)
+- Added support for
--create-empty-src-dirs
+- Added experimental
--resilient
mode to allow recovery from self-correctable errors
+- Added new
--ignore-listing-checksum
flag to distinguish from --ignore-checksum
+- Performance improvements for large remotes
+- Documentation and testing improvements
+
+Release signing
+The hashes of the binary artefacts of the rclone release are signed with a public PGP/GPG key. This can be verified manually as described below.
+The same mechanism is also used by rclone selfupdate to verify that the release has not been tampered with before the new update is installed. This checks the SHA256 hash and the signature with a public key compiled into the rclone binary.
+Release signing key
+You may obtain the release signing key from:
+
+- From KEYS on this website - this file contains all past signing keys also.
+- The git repository hosted on GitHub - https://github.com/rclone/rclone/blob/master/docs/content/KEYS
+gpg --keyserver hkps://keys.openpgp.org --search nick@craig-wood.com
+gpg --keyserver hkps://keyserver.ubuntu.com --search nick@craig-wood.com
+- https://www.craig-wood.com/nick/pub/pgp-key.txt
+
+After importing the key, verify that the fingerprint of one of the keys matches: FBF737ECE9F8AB18604BD2AC93935E02FF3B54FA
as this key is used for signing.
+We recommend that you cross-check the fingerprint shown above through the domains listed below. By cross-checking the integrity of the fingerprint across multiple domains you can be confident that you obtained the correct key.
+
+- The source for this page on GitHub.
+- Through DNS
dig key.rclone.org txt
+
+If you find anything that doesn't not match, please contact the developers at once.
+How to verify the release
+In the release directory you will see the release files and some files called MD5SUMS
, SHA1SUMS
and SHA256SUMS
.
+$ rclone lsf --http-url https://downloads.rclone.org/v1.63.1 :http:
+MD5SUMS
+SHA1SUMS
+SHA256SUMS
+rclone-v1.63.1-freebsd-386.zip
+rclone-v1.63.1-freebsd-amd64.zip
+...
+rclone-v1.63.1-windows-arm64.zip
+rclone-v1.63.1.tar.gz
+version.txt
+The MD5SUMS
, SHA1SUMS
and SHA256SUMS
contain hashes of the binary files in the release directory along with a signature.
+For example:
+$ rclone cat --http-url https://downloads.rclone.org/v1.63.1 :http:SHA256SUMS
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+f6d1b2d7477475ce681bdce8cb56f7870f174cb6b2a9ac5d7b3764296ea4a113 rclone-v1.63.1-freebsd-386.zip
+7266febec1f01a25d6575de51c44ddf749071a4950a6384e4164954dff7ac37e rclone-v1.63.1-freebsd-amd64.zip
+...
+66ca083757fb22198309b73879831ed2b42309892394bf193ff95c75dff69c73 rclone-v1.63.1-windows-amd64.zip
+bbb47c16882b6c5f2e8c1b04229378e28f68734c613321ef0ea2263760f74cd0 rclone-v1.63.1-windows-arm64.zip
+-----BEGIN PGP SIGNATURE-----
+
+iF0EARECAB0WIQT79zfs6firGGBL0qyTk14C/ztU+gUCZLVKJQAKCRCTk14C/ztU
++pZuAJ0XJ+QWLP/3jCtkmgcgc4KAwd/rrwCcCRZQ7E+oye1FPY46HOVzCFU3L7g=
+=8qrL
+-----END PGP SIGNATURE-----
+Download the files
+The first step is to download the binary and SUMs file and verify that the SUMs you have downloaded match. Here we download rclone-v1.63.1-windows-amd64.zip
- choose the binary (or binaries) appropriate to your architecture. We've also chosen the SHA256SUMS
as these are the most secure. You could verify the other types of hash also for extra security. rclone selfupdate
verifies just the SHA256SUMS
.
+$ mkdir /tmp/check
+$ cd /tmp/check
+$ rclone copy --http-url https://downloads.rclone.org/v1.63.1 :http:SHA256SUMS .
+$ rclone copy --http-url https://downloads.rclone.org/v1.63.1 :http:rclone-v1.63.1-windows-amd64.zip .
+Verify the signatures
+First verify the signatures on the SHA256 file.
+Import the key. See above for ways to verify this key is correct.
+$ gpg --keyserver keyserver.ubuntu.com --receive-keys FBF737ECE9F8AB18604BD2AC93935E02FF3B54FA
+gpg: key 93935E02FF3B54FA: public key "Nick Craig-Wood <nick@craig-wood.com>" imported
+gpg: Total number processed: 1
+gpg: imported: 1
+Then check the signature:
+$ gpg --verify SHA256SUMS
+gpg: Signature made Mon 17 Jul 2023 15:03:17 BST
+gpg: using DSA key FBF737ECE9F8AB18604BD2AC93935E02FF3B54FA
+gpg: Good signature from "Nick Craig-Wood <nick@craig-wood.com>" [ultimate]
+Verify the signature was good and is using the fingerprint shown above.
+Repeat for MD5SUMS
and SHA1SUMS
if desired.
+Verify the hashes
+Now that we know the signatures on the hashes are OK we can verify the binaries match the hashes, completing the verification.
+$ sha256sum -c SHA256SUMS 2>&1 | grep OK
+rclone-v1.63.1-windows-amd64.zip: OK
+Or do the check with rclone
+$ rclone hashsum sha256 -C SHA256SUMS rclone-v1.63.1-windows-amd64.zip
+2023/09/11 10:53:58 NOTICE: SHA256SUMS: improperly formatted checksum line 0
+2023/09/11 10:53:58 NOTICE: SHA256SUMS: improperly formatted checksum line 1
+2023/09/11 10:53:58 NOTICE: SHA256SUMS: improperly formatted checksum line 49
+2023/09/11 10:53:58 NOTICE: SHA256SUMS: 4 warning(s) suppressed...
+= rclone-v1.63.1-windows-amd64.zip
+2023/09/11 10:53:58 NOTICE: Local file system at /tmp/check: 0 differences found
+2023/09/11 10:53:58 NOTICE: Local file system at /tmp/check: 1 matching files
+Verify signatures and hashes together
+You can verify the signatures and hashes in one command line like this:
+$ gpg --decrypt SHA256SUMS | sha256sum -c --ignore-missing
+gpg: Signature made Mon 17 Jul 2023 15:03:17 BST
+gpg: using DSA key FBF737ECE9F8AB18604BD2AC93935E02FF3B54FA
+gpg: Good signature from "Nick Craig-Wood <nick@craig-wood.com>" [ultimate]
+gpg: aka "Nick Craig-Wood <nick@memset.com>" [unknown]
+rclone-v1.63.1-windows-amd64.zip: OK
1Fichier
This is a backend for the 1fichier cloud storage service. Note that a Premium subscription is required to use the API.
Paths are specified as remote:path
@@ -10075,7 +12592,7 @@ Configuration
rclone ls remote:
To copy a local directory to a 1Fichier directory called backup
rclone copy /home/source remote:backup
-Modified time and hashes
+Modification times and hashes
1Fichier does not support modification times. It supports the Whirlpool hash algorithm.
Duplicated files
1Fichier can have two files with exactly the same name and path (unlike a normal file system).
@@ -10188,6 +12705,15 @@ --fichier-folder-password
Type: string
Required: false
+--fichier-cdn
+Set if you wish to use CDN download links.
+Properties:
+
+- Config: cdn
+- Env Var: RCLONE_FICHIER_CDN
+- Type: bool
+- Default: false
+
--fichier-encoding
The encoding for the backend.
See the encoding section in the overview for more info.
@@ -10195,10 +12721,10 @@ --fichier-encoding
- Config: encoding
- Env Var: RCLONE_FICHIER_ENCODING
-- Type: MultiEncoder
+- Type: Encoding
- Default: Slash,LtGt,DoubleQuote,SingleQuote,BackQuote,Dollar,BackSlash,Del,Ctl,LeftSpace,RightSpace,InvalidUtf8,Dot
-Limitations
+Limitations
rclone about
is not supported by the 1Fichier backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs
(most free space) as a member of an rclone union remote.
See List of backends that do not support rclone about and rclone about
Alias
@@ -10341,9 +12867,9 @@ Configuration
rclone ls remote:
To copy a local directory to an Amazon Drive directory called backup
rclone copy /home/source remote:backup
-Modified time and MD5SUMs
+Modification times and hashes
Amazon Drive doesn't allow modification times to be changed via the API so these won't be accurate or used for syncing.
-It does store MD5SUMs so for a more accurate sync, you can use the --checksum
flag.
+It does support the MD5 hash algorithm, so for a more accurate sync, you can use the --checksum
flag.
Restricted filename characters
@@ -10465,10 +12991,10 @@ --acd-encoding
- Config: encoding
- Env Var: RCLONE_ACD_ENCODING
-- Type: MultiEncoder
+- Type: Encoding
- Default: Slash,InvalidUtf8,Dot
-Limitations
+Limitations
Note that Amazon Drive is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
Amazon Drive has rate limiting so you may notice errors in the sync (429 errors). rclone will automatically retry the sync up to 3 times by default (see --retries
flag) which should hopefully work around this problem.
Amazon Drive has an internal limit of file sizes that can be uploaded to the service. This limit is not officially published, but all files larger than this will fail.
@@ -10487,19 +13013,25 @@ Amazon S3 Storage Providers
Arvan Cloud Object Storage (AOS)
DigitalOcean Spaces
Dreamhost
+GCS
Huawei OBS
IBM COS S3
IDrive e2
IONOS Cloud
+Leviia Object Storage
Liara Object Storage
+Linode Object Storage
Minio
+Petabox
Qiniu Cloud Object Storage (Kodo)
RackCorp Object Storage
+Rclone Serve S3
Scaleway
Seagate Lyve Cloud
SeaweedFS
StackPath
Storj
+Synology C2 Object Storage
Tencent Cloud Object Storage (COS)
Wasabi
@@ -10712,10 +13244,18 @@ Configuration
e) Edit this remote
d) Delete this remote
y/e/d>
-Modified time
+Modification times and hashes
+Modification times
The modified time is stored as metadata on the object as X-Amz-Meta-Mtime
as floating point since the epoch, accurate to 1 ns.
If the modification time needs to be updated rclone will attempt to perform a server side copy to update the modification if the object can be copied in a single part. In the case the object is larger than 5Gb or is in Glacier or Glacier Deep Archive storage the object will be uploaded rather than copied.
Note that reading this from the object takes an additional HEAD
request as the metadata isn't returned in object listings.
+Hashes
+For small objects which weren't uploaded as multipart uploads (objects sized below --s3-upload-cutoff
if uploaded with rclone) rclone uses the ETag:
header as an MD5 checksum.
+However for objects which were uploaded as multipart uploads or with server side encryption (SSE-AWS or SSE-C) the ETag
header is no longer the MD5 sum of the data, so rclone adds an additional piece of metadata X-Amz-Meta-Md5chksum
which is a base64 encoded MD5 hash (in the same format as is required for Content-MD5
). You can use base64 -d and hexdump to check this value manually:
+echo 'VWTGdNx3LyXQDfA0e2Edxw==' | base64 -d | hexdump
+or you can use rclone check
to verify the hashes are OK.
+For large objects, calculating this hash can take some time so the addition of this hash can be disabled with --s3-disable-checksum
. This will mean that these objects do not have an MD5 checksum.
+Note that reading this from the object takes an additional HEAD
request as the metadata isn't returned in object listings.
Reducing costs
Avoiding HEAD requests to read the modification time
By default, rclone will use the modification time of objects stored in S3 for syncing. This is stored in object metadata which unfortunately takes an extra HEAD request to read which can be expensive (in time and money).
@@ -10762,11 +13302,6 @@ Avoiding HEAD requests after PUT
By default, rclone will HEAD every object it uploads. It does this to check the object got uploaded correctly.
You can disable this with the --s3-no-head option - see there for more details.
Setting this flag increases the chance for undetected upload failures.
-Hashes
-For small objects which weren't uploaded as multipart uploads (objects sized below --s3-upload-cutoff
if uploaded with rclone) rclone uses the ETag:
header as an MD5 checksum.
-However for objects which were uploaded as multipart uploads or with server side encryption (SSE-AWS or SSE-C) the ETag
header is no longer the MD5 sum of the data, so rclone adds an additional piece of metadata X-Amz-Meta-Md5chksum
which is a base64 encoded MD5 hash (in the same format as is required for Content-MD5
).
-For large objects, calculating this hash can take some time so the addition of this hash can be disabled with --s3-disable-checksum
. This will mean that these objects do not have an MD5 checksum.
-Note that reading this from the object takes an additional HEAD
request as the metadata isn't returned in object listings.
Versions
When bucket versioning is enabled (this can be done with rclone with the rclone backend versioning
command) when rclone uploads a new version of a file it creates a new version of it Likewise when you delete a file, the old version will be marked hidden and still be available.
Old versions of files, where available, are visible using the --s3-versions
flag.
@@ -10797,6 +13332,12 @@ Versions
$ rclone -q --s3-versions ls s3:cleanup-test
9 one.txt
+Versions naming caveat
+When using --s3-versions
flag rclone is relying on the file name to work out whether the objects are versions or not. Versions' names are created by inserting timestamp between file name and its extension.
+ 9 file.txt
+ 8 file-v2023-07-17-161032-000.txt
+ 16 file-v2023-06-15-141003-000.txt
+If there are real files present with the same names as versions, then behaviour of --s3-versions
can be unpredictable.
Cleanup
If you run rclone cleanup s3:bucket
then it will remove all pending multipart uploads older than 24 hours. You can use the --interactive
/i
or --dry-run
flag to see exactly what it will do. If you want more control over the expiry date then run rclone backend cleanup s3:bucket -o max-age=1h
to expire all uploads older than one hour. You can use rclone backend list-multipart-uploads s3:bucket
to see the pending multipart uploads.
Restricted filename characters
@@ -10870,7 +13411,7 @@ Authentication
Secret Access Key: AWS_SECRET_ACCESS_KEY
or AWS_SECRET_KEY
Session Token: AWS_SESSION_TOKEN
(optional)
-Or, use a named profile:
+ Or, use a named profile:
- Profile files are standard files used by AWS CLI tools
- By default it will use the profile in your home directory (e.g.
~/.aws/credentials
on unix based systems) file and the "default" profile, to change set these environment variables:
@@ -10941,9 +13482,9 @@ Object-lock enabled S3 bucket
If you configure a default retention period on a bucket, requests to upload objects in such a bucket must include the Content-MD5 header.
-As mentioned in the Hashes section, small files that are not uploaded as multipart, use a different tag, causing the upload to fail. A simple solution is to set the --s3-upload-cutoff 0
and force all the files to be uploaded as multipart.
+As mentioned in the Modification times and hashes section, small files that are not uploaded as multipart, use a different tag, causing the upload to fail. A simple solution is to set the --s3-upload-cutoff 0
and force all the files to be uploaded as multipart.
Standard options
-Here are the Standard options specific to s3 (Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, IONOS Cloud, Liara, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS, Qiniu and Wasabi).
+Here are the Standard options specific to s3 (Amazon S3 Compliant Storage Providers including AWS, Alibaba, ArvanCloud, Ceph, ChinaMobile, Cloudflare, DigitalOcean, Dreamhost, GCS, HuaweiOBS, IBMCOS, IDrive, IONOS, LyveCloud, Leviia, Liara, Linode, Minio, Netease, Petabox, RackCorp, Rclone, Scaleway, SeaweedFS, StackPath, Storj, Synology, TencentCOS, Wasabi, Qiniu and others).
--s3-provider
Choose your S3 provider.
Properties:
@@ -10962,6 +13503,10 @@ --s3-provider
- Alibaba Cloud Object Storage System (OSS) formerly Aliyun
+- "ArvanCloud"
+
+- Arvan Cloud Object Storage (AOS)
+
- "Ceph"
- Ceph Object Storage
@@ -10974,10 +13519,6 @@ --s3-provider
- Cloudflare R2 Storage
-- "ArvanCloud"
-
-- Arvan Cloud Object Storage (AOS)
-
- "DigitalOcean"
- DigitalOcean Spaces
@@ -10986,6 +13527,10 @@ --s3-provider
- Dreamhost DreamObjects
+- "GCS"
+
+- Google Cloud Storage
+
- "HuaweiOBS"
- Huawei Object Storage Service
@@ -11006,10 +13551,18 @@ --s3-provider
- Seagate Lyve Cloud
+- "Leviia"
+
+- Leviia Object Storage
+
- "Liara"
- Liara Object Storage
+- "Linode"
+
+- Linode Object Storage
+
- "Minio"
- Minio Object Storage
@@ -11018,10 +13571,18 @@ --s3-provider
- Netease Object Storage (NOS)
+- "Petabox"
+
+- Petabox Object Storage
+
- "RackCorp"
- RackCorp Object Storage
+- "Rclone"
+
+- Rclone S3 Server
+
- "Scaleway"
- Scaleway Object Storage
@@ -11038,6 +13599,10 @@ --s3-provider
- Storj (S3 Compatible Gateway)
+- "Synology"
+
+- Synology C2 Object Storage
+
- "TencentCOS"
- Tencent Cloud Object Storage (COS)
@@ -11236,15951 +13801,19685 @@ --s3-region
---s3-region
-region - the location where your bucket will be created and your data stored.
+--s3-endpoint
+Endpoint for S3 API.
+Leave blank if using AWS to use the default endpoint for the region.
Properties:
-- Config: region
-- Env Var: RCLONE_S3_REGION
-- Provider: RackCorp
+- Config: endpoint
+- Env Var: RCLONE_S3_ENDPOINT
+- Provider: AWS
+- Type: string
+- Required: false
+
+--s3-location-constraint
+Location constraint - must be set to match the Region.
+Used when creating buckets only.
+Properties:
+
+- Config: location_constraint
+- Env Var: RCLONE_S3_LOCATION_CONSTRAINT
+- Provider: AWS
- Type: string
- Required: false
- Examples:
-- "global"
+
- ""
-- Global CDN (All locations) Region
+- Empty for US Region, Northern Virginia, or Pacific Northwest
-- "au"
+
- "us-east-2"
-- Australia (All states)
+- US East (Ohio) Region
-- "au-nsw"
+
- "us-west-1"
-- NSW (Australia) Region
+- US West (Northern California) Region
-- "au-qld"
+
- "us-west-2"
-- QLD (Australia) Region
+- US West (Oregon) Region
-- "au-vic"
+
- "ca-central-1"
-- VIC (Australia) Region
+- Canada (Central) Region
-- "au-wa"
+
- "eu-west-1"
-- Perth (Australia) Region
+- EU (Ireland) Region
-- "ph"
+
- "eu-west-2"
-- Manila (Philippines) Region
+- EU (London) Region
-- "th"
+
- "eu-west-3"
-- Bangkok (Thailand) Region
+- EU (Paris) Region
-- "hk"
+
- "eu-north-1"
-- HK (Hong Kong) Region
+- EU (Stockholm) Region
-- "mn"
+
- "eu-south-1"
-- Ulaanbaatar (Mongolia) Region
+- EU (Milan) Region
-- "kg"
+
- "EU"
-- Bishkek (Kyrgyzstan) Region
+- EU Region
-- "id"
+
- "ap-southeast-1"
-- Jakarta (Indonesia) Region
+- Asia Pacific (Singapore) Region
-- "jp"
+
- "ap-southeast-2"
-- Tokyo (Japan) Region
+- Asia Pacific (Sydney) Region
-- "sg"
+
- "ap-northeast-1"
-- SG (Singapore) Region
+- Asia Pacific (Tokyo) Region
-- "de"
+
- "ap-northeast-2"
-- Frankfurt (Germany) Region
+- Asia Pacific (Seoul) Region
-- "us"
+
- "ap-northeast-3"
-- USA (AnyCast) Region
+- Asia Pacific (Osaka-Local) Region
-- "us-east-1"
+
- "ap-south-1"
-- New York (USA) Region
+- Asia Pacific (Mumbai) Region
-- "us-west-1"
+
- "ap-east-1"
-- Freemont (USA) Region
+- Asia Pacific (Hong Kong) Region
-- "nz"
+
- "sa-east-1"
-- Auckland (New Zealand) Region
+- South America (Sao Paulo) Region
+- "me-south-1"
+
+- Middle East (Bahrain) Region
-
---s3-region
-Region to connect to.
-Properties:
+ - "af-south-1"
-- Config: region
-- Env Var: RCLONE_S3_REGION
-- Provider: Scaleway
-- Type: string
-- Required: false
-- Examples:
+
- Africa (Cape Town) Region
+
+- "cn-north-1"
-- "nl-ams"
+
- China (Beijing) Region
+
+- "cn-northwest-1"
-- Amsterdam, The Netherlands
+- China (Ningxia) Region
-- "fr-par"
+
- "us-gov-east-1"
-- Paris, France
+- AWS GovCloud (US-East) Region
-- "pl-waw"
+
- "us-gov-west-1"
-- Warsaw, Poland
+- AWS GovCloud (US) Region
---s3-region
-Region to connect to. - the location where your bucket will be created and your data stored. Need bo be same with your endpoint.
+--s3-acl
+Canned ACL used when creating buckets and storing or copying objects.
+This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Note that this ACL is applied when server-side copying objects as S3 doesn't copy the ACL from the source but rather writes a fresh one.
+If the acl is an empty string then no X-Amz-Acl: header is added and the default (private) will be used.
Properties:
-- Config: region
-- Env Var: RCLONE_S3_REGION
-- Provider: HuaweiOBS
+- Config: acl
+- Env Var: RCLONE_S3_ACL
+- Provider: !Storj,Synology,Cloudflare
- Type: string
- Required: false
- Examples:
-- "af-south-1"
+
- "default"
-- AF-Johannesburg
+- Owner gets Full_CONTROL.
+- No one else has access rights (default).
-- "ap-southeast-2"
+
- "private"
-- AP-Bangkok
+- Owner gets FULL_CONTROL.
+- No one else has access rights (default).
-- "ap-southeast-3"
+
- "public-read"
-- AP-Singapore
+- Owner gets FULL_CONTROL.
+- The AllUsers group gets READ access.
-- "cn-east-3"
+
- "public-read-write"
-- CN East-Shanghai1
+- Owner gets FULL_CONTROL.
+- The AllUsers group gets READ and WRITE access.
+- Granting this on a bucket is generally not recommended.
-- "cn-east-2"
+
- "authenticated-read"
-- CN East-Shanghai2
+- Owner gets FULL_CONTROL.
+- The AuthenticatedUsers group gets READ access.
-- "cn-north-1"
+
- "bucket-owner-read"
-- CN North-Beijing1
+- Object owner gets FULL_CONTROL.
+- Bucket owner gets READ access.
+- If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
-- "cn-north-4"
+
- "bucket-owner-full-control"
-- CN North-Beijing4
+- Both the object owner and the bucket owner get FULL_CONTROL over the object.
+- If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
-- "cn-south-1"
+
- "private"
-- CN South-Guangzhou
+- Owner gets FULL_CONTROL.
+- No one else has access rights (default).
+- This acl is available on IBM Cloud (Infra), IBM Cloud (Storage), On-Premise COS.
-- "ap-southeast-1"
+
- "public-read"
-- CN-Hong Kong
+- Owner gets FULL_CONTROL.
+- The AllUsers group gets READ access.
+- This acl is available on IBM Cloud (Infra), IBM Cloud (Storage), On-Premise IBM COS.
-- "sa-argentina-1"
+
- "public-read-write"
-- LA-Buenos Aires1
+- Owner gets FULL_CONTROL.
+- The AllUsers group gets READ and WRITE access.
+- This acl is available on IBM Cloud (Infra), On-Premise IBM COS.
-- "sa-peru-1"
+
- "authenticated-read"
-- LA-Lima1
+- Owner gets FULL_CONTROL.
+- The AuthenticatedUsers group gets READ access.
+- Not supported on Buckets.
+- This acl is available on IBM Cloud (Infra) and On-Premise IBM COS.
-- "na-mexico-1"
-
-- LA-Mexico City1
-- "sa-chile-1"
+
+--s3-server-side-encryption
+The server-side encryption algorithm used when storing this object in S3.
+Properties:
+
+- Config: server_side_encryption
+- Env Var: RCLONE_S3_SERVER_SIDE_ENCRYPTION
+- Provider: AWS,Ceph,ChinaMobile,Minio
+- Type: string
+- Required: false
+- Examples:
+
+- ""
-- LA-Santiago2
+- None
-- "sa-brazil-1"
+
- "AES256"
-- LA-Sao Paulo1
+- AES256
-- "ru-northwest-2"
+
- "aws:kms"
-- RU-Moscow2
+- aws:kms
---s3-region
-Region to connect to.
+--s3-sse-kms-key-id
+If using KMS ID you must provide the ARN of Key.
Properties:
-- Config: region
-- Env Var: RCLONE_S3_REGION
-- Provider: Cloudflare
+- Config: sse_kms_key_id
+- Env Var: RCLONE_S3_SSE_KMS_KEY_ID
+- Provider: AWS,Ceph,Minio
- Type: string
- Required: false
- Examples:
-- "auto"
+
- ""
+
+- None
+
+- "arn:aws:kms:us-east-1:*"
-- R2 buckets are automatically distributed across Cloudflare's data centers for low latency.
+- arn:aws:kms:*
---s3-region
-Region to connect to.
+--s3-storage-class
+The storage class to use when storing new objects in S3.
Properties:
-- Config: region
-- Env Var: RCLONE_S3_REGION
-- Provider: Qiniu
+- Config: storage_class
+- Env Var: RCLONE_S3_STORAGE_CLASS
+- Provider: AWS
- Type: string
- Required: false
- Examples:
-- "cn-east-1"
+
- ""
-- The default endpoint - a good choice if you are unsure.
-- East China Region 1.
-- Needs location constraint cn-east-1.
+- Default
-- "cn-east-2"
+
- "STANDARD"
-- East China Region 2.
-- Needs location constraint cn-east-2.
+- Standard storage class
-- "cn-north-1"
+
- "REDUCED_REDUNDANCY"
-- North China Region 1.
-- Needs location constraint cn-north-1.
+- Reduced redundancy storage class
+
+- "STANDARD_IA"
+
+- Standard Infrequent Access storage class
-- "cn-south-1"
+
- "ONEZONE_IA"
-- South China Region 1.
-- Needs location constraint cn-south-1.
+- One Zone Infrequent Access storage class
-- "us-north-1"
+
- "GLACIER"
-- North America Region.
-- Needs location constraint us-north-1.
+- Glacier storage class
-- "ap-southeast-1"
+
- "DEEP_ARCHIVE"
-- Southeast Asia Region 1.
-- Needs location constraint ap-southeast-1.
+- Glacier Deep Archive storage class
-- "ap-northeast-1"
+
- "INTELLIGENT_TIERING"
-- Northeast Asia Region 1.
-- Needs location constraint ap-northeast-1.
+- Intelligent-Tiering storage class
+
+- "GLACIER_IR"
+
+- Glacier Instant Retrieval storage class
---s3-region
-Region where your bucket will be created and your data stored.
+Advanced options
+Here are the Advanced options specific to s3 (Amazon S3 Compliant Storage Providers including AWS, Alibaba, ArvanCloud, Ceph, ChinaMobile, Cloudflare, DigitalOcean, Dreamhost, GCS, HuaweiOBS, IBMCOS, IDrive, IONOS, LyveCloud, Leviia, Liara, Linode, Minio, Netease, Petabox, RackCorp, Rclone, Scaleway, SeaweedFS, StackPath, Storj, Synology, TencentCOS, Wasabi, Qiniu and others).
+--s3-bucket-acl
+Canned ACL used when creating buckets.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Note that this ACL is applied when only when creating buckets. If it isn't set then "acl" is used instead.
+If the "acl" and "bucket_acl" are empty strings then no X-Amz-Acl: header is added and the default (private) will be used.
Properties:
-- Config: region
-- Env Var: RCLONE_S3_REGION
-- Provider: IONOS
+- Config: bucket_acl
+- Env Var: RCLONE_S3_BUCKET_ACL
- Type: string
- Required: false
- Examples:
-- "de"
+
- "private"
+
+- Owner gets FULL_CONTROL.
+- No one else has access rights (default).
+
+- "public-read"
-- Frankfurt, Germany
+- Owner gets FULL_CONTROL.
+- The AllUsers group gets READ access.
-- "eu-central-2"
+
- "public-read-write"
-- Berlin, Germany
+- Owner gets FULL_CONTROL.
+- The AllUsers group gets READ and WRITE access.
+- Granting this on a bucket is generally not recommended.
-- "eu-south-2"
+
- "authenticated-read"
-- Logrono, Spain
+- Owner gets FULL_CONTROL.
+- The AuthenticatedUsers group gets READ access.
---s3-region
-Region to connect to.
-Leave blank if you are using an S3 clone and you don't have a region.
+--s3-requester-pays
+Enables requester pays option when interacting with S3 bucket.
Properties:
-- Config: region
-- Env Var: RCLONE_S3_REGION
-- Provider: !AWS,Alibaba,ChinaMobile,Cloudflare,IONOS,ArvanCloud,Liara,Qiniu,RackCorp,Scaleway,Storj,TencentCOS,HuaweiOBS,IDrive
+- Config: requester_pays
+- Env Var: RCLONE_S3_REQUESTER_PAYS
+- Provider: AWS
+- Type: bool
+- Default: false
+
+--s3-sse-customer-algorithm
+If using SSE-C, the server-side encryption algorithm used when storing this object in S3.
+Properties:
+
+- Config: sse_customer_algorithm
+- Env Var: RCLONE_S3_SSE_CUSTOMER_ALGORITHM
+- Provider: AWS,Ceph,ChinaMobile,Minio
- Type: string
- Required: false
- Examples:
- ""
-- Use this if unsure.
-- Will use v4 signatures and an empty region.
+- None
-- "other-v2-signature"
+
- "AES256"
-- Use this only if v4 signatures don't work.
-- E.g. pre Jewel/v10 CEPH.
+- AES256
---s3-endpoint
-Endpoint for S3 API.
-Leave blank if using AWS to use the default endpoint for the region.
+--s3-sse-customer-key
+To use SSE-C you may provide the secret encryption key used to encrypt/decrypt your data.
+Alternatively you can provide --sse-customer-key-base64.
Properties:
-- Config: endpoint
-- Env Var: RCLONE_S3_ENDPOINT
-- Provider: AWS
+- Config: sse_customer_key
+- Env Var: RCLONE_S3_SSE_CUSTOMER_KEY
+- Provider: AWS,Ceph,ChinaMobile,Minio
- Type: string
- Required: false
+- Examples:
+
+- ""
+
+- None
+
+
---s3-endpoint
-Endpoint for China Mobile Ecloud Elastic Object Storage (EOS) API.
+--s3-sse-customer-key-base64
+If using SSE-C you must provide the secret encryption key encoded in base64 format to encrypt/decrypt your data.
+Alternatively you can provide --sse-customer-key.
Properties:
-- Config: endpoint
-- Env Var: RCLONE_S3_ENDPOINT
-- Provider: ChinaMobile
+- Config: sse_customer_key_base64
+- Env Var: RCLONE_S3_SSE_CUSTOMER_KEY_BASE64
+- Provider: AWS,Ceph,ChinaMobile,Minio
- Type: string
- Required: false
- Examples:
-- "eos-wuxi-1.cmecloud.cn"
+
- ""
-- The default endpoint - a good choice if you are unsure.
-- East China (Suzhou)
+- None
-- "eos-jinan-1.cmecloud.cn"
-
-- East China (Jinan)
-- "eos-ningbo-1.cmecloud.cn"
-
-- East China (Hangzhou)
-
-- "eos-shanghai-1.cmecloud.cn"
-
-- East China (Shanghai-1)
-
-- "eos-zhengzhou-1.cmecloud.cn"
-
-- Central China (Zhengzhou)
-
-- "eos-hunan-1.cmecloud.cn"
-
-- Central China (Changsha-1)
-
-- "eos-zhuzhou-1.cmecloud.cn"
-
-- Central China (Changsha-2)
-
-- "eos-guangzhou-1.cmecloud.cn"
-
-- South China (Guangzhou-2)
-
-- "eos-dongguan-1.cmecloud.cn"
-
-- South China (Guangzhou-3)
-
-- "eos-beijing-1.cmecloud.cn"
-
-- North China (Beijing-1)
-
-- "eos-beijing-2.cmecloud.cn"
-
-- North China (Beijing-2)
-
-- "eos-beijing-4.cmecloud.cn"
-
-- North China (Beijing-3)
-
-- "eos-huhehaote-1.cmecloud.cn"
-
-- North China (Huhehaote)
-
-- "eos-chengdu-1.cmecloud.cn"
-
-- Southwest China (Chengdu)
-
-- "eos-chongqing-1.cmecloud.cn"
-
-- Southwest China (Chongqing)
-
-- "eos-guiyang-1.cmecloud.cn"
-
-- Southwest China (Guiyang)
-
-- "eos-xian-1.cmecloud.cn"
-
-- Nouthwest China (Xian)
-
-- "eos-yunnan.cmecloud.cn"
-
-- Yunnan China (Kunming)
-
-- "eos-yunnan-2.cmecloud.cn"
-
-- Yunnan China (Kunming-2)
-
-- "eos-tianjin-1.cmecloud.cn"
-
-- Tianjin China (Tianjin)
-
-- "eos-jilin-1.cmecloud.cn"
-
-- Jilin China (Changchun)
-
-- "eos-hubei-1.cmecloud.cn"
+
+--s3-sse-customer-key-md5
+If using SSE-C you may provide the secret encryption key MD5 checksum (optional).
+If you leave it blank, this is calculated automatically from the sse_customer_key provided.
+Properties:
-- Hubei China (Xiangyan)
-
-- "eos-jiangxi-1.cmecloud.cn"
+
- Config: sse_customer_key_md5
+- Env Var: RCLONE_S3_SSE_CUSTOMER_KEY_MD5
+- Provider: AWS,Ceph,ChinaMobile,Minio
+- Type: string
+- Required: false
+- Examples:
-- Jiangxi China (Nanchang)
-
-- "eos-gansu-1.cmecloud.cn"
+
- ""
-- Gansu China (Lanzhou)
+- None
-- "eos-shanxi-1.cmecloud.cn"
-
-- Shanxi China (Taiyuan)
-- "eos-liaoning-1.cmecloud.cn"
+
+--s3-upload-cutoff
+Cutoff for switching to chunked upload.
+Any files larger than this will be uploaded in chunks of chunk_size. The minimum is 0 and the maximum is 5 GiB.
+Properties:
-- Liaoning China (Shenyang)
-
-- "eos-hebei-1.cmecloud.cn"
+
- Config: upload_cutoff
+- Env Var: RCLONE_S3_UPLOAD_CUTOFF
+- Type: SizeSuffix
+- Default: 200Mi
+
+--s3-chunk-size
+Chunk size to use for uploading.
+When uploading files larger than upload_cutoff or files with unknown size (e.g. from "rclone rcat" or uploaded with "rclone mount" or google photos or google docs) they will be uploaded as multipart uploads using this chunk size.
+Note that "--s3-upload-concurrency" chunks of this size are buffered in memory per transfer.
+If you are transferring large files over high-speed links and you have enough memory, then increasing this will speed up the transfers.
+Rclone will automatically increase the chunk size when uploading a large file of known size to stay below the 10,000 chunks limit.
+Files of unknown size are uploaded with the configured chunk_size. Since the default chunk size is 5 MiB and there can be at most 10,000 chunks, this means that by default the maximum size of a file you can stream upload is 48 GiB. If you wish to stream upload larger files then you will need to increase chunk_size.
+Increasing the chunk size decreases the accuracy of the progress statistics displayed with "-P" flag. Rclone treats chunk as sent when it's buffered by the AWS SDK, when in fact it may still be uploading. A bigger chunk size means a bigger AWS SDK buffer and progress reporting more deviating from the truth.
+Properties:
-- Hebei China (Shijiazhuang)
-
-"eos-fujian-1.cmecloud.cn"
+ Config: chunk_size
+Env Var: RCLONE_S3_CHUNK_SIZE
+Type: SizeSuffix
+Default: 5Mi
+
+--s3-max-upload-parts
+Maximum number of parts in a multipart upload.
+This option defines the maximum number of multipart chunks to use when doing a multipart upload.
+This can be useful if a service does not support the AWS S3 specification of 10,000 chunks.
+Rclone will automatically increase the chunk size when uploading a large file of a known size to stay below this number of chunks limit.
+Properties:
-- Fujian China (Xiamen)
-
-"eos-guangxi-1.cmecloud.cn"
+ Config: max_upload_parts
+Env Var: RCLONE_S3_MAX_UPLOAD_PARTS
+Type: int
+Default: 10000
+
+--s3-copy-cutoff
+Cutoff for switching to multipart copy.
+Any files larger than this that need to be server-side copied will be copied in chunks of this size.
+The minimum is 0 and the maximum is 5 GiB.
+Properties:
-- Guangxi China (Nanning)
-
-"eos-anhui-1.cmecloud.cn"
+ Config: copy_cutoff
+Env Var: RCLONE_S3_COPY_CUTOFF
+Type: SizeSuffix
+Default: 4.656Gi
+
+--s3-disable-checksum
+Don't store MD5 checksum with object metadata.
+Normally rclone will calculate the MD5 checksum of the input before uploading it so it can add it to metadata on the object. This is great for data integrity checking but can cause long delays for large files to start uploading.
+Properties:
-- Anhui China (Huainan)
-
-
+Config: disable_checksum
+Env Var: RCLONE_S3_DISABLE_CHECKSUM
+Type: bool
+Default: false
---s3-endpoint
-Endpoint for Arvan Cloud Object Storage (AOS) API.
+--s3-shared-credentials-file
+Path to the shared credentials file.
+If env_auth = true then rclone can use a shared credentials file.
+If this variable is empty rclone will look for the "AWS_SHARED_CREDENTIALS_FILE" env variable. If the env value is empty it will default to the current user's home directory.
+Linux/OSX: "$HOME/.aws/credentials"
+Windows: "%USERPROFILE%\.aws\credentials"
Properties:
-- Config: endpoint
-- Env Var: RCLONE_S3_ENDPOINT
-- Provider: ArvanCloud
+- Config: shared_credentials_file
+- Env Var: RCLONE_S3_SHARED_CREDENTIALS_FILE
- Type: string
- Required: false
-- Examples:
-
-- "s3.ir-thr-at1.arvanstorage.com"
-
-- The default endpoint - a good choice if you are unsure.
-- Tehran Iran (Asiatech)
-
-- "s3.ir-tbz-sh1.arvanstorage.com"
+
+--s3-profile
+Profile to use in the shared credentials file.
+If env_auth = true then rclone can use a shared credentials file. This variable controls which profile is used in that file.
+If empty it will default to the environment variable "AWS_PROFILE" or "default" if that environment variable is also not set.
+Properties:
-- Tabriz Iran (Shahriar)
-
-
+Config: profile
+Env Var: RCLONE_S3_PROFILE
+Type: string
+Required: false
---s3-endpoint
-Endpoint for IBM COS S3 API.
-Specify if using an IBM COS On Premise.
+--s3-session-token
+An AWS session token.
Properties:
-- Config: endpoint
-- Env Var: RCLONE_S3_ENDPOINT
-- Provider: IBMCOS
+- Config: session_token
+- Env Var: RCLONE_S3_SESSION_TOKEN
- Type: string
- Required: false
-- Examples:
+
+--s3-upload-concurrency
+Concurrency for multipart uploads.
+This is the number of chunks of the same file that are uploaded concurrently.
+If you are uploading small numbers of large files over high-speed links and these uploads do not fully utilize your bandwidth, then increasing this may help to speed up the transfers.
+Properties:
-- "s3.us.cloud-object-storage.appdomain.cloud"
+
- Config: upload_concurrency
+- Env Var: RCLONE_S3_UPLOAD_CONCURRENCY
+- Type: int
+- Default: 4
+
+--s3-force-path-style
+If true use path style access if false use virtual hosted style.
+If this is true (the default) then rclone will use path style access, if false then rclone will use virtual path style. See the AWS S3 docs for more info.
+Some providers (e.g. AWS, Aliyun OSS, Netease COS, or Tencent COS) require this set to false - rclone will do this automatically based on the provider setting.
+Properties:
-- US Cross Region Endpoint
-
-"s3.dal.us.cloud-object-storage.appdomain.cloud"
+ Config: force_path_style
+Env Var: RCLONE_S3_FORCE_PATH_STYLE
+Type: bool
+Default: true
+
+--s3-v2-auth
+If true use v2 authentication.
+If this is false (the default) then rclone will use v4 authentication. If it is set then rclone will use v2 authentication.
+Use this only if v4 signatures don't work, e.g. pre Jewel/v10 CEPH.
+Properties:
-- US Cross Region Dallas Endpoint
-
-"s3.wdc.us.cloud-object-storage.appdomain.cloud"
+ Config: v2_auth
+Env Var: RCLONE_S3_V2_AUTH
+Type: bool
+Default: false
+
+--s3-use-accelerate-endpoint
+If true use the AWS S3 accelerated endpoint.
+See: AWS S3 Transfer acceleration
+Properties:
-- US Cross Region Washington DC Endpoint
-
-"s3.sjc.us.cloud-object-storage.appdomain.cloud"
+ Config: use_accelerate_endpoint
+Env Var: RCLONE_S3_USE_ACCELERATE_ENDPOINT
+Provider: AWS
+Type: bool
+Default: false
+
+--s3-leave-parts-on-error
+If true avoid calling abort upload on a failure, leaving all successfully uploaded parts on S3 for manual recovery.
+It should be set to true for resuming uploads across different sessions.
+WARNING: Storing parts of an incomplete multipart upload counts towards space usage on S3 and will add additional costs if not cleaned up.
+Properties:
-- US Cross Region San Jose Endpoint
-
-"s3.private.us.cloud-object-storage.appdomain.cloud"
+ Config: leave_parts_on_error
+Env Var: RCLONE_S3_LEAVE_PARTS_ON_ERROR
+Provider: AWS
+Type: bool
+Default: false
+
+--s3-list-chunk
+Size of listing chunk (response list for each ListObject S3 request).
+This option is also known as "MaxKeys", "max-items", or "page-size" from the AWS S3 specification. Most services truncate the response list to 1000 objects even if requested more than that. In AWS S3 this is a global maximum and cannot be changed, see AWS S3. In Ceph, this can be increased with the "rgw list buckets max chunk" option.
+Properties:
-- US Cross Region Private Endpoint
-
-"s3.private.dal.us.cloud-object-storage.appdomain.cloud"
+ Config: list_chunk
+Env Var: RCLONE_S3_LIST_CHUNK
+Type: int
+Default: 1000
+
+--s3-list-version
+Version of ListObjects to use: 1,2 or 0 for auto.
+When S3 originally launched it only provided the ListObjects call to enumerate objects in a bucket.
+However in May 2016 the ListObjectsV2 call was introduced. This is much higher performance and should be used if at all possible.
+If set to the default, 0, rclone will guess according to the provider set which list objects method to call. If it guesses wrong, then it may be set manually here.
+Properties:
-- US Cross Region Dallas Private Endpoint
-
-"s3.private.wdc.us.cloud-object-storage.appdomain.cloud"
+ Config: list_version
+Env Var: RCLONE_S3_LIST_VERSION
+Type: int
+Default: 0
+
+--s3-list-url-encode
+Whether to url encode listings: true/false/unset
+Some providers support URL encoding listings and where this is available this is more reliable when using control characters in file names. If this is set to unset (the default) then rclone will choose according to the provider setting what to apply, but you can override rclone's choice here.
+Properties:
-- US Cross Region Washington DC Private Endpoint
-
-"s3.private.sjc.us.cloud-object-storage.appdomain.cloud"
+ Config: list_url_encode
+Env Var: RCLONE_S3_LIST_URL_ENCODE
+Type: Tristate
+Default: unset
+
+--s3-no-check-bucket
+If set, don't attempt to check the bucket exists or create it.
+This can be useful when trying to minimise the number of transactions rclone does if you know the bucket exists already.
+It can also be needed if the user you are using does not have bucket creation permissions. Before v1.52.0 this would have passed silently due to a bug.
+Properties:
-- US Cross Region San Jose Private Endpoint
-
-"s3.us-east.cloud-object-storage.appdomain.cloud"
+ Config: no_check_bucket
+Env Var: RCLONE_S3_NO_CHECK_BUCKET
+Type: bool
+Default: false
+
+--s3-no-head
+If set, don't HEAD uploaded objects to check integrity.
+This can be useful when trying to minimise the number of transactions rclone does.
+Setting it means that if rclone receives a 200 OK message after uploading an object with PUT then it will assume that it got uploaded properly.
+In particular it will assume:
-- US Region East Endpoint
-
-"s3.private.us-east.cloud-object-storage.appdomain.cloud"
+ the metadata, including modtime, storage class and content type was as uploaded
+the size was as uploaded
+
+It reads the following items from the response for a single part PUT:
-- US Region East Private Endpoint
-
-"s3.us-south.cloud-object-storage.appdomain.cloud"
-
-- US Region South Endpoint
-
-"s3.private.us-south.cloud-object-storage.appdomain.cloud"
-
-- US Region South Private Endpoint
-
-"s3.eu.cloud-object-storage.appdomain.cloud"
-
-- EU Cross Region Endpoint
-
-"s3.fra.eu.cloud-object-storage.appdomain.cloud"
-
-- EU Cross Region Frankfurt Endpoint
-
-"s3.mil.eu.cloud-object-storage.appdomain.cloud"
-
-- EU Cross Region Milan Endpoint
-
-"s3.ams.eu.cloud-object-storage.appdomain.cloud"
-
-- EU Cross Region Amsterdam Endpoint
-
-"s3.private.eu.cloud-object-storage.appdomain.cloud"
-
-- EU Cross Region Private Endpoint
-
-"s3.private.fra.eu.cloud-object-storage.appdomain.cloud"
-
-- EU Cross Region Frankfurt Private Endpoint
-
-"s3.private.mil.eu.cloud-object-storage.appdomain.cloud"
-
-- EU Cross Region Milan Private Endpoint
-
-"s3.private.ams.eu.cloud-object-storage.appdomain.cloud"
-
-- EU Cross Region Amsterdam Private Endpoint
-
-"s3.eu-gb.cloud-object-storage.appdomain.cloud"
-
-- Great Britain Endpoint
-
-"s3.private.eu-gb.cloud-object-storage.appdomain.cloud"
-
-- Great Britain Private Endpoint
-
-"s3.eu-de.cloud-object-storage.appdomain.cloud"
-
-- EU Region DE Endpoint
-
-"s3.private.eu-de.cloud-object-storage.appdomain.cloud"
-
-- EU Region DE Private Endpoint
-
-"s3.ap.cloud-object-storage.appdomain.cloud"
-
-- APAC Cross Regional Endpoint
-
-"s3.tok.ap.cloud-object-storage.appdomain.cloud"
-
-- APAC Cross Regional Tokyo Endpoint
-
-"s3.hkg.ap.cloud-object-storage.appdomain.cloud"
-
-- APAC Cross Regional HongKong Endpoint
-
-"s3.seo.ap.cloud-object-storage.appdomain.cloud"
-
-- APAC Cross Regional Seoul Endpoint
-
-"s3.private.ap.cloud-object-storage.appdomain.cloud"
-
-- APAC Cross Regional Private Endpoint
-
-"s3.private.tok.ap.cloud-object-storage.appdomain.cloud"
-
-- APAC Cross Regional Tokyo Private Endpoint
-
-"s3.private.hkg.ap.cloud-object-storage.appdomain.cloud"
-
-- APAC Cross Regional HongKong Private Endpoint
-
-"s3.private.seo.ap.cloud-object-storage.appdomain.cloud"
-
-- APAC Cross Regional Seoul Private Endpoint
-
-"s3.jp-tok.cloud-object-storage.appdomain.cloud"
-
-- APAC Region Japan Endpoint
-
-"s3.private.jp-tok.cloud-object-storage.appdomain.cloud"
-
-- APAC Region Japan Private Endpoint
-
-"s3.au-syd.cloud-object-storage.appdomain.cloud"
-
-- APAC Region Australia Endpoint
-
-"s3.private.au-syd.cloud-object-storage.appdomain.cloud"
-
-- APAC Region Australia Private Endpoint
-
-"s3.ams03.cloud-object-storage.appdomain.cloud"
-
-- Amsterdam Single Site Endpoint
-
-"s3.private.ams03.cloud-object-storage.appdomain.cloud"
-
-- Amsterdam Single Site Private Endpoint
-
-"s3.che01.cloud-object-storage.appdomain.cloud"
-
-- Chennai Single Site Endpoint
-
-"s3.private.che01.cloud-object-storage.appdomain.cloud"
-
-- Chennai Single Site Private Endpoint
-
-"s3.mel01.cloud-object-storage.appdomain.cloud"
-
-- Melbourne Single Site Endpoint
-
-"s3.private.mel01.cloud-object-storage.appdomain.cloud"
-
-- Melbourne Single Site Private Endpoint
-
-"s3.osl01.cloud-object-storage.appdomain.cloud"
-
-- Oslo Single Site Endpoint
-
-"s3.private.osl01.cloud-object-storage.appdomain.cloud"
-
-- Oslo Single Site Private Endpoint
-
-"s3.tor01.cloud-object-storage.appdomain.cloud"
-
-- Toronto Single Site Endpoint
-
-"s3.private.tor01.cloud-object-storage.appdomain.cloud"
-
-- Toronto Single Site Private Endpoint
-
-"s3.seo01.cloud-object-storage.appdomain.cloud"
-
-- Seoul Single Site Endpoint
-
-"s3.private.seo01.cloud-object-storage.appdomain.cloud"
-
-- Seoul Single Site Private Endpoint
-
-"s3.mon01.cloud-object-storage.appdomain.cloud"
-
-- Montreal Single Site Endpoint
-
-"s3.private.mon01.cloud-object-storage.appdomain.cloud"
-
-- Montreal Single Site Private Endpoint
-
-"s3.mex01.cloud-object-storage.appdomain.cloud"
-
-- Mexico Single Site Endpoint
-
-"s3.private.mex01.cloud-object-storage.appdomain.cloud"
+ the MD5SUM
+The uploaded date
+
+For multipart uploads these items aren't read.
+If an source object of unknown length is uploaded then rclone will do a HEAD request.
+Setting this flag increases the chance for undetected upload failures, in particular an incorrect size, so it isn't recommended for normal operation. In practice the chance of an undetected upload failure is very small even with this flag.
+Properties:
-- Mexico Single Site Private Endpoint
-
-"s3.sjc04.cloud-object-storage.appdomain.cloud"
+ Config: no_head
+Env Var: RCLONE_S3_NO_HEAD
+Type: bool
+Default: false
+
+--s3-no-head-object
+If set, do not do HEAD before GET when getting objects.
+Properties:
-- San Jose Single Site Endpoint
-
-"s3.private.sjc04.cloud-object-storage.appdomain.cloud"
+ Config: no_head_object
+Env Var: RCLONE_S3_NO_HEAD_OBJECT
+Type: bool
+Default: false
+
+--s3-encoding
+The encoding for the backend.
+See the encoding section in the overview for more info.
+Properties:
-- San Jose Single Site Private Endpoint
-
-"s3.mil01.cloud-object-storage.appdomain.cloud"
+ Config: encoding
+Env Var: RCLONE_S3_ENCODING
+Type: Encoding
+Default: Slash,InvalidUtf8,Dot
+
+--s3-memory-pool-flush-time
+How often internal memory buffer pools will be flushed. (no longer used)
+Properties:
-- Milan Single Site Endpoint
-
-"s3.private.mil01.cloud-object-storage.appdomain.cloud"
+ Config: memory_pool_flush_time
+Env Var: RCLONE_S3_MEMORY_POOL_FLUSH_TIME
+Type: Duration
+Default: 1m0s
+
+--s3-memory-pool-use-mmap
+Whether to use mmap buffers in internal memory pool. (no longer used)
+Properties:
-- Milan Single Site Private Endpoint
-
-"s3.hkg02.cloud-object-storage.appdomain.cloud"
+ Config: memory_pool_use_mmap
+Env Var: RCLONE_S3_MEMORY_POOL_USE_MMAP
+Type: bool
+Default: false
+
+--s3-disable-http2
+Disable usage of http2 for S3 backends.
+There is currently an unsolved issue with the s3 (specifically minio) backend and HTTP/2. HTTP/2 is enabled by default for the s3 backend but can be disabled here. When the issue is solved this flag will be removed.
+See: https://github.com/rclone/rclone/issues/4673, https://github.com/rclone/rclone/issues/3631
+Properties:
-- Hong Kong Single Site Endpoint
-
-"s3.private.hkg02.cloud-object-storage.appdomain.cloud"
+ Config: disable_http2
+Env Var: RCLONE_S3_DISABLE_HTTP2
+Type: bool
+Default: false
+
+--s3-download-url
+Custom endpoint for downloads. This is usually set to a CloudFront CDN URL as AWS S3 offers cheaper egress for data downloaded through the CloudFront network.
+Properties:
-- Hong Kong Single Site Private Endpoint
-
-"s3.par01.cloud-object-storage.appdomain.cloud"
+ Config: download_url
+Env Var: RCLONE_S3_DOWNLOAD_URL
+Type: string
+Required: false
+
+--s3-directory-markers
+Upload an empty object with a trailing slash when a new directory is created
+Empty folders are unsupported for bucket based remotes, this option creates an empty object ending with "/", to persist the folder.
+Properties:
-- Paris Single Site Endpoint
-
-"s3.private.par01.cloud-object-storage.appdomain.cloud"
+ Config: directory_markers
+Env Var: RCLONE_S3_DIRECTORY_MARKERS
+Type: bool
+Default: false
+
+--s3-use-multipart-etag
+Whether to use ETag in multipart uploads for verification
+This should be true, false or left unset to use the default for the provider.
+Properties:
-- Paris Single Site Private Endpoint
-
-"s3.sng01.cloud-object-storage.appdomain.cloud"
+ Config: use_multipart_etag
+Env Var: RCLONE_S3_USE_MULTIPART_ETAG
+Type: Tristate
+Default: unset
+
+--s3-use-presigned-request
+Whether to use a presigned request or PutObject for single part uploads
+If this is false rclone will use PutObject from the AWS SDK to upload an object.
+Versions of rclone < 1.59 use presigned requests to upload a single part object and setting this flag to true will re-enable that functionality. This shouldn't be necessary except in exceptional circumstances or for testing.
+Properties:
-- Singapore Single Site Endpoint
-
-"s3.private.sng01.cloud-object-storage.appdomain.cloud"
+ Config: use_presigned_request
+Env Var: RCLONE_S3_USE_PRESIGNED_REQUEST
+Type: bool
+Default: false
+
+--s3-versions
+Include old versions in directory listings.
+Properties:
-- Singapore Single Site Private Endpoint
-
-
+Config: versions
+Env Var: RCLONE_S3_VERSIONS
+Type: bool
+Default: false
---s3-endpoint
-Endpoint for IONOS S3 Object Storage.
-Specify the endpoint from the same region.
+--s3-version-at
+Show file versions as they were at the specified time.
+The parameter should be a date, "2006-01-02", datetime "2006-01-02 15:04:05" or a duration for that long ago, eg "100d" or "1h".
+Note that when using this no file write operations are permitted, so you can't upload files or delete them.
+See the time option docs for valid formats.
Properties:
-- Config: endpoint
-- Env Var: RCLONE_S3_ENDPOINT
-- Provider: IONOS
-- Type: string
-- Required: false
-- Examples:
+
- Config: version_at
+- Env Var: RCLONE_S3_VERSION_AT
+- Type: Time
+- Default: off
+
+--s3-decompress
+If set this will decompress gzip encoded objects.
+It is possible to upload objects to S3 with "Content-Encoding: gzip" set. Normally rclone will download these files as compressed objects.
+If this flag is set then rclone will decompress these files with "Content-Encoding: gzip" as they are received. This means that rclone can't check the size and hash but the file contents will be decompressed.
+Properties:
-- "s3-eu-central-1.ionoscloud.com"
+
- Config: decompress
+- Env Var: RCLONE_S3_DECOMPRESS
+- Type: bool
+- Default: false
+
+--s3-might-gzip
+Set this if the backend might gzip objects.
+Normally providers will not alter objects when they are downloaded. If an object was not uploaded with Content-Encoding: gzip
then it won't be set on download.
+However some providers may gzip objects even if they weren't uploaded with Content-Encoding: gzip
(eg Cloudflare).
+A symptom of this would be receiving errors like
+ERROR corrupted on transfer: sizes differ NNN vs MMM
+If you set this flag and rclone downloads an object with Content-Encoding: gzip set and chunked transfer encoding, then rclone will decompress the object on the fly.
+If this is set to unset (the default) then rclone will choose according to the provider setting what to apply, but you can override rclone's choice here.
+Properties:
-- Frankfurt, Germany
-
-"s3-eu-central-2.ionoscloud.com"
+ Config: might_gzip
+Env Var: RCLONE_S3_MIGHT_GZIP
+Type: Tristate
+Default: unset
+
+--s3-use-accept-encoding-gzip
+Whether to send Accept-Encoding: gzip
header.
+By default, rclone will append Accept-Encoding: gzip
to the request to download compressed objects whenever possible.
+However some providers such as Google Cloud Storage may alter the HTTP headers, breaking the signature of the request.
+A symptom of this would be receiving errors like
+SignatureDoesNotMatch: The request signature we calculated does not match the signature you provided.
+In this case, you might want to try disabling this option.
+Properties:
-- Berlin, Germany
-
-"s3-eu-south-2.ionoscloud.com"
+ Config: use_accept_encoding_gzip
+Env Var: RCLONE_S3_USE_ACCEPT_ENCODING_GZIP
+Type: Tristate
+Default: unset
+
+--s3-no-system-metadata
+Suppress setting and reading of system metadata
+Properties:
-- Logrono, Spain
-
-
+Config: no_system_metadata
+Env Var: RCLONE_S3_NO_SYSTEM_METADATA
+Type: bool
+Default: false
---s3-endpoint
-Endpoint for Liara Object Storage API.
+--s3-sts-endpoint
+Endpoint for STS.
+Leave blank if using AWS to use the default endpoint for the region.
Properties:
-- Config: endpoint
-- Env Var: RCLONE_S3_ENDPOINT
-- Provider: Liara
+- Config: sts_endpoint
+- Env Var: RCLONE_S3_STS_ENDPOINT
+- Provider: AWS
- Type: string
- Required: false
-- Examples:
-
-- "storage.iran.liara.space"
+
+--s3-use-already-exists
+Set if rclone should report BucketAlreadyExists errors on bucket creation.
+At some point during the evolution of the s3 protocol, AWS started returning an AlreadyOwnedByYou
error when attempting to create a bucket that the user already owned, rather than a BucketAlreadyExists
error.
+Unfortunately exactly what has been implemented by s3 clones is a little inconsistent, some return AlreadyOwnedByYou
, some return BucketAlreadyExists
and some return no error at all.
+This is important to rclone because it ensures the bucket exists by creating it on quite a lot of operations (unless --s3-no-check-bucket
is used).
+If rclone knows the provider can return AlreadyOwnedByYou
or returns no error then it can report BucketAlreadyExists
errors when the user attempts to create a bucket not owned by them. Otherwise rclone ignores the BucketAlreadyExists
error which can lead to confusion.
+This should be automatically set correctly for all providers rclone knows about - please make a bug report if not.
+Properties:
-- The default endpoint
-- Iran
-
-
+Config: use_already_exists
+Env Var: RCLONE_S3_USE_ALREADY_EXISTS
+Type: Tristate
+Default: unset
---s3-endpoint
-Endpoint for OSS API.
+--s3-use-multipart-uploads
+Set if rclone should use multipart uploads.
+You can change this if you want to disable the use of multipart uploads. This shouldn't be necessary in normal operation.
+This should be automatically set correctly for all providers rclone knows about - please make a bug report if not.
Properties:
-- Config: endpoint
-- Env Var: RCLONE_S3_ENDPOINT
-- Provider: Alibaba
-- Type: string
-- Required: false
-- Examples:
-
-- "oss-accelerate.aliyuncs.com"
-
-- Global Accelerate
-
-- "oss-accelerate-overseas.aliyuncs.com"
-
-- Global Accelerate (outside mainland China)
-
-- "oss-cn-hangzhou.aliyuncs.com"
-
-- East China 1 (Hangzhou)
-
-- "oss-cn-shanghai.aliyuncs.com"
-
-- East China 2 (Shanghai)
-
-- "oss-cn-qingdao.aliyuncs.com"
-
-- North China 1 (Qingdao)
-
-- "oss-cn-beijing.aliyuncs.com"
-
-- North China 2 (Beijing)
-
-- "oss-cn-zhangjiakou.aliyuncs.com"
-
-- North China 3 (Zhangjiakou)
-
-- "oss-cn-huhehaote.aliyuncs.com"
-
-- North China 5 (Hohhot)
-
-- "oss-cn-wulanchabu.aliyuncs.com"
-
-- North China 6 (Ulanqab)
-
-- "oss-cn-shenzhen.aliyuncs.com"
-
-- South China 1 (Shenzhen)
-
-- "oss-cn-heyuan.aliyuncs.com"
-
-- South China 2 (Heyuan)
-
-- "oss-cn-guangzhou.aliyuncs.com"
-
-- South China 3 (Guangzhou)
-
-- "oss-cn-chengdu.aliyuncs.com"
-
-- West China 1 (Chengdu)
-
-- "oss-cn-hongkong.aliyuncs.com"
-
-- Hong Kong (Hong Kong)
-
-- "oss-us-west-1.aliyuncs.com"
-
-- US West 1 (Silicon Valley)
-
-- "oss-us-east-1.aliyuncs.com"
-
-- US East 1 (Virginia)
-
-- "oss-ap-southeast-1.aliyuncs.com"
-
-- Southeast Asia Southeast 1 (Singapore)
-
-- "oss-ap-southeast-2.aliyuncs.com"
-
-- Asia Pacific Southeast 2 (Sydney)
-
-- "oss-ap-southeast-3.aliyuncs.com"
-
-- Southeast Asia Southeast 3 (Kuala Lumpur)
-
-- "oss-ap-southeast-5.aliyuncs.com"
-
-- Asia Pacific Southeast 5 (Jakarta)
-
-- "oss-ap-northeast-1.aliyuncs.com"
-
-- Asia Pacific Northeast 1 (Japan)
-
-- "oss-ap-south-1.aliyuncs.com"
-
-- Asia Pacific South 1 (Mumbai)
-
-- "oss-eu-central-1.aliyuncs.com"
-
-- Central Europe 1 (Frankfurt)
-
-- "oss-eu-west-1.aliyuncs.com"
-
-- West Europe (London)
-
-- "oss-me-east-1.aliyuncs.com"
-
-- Middle East 1 (Dubai)
-
-
-
---s3-endpoint
-Endpoint for OBS API.
-Properties:
-
-- Config: endpoint
-- Env Var: RCLONE_S3_ENDPOINT
-- Provider: HuaweiOBS
-- Type: string
-- Required: false
-- Examples:
-
-- "obs.af-south-1.myhuaweicloud.com"
-
-- AF-Johannesburg
-
-- "obs.ap-southeast-2.myhuaweicloud.com"
-
-- AP-Bangkok
-
-- "obs.ap-southeast-3.myhuaweicloud.com"
-
-- AP-Singapore
-
-- "obs.cn-east-3.myhuaweicloud.com"
-
-- CN East-Shanghai1
-
-- "obs.cn-east-2.myhuaweicloud.com"
-
-- CN East-Shanghai2
-
-- "obs.cn-north-1.myhuaweicloud.com"
-
-- CN North-Beijing1
-
-- "obs.cn-north-4.myhuaweicloud.com"
-
-- CN North-Beijing4
-
-- "obs.cn-south-1.myhuaweicloud.com"
-
-- CN South-Guangzhou
-
-- "obs.ap-southeast-1.myhuaweicloud.com"
-
-- CN-Hong Kong
-
-- "obs.sa-argentina-1.myhuaweicloud.com"
-
-- LA-Buenos Aires1
-
-- "obs.sa-peru-1.myhuaweicloud.com"
-
-- LA-Lima1
-
-- "obs.na-mexico-1.myhuaweicloud.com"
-
-- LA-Mexico City1
-
-- "obs.sa-chile-1.myhuaweicloud.com"
-
-- LA-Santiago2
-
-- "obs.sa-brazil-1.myhuaweicloud.com"
-
-- LA-Sao Paulo1
-
-- "obs.ru-northwest-2.myhuaweicloud.com"
-
-- RU-Moscow2
-
-
-
---s3-endpoint
-Endpoint for Scaleway Object Storage.
-Properties:
-
-- Config: endpoint
-- Env Var: RCLONE_S3_ENDPOINT
-- Provider: Scaleway
-- Type: string
-- Required: false
-- Examples:
-
-- "s3.nl-ams.scw.cloud"
-
-- Amsterdam Endpoint
-
-- "s3.fr-par.scw.cloud"
-
-- Paris Endpoint
-
-- "s3.pl-waw.scw.cloud"
-
-- Warsaw Endpoint
-
-
+- Config: use_multipart_uploads
+- Env Var: RCLONE_S3_USE_MULTIPART_UPLOADS
+- Type: Tristate
+- Default: unset
---s3-endpoint
-Endpoint for StackPath Object Storage.
-Properties:
-
-- Config: endpoint
-- Env Var: RCLONE_S3_ENDPOINT
-- Provider: StackPath
-- Type: string
-- Required: false
-- Examples:
-
-- "s3.us-east-2.stackpathstorage.com"
-
-- US East Endpoint
-
-- "s3.us-west-1.stackpathstorage.com"
-
-- US West Endpoint
-
-- "s3.eu-central-1.stackpathstorage.com"
+
Metadata
+User metadata is stored as x-amz-meta- keys. S3 metadata keys are case insensitive and are always returned in lower case.
+Here are the possible system metadata items for the s3 backend.
+
+
+
+
+
+
+
+
+
+
+Name
+Help
+Type
+Example
+Read Only
+
+
+
+
+btime
+Time of file birth (creation) read from Last-Modified header
+RFC 3339
+2006-01-02T15:04:05.999999999Z07:00
+Y
+
+
+cache-control
+Cache-Control header
+string
+no-cache
+N
+
+
+content-disposition
+Content-Disposition header
+string
+inline
+N
+
+
+content-encoding
+Content-Encoding header
+string
+gzip
+N
+
+
+content-language
+Content-Language header
+string
+en-US
+N
+
+
+content-type
+Content-Type header
+string
+text/plain
+N
+
+
+mtime
+Time of last modification, read from rclone metadata
+RFC 3339
+2006-01-02T15:04:05.999999999Z07:00
+N
+
+
+tier
+Tier of the object
+string
+GLACIER
+Y
+
+
+
+See the metadata docs for more info.
+Backend commands
+Here are the commands specific to the s3 backend.
+Run them with
+rclone backend COMMAND remote:
+The help below will explain what arguments each command takes.
+See the backend command for more info on how to pass options and arguments.
+These can be run on a running backend using the rc command backend/command.
+restore
+Restore objects from GLACIER to normal storage
+rclone backend restore remote: [options] [<arguments>+]
+This command can be used to restore one or more objects from GLACIER to normal storage.
+Usage Examples:
+rclone backend restore s3:bucket/path/to/object -o priority=PRIORITY -o lifetime=DAYS
+rclone backend restore s3:bucket/path/to/directory -o priority=PRIORITY -o lifetime=DAYS
+rclone backend restore s3:bucket -o priority=PRIORITY -o lifetime=DAYS
+This flag also obeys the filters. Test first with --interactive/-i or --dry-run flags
+rclone --interactive backend restore --include "*.txt" s3:bucket/path -o priority=Standard -o lifetime=1
+All the objects shown will be marked for restore, then
+rclone backend restore --include "*.txt" s3:bucket/path -o priority=Standard -o lifetime=1
+It returns a list of status dictionaries with Remote and Status keys. The Status will be OK if it was successful or an error message if not.
+[
+ {
+ "Status": "OK",
+ "Remote": "test.txt"
+ },
+ {
+ "Status": "OK",
+ "Remote": "test/file4.txt"
+ }
+]
+Options:
-- EU Endpoint
-
-
+- "description": The optional description for the job.
+- "lifetime": Lifetime of the active copy in days
+- "priority": Priority of restore: Standard|Expedited|Bulk
---s3-endpoint
-Endpoint for Storj Gateway.
-Properties:
-
-- Config: endpoint
-- Env Var: RCLONE_S3_ENDPOINT
-- Provider: Storj
-- Type: string
-- Required: false
-- Examples:
-
-- "gateway.storjshare.io"
+
restore-status
+Show the restore status for objects being restored from GLACIER to normal storage
+rclone backend restore-status remote: [options] [<arguments>+]
+This command can be used to show the status for objects being restored from GLACIER to normal storage.
+Usage Examples:
+rclone backend restore-status s3:bucket/path/to/object
+rclone backend restore-status s3:bucket/path/to/directory
+rclone backend restore-status -o all s3:bucket/path/to/directory
+This command does not obey the filters.
+It returns a list of status dictionaries.
+[
+ {
+ "Remote": "file.txt",
+ "VersionID": null,
+ "RestoreStatus": {
+ "IsRestoreInProgress": true,
+ "RestoreExpiryDate": "2023-09-06T12:29:19+01:00"
+ },
+ "StorageClass": "GLACIER"
+ },
+ {
+ "Remote": "test.pdf",
+ "VersionID": null,
+ "RestoreStatus": {
+ "IsRestoreInProgress": false,
+ "RestoreExpiryDate": "2023-09-06T12:29:19+01:00"
+ },
+ "StorageClass": "DEEP_ARCHIVE"
+ }
+]
+Options:
-- Global Hosted Gateway
-
-
+- "all": if set then show all objects, not just ones with restore status
---s3-endpoint
-Endpoint for Tencent COS API.
-Properties:
-
-- Config: endpoint
-- Env Var: RCLONE_S3_ENDPOINT
-- Provider: TencentCOS
-- Type: string
-- Required: false
-- Examples:
-
-- "cos.ap-beijing.myqcloud.com"
-
-- Beijing Region
-
-- "cos.ap-nanjing.myqcloud.com"
-
-- Nanjing Region
-
-- "cos.ap-shanghai.myqcloud.com"
-
-- Shanghai Region
-
-- "cos.ap-guangzhou.myqcloud.com"
-
-- Guangzhou Region
-
-- "cos.ap-nanjing.myqcloud.com"
-
-- Nanjing Region
-
-- "cos.ap-chengdu.myqcloud.com"
-
-- Chengdu Region
-
-- "cos.ap-chongqing.myqcloud.com"
-
-- Chongqing Region
-
-- "cos.ap-hongkong.myqcloud.com"
-
-- Hong Kong (China) Region
-
-- "cos.ap-singapore.myqcloud.com"
-
-- Singapore Region
-
-- "cos.ap-mumbai.myqcloud.com"
-
-- Mumbai Region
-
-- "cos.ap-seoul.myqcloud.com"
-
-- Seoul Region
-
-- "cos.ap-bangkok.myqcloud.com"
-
-- Bangkok Region
-
-- "cos.ap-tokyo.myqcloud.com"
-
-- Tokyo Region
-
-- "cos.na-siliconvalley.myqcloud.com"
-
-- Silicon Valley Region
-
-- "cos.na-ashburn.myqcloud.com"
-
-- Virginia Region
-
-- "cos.na-toronto.myqcloud.com"
-
-- Toronto Region
-
-- "cos.eu-frankfurt.myqcloud.com"
-
-- Frankfurt Region
-
-- "cos.eu-moscow.myqcloud.com"
-
-- Moscow Region
-
-- "cos.accelerate.myqcloud.com"
-
-- Use Tencent COS Accelerate Endpoint
-
-
-
---s3-endpoint
-Endpoint for RackCorp Object Storage.
-Properties:
-
-- Config: endpoint
-- Env Var: RCLONE_S3_ENDPOINT
-- Provider: RackCorp
-- Type: string
-- Required: false
-- Examples:
-
-- "s3.rackcorp.com"
-
-- Global (AnyCast) Endpoint
-
-- "au.s3.rackcorp.com"
-
-- Australia (Anycast) Endpoint
-
-- "au-nsw.s3.rackcorp.com"
-
-- Sydney (Australia) Endpoint
-
-- "au-qld.s3.rackcorp.com"
-
-- Brisbane (Australia) Endpoint
-
-- "au-vic.s3.rackcorp.com"
-
-- Melbourne (Australia) Endpoint
-
-- "au-wa.s3.rackcorp.com"
-
-- Perth (Australia) Endpoint
-
-- "ph.s3.rackcorp.com"
-
-- Manila (Philippines) Endpoint
-
-- "th.s3.rackcorp.com"
-
-- Bangkok (Thailand) Endpoint
-
-- "hk.s3.rackcorp.com"
-
-- HK (Hong Kong) Endpoint
-
-- "mn.s3.rackcorp.com"
-
-- Ulaanbaatar (Mongolia) Endpoint
-
-- "kg.s3.rackcorp.com"
-
-- Bishkek (Kyrgyzstan) Endpoint
-
-- "id.s3.rackcorp.com"
-
-- Jakarta (Indonesia) Endpoint
-
-- "jp.s3.rackcorp.com"
-
-- Tokyo (Japan) Endpoint
-
-- "sg.s3.rackcorp.com"
-
-- SG (Singapore) Endpoint
-
-- "de.s3.rackcorp.com"
-
-- Frankfurt (Germany) Endpoint
-
-- "us.s3.rackcorp.com"
-
-- USA (AnyCast) Endpoint
-
-- "us-east-1.s3.rackcorp.com"
-
-- New York (USA) Endpoint
-
-- "us-west-1.s3.rackcorp.com"
-
-- Freemont (USA) Endpoint
-
-- "nz.s3.rackcorp.com"
-
-- Auckland (New Zealand) Endpoint
-
-
-
---s3-endpoint
-Endpoint for Qiniu Object Storage.
-Properties:
-
-- Config: endpoint
-- Env Var: RCLONE_S3_ENDPOINT
-- Provider: Qiniu
-- Type: string
-- Required: false
-- Examples:
-
-- "s3-cn-east-1.qiniucs.com"
-
-- East China Endpoint 1
-
-- "s3-cn-east-2.qiniucs.com"
-
-- East China Endpoint 2
-
-- "s3-cn-north-1.qiniucs.com"
-
-- North China Endpoint 1
-
-- "s3-cn-south-1.qiniucs.com"
-
-- South China Endpoint 1
-
-- "s3-us-north-1.qiniucs.com"
-
-- North America Endpoint 1
-
-- "s3-ap-southeast-1.qiniucs.com"
-
-- Southeast Asia Endpoint 1
-
-- "s3-ap-northeast-1.qiniucs.com"
-
-- Northeast Asia Endpoint 1
-
-
-
---s3-endpoint
-Endpoint for S3 API.
-Required when using an S3 clone.
-Properties:
-
-- Config: endpoint
-- Env Var: RCLONE_S3_ENDPOINT
-- Provider: !AWS,IBMCOS,IDrive,IONOS,TencentCOS,HuaweiOBS,Alibaba,ChinaMobile,Liara,ArvanCloud,Scaleway,StackPath,Storj,RackCorp,Qiniu
-- Type: string
-- Required: false
-- Examples:
-
-- "objects-us-east-1.dream.io"
-
-- Dream Objects endpoint
-
-- "syd1.digitaloceanspaces.com"
-
-- DigitalOcean Spaces Sydney 1
-
-- "sfo3.digitaloceanspaces.com"
-
-- DigitalOcean Spaces San Francisco 3
-
-- "fra1.digitaloceanspaces.com"
-
-- DigitalOcean Spaces Frankfurt 1
-
-- "nyc3.digitaloceanspaces.com"
-
-- DigitalOcean Spaces New York 3
-
-- "ams3.digitaloceanspaces.com"
-
-- DigitalOcean Spaces Amsterdam 3
-
-- "sgp1.digitaloceanspaces.com"
-
-- DigitalOcean Spaces Singapore 1
-
-- "localhost:8333"
-
-- SeaweedFS S3 localhost
-
-- "s3.us-east-1.lyvecloud.seagate.com"
-
-- Seagate Lyve Cloud US East 1 (Virginia)
-
-- "s3.us-west-1.lyvecloud.seagate.com"
-
-- Seagate Lyve Cloud US West 1 (California)
-
-- "s3.ap-southeast-1.lyvecloud.seagate.com"
-
-- Seagate Lyve Cloud AP Southeast 1 (Singapore)
-
-- "s3.wasabisys.com"
-
-- Wasabi US East 1 (N. Virginia)
-
-- "s3.us-east-2.wasabisys.com"
-
-- Wasabi US East 2 (N. Virginia)
-
-- "s3.us-central-1.wasabisys.com"
-
-- Wasabi US Central 1 (Texas)
-
-- "s3.us-west-1.wasabisys.com"
-
-- Wasabi US West 1 (Oregon)
-
-- "s3.ca-central-1.wasabisys.com"
-
-- Wasabi CA Central 1 (Toronto)
-
-- "s3.eu-central-1.wasabisys.com"
-
-- Wasabi EU Central 1 (Amsterdam)
-
-- "s3.eu-central-2.wasabisys.com"
-
-- Wasabi EU Central 2 (Frankfurt)
-
-- "s3.eu-west-1.wasabisys.com"
-
-- Wasabi EU West 1 (London)
-
-- "s3.eu-west-2.wasabisys.com"
-
-- Wasabi EU West 2 (Paris)
-
-- "s3.ap-northeast-1.wasabisys.com"
-
-- Wasabi AP Northeast 1 (Tokyo) endpoint
-
-- "s3.ap-northeast-2.wasabisys.com"
-
-- Wasabi AP Northeast 2 (Osaka) endpoint
-
-- "s3.ap-southeast-1.wasabisys.com"
-
-- Wasabi AP Southeast 1 (Singapore)
-
-- "s3.ap-southeast-2.wasabisys.com"
-
-- Wasabi AP Southeast 2 (Sydney)
-
-- "storage.iran.liara.space"
-
-- Liara Iran endpoint
-
-- "s3.ir-thr-at1.arvanstorage.com"
+
list-multipart-uploads
+List the unfinished multipart uploads
+rclone backend list-multipart-uploads remote: [options] [<arguments>+]
+This command lists the unfinished multipart uploads in JSON format.
+rclone backend list-multipart s3:bucket/path/to/object
+It returns a dictionary of buckets with values as lists of unfinished multipart uploads.
+You can call it with no bucket in which case it lists all bucket, with a bucket or with a bucket and path.
+{
+ "rclone": [
+ {
+ "Initiated": "2020-06-26T14:20:36Z",
+ "Initiator": {
+ "DisplayName": "XXX",
+ "ID": "arn:aws:iam::XXX:user/XXX"
+ },
+ "Key": "KEY",
+ "Owner": {
+ "DisplayName": null,
+ "ID": "XXX"
+ },
+ "StorageClass": "STANDARD",
+ "UploadId": "XXX"
+ }
+ ],
+ "rclone-1000files": [],
+ "rclone-dst": []
+}
+cleanup
+Remove unfinished multipart uploads.
+rclone backend cleanup remote: [options] [<arguments>+]
+This command removes unfinished multipart uploads of age greater than max-age which defaults to 24 hours.
+Note that you can use --interactive/-i or --dry-run with this command to see what it would do.
+rclone backend cleanup s3:bucket/path/to/object
+rclone backend cleanup -o max-age=7w s3:bucket/path/to/object
+Durations are parsed as per the rest of rclone, 2h, 7d, 7w etc.
+Options:
-- ArvanCloud Tehran Iran (Asiatech) endpoint
-
-
+- "max-age": Max age of upload to delete
---s3-location-constraint
-Location constraint - must be set to match the Region.
-Used when creating buckets only.
-Properties:
-
-- Config: location_constraint
-- Env Var: RCLONE_S3_LOCATION_CONSTRAINT
-- Provider: AWS
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- Empty for US Region, Northern Virginia, or Pacific Northwest
-
-- "us-east-2"
-
-- US East (Ohio) Region
-
-- "us-west-1"
-
-- US West (Northern California) Region
-
-- "us-west-2"
-
-- US West (Oregon) Region
-
-- "ca-central-1"
-
-- Canada (Central) Region
-
-- "eu-west-1"
-
-- EU (Ireland) Region
-
-- "eu-west-2"
-
-- EU (London) Region
-
-- "eu-west-3"
-
-- EU (Paris) Region
-
-- "eu-north-1"
-
-- EU (Stockholm) Region
-
-- "eu-south-1"
-
-- EU (Milan) Region
-
-- "EU"
-
-- EU Region
-
-- "ap-southeast-1"
-
-- Asia Pacific (Singapore) Region
-
-- "ap-southeast-2"
-
-- Asia Pacific (Sydney) Region
-
-- "ap-northeast-1"
-
-- Asia Pacific (Tokyo) Region
-
-- "ap-northeast-2"
-
-- Asia Pacific (Seoul) Region
-
-- "ap-northeast-3"
-
-- Asia Pacific (Osaka-Local) Region
-
-- "ap-south-1"
-
-- Asia Pacific (Mumbai) Region
-
-- "ap-east-1"
-
-- Asia Pacific (Hong Kong) Region
-
-- "sa-east-1"
-
-- South America (Sao Paulo) Region
-
-- "me-south-1"
-
-- Middle East (Bahrain) Region
-
-- "af-south-1"
-
-- Africa (Cape Town) Region
-
-- "cn-north-1"
-
-- China (Beijing) Region
-
-- "cn-northwest-1"
-
-- China (Ningxia) Region
-
-- "us-gov-east-1"
-
-- AWS GovCloud (US-East) Region
-
-- "us-gov-west-1"
-
-- AWS GovCloud (US) Region
-
-
-
---s3-location-constraint
-Location constraint - must match endpoint.
-Used when creating buckets only.
-Properties:
-
-- Config: location_constraint
-- Env Var: RCLONE_S3_LOCATION_CONSTRAINT
-- Provider: ChinaMobile
-- Type: string
-- Required: false
-- Examples:
-
-- "wuxi1"
-
-- East China (Suzhou)
-
-- "jinan1"
-
-- East China (Jinan)
-
-- "ningbo1"
-
-- East China (Hangzhou)
-
-- "shanghai1"
-
-- East China (Shanghai-1)
-
-- "zhengzhou1"
-
-- Central China (Zhengzhou)
-
-- "hunan1"
-
-- Central China (Changsha-1)
-
-- "zhuzhou1"
-
-- Central China (Changsha-2)
-
-- "guangzhou1"
-
-- South China (Guangzhou-2)
-
-- "dongguan1"
-
-- South China (Guangzhou-3)
-
-- "beijing1"
-
-- North China (Beijing-1)
-
-- "beijing2"
-
-- North China (Beijing-2)
-
-- "beijing4"
-
-- North China (Beijing-3)
-
-- "huhehaote1"
-
-- North China (Huhehaote)
-
-- "chengdu1"
-
-- Southwest China (Chengdu)
-
-- "chongqing1"
-
-- Southwest China (Chongqing)
-
-- "guiyang1"
-
-- Southwest China (Guiyang)
-
-- "xian1"
-
-- Nouthwest China (Xian)
-
-- "yunnan"
-
-- Yunnan China (Kunming)
-
-- "yunnan2"
-
-- Yunnan China (Kunming-2)
-
-- "tianjin1"
-
-- Tianjin China (Tianjin)
-
-- "jilin1"
-
-- Jilin China (Changchun)
-
-- "hubei1"
-
-- Hubei China (Xiangyan)
-
-- "jiangxi1"
-
-- Jiangxi China (Nanchang)
-
-- "gansu1"
-
-- Gansu China (Lanzhou)
-
-- "shanxi1"
-
-- Shanxi China (Taiyuan)
-
-- "liaoning1"
-
-- Liaoning China (Shenyang)
-
-- "hebei1"
-
-- Hebei China (Shijiazhuang)
-
-- "fujian1"
-
-- Fujian China (Xiamen)
-
-- "guangxi1"
-
-- Guangxi China (Nanning)
-
-- "anhui1"
-
-- Anhui China (Huainan)
-
-
-
---s3-location-constraint
-Location constraint - must match endpoint.
-Used when creating buckets only.
-Properties:
-
-- Config: location_constraint
-- Env Var: RCLONE_S3_LOCATION_CONSTRAINT
-- Provider: ArvanCloud
-- Type: string
-- Required: false
-- Examples:
-
-- "ir-thr-at1"
-
-- Tehran Iran (Asiatech)
-
-- "ir-tbz-sh1"
-
-- Tabriz Iran (Shahriar)
-
-
-
---s3-location-constraint
-Location constraint - must match endpoint when using IBM Cloud Public.
-For on-prem COS, do not make a selection from this list, hit enter.
-Properties:
-
-- Config: location_constraint
-- Env Var: RCLONE_S3_LOCATION_CONSTRAINT
-- Provider: IBMCOS
-- Type: string
-- Required: false
-- Examples:
-
-- "us-standard"
-
-- US Cross Region Standard
-
-- "us-vault"
-
-- US Cross Region Vault
-
-- "us-cold"
-
-- US Cross Region Cold
-
-- "us-flex"
-
-- US Cross Region Flex
-
-- "us-east-standard"
-
-- US East Region Standard
-
-- "us-east-vault"
-
-- US East Region Vault
-
-- "us-east-cold"
-
-- US East Region Cold
-
-- "us-east-flex"
-
-- US East Region Flex
-
-- "us-south-standard"
-
-- US South Region Standard
-
-- "us-south-vault"
-
-- US South Region Vault
-
-- "us-south-cold"
-
-- US South Region Cold
-
-- "us-south-flex"
-
-- US South Region Flex
-
-- "eu-standard"
-
-- EU Cross Region Standard
-
-- "eu-vault"
-
-- EU Cross Region Vault
-
-- "eu-cold"
-
-- EU Cross Region Cold
-
-- "eu-flex"
-
-- EU Cross Region Flex
-
-- "eu-gb-standard"
-
-- Great Britain Standard
-
-- "eu-gb-vault"
-
-- Great Britain Vault
-
-- "eu-gb-cold"
-
-- Great Britain Cold
-
-- "eu-gb-flex"
-
-- Great Britain Flex
-
-- "ap-standard"
-
-- APAC Standard
-
-- "ap-vault"
-
-- APAC Vault
-
-- "ap-cold"
-
-- APAC Cold
-
-- "ap-flex"
-
-- APAC Flex
-
-- "mel01-standard"
-
-- Melbourne Standard
-
-- "mel01-vault"
-
-- Melbourne Vault
-
-- "mel01-cold"
-
-- Melbourne Cold
-
-- "mel01-flex"
-
-- Melbourne Flex
-
-- "tor01-standard"
-
-- Toronto Standard
-
-- "tor01-vault"
-
-- Toronto Vault
-
-- "tor01-cold"
-
-- Toronto Cold
-
-- "tor01-flex"
-
-- Toronto Flex
-
-
-
---s3-location-constraint
-Location constraint - the location where your bucket will be located and your data stored.
-Properties:
-
-- Config: location_constraint
-- Env Var: RCLONE_S3_LOCATION_CONSTRAINT
-- Provider: RackCorp
-- Type: string
-- Required: false
-- Examples:
-
-- "global"
-
-- Global CDN Region
-
-- "au"
-
-- Australia (All locations)
-
-- "au-nsw"
-
-- NSW (Australia) Region
-
-- "au-qld"
-
-- QLD (Australia) Region
-
-- "au-vic"
-
-- VIC (Australia) Region
-
-- "au-wa"
-
-- Perth (Australia) Region
-
-- "ph"
-
-- Manila (Philippines) Region
-
-- "th"
-
-- Bangkok (Thailand) Region
-
-- "hk"
-
-- HK (Hong Kong) Region
-
-- "mn"
-
-- Ulaanbaatar (Mongolia) Region
-
-- "kg"
-
-- Bishkek (Kyrgyzstan) Region
-
-- "id"
-
-- Jakarta (Indonesia) Region
-
-- "jp"
-
-- Tokyo (Japan) Region
-
-- "sg"
-
-- SG (Singapore) Region
-
-- "de"
-
-- Frankfurt (Germany) Region
-
-- "us"
-
-- USA (AnyCast) Region
-
-- "us-east-1"
-
-- New York (USA) Region
-
-- "us-west-1"
-
-- Freemont (USA) Region
-
-- "nz"
-
-- Auckland (New Zealand) Region
-
-
-
---s3-location-constraint
-Location constraint - must be set to match the Region.
-Used when creating buckets only.
-Properties:
-
-- Config: location_constraint
-- Env Var: RCLONE_S3_LOCATION_CONSTRAINT
-- Provider: Qiniu
-- Type: string
-- Required: false
-- Examples:
-
-- "cn-east-1"
-
-- East China Region 1
-
-- "cn-east-2"
-
-- East China Region 2
-
-- "cn-north-1"
-
-- North China Region 1
-
-- "cn-south-1"
-
-- South China Region 1
-
-- "us-north-1"
-
-- North America Region 1
-
-- "ap-southeast-1"
-
-- Southeast Asia Region 1
-
-- "ap-northeast-1"
-
-- Northeast Asia Region 1
-
-
-
---s3-location-constraint
-Location constraint - must be set to match the Region.
-Leave blank if not sure. Used when creating buckets only.
-Properties:
-
-- Config: location_constraint
-- Env Var: RCLONE_S3_LOCATION_CONSTRAINT
-- Provider: !AWS,Alibaba,HuaweiOBS,ChinaMobile,Cloudflare,IBMCOS,IDrive,IONOS,Liara,ArvanCloud,Qiniu,RackCorp,Scaleway,StackPath,Storj,TencentCOS
-- Type: string
-- Required: false
-
---s3-acl
-Canned ACL used when creating buckets and storing or copying objects.
-This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
-For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
-Note that this ACL is applied when server-side copying objects as S3 doesn't copy the ACL from the source but rather writes a fresh one.
-If the acl is an empty string then no X-Amz-Acl: header is added and the default (private) will be used.
-Properties:
-
-- Config: acl
-- Env Var: RCLONE_S3_ACL
-- Provider: !Storj,Cloudflare
-- Type: string
-- Required: false
-- Examples:
-
-- "default"
-
-- Owner gets Full_CONTROL.
-- No one else has access rights (default).
-
-- "private"
-
-- Owner gets FULL_CONTROL.
-- No one else has access rights (default).
-
-- "public-read"
-
-- Owner gets FULL_CONTROL.
-- The AllUsers group gets READ access.
-
-- "public-read-write"
-
-- Owner gets FULL_CONTROL.
-- The AllUsers group gets READ and WRITE access.
-- Granting this on a bucket is generally not recommended.
-
-- "authenticated-read"
-
-- Owner gets FULL_CONTROL.
-- The AuthenticatedUsers group gets READ access.
-
-- "bucket-owner-read"
-
-- Object owner gets FULL_CONTROL.
-- Bucket owner gets READ access.
-- If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
-
-- "bucket-owner-full-control"
-
-- Both the object owner and the bucket owner get FULL_CONTROL over the object.
-- If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
-
-- "private"
-
-- Owner gets FULL_CONTROL.
-- No one else has access rights (default).
-- This acl is available on IBM Cloud (Infra), IBM Cloud (Storage), On-Premise COS.
-
-- "public-read"
-
-- Owner gets FULL_CONTROL.
-- The AllUsers group gets READ access.
-- This acl is available on IBM Cloud (Infra), IBM Cloud (Storage), On-Premise IBM COS.
-
-- "public-read-write"
-
-- Owner gets FULL_CONTROL.
-- The AllUsers group gets READ and WRITE access.
-- This acl is available on IBM Cloud (Infra), On-Premise IBM COS.
-
-- "authenticated-read"
-
-- Owner gets FULL_CONTROL.
-- The AuthenticatedUsers group gets READ access.
-- Not supported on Buckets.
-- This acl is available on IBM Cloud (Infra) and On-Premise IBM COS.
-
-
-
---s3-server-side-encryption
-The server-side encryption algorithm used when storing this object in S3.
-Properties:
-
-- Config: server_side_encryption
-- Env Var: RCLONE_S3_SERVER_SIDE_ENCRYPTION
-- Provider: AWS,Ceph,ChinaMobile,Minio
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- None
-
-- "AES256"
-
-- AES256
-
-- "aws:kms"
-
-- aws:kms
-
-
-
---s3-sse-kms-key-id
-If using KMS ID you must provide the ARN of Key.
-Properties:
-
-- Config: sse_kms_key_id
-- Env Var: RCLONE_S3_SSE_KMS_KEY_ID
-- Provider: AWS,Ceph,Minio
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- None
-
-- "arn:aws:kms:us-east-1:*"
-
-- arn:aws:kms:*
-
-
-
---s3-storage-class
-The storage class to use when storing new objects in S3.
-Properties:
-
-- Config: storage_class
-- Env Var: RCLONE_S3_STORAGE_CLASS
-- Provider: AWS
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- Default
-
-- "STANDARD"
-
-- Standard storage class
-
-- "REDUCED_REDUNDANCY"
-
-- Reduced redundancy storage class
-
-- "STANDARD_IA"
-
-- Standard Infrequent Access storage class
-
-- "ONEZONE_IA"
-
-- One Zone Infrequent Access storage class
-
-- "GLACIER"
-
-- Glacier storage class
-
-- "DEEP_ARCHIVE"
-
-- Glacier Deep Archive storage class
-
-- "INTELLIGENT_TIERING"
-
-- Intelligent-Tiering storage class
-
-- "GLACIER_IR"
-
-- Glacier Instant Retrieval storage class
-
-
-
---s3-storage-class
-The storage class to use when storing new objects in OSS.
-Properties:
-
-- Config: storage_class
-- Env Var: RCLONE_S3_STORAGE_CLASS
-- Provider: Alibaba
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- Default
-
-- "STANDARD"
-
-- Standard storage class
-
-- "GLACIER"
-
-- Archive storage mode
-
-- "STANDARD_IA"
-
-- Infrequent access storage mode
-
-
-
---s3-storage-class
-The storage class to use when storing new objects in ChinaMobile.
-Properties:
-
-- Config: storage_class
-- Env Var: RCLONE_S3_STORAGE_CLASS
-- Provider: ChinaMobile
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- Default
-
-- "STANDARD"
-
-- Standard storage class
-
-- "GLACIER"
-
-- Archive storage mode
-
-- "STANDARD_IA"
-
-- Infrequent access storage mode
-
-
-
---s3-storage-class
-The storage class to use when storing new objects in Liara
-Properties:
-
-- Config: storage_class
-- Env Var: RCLONE_S3_STORAGE_CLASS
-- Provider: Liara
-- Type: string
-- Required: false
-- Examples:
-
-- "STANDARD"
-
-- Standard storage class
-
-
-
---s3-storage-class
-The storage class to use when storing new objects in ArvanCloud.
-Properties:
-
-- Config: storage_class
-- Env Var: RCLONE_S3_STORAGE_CLASS
-- Provider: ArvanCloud
-- Type: string
-- Required: false
-- Examples:
-
-- "STANDARD"
-
-- Standard storage class
-
-
-
---s3-storage-class
-The storage class to use when storing new objects in Tencent COS.
-Properties:
-
-- Config: storage_class
-- Env Var: RCLONE_S3_STORAGE_CLASS
-- Provider: TencentCOS
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- Default
-
-- "STANDARD"
-
-- Standard storage class
-
-- "ARCHIVE"
-
-- Archive storage mode
-
-- "STANDARD_IA"
-
-- Infrequent access storage mode
-
-
-
---s3-storage-class
-The storage class to use when storing new objects in S3.
-Properties:
-
-- Config: storage_class
-- Env Var: RCLONE_S3_STORAGE_CLASS
-- Provider: Scaleway
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- Default.
-
-- "STANDARD"
-
-- The Standard class for any upload.
-- Suitable for on-demand content like streaming or CDN.
-
-- "GLACIER"
-
-- Archived storage.
-- Prices are lower, but it needs to be restored first to be accessed.
-
-
-
---s3-storage-class
-The storage class to use when storing new objects in Qiniu.
-Properties:
-
-- Config: storage_class
-- Env Var: RCLONE_S3_STORAGE_CLASS
-- Provider: Qiniu
-- Type: string
-- Required: false
-- Examples:
-
-- "STANDARD"
-
-- Standard storage class
-
-- "LINE"
-
-- Infrequent access storage mode
-
-- "GLACIER"
-
-- Archive storage mode
-
-- "DEEP_ARCHIVE"
-
-- Deep archive storage mode
-
-
-
-Advanced options
-Here are the Advanced options specific to s3 (Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, IONOS Cloud, Liara, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS, Qiniu and Wasabi).
---s3-bucket-acl
-Canned ACL used when creating buckets.
-For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
-Note that this ACL is applied when only when creating buckets. If it isn't set then "acl" is used instead.
-If the "acl" and "bucket_acl" are empty strings then no X-Amz-Acl: header is added and the default (private) will be used.
-Properties:
-
-- Config: bucket_acl
-- Env Var: RCLONE_S3_BUCKET_ACL
-- Type: string
-- Required: false
-- Examples:
-
-- "private"
-
-- Owner gets FULL_CONTROL.
-- No one else has access rights (default).
-
-- "public-read"
-
-- Owner gets FULL_CONTROL.
-- The AllUsers group gets READ access.
-
-- "public-read-write"
-
-- Owner gets FULL_CONTROL.
-- The AllUsers group gets READ and WRITE access.
-- Granting this on a bucket is generally not recommended.
-
-- "authenticated-read"
-
-- Owner gets FULL_CONTROL.
-- The AuthenticatedUsers group gets READ access.
-
-
-
---s3-requester-pays
-Enables requester pays option when interacting with S3 bucket.
-Properties:
-
-- Config: requester_pays
-- Env Var: RCLONE_S3_REQUESTER_PAYS
-- Provider: AWS
-- Type: bool
-- Default: false
-
---s3-sse-customer-algorithm
-If using SSE-C, the server-side encryption algorithm used when storing this object in S3.
-Properties:
-
-- Config: sse_customer_algorithm
-- Env Var: RCLONE_S3_SSE_CUSTOMER_ALGORITHM
-- Provider: AWS,Ceph,ChinaMobile,Minio
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- None
-
-- "AES256"
-
-- AES256
-
-
-
---s3-sse-customer-key
-To use SSE-C you may provide the secret encryption key used to encrypt/decrypt your data.
-Alternatively you can provide --sse-customer-key-base64.
-Properties:
-
-- Config: sse_customer_key
-- Env Var: RCLONE_S3_SSE_CUSTOMER_KEY
-- Provider: AWS,Ceph,ChinaMobile,Minio
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- None
-
-
-
---s3-sse-customer-key-base64
-If using SSE-C you must provide the secret encryption key encoded in base64 format to encrypt/decrypt your data.
-Alternatively you can provide --sse-customer-key.
-Properties:
-
-- Config: sse_customer_key_base64
-- Env Var: RCLONE_S3_SSE_CUSTOMER_KEY_BASE64
-- Provider: AWS,Ceph,ChinaMobile,Minio
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- None
-
-
-
---s3-sse-customer-key-md5
-If using SSE-C you may provide the secret encryption key MD5 checksum (optional).
-If you leave it blank, this is calculated automatically from the sse_customer_key provided.
-Properties:
-
-- Config: sse_customer_key_md5
-- Env Var: RCLONE_S3_SSE_CUSTOMER_KEY_MD5
-- Provider: AWS,Ceph,ChinaMobile,Minio
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- None
-
-
-
---s3-upload-cutoff
-Cutoff for switching to chunked upload.
-Any files larger than this will be uploaded in chunks of chunk_size. The minimum is 0 and the maximum is 5 GiB.
-Properties:
-
-- Config: upload_cutoff
-- Env Var: RCLONE_S3_UPLOAD_CUTOFF
-- Type: SizeSuffix
-- Default: 200Mi
-
---s3-chunk-size
-Chunk size to use for uploading.
-When uploading files larger than upload_cutoff or files with unknown size (e.g. from "rclone rcat" or uploaded with "rclone mount" or google photos or google docs) they will be uploaded as multipart uploads using this chunk size.
-Note that "--s3-upload-concurrency" chunks of this size are buffered in memory per transfer.
-If you are transferring large files over high-speed links and you have enough memory, then increasing this will speed up the transfers.
-Rclone will automatically increase the chunk size when uploading a large file of known size to stay below the 10,000 chunks limit.
-Files of unknown size are uploaded with the configured chunk_size. Since the default chunk size is 5 MiB and there can be at most 10,000 chunks, this means that by default the maximum size of a file you can stream upload is 48 GiB. If you wish to stream upload larger files then you will need to increase chunk_size.
-Increasing the chunk size decreases the accuracy of the progress statistics displayed with "-P" flag. Rclone treats chunk as sent when it's buffered by the AWS SDK, when in fact it may still be uploading. A bigger chunk size means a bigger AWS SDK buffer and progress reporting more deviating from the truth.
-Properties:
-
-- Config: chunk_size
-- Env Var: RCLONE_S3_CHUNK_SIZE
-- Type: SizeSuffix
-- Default: 5Mi
-
---s3-max-upload-parts
-Maximum number of parts in a multipart upload.
-This option defines the maximum number of multipart chunks to use when doing a multipart upload.
-This can be useful if a service does not support the AWS S3 specification of 10,000 chunks.
-Rclone will automatically increase the chunk size when uploading a large file of a known size to stay below this number of chunks limit.
-Properties:
-
-- Config: max_upload_parts
-- Env Var: RCLONE_S3_MAX_UPLOAD_PARTS
-- Type: int
-- Default: 10000
-
---s3-copy-cutoff
-Cutoff for switching to multipart copy.
-Any files larger than this that need to be server-side copied will be copied in chunks of this size.
-The minimum is 0 and the maximum is 5 GiB.
-Properties:
-
-- Config: copy_cutoff
-- Env Var: RCLONE_S3_COPY_CUTOFF
-- Type: SizeSuffix
-- Default: 4.656Gi
-
---s3-disable-checksum
-Don't store MD5 checksum with object metadata.
-Normally rclone will calculate the MD5 checksum of the input before uploading it so it can add it to metadata on the object. This is great for data integrity checking but can cause long delays for large files to start uploading.
-Properties:
-
-- Config: disable_checksum
-- Env Var: RCLONE_S3_DISABLE_CHECKSUM
-- Type: bool
-- Default: false
-
---s3-shared-credentials-file
-Path to the shared credentials file.
-If env_auth = true then rclone can use a shared credentials file.
-If this variable is empty rclone will look for the "AWS_SHARED_CREDENTIALS_FILE" env variable. If the env value is empty it will default to the current user's home directory.
-Linux/OSX: "$HOME/.aws/credentials"
-Windows: "%USERPROFILE%\.aws\credentials"
-Properties:
-
-- Config: shared_credentials_file
-- Env Var: RCLONE_S3_SHARED_CREDENTIALS_FILE
-- Type: string
-- Required: false
-
---s3-profile
-Profile to use in the shared credentials file.
-If env_auth = true then rclone can use a shared credentials file. This variable controls which profile is used in that file.
-If empty it will default to the environment variable "AWS_PROFILE" or "default" if that environment variable is also not set.
-Properties:
-
-- Config: profile
-- Env Var: RCLONE_S3_PROFILE
-- Type: string
-- Required: false
-
---s3-session-token
-An AWS session token.
-Properties:
-
-- Config: session_token
-- Env Var: RCLONE_S3_SESSION_TOKEN
-- Type: string
-- Required: false
-
---s3-upload-concurrency
-Concurrency for multipart uploads.
-This is the number of chunks of the same file that are uploaded concurrently.
-If you are uploading small numbers of large files over high-speed links and these uploads do not fully utilize your bandwidth, then increasing this may help to speed up the transfers.
-Properties:
-
-- Config: upload_concurrency
-- Env Var: RCLONE_S3_UPLOAD_CONCURRENCY
-- Type: int
-- Default: 4
-
---s3-force-path-style
-If true use path style access if false use virtual hosted style.
-If this is true (the default) then rclone will use path style access, if false then rclone will use virtual path style. See the AWS S3 docs for more info.
-Some providers (e.g. AWS, Aliyun OSS, Netease COS, or Tencent COS) require this set to false - rclone will do this automatically based on the provider setting.
-Properties:
-
-- Config: force_path_style
-- Env Var: RCLONE_S3_FORCE_PATH_STYLE
-- Type: bool
-- Default: true
-
---s3-v2-auth
-If true use v2 authentication.
-If this is false (the default) then rclone will use v4 authentication. If it is set then rclone will use v2 authentication.
-Use this only if v4 signatures don't work, e.g. pre Jewel/v10 CEPH.
-Properties:
-
-- Config: v2_auth
-- Env Var: RCLONE_S3_V2_AUTH
-- Type: bool
-- Default: false
-
---s3-use-accelerate-endpoint
-If true use the AWS S3 accelerated endpoint.
-See: AWS S3 Transfer acceleration
-Properties:
-
-- Config: use_accelerate_endpoint
-- Env Var: RCLONE_S3_USE_ACCELERATE_ENDPOINT
-- Provider: AWS
-- Type: bool
-- Default: false
-
---s3-leave-parts-on-error
-If true avoid calling abort upload on a failure, leaving all successfully uploaded parts on S3 for manual recovery.
-It should be set to true for resuming uploads across different sessions.
-WARNING: Storing parts of an incomplete multipart upload counts towards space usage on S3 and will add additional costs if not cleaned up.
-Properties:
-
-- Config: leave_parts_on_error
-- Env Var: RCLONE_S3_LEAVE_PARTS_ON_ERROR
-- Provider: AWS
-- Type: bool
-- Default: false
-
---s3-list-chunk
-Size of listing chunk (response list for each ListObject S3 request).
-This option is also known as "MaxKeys", "max-items", or "page-size" from the AWS S3 specification. Most services truncate the response list to 1000 objects even if requested more than that. In AWS S3 this is a global maximum and cannot be changed, see AWS S3. In Ceph, this can be increased with the "rgw list buckets max chunk" option.
-Properties:
-
-- Config: list_chunk
-- Env Var: RCLONE_S3_LIST_CHUNK
-- Type: int
-- Default: 1000
-
---s3-list-version
-Version of ListObjects to use: 1,2 or 0 for auto.
-When S3 originally launched it only provided the ListObjects call to enumerate objects in a bucket.
-However in May 2016 the ListObjectsV2 call was introduced. This is much higher performance and should be used if at all possible.
-If set to the default, 0, rclone will guess according to the provider set which list objects method to call. If it guesses wrong, then it may be set manually here.
-Properties:
-
-- Config: list_version
-- Env Var: RCLONE_S3_LIST_VERSION
-- Type: int
-- Default: 0
-
---s3-list-url-encode
-Whether to url encode listings: true/false/unset
-Some providers support URL encoding listings and where this is available this is more reliable when using control characters in file names. If this is set to unset (the default) then rclone will choose according to the provider setting what to apply, but you can override rclone's choice here.
-Properties:
-
-- Config: list_url_encode
-- Env Var: RCLONE_S3_LIST_URL_ENCODE
-- Type: Tristate
-- Default: unset
-
---s3-no-check-bucket
-If set, don't attempt to check the bucket exists or create it.
-This can be useful when trying to minimise the number of transactions rclone does if you know the bucket exists already.
-It can also be needed if the user you are using does not have bucket creation permissions. Before v1.52.0 this would have passed silently due to a bug.
-Properties:
-
-- Config: no_check_bucket
-- Env Var: RCLONE_S3_NO_CHECK_BUCKET
-- Type: bool
-- Default: false
-
---s3-no-head
-If set, don't HEAD uploaded objects to check integrity.
-This can be useful when trying to minimise the number of transactions rclone does.
-Setting it means that if rclone receives a 200 OK message after uploading an object with PUT then it will assume that it got uploaded properly.
-In particular it will assume:
-
-- the metadata, including modtime, storage class and content type was as uploaded
-- the size was as uploaded
-
-It reads the following items from the response for a single part PUT:
-
-- the MD5SUM
-- The uploaded date
-
-For multipart uploads these items aren't read.
-If an source object of unknown length is uploaded then rclone will do a HEAD request.
-Setting this flag increases the chance for undetected upload failures, in particular an incorrect size, so it isn't recommended for normal operation. In practice the chance of an undetected upload failure is very small even with this flag.
-Properties:
-
-- Config: no_head
-- Env Var: RCLONE_S3_NO_HEAD
-- Type: bool
-- Default: false
-
---s3-no-head-object
-If set, do not do HEAD before GET when getting objects.
-Properties:
-
-- Config: no_head_object
-- Env Var: RCLONE_S3_NO_HEAD_OBJECT
-- Type: bool
-- Default: false
-
---s3-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_S3_ENCODING
-- Type: MultiEncoder
-- Default: Slash,InvalidUtf8,Dot
-
---s3-memory-pool-flush-time
-How often internal memory buffer pools will be flushed.
-Uploads which requires additional buffers (f.e multipart) will use memory pool for allocations. This option controls how often unused buffers will be removed from the pool.
-Properties:
-
-- Config: memory_pool_flush_time
-- Env Var: RCLONE_S3_MEMORY_POOL_FLUSH_TIME
-- Type: Duration
-- Default: 1m0s
-
---s3-memory-pool-use-mmap
-Whether to use mmap buffers in internal memory pool.
-Properties:
-
-- Config: memory_pool_use_mmap
-- Env Var: RCLONE_S3_MEMORY_POOL_USE_MMAP
-- Type: bool
-- Default: false
-
---s3-disable-http2
-Disable usage of http2 for S3 backends.
-There is currently an unsolved issue with the s3 (specifically minio) backend and HTTP/2. HTTP/2 is enabled by default for the s3 backend but can be disabled here. When the issue is solved this flag will be removed.
-See: https://github.com/rclone/rclone/issues/4673, https://github.com/rclone/rclone/issues/3631
-Properties:
-
-- Config: disable_http2
-- Env Var: RCLONE_S3_DISABLE_HTTP2
-- Type: bool
-- Default: false
-
---s3-download-url
-Custom endpoint for downloads. This is usually set to a CloudFront CDN URL as AWS S3 offers cheaper egress for data downloaded through the CloudFront network.
-Properties:
-
-- Config: download_url
-- Env Var: RCLONE_S3_DOWNLOAD_URL
-- Type: string
-- Required: false
-
---s3-use-multipart-etag
-Whether to use ETag in multipart uploads for verification
-This should be true, false or left unset to use the default for the provider.
-Properties:
-
-- Config: use_multipart_etag
-- Env Var: RCLONE_S3_USE_MULTIPART_ETAG
-- Type: Tristate
-- Default: unset
-
---s3-use-presigned-request
-Whether to use a presigned request or PutObject for single part uploads
-If this is false rclone will use PutObject from the AWS SDK to upload an object.
-Versions of rclone < 1.59 use presigned requests to upload a single part object and setting this flag to true will re-enable that functionality. This shouldn't be necessary except in exceptional circumstances or for testing.
-Properties:
-
-- Config: use_presigned_request
-- Env Var: RCLONE_S3_USE_PRESIGNED_REQUEST
-- Type: bool
-- Default: false
-
---s3-versions
-Include old versions in directory listings.
-Properties:
-
-- Config: versions
-- Env Var: RCLONE_S3_VERSIONS
-- Type: bool
-- Default: false
-
---s3-version-at
-Show file versions as they were at the specified time.
-The parameter should be a date, "2006-01-02", datetime "2006-01-02 15:04:05" or a duration for that long ago, eg "100d" or "1h".
-Note that when using this no file write operations are permitted, so you can't upload files or delete them.
-See the time option docs for valid formats.
-Properties:
-
-- Config: version_at
-- Env Var: RCLONE_S3_VERSION_AT
-- Type: Time
-- Default: off
-
---s3-decompress
-If set this will decompress gzip encoded objects.
-It is possible to upload objects to S3 with "Content-Encoding: gzip" set. Normally rclone will download these files as compressed objects.
-If this flag is set then rclone will decompress these files with "Content-Encoding: gzip" as they are received. This means that rclone can't check the size and hash but the file contents will be decompressed.
-Properties:
-
-- Config: decompress
-- Env Var: RCLONE_S3_DECOMPRESS
-- Type: bool
-- Default: false
-
---s3-might-gzip
-Set this if the backend might gzip objects.
-Normally providers will not alter objects when they are downloaded. If an object was not uploaded with Content-Encoding: gzip
then it won't be set on download.
-However some providers may gzip objects even if they weren't uploaded with Content-Encoding: gzip
(eg Cloudflare).
-A symptom of this would be receiving errors like
-ERROR corrupted on transfer: sizes differ NNN vs MMM
-If you set this flag and rclone downloads an object with Content-Encoding: gzip set and chunked transfer encoding, then rclone will decompress the object on the fly.
-If this is set to unset (the default) then rclone will choose according to the provider setting what to apply, but you can override rclone's choice here.
-Properties:
-
-- Config: might_gzip
-- Env Var: RCLONE_S3_MIGHT_GZIP
-- Type: Tristate
-- Default: unset
-
---s3-no-system-metadata
-Suppress setting and reading of system metadata
-Properties:
-
-- Config: no_system_metadata
-- Env Var: RCLONE_S3_NO_SYSTEM_METADATA
-- Type: bool
-- Default: false
-
---s3-sts-endpoint
-Endpoint for STS.
-Leave blank if using AWS to use the default endpoint for the region.
-Properties:
-
-- Config: sts_endpoint
-- Env Var: RCLONE_S3_STS_ENDPOINT
-- Provider: AWS
-- Type: string
-- Required: false
-
-Metadata
-User metadata is stored as x-amz-meta- keys. S3 metadata keys are case insensitive and are always returned in lower case.
-Here are the possible system metadata items for the s3 backend.
-
-
-
-
-
-
-
-
-
-
-Name
-Help
-Type
-Example
-Read Only
-
-
-
-
-btime
-Time of file birth (creation) read from Last-Modified header
-RFC 3339
-2006-01-02T15:04:05.999999999Z07:00
-Y
-
-
-cache-control
-Cache-Control header
-string
-no-cache
-N
-
-
-content-disposition
-Content-Disposition header
-string
-inline
-N
-
-
-content-encoding
-Content-Encoding header
-string
-gzip
-N
-
-
-content-language
-Content-Language header
-string
-en-US
-N
-
-
-content-type
-Content-Type header
-string
-text/plain
-N
-
-
-mtime
-Time of last modification, read from rclone metadata
-RFC 3339
-2006-01-02T15:04:05.999999999Z07:00
-N
-
-
-tier
-Tier of the object
-string
-GLACIER
-Y
-
-
-
-See the metadata docs for more info.
-Backend commands
-Here are the commands specific to the s3 backend.
-Run them with
-rclone backend COMMAND remote:
-The help below will explain what arguments each command takes.
-See the backend command for more info on how to pass options and arguments.
-These can be run on a running backend using the rc command backend/command.
-restore
-Restore objects from GLACIER to normal storage
-rclone backend restore remote: [options] [<arguments>+]
-This command can be used to restore one or more objects from GLACIER to normal storage.
-Usage Examples:
-rclone backend restore s3:bucket/path/to/object [-o priority=PRIORITY] [-o lifetime=DAYS]
-rclone backend restore s3:bucket/path/to/directory [-o priority=PRIORITY] [-o lifetime=DAYS]
-rclone backend restore s3:bucket [-o priority=PRIORITY] [-o lifetime=DAYS]
-This flag also obeys the filters. Test first with --interactive/-i or --dry-run flags
-rclone --interactive backend restore --include "*.txt" s3:bucket/path -o priority=Standard
-All the objects shown will be marked for restore, then
-rclone backend restore --include "*.txt" s3:bucket/path -o priority=Standard
-It returns a list of status dictionaries with Remote and Status keys. The Status will be OK if it was successful or an error message if not.
-[
- {
- "Status": "OK",
- "Path": "test.txt"
- },
- {
- "Status": "OK",
- "Path": "test/file4.txt"
- }
-]
-Options:
-
-- "description": The optional description for the job.
-- "lifetime": Lifetime of the active copy in days
-- "priority": Priority of restore: Standard|Expedited|Bulk
-
-list-multipart-uploads
-List the unfinished multipart uploads
-rclone backend list-multipart-uploads remote: [options] [<arguments>+]
-This command lists the unfinished multipart uploads in JSON format.
-rclone backend list-multipart s3:bucket/path/to/object
-It returns a dictionary of buckets with values as lists of unfinished multipart uploads.
-You can call it with no bucket in which case it lists all bucket, with a bucket or with a bucket and path.
-{
- "rclone": [
- {
- "Initiated": "2020-06-26T14:20:36Z",
- "Initiator": {
- "DisplayName": "XXX",
- "ID": "arn:aws:iam::XXX:user/XXX"
- },
- "Key": "KEY",
- "Owner": {
- "DisplayName": null,
- "ID": "XXX"
- },
- "StorageClass": "STANDARD",
- "UploadId": "XXX"
- }
- ],
- "rclone-1000files": [],
- "rclone-dst": []
-}
-cleanup
-Remove unfinished multipart uploads.
-rclone backend cleanup remote: [options] [<arguments>+]
-This command removes unfinished multipart uploads of age greater than max-age which defaults to 24 hours.
-Note that you can use --interactive/-i or --dry-run with this command to see what it would do.
-rclone backend cleanup s3:bucket/path/to/object
-rclone backend cleanup -o max-age=7w s3:bucket/path/to/object
-Durations are parsed as per the rest of rclone, 2h, 7d, 7w etc.
-Options:
-
-- "max-age": Max age of upload to delete
-
-cleanup-hidden
-Remove old versions of files.
-rclone backend cleanup-hidden remote: [options] [<arguments>+]
-This command removes any old hidden versions of files on a versions enabled bucket.
-Note that you can use --interactive/-i or --dry-run with this command to see what it would do.
-rclone backend cleanup-hidden s3:bucket/path/to/dir
-versioning
-Set/get versioning support for a bucket.
-rclone backend versioning remote: [options] [<arguments>+]
-This command sets versioning support if a parameter is passed and then returns the current versioning status for the bucket supplied.
-rclone backend versioning s3:bucket # read status only
-rclone backend versioning s3:bucket Enabled
-rclone backend versioning s3:bucket Suspended
-It may return "Enabled", "Suspended" or "Unversioned". Note that once versioning has been enabled the status can't be set back to "Unversioned".
-Anonymous access to public buckets
-If you want to use rclone to access a public bucket, configure with a blank access_key_id
and secret_access_key
. Your config should end up looking like this:
-[anons3]
-type = s3
-provider = AWS
-env_auth = false
-access_key_id =
-secret_access_key =
-region = us-east-1
-endpoint =
-location_constraint =
-acl = private
-server_side_encryption =
-storage_class =
-Then use it as normal with the name of the public bucket, e.g.
-rclone lsd anons3:1000genomes
-You will be able to list and copy data but not upload it.
-Providers
-AWS S3
-This is the provider used as main example and described in the configuration section above.
-AWS Snowball Edge
-AWS Snowball is a hardware appliance used for transferring bulk data back to AWS. Its main software interface is S3 object storage.
-To use rclone with AWS Snowball Edge devices, configure as standard for an 'S3 Compatible Service'.
-If using rclone pre v1.59 be sure to set upload_cutoff = 0
otherwise you will run into authentication header issues as the snowball device does not support query parameter based authentication.
-With rclone v1.59 or later setting upload_cutoff
should not be necessary.
-eg.
-[snowball]
-type = s3
-provider = Other
-access_key_id = YOUR_ACCESS_KEY
-secret_access_key = YOUR_SECRET_KEY
-endpoint = http://[IP of Snowball]:8080
-upload_cutoff = 0
-Ceph
-Ceph is an open-source, unified, distributed storage system designed for excellent performance, reliability and scalability. It has an S3 compatible object storage interface.
-To use rclone with Ceph, configure as above but leave the region blank and set the endpoint. You should end up with something like this in your config:
-[ceph]
-type = s3
-provider = Ceph
-env_auth = false
-access_key_id = XXX
-secret_access_key = YYY
-region =
-endpoint = https://ceph.endpoint.example.com
-location_constraint =
-acl =
-server_side_encryption =
-storage_class =
-If you are using an older version of CEPH (e.g. 10.2.x Jewel) and a version of rclone before v1.59 then you may need to supply the parameter --s3-upload-cutoff 0
or put this in the config file as upload_cutoff 0
to work around a bug which causes uploading of small files to fail.
-Note also that Ceph sometimes puts /
in the passwords it gives users. If you read the secret access key using the command line tools you will get a JSON blob with the /
escaped as \/
. Make sure you only write /
in the secret access key.
-Eg the dump from Ceph looks something like this (irrelevant keys removed).
-{
- "user_id": "xxx",
- "display_name": "xxxx",
- "keys": [
- {
- "user": "xxx",
- "access_key": "xxxxxx",
- "secret_key": "xxxxxx\/xxxx"
- }
- ],
-}
-Because this is a json dump, it is encoding the /
as \/
, so if you use the secret key as xxxxxx/xxxx
it will work fine.
-Cloudflare R2
-Cloudflare R2 Storage allows developers to store large amounts of unstructured data without the costly egress bandwidth fees associated with typical cloud storage services.
-Here is an example of making a Cloudflare R2 configuration. First run:
-rclone config
-This will guide you through an interactive setup process.
-Note that all buckets are private, and all are stored in the same "auto" region. It is necessary to use Cloudflare workers to share the content of a bucket publicly.
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> r2
-Option Storage.
-Type of storage to configure.
-Choose a number from below, or type in your own value.
-...
-XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS and Wasabi
- \ (s3)
-...
-Storage> s3
-Option provider.
-Choose your S3 provider.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
-...
-XX / Cloudflare R2 Storage
- \ (Cloudflare)
-...
-provider> Cloudflare
-Option env_auth.
-Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
-Only applies if access_key_id and secret_access_key is blank.
-Choose a number from below, or type in your own boolean value (true or false).
-Press Enter for the default (false).
- 1 / Enter AWS credentials in the next step.
- \ (false)
- 2 / Get AWS credentials from the environment (env vars or IAM).
- \ (true)
-env_auth> 1
-Option access_key_id.
-AWS Access Key ID.
-Leave blank for anonymous access or runtime credentials.
-Enter a value. Press Enter to leave empty.
-access_key_id> ACCESS_KEY
-Option secret_access_key.
-AWS Secret Access Key (password).
-Leave blank for anonymous access or runtime credentials.
-Enter a value. Press Enter to leave empty.
-secret_access_key> SECRET_ACCESS_KEY
-Option region.
-Region to connect to.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / R2 buckets are automatically distributed across Cloudflare's data centers for low latency.
- \ (auto)
-region> 1
-Option endpoint.
-Endpoint for S3 API.
-Required when using an S3 clone.
-Enter a value. Press Enter to leave empty.
-endpoint> https://ACCOUNT_ID.r2.cloudflarestorage.com
-Edit advanced config?
-y) Yes
-n) No (default)
-y/n> n
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-This will leave your config looking something like:
-[r2]
-type = s3
-provider = Cloudflare
-access_key_id = ACCESS_KEY
-secret_access_key = SECRET_ACCESS_KEY
-region = auto
-endpoint = https://ACCOUNT_ID.r2.cloudflarestorage.com
-acl = private
-Now run rclone lsf r2:
to see your buckets and rclone lsf r2:bucket
to look within a bucket.
-Dreamhost
-Dreamhost DreamObjects is an object storage system based on CEPH.
-To use rclone with Dreamhost, configure as above but leave the region blank and set the endpoint. You should end up with something like this in your config:
-[dreamobjects]
-type = s3
-provider = DreamHost
-env_auth = false
-access_key_id = your_access_key
-secret_access_key = your_secret_key
-region =
-endpoint = objects-us-west-1.dream.io
-location_constraint =
-acl = private
-server_side_encryption =
-storage_class =
-DigitalOcean Spaces
-Spaces is an S3-interoperable object storage service from cloud provider DigitalOcean.
-To connect to DigitalOcean Spaces you will need an access key and secret key. These can be retrieved on the "Applications & API" page of the DigitalOcean control panel. They will be needed when prompted by rclone config
for your access_key_id
and secret_access_key
.
-When prompted for a region
or location_constraint
, press enter to use the default value. The region must be included in the endpoint
setting (e.g. nyc3.digitaloceanspaces.com
). The default values can be used for other settings.
-Going through the whole process of creating a new remote by running rclone config
, each prompt should be answered as shown below:
-Storage> s3
-env_auth> 1
-access_key_id> YOUR_ACCESS_KEY
-secret_access_key> YOUR_SECRET_KEY
-region>
-endpoint> nyc3.digitaloceanspaces.com
-location_constraint>
-acl>
-storage_class>
-The resulting configuration file should look like:
-[spaces]
-type = s3
-provider = DigitalOcean
-env_auth = false
-access_key_id = YOUR_ACCESS_KEY
-secret_access_key = YOUR_SECRET_KEY
-region =
-endpoint = nyc3.digitaloceanspaces.com
-location_constraint =
-acl =
-server_side_encryption =
-storage_class =
-Once configured, you can create a new Space and begin copying files. For example:
-rclone mkdir spaces:my-new-space
-rclone copy /path/to/files spaces:my-new-space
-Huawei OBS
-Object Storage Service (OBS) provides stable, secure, efficient, and easy-to-use cloud storage that lets you store virtually any volume of unstructured data in any format and access it from anywhere.
-OBS provides an S3 interface, you can copy and modify the following configuration and add it to your rclone configuration file.
-[obs]
-type = s3
-provider = HuaweiOBS
-access_key_id = your-access-key-id
-secret_access_key = your-secret-access-key
-region = af-south-1
-endpoint = obs.af-south-1.myhuaweicloud.com
-acl = private
-Or you can also configure via the interactive command line:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> obs
-Option Storage.
-Type of storage to configure.
-Choose a number from below, or type in your own value.
-[snip]
- 5 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS and Wasabi
- \ (s3)
-[snip]
-Storage> 5
-Option provider.
-Choose your S3 provider.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
-[snip]
- 9 / Huawei Object Storage Service
- \ (HuaweiOBS)
-[snip]
-provider> 9
-Option env_auth.
-Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
-Only applies if access_key_id and secret_access_key is blank.
-Choose a number from below, or type in your own boolean value (true or false).
-Press Enter for the default (false).
- 1 / Enter AWS credentials in the next step.
- \ (false)
- 2 / Get AWS credentials from the environment (env vars or IAM).
- \ (true)
-env_auth> 1
-Option access_key_id.
-AWS Access Key ID.
-Leave blank for anonymous access or runtime credentials.
-Enter a value. Press Enter to leave empty.
-access_key_id> your-access-key-id
-Option secret_access_key.
-AWS Secret Access Key (password).
-Leave blank for anonymous access or runtime credentials.
-Enter a value. Press Enter to leave empty.
-secret_access_key> your-secret-access-key
-Option region.
-Region to connect to.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / AF-Johannesburg
- \ (af-south-1)
- 2 / AP-Bangkok
- \ (ap-southeast-2)
-[snip]
-region> 1
-Option endpoint.
-Endpoint for OBS API.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / AF-Johannesburg
- \ (obs.af-south-1.myhuaweicloud.com)
- 2 / AP-Bangkok
- \ (obs.ap-southeast-2.myhuaweicloud.com)
-[snip]
-endpoint> 1
-Option acl.
-Canned ACL used when creating buckets and storing or copying objects.
-This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
-For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
-Note that this ACL is applied when server-side copying objects as S3
-doesn't copy the ACL from the source but rather writes a fresh one.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- / Owner gets FULL_CONTROL.
- 1 | No one else has access rights (default).
- \ (private)
-[snip]
-acl> 1
-Edit advanced config?
-y) Yes
-n) No (default)
-y/n>
---------------------
-[obs]
-type = s3
-provider = HuaweiOBS
-access_key_id = your-access-key-id
-secret_access_key = your-secret-access-key
-region = af-south-1
-endpoint = obs.af-south-1.myhuaweicloud.com
-acl = private
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Current remotes:
-
-Name Type
-==== ====
-obs s3
-
-e) Edit existing remote
-n) New remote
-d) Delete remote
-r) Rename remote
-c) Copy remote
-s) Set configuration password
-q) Quit config
-e/n/d/r/c/s/q> q
-IBM COS (S3)
-Information stored with IBM Cloud Object Storage is encrypted and dispersed across multiple geographic locations, and accessed through an implementation of the S3 API. This service makes use of the distributed storage technologies provided by IBM’s Cloud Object Storage System (formerly Cleversafe). For more information visit: (http://www.ibm.com/cloud/object-storage)
-To configure access to IBM COS S3, follow the steps below:
-
-- Run rclone config and select n for a new remote.
-
- 2018/02/14 14:13:11 NOTICE: Config file "C:\\Users\\a\\.config\\rclone\\rclone.conf" not found - using defaults
- No remotes found, make a new one?
- n) New remote
- s) Set configuration password
- q) Quit config
- n/s/q> n
-
-- Enter the name for the configuration
-
- name> <YOUR NAME>
-
-- Select "s3" storage.
-
-Choose a number from below, or type in your own value
- 1 / Alias for an existing remote
- \ "alias"
- 2 / Amazon Drive
- \ "amazon cloud drive"
- 3 / Amazon S3 Complaint Storage Providers (Dreamhost, Ceph, ChinaMobile, Liara, ArvanCloud, Minio, IBM COS)
- \ "s3"
- 4 / Backblaze B2
- \ "b2"
-[snip]
- 23 / HTTP
- \ "http"
-Storage> 3
-
-- Select IBM COS as the S3 Storage Provider.
-
-Choose the S3 provider.
-Choose a number from below, or type in your own value
- 1 / Choose this option to configure Storage to AWS S3
- \ "AWS"
- 2 / Choose this option to configure Storage to Ceph Systems
- \ "Ceph"
- 3 / Choose this option to configure Storage to Dreamhost
- \ "Dreamhost"
- 4 / Choose this option to the configure Storage to IBM COS S3
- \ "IBMCOS"
- 5 / Choose this option to the configure Storage to Minio
- \ "Minio"
- Provider>4
-
-- Enter the Access Key and Secret.
-
- AWS Access Key ID - leave blank for anonymous access or runtime credentials.
- access_key_id> <>
- AWS Secret Access Key (password) - leave blank for anonymous access or runtime credentials.
- secret_access_key> <>
-
-- Specify the endpoint for IBM COS. For Public IBM COS, choose from the option below. For On Premise IBM COS, enter an endpoint address.
-
- Endpoint for IBM COS S3 API.
- Specify if using an IBM COS On Premise.
- Choose a number from below, or type in your own value
- 1 / US Cross Region Endpoint
- \ "s3-api.us-geo.objectstorage.softlayer.net"
- 2 / US Cross Region Dallas Endpoint
- \ "s3-api.dal.us-geo.objectstorage.softlayer.net"
- 3 / US Cross Region Washington DC Endpoint
- \ "s3-api.wdc-us-geo.objectstorage.softlayer.net"
- 4 / US Cross Region San Jose Endpoint
- \ "s3-api.sjc-us-geo.objectstorage.softlayer.net"
- 5 / US Cross Region Private Endpoint
- \ "s3-api.us-geo.objectstorage.service.networklayer.com"
- 6 / US Cross Region Dallas Private Endpoint
- \ "s3-api.dal-us-geo.objectstorage.service.networklayer.com"
- 7 / US Cross Region Washington DC Private Endpoint
- \ "s3-api.wdc-us-geo.objectstorage.service.networklayer.com"
- 8 / US Cross Region San Jose Private Endpoint
- \ "s3-api.sjc-us-geo.objectstorage.service.networklayer.com"
- 9 / US Region East Endpoint
- \ "s3.us-east.objectstorage.softlayer.net"
- 10 / US Region East Private Endpoint
- \ "s3.us-east.objectstorage.service.networklayer.com"
- 11 / US Region South Endpoint
-[snip]
- 34 / Toronto Single Site Private Endpoint
- \ "s3.tor01.objectstorage.service.networklayer.com"
- endpoint>1
-
-- Specify a IBM COS Location Constraint. The location constraint must match endpoint when using IBM Cloud Public. For on-prem COS, do not make a selection from this list, hit enter
-
- 1 / US Cross Region Standard
- \ "us-standard"
- 2 / US Cross Region Vault
- \ "us-vault"
- 3 / US Cross Region Cold
- \ "us-cold"
- 4 / US Cross Region Flex
- \ "us-flex"
- 5 / US East Region Standard
- \ "us-east-standard"
- 6 / US East Region Vault
- \ "us-east-vault"
- 7 / US East Region Cold
- \ "us-east-cold"
- 8 / US East Region Flex
- \ "us-east-flex"
- 9 / US South Region Standard
- \ "us-south-standard"
- 10 / US South Region Vault
- \ "us-south-vault"
-[snip]
- 32 / Toronto Flex
- \ "tor01-flex"
-location_constraint>1
-
-- Specify a canned ACL. IBM Cloud (Storage) supports "public-read" and "private". IBM Cloud(Infra) supports all the canned ACLs. On-Premise COS supports all the canned ACLs.
-
-Canned ACL used when creating buckets and/or storing objects in S3.
-For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
-Choose a number from below, or type in your own value
- 1 / Owner gets FULL_CONTROL. No one else has access rights (default). This acl is available on IBM Cloud (Infra), IBM Cloud (Storage), On-Premise COS
- \ "private"
- 2 / Owner gets FULL_CONTROL. The AllUsers group gets READ access. This acl is available on IBM Cloud (Infra), IBM Cloud (Storage), On-Premise IBM COS
- \ "public-read"
- 3 / Owner gets FULL_CONTROL. The AllUsers group gets READ and WRITE access. This acl is available on IBM Cloud (Infra), On-Premise IBM COS
- \ "public-read-write"
- 4 / Owner gets FULL_CONTROL. The AuthenticatedUsers group gets READ access. Not supported on Buckets. This acl is available on IBM Cloud (Infra) and On-Premise IBM COS
- \ "authenticated-read"
-acl> 1
-
-- Review the displayed configuration and accept to save the "remote" then quit. The config file should look like this
-
- [xxx]
- type = s3
- Provider = IBMCOS
- access_key_id = xxx
- secret_access_key = yyy
- endpoint = s3-api.us-geo.objectstorage.softlayer.net
- location_constraint = us-standard
- acl = private
-
-- Execute rclone commands
-
- 1) Create a bucket.
- rclone mkdir IBM-COS-XREGION:newbucket
- 2) List available buckets.
- rclone lsd IBM-COS-XREGION:
- -1 2017-11-08 21:16:22 -1 test
- -1 2018-02-14 20:16:39 -1 newbucket
- 3) List contents of a bucket.
- rclone ls IBM-COS-XREGION:newbucket
- 18685952 test.exe
- 4) Copy a file from local to remote.
- rclone copy /Users/file.txt IBM-COS-XREGION:newbucket
- 5) Copy a file from remote to local.
- rclone copy IBM-COS-XREGION:newbucket/file.txt .
- 6) Delete a file on remote.
- rclone delete IBM-COS-XREGION:newbucket/file.txt
-IDrive e2
-Here is an example of making an IDrive e2 configuration. First run:
-rclone config
-This will guide you through an interactive setup process.
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-
-Enter name for new remote.
-name> e2
-
-Option Storage.
-Type of storage to configure.
-Choose a number from below, or type in your own value.
-[snip]
-XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS and Wasabi
- \ (s3)
-[snip]
-Storage> s3
-
-Option provider.
-Choose your S3 provider.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
-[snip]
-XX / IDrive e2
- \ (IDrive)
-[snip]
-provider> IDrive
-
-Option env_auth.
-Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
-Only applies if access_key_id and secret_access_key is blank.
-Choose a number from below, or type in your own boolean value (true or false).
-Press Enter for the default (false).
- 1 / Enter AWS credentials in the next step.
- \ (false)
- 2 / Get AWS credentials from the environment (env vars or IAM).
- \ (true)
-env_auth>
-
-Option access_key_id.
-AWS Access Key ID.
-Leave blank for anonymous access or runtime credentials.
-Enter a value. Press Enter to leave empty.
-access_key_id> YOUR_ACCESS_KEY
-
-Option secret_access_key.
-AWS Secret Access Key (password).
-Leave blank for anonymous access or runtime credentials.
-Enter a value. Press Enter to leave empty.
-secret_access_key> YOUR_SECRET_KEY
-
-Option acl.
-Canned ACL used when creating buckets and storing or copying objects.
-This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
-For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
-Note that this ACL is applied when server-side copying objects as S3
-doesn't copy the ACL from the source but rather writes a fresh one.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- / Owner gets FULL_CONTROL.
- 1 | No one else has access rights (default).
- \ (private)
- / Owner gets FULL_CONTROL.
- 2 | The AllUsers group gets READ access.
- \ (public-read)
- / Owner gets FULL_CONTROL.
- 3 | The AllUsers group gets READ and WRITE access.
- | Granting this on a bucket is generally not recommended.
- \ (public-read-write)
- / Owner gets FULL_CONTROL.
- 4 | The AuthenticatedUsers group gets READ access.
- \ (authenticated-read)
- / Object owner gets FULL_CONTROL.
- 5 | Bucket owner gets READ access.
- | If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
- \ (bucket-owner-read)
- / Both the object owner and the bucket owner get FULL_CONTROL over the object.
- 6 | If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
- \ (bucket-owner-full-control)
-acl>
-
-Edit advanced config?
-y) Yes
-n) No (default)
-y/n>
-
-Configuration complete.
-Options:
-- type: s3
-- provider: IDrive
-- access_key_id: YOUR_ACCESS_KEY
-- secret_access_key: YOUR_SECRET_KEY
-- endpoint: q9d9.la12.idrivee2-5.com
-Keep this "e2" remote?
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-IONOS Cloud
-IONOS S3 Object Storage is a service offered by IONOS for storing and accessing unstructured data. To connect to the service, you will need an access key and a secret key. These can be found in the Data Center Designer, by selecting Manager resources > Object Storage Key Manager.
-Here is an example of a configuration. First, run rclone config
. This will walk you through an interactive setup process. Type n
to add the new remote, and then enter a name:
-Enter name for new remote.
-name> ionos-fra
-Type s3
to choose the connection type:
-Option Storage.
-Type of storage to configure.
-Choose a number from below, or type in your own value.
-[snip]
-XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, IONOS Cloud, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS and Wasabi
- \ (s3)
-[snip]
-Storage> s3
-Type IONOS
:
-Option provider.
-Choose your S3 provider.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
-[snip]
-XX / IONOS Cloud
- \ (IONOS)
-[snip]
-provider> IONOS
-Press Enter to choose the default option Enter AWS credentials in the next step
:
-Option env_auth.
-Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
-Only applies if access_key_id and secret_access_key is blank.
-Choose a number from below, or type in your own boolean value (true or false).
-Press Enter for the default (false).
- 1 / Enter AWS credentials in the next step.
- \ (false)
- 2 / Get AWS credentials from the environment (env vars or IAM).
- \ (true)
-env_auth>
-Enter your Access Key and Secret key. These can be retrieved in the Data Center Designer, click on the menu “Manager resources” / "Object Storage Key Manager".
-Option access_key_id.
-AWS Access Key ID.
-Leave blank for anonymous access or runtime credentials.
-Enter a value. Press Enter to leave empty.
-access_key_id> YOUR_ACCESS_KEY
-
-Option secret_access_key.
-AWS Secret Access Key (password).
-Leave blank for anonymous access or runtime credentials.
-Enter a value. Press Enter to leave empty.
-secret_access_key> YOUR_SECRET_KEY
-Choose the region where your bucket is located:
-Option region.
-Region where your bucket will be created and your data stored.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / Frankfurt, Germany
- \ (de)
- 2 / Berlin, Germany
- \ (eu-central-2)
- 3 / Logrono, Spain
- \ (eu-south-2)
-region> 2
-Choose the endpoint from the same region:
-Option endpoint.
-Endpoint for IONOS S3 Object Storage.
-Specify the endpoint from the same region.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / Frankfurt, Germany
- \ (s3-eu-central-1.ionoscloud.com)
- 2 / Berlin, Germany
- \ (s3-eu-central-2.ionoscloud.com)
- 3 / Logrono, Spain
- \ (s3-eu-south-2.ionoscloud.com)
-endpoint> 1
-Press Enter to choose the default option or choose the desired ACL setting:
-Option acl.
-Canned ACL used when creating buckets and storing or copying objects.
-This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
-For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
-Note that this ACL is applied when server-side copying objects as S3
-doesn't copy the ACL from the source but rather writes a fresh one.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- / Owner gets FULL_CONTROL.
- 1 | No one else has access rights (default).
- \ (private)
- / Owner gets FULL_CONTROL.
-[snip]
-acl>
-Press Enter to skip the advanced config:
-Edit advanced config?
-y) Yes
-n) No (default)
-y/n>
-Press Enter to save the configuration, and then q
to quit the configuration process:
-Configuration complete.
-Options:
-- type: s3
-- provider: IONOS
-- access_key_id: YOUR_ACCESS_KEY
-- secret_access_key: YOUR_SECRET_KEY
-- endpoint: s3-eu-central-1.ionoscloud.com
-Keep this "ionos-fra" remote?
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Done! Now you can try some commands (for macOS, use ./rclone
instead of rclone
).
-
-- Create a bucket (the name must be unique within the whole IONOS S3)
-
-rclone mkdir ionos-fra:my-bucket
-
-- List available buckets
-
-rclone lsd ionos-fra:
-
-- Copy a file from local to remote
-
-rclone copy /Users/file.txt ionos-fra:my-bucket
-
-- List contents of a bucket
-
-rclone ls ionos-fra:my-bucket
-
-- Copy a file from remote to local
-
-rclone copy ionos-fra:my-bucket/file.txt
-Minio
-Minio is an object storage server built for cloud application developers and devops.
-It is very easy to install and provides an S3 compatible server which can be used by rclone.
-To use it, install Minio following the instructions here.
-When it configures itself Minio will print something like this
-Endpoint: http://192.168.1.106:9000 http://172.23.0.1:9000
-AccessKey: USWUXHGYZQYFYFFIT3RE
-SecretKey: MOJRH0mkL1IPauahWITSVvyDrQbEEIwljvmxdq03
-Region: us-east-1
-SQS ARNs: arn:minio:sqs:us-east-1:1:redis arn:minio:sqs:us-east-1:2:redis
-
-Browser Access:
- http://192.168.1.106:9000 http://172.23.0.1:9000
-
-Command-line Access: https://docs.minio.io/docs/minio-client-quickstart-guide
- $ mc config host add myminio http://192.168.1.106:9000 USWUXHGYZQYFYFFIT3RE MOJRH0mkL1IPauahWITSVvyDrQbEEIwljvmxdq03
-
-Object API (Amazon S3 compatible):
- Go: https://docs.minio.io/docs/golang-client-quickstart-guide
- Java: https://docs.minio.io/docs/java-client-quickstart-guide
- Python: https://docs.minio.io/docs/python-client-quickstart-guide
- JavaScript: https://docs.minio.io/docs/javascript-client-quickstart-guide
- .NET: https://docs.minio.io/docs/dotnet-client-quickstart-guide
-
-Drive Capacity: 26 GiB Free, 165 GiB Total
-These details need to go into rclone config
like this. Note that it is important to put the region in as stated above.
-env_auth> 1
-access_key_id> USWUXHGYZQYFYFFIT3RE
-secret_access_key> MOJRH0mkL1IPauahWITSVvyDrQbEEIwljvmxdq03
-region> us-east-1
-endpoint> http://192.168.1.106:9000
-location_constraint>
-server_side_encryption>
-Which makes the config file look like this
-[minio]
-type = s3
-provider = Minio
-env_auth = false
-access_key_id = USWUXHGYZQYFYFFIT3RE
-secret_access_key = MOJRH0mkL1IPauahWITSVvyDrQbEEIwljvmxdq03
-region = us-east-1
-endpoint = http://192.168.1.106:9000
-location_constraint =
-server_side_encryption =
-So once set up, for example, to copy files into a bucket
-rclone copy /path/to/files minio:bucket
-Qiniu Cloud Object Storage (Kodo)
-Qiniu Cloud Object Storage (Kodo), a completely independent-researched core technology which is proven by repeated customer experience has occupied absolute leading market leader position. Kodo can be widely applied to mass data management.
-To configure access to Qiniu Kodo, follow the steps below:
-
-- Run
rclone config
and select n
for a new remote.
-
-rclone config
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-
-- Give the name of the configuration. For example, name it 'qiniu'.
-
-name> qiniu
-
-- Select
s3
storage.
-
-Choose a number from below, or type in your own value
- 1 / 1Fichier
- \ (fichier)
- 2 / Akamai NetStorage
- \ (netstorage)
- 3 / Alias for an existing remote
- \ (alias)
- 4 / Amazon Drive
- \ (amazon cloud drive)
- 5 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, Liara, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS, Qiniu and Wasabi
- \ (s3)
-[snip]
-Storage> s3
-
-- Select
Qiniu
provider.
-
-Choose a number from below, or type in your own value
-1 / Amazon Web Services (AWS) S3
- \ "AWS"
-[snip]
-22 / Qiniu Object Storage (Kodo)
- \ (Qiniu)
-[snip]
-provider> Qiniu
-
-- Enter your SecretId and SecretKey of Qiniu Kodo.
-
-Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
-Only applies if access_key_id and secret_access_key is blank.
-Enter a boolean value (true or false). Press Enter for the default ("false").
-Choose a number from below, or type in your own value
- 1 / Enter AWS credentials in the next step
- \ "false"
- 2 / Get AWS credentials from the environment (env vars or IAM)
- \ "true"
-env_auth> 1
-AWS Access Key ID.
-Leave blank for anonymous access or runtime credentials.
-Enter a string value. Press Enter for the default ("").
-access_key_id> AKIDxxxxxxxxxx
-AWS Secret Access Key (password)
-Leave blank for anonymous access or runtime credentials.
-Enter a string value. Press Enter for the default ("").
-secret_access_key> xxxxxxxxxxx
-
-- Select endpoint for Qiniu Kodo. This is the standard endpoint for different region.
-
- / The default endpoint - a good choice if you are unsure.
- 1 | East China Region 1.
- | Needs location constraint cn-east-1.
- \ (cn-east-1)
- / East China Region 2.
- 2 | Needs location constraint cn-east-2.
- \ (cn-east-2)
- / North China Region 1.
- 3 | Needs location constraint cn-north-1.
- \ (cn-north-1)
- / South China Region 1.
- 4 | Needs location constraint cn-south-1.
- \ (cn-south-1)
- / North America Region.
- 5 | Needs location constraint us-north-1.
- \ (us-north-1)
- / Southeast Asia Region 1.
- 6 | Needs location constraint ap-southeast-1.
- \ (ap-southeast-1)
- / Northeast Asia Region 1.
- 7 | Needs location constraint ap-northeast-1.
- \ (ap-northeast-1)
-[snip]
-endpoint> 1
-
-Option endpoint.
-Endpoint for Qiniu Object Storage.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / East China Endpoint 1
- \ (s3-cn-east-1.qiniucs.com)
- 2 / East China Endpoint 2
- \ (s3-cn-east-2.qiniucs.com)
- 3 / North China Endpoint 1
- \ (s3-cn-north-1.qiniucs.com)
- 4 / South China Endpoint 1
- \ (s3-cn-south-1.qiniucs.com)
- 5 / North America Endpoint 1
- \ (s3-us-north-1.qiniucs.com)
- 6 / Southeast Asia Endpoint 1
- \ (s3-ap-southeast-1.qiniucs.com)
- 7 / Northeast Asia Endpoint 1
- \ (s3-ap-northeast-1.qiniucs.com)
-endpoint> 1
-
-Option location_constraint.
-Location constraint - must be set to match the Region.
-Used when creating buckets only.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / East China Region 1
- \ (cn-east-1)
- 2 / East China Region 2
- \ (cn-east-2)
- 3 / North China Region 1
- \ (cn-north-1)
- 4 / South China Region 1
- \ (cn-south-1)
- 5 / North America Region 1
- \ (us-north-1)
- 6 / Southeast Asia Region 1
- \ (ap-southeast-1)
- 7 / Northeast Asia Region 1
- \ (ap-northeast-1)
-location_constraint> 1
-
-- Choose acl and storage class.
-
-Note that this ACL is applied when server-side copying objects as S3
-doesn't copy the ACL from the source but rather writes a fresh one.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- / Owner gets FULL_CONTROL.
- 1 | No one else has access rights (default).
- \ (private)
- / Owner gets FULL_CONTROL.
- 2 | The AllUsers group gets READ access.
- \ (public-read)
-[snip]
-acl> 2
-The storage class to use when storing new objects in Tencent COS.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Standard storage class
- \ (STANDARD)
- 2 / Infrequent access storage mode
- \ (LINE)
- 3 / Archive storage mode
- \ (GLACIER)
- 4 / Deep archive storage mode
- \ (DEEP_ARCHIVE)
-[snip]
-storage_class> 1
-Edit advanced config? (y/n)
-y) Yes
-n) No (default)
-y/n> n
-Remote config
---------------------
-[qiniu]
-- type: s3
-- provider: Qiniu
-- access_key_id: xxx
-- secret_access_key: xxx
-- region: cn-east-1
-- endpoint: s3-cn-east-1.qiniucs.com
-- location_constraint: cn-east-1
-- acl: public-read
-- storage_class: STANDARD
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Current remotes:
-
-Name Type
-==== ====
-qiniu s3
-RackCorp
-RackCorp Object Storage is an S3 compatible object storage platform from your friendly cloud provider RackCorp. The service is fast, reliable, well priced and located in many strategic locations unserviced by others, to ensure you can maintain data sovereignty.
-Before you can use RackCorp Object Storage, you'll need to "sign up" for an account on our "portal". Next you can create an access key
, a secret key
and buckets
, in your location of choice with ease. These details are required for the next steps of configuration, when rclone config
asks for your access_key_id
and secret_access_key
.
-Your config should end up looking a bit like this:
-[RCS3-demo-config]
-type = s3
-provider = RackCorp
-env_auth = true
-access_key_id = YOURACCESSKEY
-secret_access_key = YOURSECRETACCESSKEY
-region = au-nsw
-endpoint = s3.rackcorp.com
-location_constraint = au-nsw
-Scaleway
-Scaleway The Object Storage platform allows you to store anything from backups, logs and web assets to documents and photos. Files can be dropped from the Scaleway console or transferred through our API and CLI or using any S3-compatible tool.
-Scaleway provides an S3 interface which can be configured for use with rclone like this:
-[scaleway]
-type = s3
-provider = Scaleway
-env_auth = false
-endpoint = s3.nl-ams.scw.cloud
-access_key_id = SCWXXXXXXXXXXXXXX
-secret_access_key = 1111111-2222-3333-44444-55555555555555
-region = nl-ams
-location_constraint =
-acl = private
-server_side_encryption =
-storage_class =
-C14 Cold Storage is the low-cost S3 Glacier alternative from Scaleway and it works the same way as on S3 by accepting the "GLACIER" storage_class
. So you can configure your remote with the storage_class = GLACIER
option to upload directly to C14. Don't forget that in this state you can't read files back after, you will need to restore them to "STANDARD" storage_class first before being able to read them (see "restore" section above)
-Seagate Lyve Cloud
-Seagate Lyve Cloud is an S3 compatible object storage platform from Seagate intended for enterprise use.
-Here is a config run through for a remote called remote
- you may choose a different name of course. Note that to create an access key and secret key you will need to create a service account first.
-$ rclone config
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Choose s3
backend
-Type of storage to configure.
-Choose a number from below, or type in your own value.
-[snip]
-XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Liara, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent COS
- \ (s3)
-[snip]
-Storage> s3
-Choose LyveCloud
as S3 provider
-Choose your S3 provider.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
-[snip]
-XX / Seagate Lyve Cloud
- \ (LyveCloud)
-[snip]
-provider> LyveCloud
-Take the default (just press enter) to enter access key and secret in the config file.
-Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
-Only applies if access_key_id and secret_access_key is blank.
-Choose a number from below, or type in your own boolean value (true or false).
-Press Enter for the default (false).
- 1 / Enter AWS credentials in the next step.
- \ (false)
- 2 / Get AWS credentials from the environment (env vars or IAM).
- \ (true)
-env_auth>
-AWS Access Key ID.
-Leave blank for anonymous access or runtime credentials.
-Enter a value. Press Enter to leave empty.
-access_key_id> XXX
-AWS Secret Access Key (password).
-Leave blank for anonymous access or runtime credentials.
-Enter a value. Press Enter to leave empty.
-secret_access_key> YYY
-Leave region blank
-Region to connect to.
-Leave blank if you are using an S3 clone and you don't have a region.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- / Use this if unsure.
- 1 | Will use v4 signatures and an empty region.
- \ ()
- / Use this only if v4 signatures don't work.
- 2 | E.g. pre Jewel/v10 CEPH.
- \ (other-v2-signature)
-region>
-Choose an endpoint from the list
-Endpoint for S3 API.
-Required when using an S3 clone.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / Seagate Lyve Cloud US East 1 (Virginia)
- \ (s3.us-east-1.lyvecloud.seagate.com)
- 2 / Seagate Lyve Cloud US West 1 (California)
- \ (s3.us-west-1.lyvecloud.seagate.com)
- 3 / Seagate Lyve Cloud AP Southeast 1 (Singapore)
- \ (s3.ap-southeast-1.lyvecloud.seagate.com)
-endpoint> 1
-Leave location constraint blank
-Location constraint - must be set to match the Region.
-Leave blank if not sure. Used when creating buckets only.
-Enter a value. Press Enter to leave empty.
-location_constraint>
-Choose default ACL (private
).
-Canned ACL used when creating buckets and storing or copying objects.
-This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
-For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
-Note that this ACL is applied when server-side copying objects as S3
-doesn't copy the ACL from the source but rather writes a fresh one.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- / Owner gets FULL_CONTROL.
- 1 | No one else has access rights (default).
- \ (private)
-[snip]
-acl>
-And the config file should end up looking like this:
-[remote]
-type = s3
-provider = LyveCloud
-access_key_id = XXX
-secret_access_key = YYY
-endpoint = s3.us-east-1.lyvecloud.seagate.com
-SeaweedFS
-SeaweedFS is a distributed storage system for blobs, objects, files, and data lake, with O(1) disk seek and a scalable file metadata store. It has an S3 compatible object storage interface. SeaweedFS can also act as a gateway to remote S3 compatible object store to cache data and metadata with asynchronous write back, for fast local speed and minimize access cost.
-Assuming the SeaweedFS are configured with weed shell
as such:
-> s3.bucket.create -name foo
-> s3.configure -access_key=any -secret_key=any -buckets=foo -user=me -actions=Read,Write,List,Tagging,Admin -apply
-{
- "identities": [
- {
- "name": "me",
- "credentials": [
- {
- "accessKey": "any",
- "secretKey": "any"
- }
- ],
- "actions": [
- "Read:foo",
- "Write:foo",
- "List:foo",
- "Tagging:foo",
- "Admin:foo"
- ]
- }
- ]
-}
-To use rclone with SeaweedFS, above configuration should end up with something like this in your config:
-[seaweedfs_s3]
-type = s3
-provider = SeaweedFS
-access_key_id = any
-secret_access_key = any
-endpoint = localhost:8333
-So once set up, for example to copy files into a bucket
-rclone copy /path/to/files seaweedfs_s3:foo
-Wasabi
-Wasabi is a cloud-based object storage service for a broad range of applications and use cases. Wasabi is designed for individuals and organizations that require a high-performance, reliable, and secure data storage infrastructure at minimal cost.
-Wasabi provides an S3 interface which can be configured for use with rclone like this.
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-n/s> n
-name> wasabi
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Amazon S3 (also Dreamhost, Ceph, ChinaMobile, ArvanCloud, Minio, Liara)
- \ "s3"
-[snip]
-Storage> s3
-Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars). Only applies if access_key_id and secret_access_key is blank.
-Choose a number from below, or type in your own value
- 1 / Enter AWS credentials in the next step
- \ "false"
- 2 / Get AWS credentials from the environment (env vars or IAM)
- \ "true"
-env_auth> 1
-AWS Access Key ID - leave blank for anonymous access or runtime credentials.
-access_key_id> YOURACCESSKEY
-AWS Secret Access Key (password) - leave blank for anonymous access or runtime credentials.
-secret_access_key> YOURSECRETACCESSKEY
-Region to connect to.
-Choose a number from below, or type in your own value
- / The default endpoint - a good choice if you are unsure.
- 1 | US Region, Northern Virginia, or Pacific Northwest.
- | Leave location constraint empty.
- \ "us-east-1"
-[snip]
-region> us-east-1
-Endpoint for S3 API.
-Leave blank if using AWS to use the default endpoint for the region.
-Specify if using an S3 clone such as Ceph.
-endpoint> s3.wasabisys.com
-Location constraint - must be set to match the Region. Used when creating buckets only.
-Choose a number from below, or type in your own value
- 1 / Empty for US Region, Northern Virginia, or Pacific Northwest.
- \ ""
-[snip]
-location_constraint>
-Canned ACL used when creating buckets and/or storing objects in S3.
-For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
-Choose a number from below, or type in your own value
- 1 / Owner gets FULL_CONTROL. No one else has access rights (default).
- \ "private"
-[snip]
-acl>
-The server-side encryption algorithm used when storing this object in S3.
-Choose a number from below, or type in your own value
- 1 / None
- \ ""
- 2 / AES256
- \ "AES256"
-server_side_encryption>
-The storage class to use when storing objects in S3.
-Choose a number from below, or type in your own value
- 1 / Default
- \ ""
- 2 / Standard storage class
- \ "STANDARD"
- 3 / Reduced redundancy storage class
- \ "REDUCED_REDUNDANCY"
- 4 / Standard Infrequent Access storage class
- \ "STANDARD_IA"
-storage_class>
-Remote config
---------------------
-[wasabi]
-env_auth = false
-access_key_id = YOURACCESSKEY
-secret_access_key = YOURSECRETACCESSKEY
-region = us-east-1
-endpoint = s3.wasabisys.com
-location_constraint =
-acl =
-server_side_encryption =
-storage_class =
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-This will leave the config file looking like this.
-[wasabi]
-type = s3
-provider = Wasabi
-env_auth = false
-access_key_id = YOURACCESSKEY
-secret_access_key = YOURSECRETACCESSKEY
-region =
-endpoint = s3.wasabisys.com
-location_constraint =
-acl =
-server_side_encryption =
-storage_class =
-Alibaba OSS
-Here is an example of making an Alibaba Cloud (Aliyun) OSS configuration. First run:
-rclone config
-This will guide you through an interactive setup process.
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> oss
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
- 4 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Liara, Minio, and Tencent COS
- \ "s3"
-[snip]
-Storage> s3
-Choose your S3 provider.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Amazon Web Services (AWS) S3
- \ "AWS"
- 2 / Alibaba Cloud Object Storage System (OSS) formerly Aliyun
- \ "Alibaba"
- 3 / Ceph Object Storage
- \ "Ceph"
-[snip]
-provider> Alibaba
-Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
-Only applies if access_key_id and secret_access_key is blank.
-Enter a boolean value (true or false). Press Enter for the default ("false").
-Choose a number from below, or type in your own value
- 1 / Enter AWS credentials in the next step
- \ "false"
- 2 / Get AWS credentials from the environment (env vars or IAM)
- \ "true"
-env_auth> 1
-AWS Access Key ID.
-Leave blank for anonymous access or runtime credentials.
-Enter a string value. Press Enter for the default ("").
-access_key_id> accesskeyid
-AWS Secret Access Key (password)
-Leave blank for anonymous access or runtime credentials.
-Enter a string value. Press Enter for the default ("").
-secret_access_key> secretaccesskey
-Endpoint for OSS API.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / East China 1 (Hangzhou)
- \ "oss-cn-hangzhou.aliyuncs.com"
- 2 / East China 2 (Shanghai)
- \ "oss-cn-shanghai.aliyuncs.com"
- 3 / North China 1 (Qingdao)
- \ "oss-cn-qingdao.aliyuncs.com"
-[snip]
-endpoint> 1
-Canned ACL used when creating buckets and storing or copying objects.
-
-Note that this ACL is applied when server-side copying objects as S3
-doesn't copy the ACL from the source but rather writes a fresh one.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Owner gets FULL_CONTROL. No one else has access rights (default).
- \ "private"
- 2 / Owner gets FULL_CONTROL. The AllUsers group gets READ access.
- \ "public-read"
- / Owner gets FULL_CONTROL. The AllUsers group gets READ and WRITE access.
-[snip]
-acl> 1
-The storage class to use when storing new objects in OSS.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Default
- \ ""
- 2 / Standard storage class
- \ "STANDARD"
- 3 / Archive storage mode.
- \ "GLACIER"
- 4 / Infrequent access storage mode.
- \ "STANDARD_IA"
-storage_class> 1
-Edit advanced config? (y/n)
-y) Yes
-n) No
-y/n> n
-Remote config
---------------------
-[oss]
-type = s3
-provider = Alibaba
-env_auth = false
-access_key_id = accesskeyid
-secret_access_key = secretaccesskey
-endpoint = oss-cn-hangzhou.aliyuncs.com
-acl = private
-storage_class = Standard
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-China Mobile Ecloud Elastic Object Storage (EOS)
-Here is an example of making an China Mobile Ecloud Elastic Object Storage (EOS) configuration. First run:
-rclone config
-This will guide you through an interactive setup process.
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> ChinaMobile
-Option Storage.
-Type of storage to configure.
-Choose a number from below, or type in your own value.
- ...
- 5 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent COS
- \ (s3)
- ...
-Storage> s3
-Option provider.
-Choose your S3 provider.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- ...
- 4 / China Mobile Ecloud Elastic Object Storage (EOS)
- \ (ChinaMobile)
- ...
-provider> ChinaMobile
-Option env_auth.
-Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
-Only applies if access_key_id and secret_access_key is blank.
-Choose a number from below, or type in your own boolean value (true or false).
-Press Enter for the default (false).
- 1 / Enter AWS credentials in the next step.
- \ (false)
- 2 / Get AWS credentials from the environment (env vars or IAM).
- \ (true)
-env_auth>
-Option access_key_id.
-AWS Access Key ID.
-Leave blank for anonymous access or runtime credentials.
-Enter a value. Press Enter to leave empty.
-access_key_id> accesskeyid
-Option secret_access_key.
-AWS Secret Access Key (password).
-Leave blank for anonymous access or runtime credentials.
-Enter a value. Press Enter to leave empty.
-secret_access_key> secretaccesskey
-Option endpoint.
-Endpoint for China Mobile Ecloud Elastic Object Storage (EOS) API.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- / The default endpoint - a good choice if you are unsure.
- 1 | East China (Suzhou)
- \ (eos-wuxi-1.cmecloud.cn)
- 2 / East China (Jinan)
- \ (eos-jinan-1.cmecloud.cn)
- 3 / East China (Hangzhou)
- \ (eos-ningbo-1.cmecloud.cn)
- 4 / East China (Shanghai-1)
- \ (eos-shanghai-1.cmecloud.cn)
- 5 / Central China (Zhengzhou)
- \ (eos-zhengzhou-1.cmecloud.cn)
- 6 / Central China (Changsha-1)
- \ (eos-hunan-1.cmecloud.cn)
- 7 / Central China (Changsha-2)
- \ (eos-zhuzhou-1.cmecloud.cn)
- 8 / South China (Guangzhou-2)
- \ (eos-guangzhou-1.cmecloud.cn)
- 9 / South China (Guangzhou-3)
- \ (eos-dongguan-1.cmecloud.cn)
-10 / North China (Beijing-1)
- \ (eos-beijing-1.cmecloud.cn)
-11 / North China (Beijing-2)
- \ (eos-beijing-2.cmecloud.cn)
-12 / North China (Beijing-3)
- \ (eos-beijing-4.cmecloud.cn)
-13 / North China (Huhehaote)
- \ (eos-huhehaote-1.cmecloud.cn)
-14 / Southwest China (Chengdu)
- \ (eos-chengdu-1.cmecloud.cn)
-15 / Southwest China (Chongqing)
- \ (eos-chongqing-1.cmecloud.cn)
-16 / Southwest China (Guiyang)
- \ (eos-guiyang-1.cmecloud.cn)
-17 / Nouthwest China (Xian)
- \ (eos-xian-1.cmecloud.cn)
-18 / Yunnan China (Kunming)
- \ (eos-yunnan.cmecloud.cn)
-19 / Yunnan China (Kunming-2)
- \ (eos-yunnan-2.cmecloud.cn)
-20 / Tianjin China (Tianjin)
- \ (eos-tianjin-1.cmecloud.cn)
-21 / Jilin China (Changchun)
- \ (eos-jilin-1.cmecloud.cn)
-22 / Hubei China (Xiangyan)
- \ (eos-hubei-1.cmecloud.cn)
-23 / Jiangxi China (Nanchang)
- \ (eos-jiangxi-1.cmecloud.cn)
-24 / Gansu China (Lanzhou)
- \ (eos-gansu-1.cmecloud.cn)
-25 / Shanxi China (Taiyuan)
- \ (eos-shanxi-1.cmecloud.cn)
-26 / Liaoning China (Shenyang)
- \ (eos-liaoning-1.cmecloud.cn)
-27 / Hebei China (Shijiazhuang)
- \ (eos-hebei-1.cmecloud.cn)
-28 / Fujian China (Xiamen)
- \ (eos-fujian-1.cmecloud.cn)
-29 / Guangxi China (Nanning)
- \ (eos-guangxi-1.cmecloud.cn)
-30 / Anhui China (Huainan)
- \ (eos-anhui-1.cmecloud.cn)
-endpoint> 1
-Option location_constraint.
-Location constraint - must match endpoint.
-Used when creating buckets only.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / East China (Suzhou)
- \ (wuxi1)
- 2 / East China (Jinan)
- \ (jinan1)
- 3 / East China (Hangzhou)
- \ (ningbo1)
- 4 / East China (Shanghai-1)
- \ (shanghai1)
- 5 / Central China (Zhengzhou)
- \ (zhengzhou1)
- 6 / Central China (Changsha-1)
- \ (hunan1)
- 7 / Central China (Changsha-2)
- \ (zhuzhou1)
- 8 / South China (Guangzhou-2)
- \ (guangzhou1)
- 9 / South China (Guangzhou-3)
- \ (dongguan1)
-10 / North China (Beijing-1)
- \ (beijing1)
-11 / North China (Beijing-2)
- \ (beijing2)
-12 / North China (Beijing-3)
- \ (beijing4)
-13 / North China (Huhehaote)
- \ (huhehaote1)
-14 / Southwest China (Chengdu)
- \ (chengdu1)
-15 / Southwest China (Chongqing)
- \ (chongqing1)
-16 / Southwest China (Guiyang)
- \ (guiyang1)
-17 / Nouthwest China (Xian)
- \ (xian1)
-18 / Yunnan China (Kunming)
- \ (yunnan)
-19 / Yunnan China (Kunming-2)
- \ (yunnan2)
-20 / Tianjin China (Tianjin)
- \ (tianjin1)
-21 / Jilin China (Changchun)
- \ (jilin1)
-22 / Hubei China (Xiangyan)
- \ (hubei1)
-23 / Jiangxi China (Nanchang)
- \ (jiangxi1)
-24 / Gansu China (Lanzhou)
- \ (gansu1)
-25 / Shanxi China (Taiyuan)
- \ (shanxi1)
-26 / Liaoning China (Shenyang)
- \ (liaoning1)
-27 / Hebei China (Shijiazhuang)
- \ (hebei1)
-28 / Fujian China (Xiamen)
- \ (fujian1)
-29 / Guangxi China (Nanning)
- \ (guangxi1)
-30 / Anhui China (Huainan)
- \ (anhui1)
-location_constraint> 1
-Option acl.
-Canned ACL used when creating buckets and storing or copying objects.
-This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
-For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
-Note that this ACL is applied when server-side copying objects as S3
-doesn't copy the ACL from the source but rather writes a fresh one.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- / Owner gets FULL_CONTROL.
- 1 | No one else has access rights (default).
- \ (private)
- / Owner gets FULL_CONTROL.
- 2 | The AllUsers group gets READ access.
- \ (public-read)
- / Owner gets FULL_CONTROL.
- 3 | The AllUsers group gets READ and WRITE access.
- | Granting this on a bucket is generally not recommended.
- \ (public-read-write)
- / Owner gets FULL_CONTROL.
- 4 | The AuthenticatedUsers group gets READ access.
- \ (authenticated-read)
- / Object owner gets FULL_CONTROL.
-acl> private
-Option server_side_encryption.
-The server-side encryption algorithm used when storing this object in S3.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / None
- \ ()
- 2 / AES256
- \ (AES256)
-server_side_encryption>
-Option storage_class.
-The storage class to use when storing new objects in ChinaMobile.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / Default
- \ ()
- 2 / Standard storage class
- \ (STANDARD)
- 3 / Archive storage mode
- \ (GLACIER)
- 4 / Infrequent access storage mode
- \ (STANDARD_IA)
-storage_class>
-Edit advanced config?
-y) Yes
-n) No (default)
-y/n> n
---------------------
-[ChinaMobile]
-type = s3
-provider = ChinaMobile
-access_key_id = accesskeyid
-secret_access_key = secretaccesskey
-endpoint = eos-wuxi-1.cmecloud.cn
-location_constraint = wuxi1
-acl = private
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Liara
-Here is an example of making a Liara Object Storage configuration. First run:
-rclone config
-This will guide you through an interactive setup process.
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-n/s> n
-name> Liara
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Amazon S3 (also Dreamhost, Ceph, ChinaMobile, ArvanCloud, Liara, Minio)
- \ "s3"
-[snip]
-Storage> s3
-Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars). Only applies if access_key_id and secret_access_key is blank.
-Choose a number from below, or type in your own value
- 1 / Enter AWS credentials in the next step
- \ "false"
- 2 / Get AWS credentials from the environment (env vars or IAM)
- \ "true"
-env_auth> 1
-AWS Access Key ID - leave blank for anonymous access or runtime credentials.
-access_key_id> YOURACCESSKEY
-AWS Secret Access Key (password) - leave blank for anonymous access or runtime credentials.
-secret_access_key> YOURSECRETACCESSKEY
-Region to connect to.
-Choose a number from below, or type in your own value
- / The default endpoint
- 1 | US Region, Northern Virginia, or Pacific Northwest.
- | Leave location constraint empty.
- \ "us-east-1"
-[snip]
-region>
-Endpoint for S3 API.
-Leave blank if using Liara to use the default endpoint for the region.
-Specify if using an S3 clone such as Ceph.
-endpoint> storage.iran.liara.space
-Canned ACL used when creating buckets and/or storing objects in S3.
-For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
-Choose a number from below, or type in your own value
- 1 / Owner gets FULL_CONTROL. No one else has access rights (default).
- \ "private"
-[snip]
-acl>
-The server-side encryption algorithm used when storing this object in S3.
-Choose a number from below, or type in your own value
- 1 / None
- \ ""
- 2 / AES256
- \ "AES256"
-server_side_encryption>
-The storage class to use when storing objects in S3.
-Choose a number from below, or type in your own value
- 1 / Default
- \ ""
- 2 / Standard storage class
- \ "STANDARD"
-storage_class>
-Remote config
---------------------
-[Liara]
-env_auth = false
-access_key_id = YOURACCESSKEY
-secret_access_key = YOURSECRETACCESSKEY
-endpoint = storage.iran.liara.space
-location_constraint =
-acl =
-server_side_encryption =
-storage_class =
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-This will leave the config file looking like this.
-[Liara]
-type = s3
-provider = Liara
-env_auth = false
-access_key_id = YOURACCESSKEY
-secret_access_key = YOURSECRETACCESSKEY
-region =
-endpoint = storage.iran.liara.space
-location_constraint =
-acl =
-server_side_encryption =
-storage_class =
-ArvanCloud
-ArvanCloud ArvanCloud Object Storage goes beyond the limited traditional file storage. It gives you access to backup and archived files and allows sharing. Files like profile image in the app, images sent by users or scanned documents can be stored securely and easily in our Object Storage service.
-ArvanCloud provides an S3 interface which can be configured for use with rclone like this.
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-n/s> n
-name> ArvanCloud
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Amazon S3 (also Dreamhost, Ceph, ChinaMobile, ArvanCloud, Liara, Minio)
- \ "s3"
-[snip]
-Storage> s3
-Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars). Only applies if access_key_id and secret_access_key is blank.
-Choose a number from below, or type in your own value
- 1 / Enter AWS credentials in the next step
- \ "false"
- 2 / Get AWS credentials from the environment (env vars or IAM)
- \ "true"
-env_auth> 1
-AWS Access Key ID - leave blank for anonymous access or runtime credentials.
-access_key_id> YOURACCESSKEY
-AWS Secret Access Key (password) - leave blank for anonymous access or runtime credentials.
-secret_access_key> YOURSECRETACCESSKEY
-Region to connect to.
-Choose a number from below, or type in your own value
- / The default endpoint - a good choice if you are unsure.
- 1 | US Region, Northern Virginia, or Pacific Northwest.
- | Leave location constraint empty.
- \ "us-east-1"
-[snip]
-region>
-Endpoint for S3 API.
-Leave blank if using ArvanCloud to use the default endpoint for the region.
-Specify if using an S3 clone such as Ceph.
-endpoint> s3.arvanstorage.com
-Location constraint - must be set to match the Region. Used when creating buckets only.
-Choose a number from below, or type in your own value
- 1 / Empty for Iran-Tehran Region.
- \ ""
-[snip]
-location_constraint>
-Canned ACL used when creating buckets and/or storing objects in S3.
-For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
-Choose a number from below, or type in your own value
- 1 / Owner gets FULL_CONTROL. No one else has access rights (default).
- \ "private"
-[snip]
-acl>
-The server-side encryption algorithm used when storing this object in S3.
-Choose a number from below, or type in your own value
- 1 / None
- \ ""
- 2 / AES256
- \ "AES256"
-server_side_encryption>
-The storage class to use when storing objects in S3.
-Choose a number from below, or type in your own value
- 1 / Default
- \ ""
- 2 / Standard storage class
- \ "STANDARD"
-storage_class>
-Remote config
---------------------
-[ArvanCloud]
-env_auth = false
-access_key_id = YOURACCESSKEY
-secret_access_key = YOURSECRETACCESSKEY
-region = ir-thr-at1
-endpoint = s3.arvanstorage.com
-location_constraint =
-acl =
-server_side_encryption =
-storage_class =
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-This will leave the config file looking like this.
-[ArvanCloud]
-type = s3
-provider = ArvanCloud
-env_auth = false
-access_key_id = YOURACCESSKEY
-secret_access_key = YOURSECRETACCESSKEY
-region =
-endpoint = s3.arvanstorage.com
-location_constraint =
-acl =
-server_side_encryption =
-storage_class =
-Tencent COS
-Tencent Cloud Object Storage (COS) is a distributed storage service offered by Tencent Cloud for unstructured data. It is secure, stable, massive, convenient, low-delay and low-cost.
-To configure access to Tencent COS, follow the steps below:
-
-- Run
rclone config
and select n
for a new remote.
-
-rclone config
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-
-- Give the name of the configuration. For example, name it 'cos'.
-
-name> cos
-
-- Select
s3
storage.
-
-Choose a number from below, or type in your own value
-1 / 1Fichier
- \ "fichier"
- 2 / Alias for an existing remote
- \ "alias"
- 3 / Amazon Drive
- \ "amazon cloud drive"
- 4 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Liara, Minio, and Tencent COS
- \ "s3"
-[snip]
-Storage> s3
-
-- Select
TencentCOS
provider.
-
-Choose a number from below, or type in your own value
-1 / Amazon Web Services (AWS) S3
- \ "AWS"
-[snip]
-11 / Tencent Cloud Object Storage (COS)
- \ "TencentCOS"
-[snip]
-provider> TencentCOS
-
-- Enter your SecretId and SecretKey of Tencent Cloud.
-
-Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
-Only applies if access_key_id and secret_access_key is blank.
-Enter a boolean value (true or false). Press Enter for the default ("false").
-Choose a number from below, or type in your own value
- 1 / Enter AWS credentials in the next step
- \ "false"
- 2 / Get AWS credentials from the environment (env vars or IAM)
- \ "true"
-env_auth> 1
-AWS Access Key ID.
-Leave blank for anonymous access or runtime credentials.
-Enter a string value. Press Enter for the default ("").
-access_key_id> AKIDxxxxxxxxxx
-AWS Secret Access Key (password)
-Leave blank for anonymous access or runtime credentials.
-Enter a string value. Press Enter for the default ("").
-secret_access_key> xxxxxxxxxxx
-
-- Select endpoint for Tencent COS. This is the standard endpoint for different region.
-
- 1 / Beijing Region.
- \ "cos.ap-beijing.myqcloud.com"
- 2 / Nanjing Region.
- \ "cos.ap-nanjing.myqcloud.com"
- 3 / Shanghai Region.
- \ "cos.ap-shanghai.myqcloud.com"
- 4 / Guangzhou Region.
- \ "cos.ap-guangzhou.myqcloud.com"
-[snip]
-endpoint> 4
-
-- Choose acl and storage class.
-
-Note that this ACL is applied when server-side copying objects as S3
-doesn't copy the ACL from the source but rather writes a fresh one.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Owner gets Full_CONTROL. No one else has access rights (default).
- \ "default"
-[snip]
-acl> 1
-The storage class to use when storing new objects in Tencent COS.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Default
- \ ""
-[snip]
-storage_class> 1
-Edit advanced config? (y/n)
-y) Yes
-n) No (default)
-y/n> n
-Remote config
---------------------
-[cos]
-type = s3
-provider = TencentCOS
-env_auth = false
-access_key_id = xxx
-secret_access_key = xxx
-endpoint = cos.ap-guangzhou.myqcloud.com
-acl = default
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Current remotes:
-
-Name Type
-==== ====
-cos s3
-Netease NOS
-For Netease NOS configure as per the configurator rclone config
setting the provider Netease
. This will automatically set force_path_style = false
which is necessary for it to run properly.
-Storj
-Storj is a decentralized cloud storage which can be used through its native protocol or an S3 compatible gateway.
-The S3 compatible gateway is configured using rclone config
with a type of s3
and with a provider name of Storj
. Here is an example run of the configurator.
-Type of storage to configure.
-Storage> s3
-Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
-Only applies if access_key_id and secret_access_key is blank.
-Choose a number from below, or type in your own boolean value (true or false).
-Press Enter for the default (false).
- 1 / Enter AWS credentials in the next step.
- \ (false)
- 2 / Get AWS credentials from the environment (env vars or IAM).
- \ (true)
-env_auth> 1
-Option access_key_id.
-AWS Access Key ID.
-Leave blank for anonymous access or runtime credentials.
-Enter a value. Press Enter to leave empty.
-access_key_id> XXXX (as shown when creating the access grant)
-Option secret_access_key.
-AWS Secret Access Key (password).
-Leave blank for anonymous access or runtime credentials.
-Enter a value. Press Enter to leave empty.
-secret_access_key> XXXX (as shown when creating the access grant)
-Option endpoint.
-Endpoint of the Shared Gateway.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / EU1 Shared Gateway
- \ (gateway.eu1.storjshare.io)
- 2 / US1 Shared Gateway
- \ (gateway.us1.storjshare.io)
- 3 / Asia-Pacific Shared Gateway
- \ (gateway.ap1.storjshare.io)
-endpoint> 1 (as shown when creating the access grant)
-Edit advanced config?
-y) Yes
-n) No (default)
-y/n> n
-Note that s3 credentials are generated when you create an access grant.
-Backend quirks
-
---chunk-size
is forced to be 64 MiB or greater. This will use more memory than the default of 5 MiB.
-- Server side copy is disabled as it isn't currently supported in the gateway.
-- GetTier and SetTier are not supported.
-
-Backend bugs
-Due to issue #39 uploading multipart files via the S3 gateway causes them to lose their metadata. For rclone's purpose this means that the modification time is not stored, nor is any MD5SUM (if one is available from the source).
-This has the following consequences:
-
-- Using
rclone rcat
will fail as the medatada doesn't match after upload
-- Uploading files with
rclone mount
will fail for the same reason
-
-- This can worked around by using
--vfs-cache-mode writes
or --vfs-cache-mode full
or setting --s3-upload-cutoff
large
-
-- Files uploaded via a multipart upload won't have their modtimes
-
-- This will mean that
rclone sync
will likely keep trying to upload files bigger than --s3-upload-cutoff
-- This can be worked around with
--checksum
or --size-only
or setting --s3-upload-cutoff
large
-- The maximum value for
--s3-upload-cutoff
is 5GiB though
-
-
-One general purpose workaround is to set --s3-upload-cutoff 5G
. This means that rclone will upload files smaller than 5GiB as single parts. Note that this can be set in the config file with upload_cutoff = 5G
or configured in the advanced settings. If you regularly transfer files larger than 5G then using --checksum
or --size-only
in rclone sync
is the recommended workaround.
-Comparison with the native protocol
-Use the the native protocol to take advantage of client-side encryption as well as to achieve the best possible download performance. Uploads will be erasure-coded locally, thus a 1gb upload will result in 2.68gb of data being uploaded to storage nodes across the network.
-Use this backend and the S3 compatible Hosted Gateway to increase upload performance and reduce the load on your systems and network. Uploads will be encrypted and erasure-coded server-side, thus a 1GB upload will result in only in 1GB of data being uploaded to storage nodes across the network.
-For more detailed comparison please check the documentation of the storj backend.
-Limitations
-rclone about
is not supported by the S3 backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs
(most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about and rclone about
-Backblaze B2
-B2 is Backblaze's cloud storage system.
-Paths are specified as remote:bucket
(or remote:
for the lsd
command.) You may put subdirectories in too, e.g. remote:bucket/path/to/dir
.
-Configuration
-Here is an example of making a b2 configuration. First run
-rclone config
-This will guide you through an interactive setup process. To authenticate you will either need your Account ID (a short hex number) and Master Application Key (a long hex number) OR an Application Key, which is the recommended method. See below for further details on generating and using an Application Key.
-No remotes found, make a new one?
-n) New remote
-q) Quit config
-n/q> n
-name> remote
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Backblaze B2
- \ "b2"
-[snip]
-Storage> b2
-Account ID or Application Key ID
-account> 123456789abc
-Application Key
-key> 0123456789abcdef0123456789abcdef0123456789
-Endpoint for the service - leave blank normally.
-endpoint>
-Remote config
---------------------
-[remote]
-account = 123456789abc
-key = 0123456789abcdef0123456789abcdef0123456789
-endpoint =
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-This remote is called remote
and can now be used like this
-See all buckets
-rclone lsd remote:
-Create a new bucket
-rclone mkdir remote:bucket
-List the contents of a bucket
-rclone ls remote:bucket
-Sync /home/local/directory
to the remote bucket, deleting any excess files in the bucket.
-rclone sync --interactive /home/local/directory remote:bucket
-Application Keys
-B2 supports multiple Application Keys for different access permission to B2 Buckets.
-You can use these with rclone too; you will need to use rclone version 1.43 or later.
-Follow Backblaze's docs to create an Application Key with the required permission and add the applicationKeyId
as the account
and the Application Key
itself as the key
.
-Note that you must put the applicationKeyId as the account
– you can't use the master Account ID. If you try then B2 will return 401 errors.
---fast-list
-This remote supports --fast-list
which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
-Modified time
-The modified time is stored as metadata on the object as X-Bz-Info-src_last_modified_millis
as milliseconds since 1970-01-01 in the Backblaze standard. Other tools should be able to use this as a modified time.
-Modified times are used in syncing and are fully supported. Note that if a modification time needs to be updated on an object then it will create a new version of the object.
-Restricted filename characters
-In addition to the default restricted characters set the following characters are also replaced:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-\
-0x5C
-\
-
-
-
-Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Note that in 2020-05 Backblaze started allowing characters in file names. Rclone hasn't changed its encoding as this could cause syncs to re-transfer files. If you want rclone not to replace then see the --b2-encoding
flag below and remove the BackSlash
from the string. This can be set in the config.
-SHA1 checksums
-The SHA1 checksums of the files are checked on upload and download and will be used in the syncing process.
-Large files (bigger than the limit in --b2-upload-cutoff
) which are uploaded in chunks will store their SHA1 on the object as X-Bz-Info-large_file_sha1
as recommended by Backblaze.
-For a large file to be uploaded with an SHA1 checksum, the source needs to support SHA1 checksums. The local disk supports SHA1 checksums so large file transfers from local disk will have an SHA1. See the overview for exactly which remotes support SHA1.
-Sources which don't support SHA1, in particular crypt
will upload large files without SHA1 checksums. This may be fixed in the future (see #1767).
-Files sizes below --b2-upload-cutoff
will always have an SHA1 regardless of the source.
-Transfers
-Backblaze recommends that you do lots of transfers simultaneously for maximum speed. In tests from my SSD equipped laptop the optimum setting is about --transfers 32
though higher numbers may be used for a slight speed improvement. The optimum number for you may vary depending on your hardware, how big the files are, how much you want to load your computer, etc. The default of --transfers 4
is definitely too low for Backblaze B2 though.
-Note that uploading big files (bigger than 200 MiB by default) will use a 96 MiB RAM buffer by default. There can be at most --transfers
of these in use at any moment, so this sets the upper limit on the memory used.
-Versions
-When rclone uploads a new version of a file it creates a new version of it. Likewise when you delete a file, the old version will be marked hidden and still be available. Conversely, you may opt in to a "hard delete" of files with the --b2-hard-delete
flag which would permanently remove the file instead of hiding it.
-Old versions of files, where available, are visible using the --b2-versions
flag.
-It is also possible to view a bucket as it was at a certain point in time, using the --b2-version-at
flag. This will show the file versions as they were at that time, showing files that have been deleted afterwards, and hiding files that were created since.
-If you wish to remove all the old versions then you can use the rclone cleanup remote:bucket
command which will delete all the old versions of files, leaving the current ones intact. You can also supply a path and only old versions under that path will be deleted, e.g. rclone cleanup remote:bucket/path/to/stuff
.
-Note that cleanup
will remove partially uploaded files from the bucket if they are more than a day old.
-When you purge
a bucket, the current and the old versions will be deleted then the bucket will be deleted.
-However delete
will cause the current versions of the files to become hidden old versions.
-Here is a session showing the listing and retrieval of an old version followed by a cleanup
of the old versions.
-Show current version and all the versions with --b2-versions
flag.
-$ rclone -q ls b2:cleanup-test
- 9 one.txt
-
-$ rclone -q --b2-versions ls b2:cleanup-test
- 9 one.txt
- 8 one-v2016-07-04-141032-000.txt
- 16 one-v2016-07-04-141003-000.txt
- 15 one-v2016-07-02-155621-000.txt
-Retrieve an old version
-$ rclone -q --b2-versions copy b2:cleanup-test/one-v2016-07-04-141003-000.txt /tmp
-
-$ ls -l /tmp/one-v2016-07-04-141003-000.txt
--rw-rw-r-- 1 ncw ncw 16 Jul 2 17:46 /tmp/one-v2016-07-04-141003-000.txt
-Clean up all the old versions and show that they've gone.
-$ rclone -q cleanup b2:cleanup-test
-
-$ rclone -q ls b2:cleanup-test
- 9 one.txt
-
-$ rclone -q --b2-versions ls b2:cleanup-test
- 9 one.txt
-Data usage
-It is useful to know how many requests are sent to the server in different scenarios.
-All copy commands send the following 4 requests:
-/b2api/v1/b2_authorize_account
-/b2api/v1/b2_create_bucket
-/b2api/v1/b2_list_buckets
-/b2api/v1/b2_list_file_names
-The b2_list_file_names
request will be sent once for every 1k files in the remote path, providing the checksum and modification time of the listed files. As of version 1.33 issue #818 causes extra requests to be sent when using B2 with Crypt. When a copy operation does not require any files to be uploaded, no more requests will be sent.
-Uploading files that do not require chunking, will send 2 requests per file upload:
-/b2api/v1/b2_get_upload_url
-/b2api/v1/b2_upload_file/
-Uploading files requiring chunking, will send 2 requests (one each to start and finish the upload) and another 2 requests for each chunk:
-/b2api/v1/b2_start_large_file
-/b2api/v1/b2_get_upload_part_url
-/b2api/v1/b2_upload_part/
-/b2api/v1/b2_finish_large_file
-Versions
-Versions can be viewed with the --b2-versions
flag. When it is set rclone will show and act on older versions of files. For example
-Listing without --b2-versions
-$ rclone -q ls b2:cleanup-test
- 9 one.txt
-And with
-$ rclone -q --b2-versions ls b2:cleanup-test
- 9 one.txt
- 8 one-v2016-07-04-141032-000.txt
- 16 one-v2016-07-04-141003-000.txt
- 15 one-v2016-07-02-155621-000.txt
-Showing that the current version is unchanged but older versions can be seen. These have the UTC date that they were uploaded to the server to the nearest millisecond appended to them.
-Note that when using --b2-versions
no file write operations are permitted, so you can't upload files or delete them.
-B2 and rclone link
-Rclone supports generating file share links for private B2 buckets. They can either be for a file for example:
-./rclone link B2:bucket/path/to/file.txt
-https://f002.backblazeb2.com/file/bucket/path/to/file.txt?Authorization=xxxxxxxx
-
-or if run on a directory you will get:
-./rclone link B2:bucket/path
-https://f002.backblazeb2.com/file/bucket/path?Authorization=xxxxxxxx
-you can then use the authorization token (the part of the url from the ?Authorization=
on) on any file path under that directory. For example:
-https://f002.backblazeb2.com/file/bucket/path/to/file1?Authorization=xxxxxxxx
-https://f002.backblazeb2.com/file/bucket/path/file2?Authorization=xxxxxxxx
-https://f002.backblazeb2.com/file/bucket/path/folder/file3?Authorization=xxxxxxxx
-
-Standard options
-Here are the Standard options specific to b2 (Backblaze B2).
---b2-account
-Account ID or Application Key ID.
-Properties:
-
-- Config: account
-- Env Var: RCLONE_B2_ACCOUNT
-- Type: string
-- Required: true
-
---b2-key
-Application Key.
-Properties:
-
-- Config: key
-- Env Var: RCLONE_B2_KEY
-- Type: string
-- Required: true
-
---b2-hard-delete
-Permanently delete files on remote removal, otherwise hide files.
-Properties:
-
-- Config: hard_delete
-- Env Var: RCLONE_B2_HARD_DELETE
-- Type: bool
-- Default: false
-
-Advanced options
-Here are the Advanced options specific to b2 (Backblaze B2).
---b2-endpoint
-Endpoint for the service.
-Leave blank normally.
-Properties:
-
-- Config: endpoint
-- Env Var: RCLONE_B2_ENDPOINT
-- Type: string
-- Required: false
-
---b2-test-mode
-A flag string for X-Bz-Test-Mode header for debugging.
-This is for debugging purposes only. Setting it to one of the strings below will cause b2 to return specific errors:
-
-- "fail_some_uploads"
-- "expire_some_account_authorization_tokens"
-- "force_cap_exceeded"
-
-These will be set in the "X-Bz-Test-Mode" header which is documented in the b2 integrations checklist.
-Properties:
-
-- Config: test_mode
-- Env Var: RCLONE_B2_TEST_MODE
-- Type: string
-- Required: false
-
---b2-versions
-Include old versions in directory listings.
-Note that when using this no file write operations are permitted, so you can't upload files or delete them.
-Properties:
-
-- Config: versions
-- Env Var: RCLONE_B2_VERSIONS
-- Type: bool
-- Default: false
-
---b2-version-at
-Show file versions as they were at the specified time.
-Note that when using this no file write operations are permitted, so you can't upload files or delete them.
-Properties:
-
-- Config: version_at
-- Env Var: RCLONE_B2_VERSION_AT
-- Type: Time
-- Default: off
-
---b2-upload-cutoff
-Cutoff for switching to chunked upload.
-Files above this size will be uploaded in chunks of "--b2-chunk-size".
-This value should be set no larger than 4.657 GiB (== 5 GB).
-Properties:
-
-- Config: upload_cutoff
-- Env Var: RCLONE_B2_UPLOAD_CUTOFF
-- Type: SizeSuffix
-- Default: 200Mi
-
---b2-copy-cutoff
-Cutoff for switching to multipart copy.
-Any files larger than this that need to be server-side copied will be copied in chunks of this size.
-The minimum is 0 and the maximum is 4.6 GiB.
-Properties:
-
-- Config: copy_cutoff
-- Env Var: RCLONE_B2_COPY_CUTOFF
-- Type: SizeSuffix
-- Default: 4Gi
-
---b2-chunk-size
-Upload chunk size.
-When uploading large files, chunk the file into this size.
-Must fit in memory. These chunks are buffered in memory and there might a maximum of "--transfers" chunks in progress at once.
-5,000,000 Bytes is the minimum size.
-Properties:
-
-- Config: chunk_size
-- Env Var: RCLONE_B2_CHUNK_SIZE
-- Type: SizeSuffix
-- Default: 96Mi
-
---b2-disable-checksum
-Disable checksums for large (> upload cutoff) files.
-Normally rclone will calculate the SHA1 checksum of the input before uploading it so it can add it to metadata on the object. This is great for data integrity checking but can cause long delays for large files to start uploading.
-Properties:
-
-- Config: disable_checksum
-- Env Var: RCLONE_B2_DISABLE_CHECKSUM
-- Type: bool
-- Default: false
-
---b2-download-url
-Custom endpoint for downloads.
-This is usually set to a Cloudflare CDN URL as Backblaze offers free egress for data downloaded through the Cloudflare network. Rclone works with private buckets by sending an "Authorization" header. If the custom endpoint rewrites the requests for authentication, e.g., in Cloudflare Workers, this header needs to be handled properly. Leave blank if you want to use the endpoint provided by Backblaze.
-The URL provided here SHOULD have the protocol and SHOULD NOT have a trailing slash or specify the /file/bucket subpath as rclone will request files with "{download_url}/file/{bucket_name}/{path}".
-Example: > https://mysubdomain.mydomain.tld (No trailing "/", "file" or "bucket")
-Properties:
-
-- Config: download_url
-- Env Var: RCLONE_B2_DOWNLOAD_URL
-- Type: string
-- Required: false
-
---b2-download-auth-duration
-Time before the authorization token will expire in s or suffix ms|s|m|h|d.
-The duration before the download authorization token will expire. The minimum value is 1 second. The maximum value is one week.
-Properties:
-
-- Config: download_auth_duration
-- Env Var: RCLONE_B2_DOWNLOAD_AUTH_DURATION
-- Type: Duration
-- Default: 1w
-
---b2-memory-pool-flush-time
-How often internal memory buffer pools will be flushed. Uploads which requires additional buffers (f.e multipart) will use memory pool for allocations. This option controls how often unused buffers will be removed from the pool.
-Properties:
-
-- Config: memory_pool_flush_time
-- Env Var: RCLONE_B2_MEMORY_POOL_FLUSH_TIME
-- Type: Duration
-- Default: 1m0s
-
---b2-memory-pool-use-mmap
-Whether to use mmap buffers in internal memory pool.
-Properties:
-
-- Config: memory_pool_use_mmap
-- Env Var: RCLONE_B2_MEMORY_POOL_USE_MMAP
-- Type: bool
-- Default: false
-
---b2-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_B2_ENCODING
-- Type: MultiEncoder
-- Default: Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot
-
-Limitations
-rclone about
is not supported by the B2 backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs
(most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about and rclone about
-Box
-Paths are specified as remote:path
-Paths may be as deep as required, e.g. remote:directory/subdirectory
.
-The initial setup for Box involves getting a token from Box which you can do either in your browser, or with a config.json downloaded from Box to use JWT authentication. rclone config
walks you through it.
-Configuration
-Here is an example of how to make a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Box
- \ "box"
-[snip]
-Storage> box
-Box App Client Id - leave blank normally.
-client_id>
-Box App Client Secret - leave blank normally.
-client_secret>
-Box App config.json location
-Leave blank normally.
-Enter a string value. Press Enter for the default ("").
-box_config_file>
-Box App Primary Access Token
-Leave blank normally.
-Enter a string value. Press Enter for the default ("").
-access_token>
-
-Enter a string value. Press Enter for the default ("user").
-Choose a number from below, or type in your own value
- 1 / Rclone should act on behalf of a user
- \ "user"
- 2 / Rclone should act on behalf of a service account
- \ "enterprise"
-box_sub_type>
-Remote config
-Use web browser to automatically authenticate rclone with remote?
- * Say Y if the machine running rclone has a web browser you can use
- * Say N if running rclone on a (remote) machine without web browser access
-If not sure try Y. If Y failed, try N.
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
---------------------
-[remote]
-client_id =
-client_secret =
-token = {"access_token":"XXX","token_type":"bearer","refresh_token":"XXX","expiry":"XXX"}
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-See the remote setup docs for how to set it up on a machine with no Internet browser available.
-Note that rclone runs a webserver on your local machine to collect the token as returned from Box. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/
and this it may require you to unblock it temporarily if you are running a host firewall.
-Once configured you can then use rclone
like this,
-List directories in top level of your Box
-rclone lsd remote:
-List all the files in your Box
-rclone ls remote:
-To copy a local directory to an Box directory called backup
-rclone copy /home/source remote:backup
-Using rclone with an Enterprise account with SSO
-If you have an "Enterprise" account type with Box with single sign on (SSO), you need to create a password to use Box with rclone. This can be done at your Enterprise Box account by going to Settings, "Account" Tab, and then set the password in the "Authentication" field.
-Once you have done this, you can setup your Enterprise Box account using the same procedure detailed above in the, using the password you have just set.
-Invalid refresh token
-According to the box docs:
-
-Each refresh_token is valid for one use in 60 days.
-
-This means that if you
-
-- Don't use the box remote for 60 days
-- Copy the config file with a box refresh token in and use it in two places
-- Get an error on a token refresh
-
-then rclone will return an error which includes the text Invalid refresh token
.
-To fix this you will need to use oauth2 again to update the refresh token. You can use the methods in the remote setup docs, bearing in mind that if you use the copy the config file method, you should not use that remote on the computer you did the authentication on.
-Here is how to do it.
-$ rclone config
-Current remotes:
-
-Name Type
-==== ====
-remote box
-
-e) Edit existing remote
-n) New remote
-d) Delete remote
-r) Rename remote
-c) Copy remote
-s) Set configuration password
-q) Quit config
-e/n/d/r/c/s/q> e
-Choose a number from below, or type in an existing value
- 1 > remote
-remote> remote
---------------------
-[remote]
-type = box
-token = {"access_token":"XXX","token_type":"bearer","refresh_token":"XXX","expiry":"2017-07-08T23:40:08.059167677+01:00"}
---------------------
-Edit remote
-Value "client_id" = ""
-Edit? (y/n)>
-y) Yes
-n) No
-y/n> n
-Value "client_secret" = ""
-Edit? (y/n)>
-y) Yes
-n) No
-y/n> n
-Remote config
-Already have a token - refresh?
-y) Yes
-n) No
-y/n> y
-Use web browser to automatically authenticate rclone with remote?
- * Say Y if the machine running rclone has a web browser you can use
- * Say N if running rclone on a (remote) machine without web browser access
-If not sure try Y. If Y failed, try N.
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
---------------------
-[remote]
-type = box
-token = {"access_token":"YYY","token_type":"bearer","refresh_token":"YYY","expiry":"2017-07-23T12:22:29.259137901+01:00"}
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Modified time and hashes
-Box allows modification times to be set on objects accurate to 1 second. These will be used to detect whether objects need syncing or not.
-Box supports SHA1 type hashes, so you can use the --checksum
flag.
-Restricted filename characters
-In addition to the default restricted characters set the following characters are also replaced:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-\
-0x5C
-\
-
-
-
-File names can also not end with the following characters. These only get replaced if they are the last character in the name:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-SP
-0x20
-␠
-
-
-
-Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Transfers
-For files above 50 MiB rclone will use a chunked transfer. Rclone will upload up to --transfers
chunks at the same time (shared among all the multipart uploads). Chunks are buffered in memory and are normally 8 MiB so increasing --transfers
will increase memory use.
-Deleting files
-Depending on the enterprise settings for your user, the item will either be actually deleted from Box or moved to the trash.
-Emptying the trash is supported via the rclone however cleanup command however this deletes every trashed file and folder individually so it may take a very long time. Emptying the trash via the WebUI does not have this limitation so it is advised to empty the trash via the WebUI.
-Root folder ID
-You can set the root_folder_id
for rclone. This is the directory (identified by its Folder ID
) that rclone considers to be the root of your Box drive.
-Normally you will leave this blank and rclone will determine the correct root to use itself.
-However you can set this to restrict rclone to a specific folder hierarchy.
-In order to do this you will have to find the Folder ID
of the directory you wish rclone to display. This will be the last segment of the URL when you open the relevant folder in the Box web interface.
-So if the folder you want rclone to use has a URL which looks like https://app.box.com/folder/11xxxxxxxxx8
in the browser, then you use 11xxxxxxxxx8
as the root_folder_id
in the config.
-Standard options
-Here are the Standard options specific to box (Box).
---box-client-id
-OAuth Client Id.
-Leave blank normally.
-Properties:
-
-- Config: client_id
-- Env Var: RCLONE_BOX_CLIENT_ID
-- Type: string
-- Required: false
-
---box-client-secret
-OAuth Client Secret.
-Leave blank normally.
-Properties:
-
-- Config: client_secret
-- Env Var: RCLONE_BOX_CLIENT_SECRET
-- Type: string
-- Required: false
-
---box-box-config-file
-Box App config.json location
-Leave blank normally.
-Leading ~
will be expanded in the file name as will environment variables such as ${RCLONE_CONFIG_DIR}
.
-Properties:
-
-- Config: box_config_file
-- Env Var: RCLONE_BOX_BOX_CONFIG_FILE
-- Type: string
-- Required: false
-
---box-access-token
-Box App Primary Access Token
-Leave blank normally.
-Properties:
-
-- Config: access_token
-- Env Var: RCLONE_BOX_ACCESS_TOKEN
-- Type: string
-- Required: false
-
---box-box-sub-type
-Properties:
-
-- Config: box_sub_type
-- Env Var: RCLONE_BOX_BOX_SUB_TYPE
-- Type: string
-- Default: "user"
-- Examples:
-
-- "user"
-
-- Rclone should act on behalf of a user.
-
-- "enterprise"
-
-- Rclone should act on behalf of a service account.
-
-
-
-Advanced options
-Here are the Advanced options specific to box (Box).
---box-token
-OAuth Access Token as a JSON blob.
-Properties:
-
-- Config: token
-- Env Var: RCLONE_BOX_TOKEN
-- Type: string
-- Required: false
-
---box-auth-url
-Auth server URL.
-Leave blank to use the provider defaults.
-Properties:
-
-- Config: auth_url
-- Env Var: RCLONE_BOX_AUTH_URL
-- Type: string
-- Required: false
-
---box-token-url
-Token server url.
-Leave blank to use the provider defaults.
-Properties:
-
-- Config: token_url
-- Env Var: RCLONE_BOX_TOKEN_URL
-- Type: string
-- Required: false
-
---box-root-folder-id
-Fill in for rclone to use a non root folder as its starting point.
-Properties:
-
-- Config: root_folder_id
-- Env Var: RCLONE_BOX_ROOT_FOLDER_ID
-- Type: string
-- Default: "0"
-
---box-upload-cutoff
-Cutoff for switching to multipart upload (>= 50 MiB).
-Properties:
-
-- Config: upload_cutoff
-- Env Var: RCLONE_BOX_UPLOAD_CUTOFF
-- Type: SizeSuffix
-- Default: 50Mi
-
---box-commit-retries
-Max number of times to try committing a multipart file.
-Properties:
-
-- Config: commit_retries
-- Env Var: RCLONE_BOX_COMMIT_RETRIES
-- Type: int
-- Default: 100
-
---box-list-chunk
-Size of listing chunk 1-1000.
-Properties:
-
-- Config: list_chunk
-- Env Var: RCLONE_BOX_LIST_CHUNK
-- Type: int
-- Default: 1000
-
---box-owned-by
-Only show items owned by the login (email address) passed in.
-Properties:
-
-- Config: owned_by
-- Env Var: RCLONE_BOX_OWNED_BY
-- Type: string
-- Required: false
-
---box-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_BOX_ENCODING
-- Type: MultiEncoder
-- Default: Slash,BackSlash,Del,Ctl,RightSpace,InvalidUtf8,Dot
-
-Limitations
-Note that Box is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
-Box file names can't have the \
character in. rclone maps this to and from an identical looking unicode equivalent \
(U+FF3C Fullwidth Reverse Solidus).
-Box only supports filenames up to 255 characters in length.
-Box has API rate limits that sometimes reduce the speed of rclone.
-rclone about
is not supported by the Box backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs
(most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about and rclone about
-Cache
-The cache
remote wraps another existing remote and stores file structure and its data for long running tasks like rclone mount
.
-Status
-The cache backend code is working but it currently doesn't have a maintainer so there are outstanding bugs which aren't getting fixed.
-The cache backend is due to be phased out in favour of the VFS caching layer eventually which is more tightly integrated into rclone.
-Until this happens we recommend only using the cache backend if you find you can't work without it. There are many docs online describing the use of the cache backend to minimize API hits and by-and-large these are out of date and the cache backend isn't needed in those scenarios any more.
-Configuration
-To get started you just need to have an existing remote which can be configured with cache
.
-Here is an example of how to make a remote called test-cache
. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-r) Rename remote
-c) Copy remote
-s) Set configuration password
-q) Quit config
-n/r/c/s/q> n
-name> test-cache
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Cache a remote
- \ "cache"
-[snip]
-Storage> cache
-Remote to cache.
-Normally should contain a ':' and a path, e.g. "myremote:path/to/dir",
-"myremote:bucket" or maybe "myremote:" (not recommended).
-remote> local:/test
-Optional: The URL of the Plex server
-plex_url> http://127.0.0.1:32400
-Optional: The username of the Plex user
-plex_username> dummyusername
-Optional: The password of the Plex user
-y) Yes type in my own password
-g) Generate random password
-n) No leave this optional password blank
-y/g/n> y
-Enter the password:
-password:
-Confirm the password:
-password:
-The size of a chunk. Lower value good for slow connections but can affect seamless reading.
-Default: 5M
-Choose a number from below, or type in your own value
- 1 / 1 MiB
- \ "1M"
- 2 / 5 MiB
- \ "5M"
- 3 / 10 MiB
- \ "10M"
-chunk_size> 2
-How much time should object info (file size, file hashes, etc.) be stored in cache. Use a very high value if you don't plan on changing the source FS from outside the cache.
-Accepted units are: "s", "m", "h".
-Default: 5m
-Choose a number from below, or type in your own value
- 1 / 1 hour
- \ "1h"
- 2 / 24 hours
- \ "24h"
- 3 / 24 hours
- \ "48h"
-info_age> 2
-The maximum size of stored chunks. When the storage grows beyond this size, the oldest chunks will be deleted.
-Default: 10G
-Choose a number from below, or type in your own value
- 1 / 500 MiB
- \ "500M"
- 2 / 1 GiB
- \ "1G"
- 3 / 10 GiB
- \ "10G"
-chunk_total_size> 3
-Remote config
---------------------
-[test-cache]
-remote = local:/test
-plex_url = http://127.0.0.1:32400
-plex_username = dummyusername
-plex_password = *** ENCRYPTED ***
-chunk_size = 5M
-info_age = 48h
-chunk_total_size = 10G
-You can then use it like this,
-List directories in top level of your drive
-rclone lsd test-cache:
-List all the files in your drive
-rclone ls test-cache:
-To start a cached mount
-rclone mount --allow-other test-cache: /var/tmp/test-cache
-Write Features
-Offline uploading
-In an effort to make writing through cache more reliable, the backend now supports this feature which can be activated by specifying a cache-tmp-upload-path
.
-A files goes through these states when using this feature:
-
-- An upload is started (usually by copying a file on the cache remote)
-- When the copy to the temporary location is complete the file is part of the cached remote and looks and behaves like any other file (reading included)
-- After
cache-tmp-wait-time
passes and the file is next in line, rclone move
is used to move the file to the cloud provider
-- Reading the file still works during the upload but most modifications on it will be prohibited
-- Once the move is complete the file is unlocked for modifications as it becomes as any other regular file
-- If the file is being read through
cache
when it's actually deleted from the temporary path then cache
will simply swap the source to the cloud provider without interrupting the reading (small blip can happen though)
-
-Files are uploaded in sequence and only one file is uploaded at a time. Uploads will be stored in a queue and be processed based on the order they were added. The queue and the temporary storage is persistent across restarts but can be cleared on startup with the --cache-db-purge
flag.
-Write Support
-Writes are supported through cache
. One caveat is that a mounted cache remote does not add any retry or fallback mechanism to the upload operation. This will depend on the implementation of the wrapped remote. Consider using Offline uploading
for reliable writes.
-One special case is covered with cache-writes
which will cache the file data at the same time as the upload when it is enabled making it available from the cache store immediately once the upload is finished.
-Read Features
-Multiple connections
-To counter the high latency between a local PC where rclone is running and cloud providers, the cache remote can split multiple requests to the cloud provider for smaller file chunks and combines them together locally where they can be available almost immediately before the reader usually needs them.
-This is similar to buffering when media files are played online. Rclone will stay around the current marker but always try its best to stay ahead and prepare the data before.
-Plex Integration
-There is a direct integration with Plex which allows cache to detect during reading if the file is in playback or not. This helps cache to adapt how it queries the cloud provider depending on what is needed for.
-Scans will have a minimum amount of workers (1) while in a confirmed playback cache will deploy the configured number of workers.
-This integration opens the doorway to additional performance improvements which will be explored in the near future.
-Note: If Plex options are not configured, cache
will function with its configured options without adapting any of its settings.
-How to enable? Run rclone config
and add all the Plex options (endpoint, username and password) in your remote and it will be automatically enabled.
-Affected settings: - cache-workers
: Configured value during confirmed playback or 1 all the other times
-Certificate Validation
-When the Plex server is configured to only accept secure connections, it is possible to use .plex.direct
URLs to ensure certificate validation succeeds. These URLs are used by Plex internally to connect to the Plex server securely.
-The format for these URLs is the following:
-https://ip-with-dots-replaced.server-hash.plex.direct:32400/
-The ip-with-dots-replaced
part can be any IPv4 address, where the dots have been replaced with dashes, e.g. 127.0.0.1
becomes 127-0-0-1
.
-To get the server-hash
part, the easiest way is to visit
-https://plex.tv/api/resources?includeHttps=1&X-Plex-Token=your-plex-token
-This page will list all the available Plex servers for your account with at least one .plex.direct
link for each. Copy one URL and replace the IP address with the desired address. This can be used as the plex_url
value.
-Known issues
-Mount and --dir-cache-time
---dir-cache-time controls the first layer of directory caching which works at the mount layer. Being an independent caching mechanism from the cache
backend, it will manage its own entries based on the configured time.
-To avoid getting in a scenario where dir cache has obsolete data and cache would have the correct one, try to set --dir-cache-time
to a lower time than --cache-info-age
. Default values are already configured in this way.
-Windows support - Experimental
-There are a couple of issues with Windows mount
functionality that still require some investigations. It should be considered as experimental thus far as fixes come in for this OS.
-Most of the issues seem to be related to the difference between filesystems on Linux flavors and Windows as cache is heavily dependent on them.
-Any reports or feedback on how cache behaves on this OS is greatly appreciated.
-
-- https://github.com/rclone/rclone/issues/1935
-- https://github.com/rclone/rclone/issues/1907
-- https://github.com/rclone/rclone/issues/1834
-
-Risk of throttling
-Future iterations of the cache backend will make use of the pooling functionality of the cloud provider to synchronize and at the same time make writing through it more tolerant to failures.
-There are a couple of enhancements in track to add these but in the meantime there is a valid concern that the expiring cache listings can lead to cloud provider throttles or bans due to repeated queries on it for very large mounts.
-Some recommendations: - don't use a very small interval for entry information (--cache-info-age
) - while writes aren't yet optimised, you can still write through cache
which gives you the advantage of adding the file in the cache at the same time if configured to do so.
-Future enhancements:
-
-- https://github.com/rclone/rclone/issues/1937
-- https://github.com/rclone/rclone/issues/1936
-
-cache and crypt
-One common scenario is to keep your data encrypted in the cloud provider using the crypt
remote. crypt
uses a similar technique to wrap around an existing remote and handles this translation in a seamless way.
-There is an issue with wrapping the remotes in this order: cloud remote -> crypt -> cache
-During testing, I experienced a lot of bans with the remotes in this order. I suspect it might be related to how crypt opens files on the cloud provider which makes it think we're downloading the full file instead of small chunks. Organizing the remotes in this order yields better results: cloud remote -> cache -> crypt
-absolute remote paths
-cache
can not differentiate between relative and absolute paths for the wrapped remote. Any path given in the remote
config setting and on the command line will be passed to the wrapped remote as is, but for storing the chunks on disk the path will be made relative by removing any leading /
character.
-This behavior is irrelevant for most backend types, but there are backends where a leading /
changes the effective directory, e.g. in the sftp
backend paths starting with a /
are relative to the root of the SSH server and paths without are relative to the user home directory. As a result sftp:bin
and sftp:/bin
will share the same cache folder, even if they represent a different directory on the SSH server.
-Cache and Remote Control (--rc)
-Cache supports the new --rc
mode in rclone and can be remote controlled through the following end points: By default, the listener is disabled if you do not add the flag.
-rc cache/expire
-Purge a remote from the cache backend. Supports either a directory or a file. It supports both encrypted and unencrypted file names if cache is wrapped by crypt.
-Params: - remote = path to remote (required) - withData = true/false to delete cached data (chunks) as well (optional, false by default)
-Standard options
-Here are the Standard options specific to cache (Cache a remote).
---cache-remote
-Remote to cache.
-Normally should contain a ':' and a path, e.g. "myremote:path/to/dir", "myremote:bucket" or maybe "myremote:" (not recommended).
-Properties:
-
-- Config: remote
-- Env Var: RCLONE_CACHE_REMOTE
-- Type: string
-- Required: true
-
---cache-plex-url
-The URL of the Plex server.
-Properties:
-
-- Config: plex_url
-- Env Var: RCLONE_CACHE_PLEX_URL
-- Type: string
-- Required: false
-
---cache-plex-username
-The username of the Plex user.
-Properties:
-
-- Config: plex_username
-- Env Var: RCLONE_CACHE_PLEX_USERNAME
-- Type: string
-- Required: false
-
---cache-plex-password
-The password of the Plex user.
-NB Input to this must be obscured - see rclone obscure.
-Properties:
-
-- Config: plex_password
-- Env Var: RCLONE_CACHE_PLEX_PASSWORD
-- Type: string
-- Required: false
-
---cache-chunk-size
-The size of a chunk (partial file data).
-Use lower numbers for slower connections. If the chunk size is changed, any downloaded chunks will be invalid and cache-chunk-path will need to be cleared or unexpected EOF errors will occur.
-Properties:
-
-- Config: chunk_size
-- Env Var: RCLONE_CACHE_CHUNK_SIZE
-- Type: SizeSuffix
-- Default: 5Mi
-- Examples:
-
-- "1M"
-
-- 1 MiB
-
-- "5M"
-
-- 5 MiB
-
-- "10M"
-
-- 10 MiB
-
-
-
---cache-info-age
-How long to cache file structure information (directory listings, file size, times, etc.). If all write operations are done through the cache then you can safely make this value very large as the cache store will also be updated in real time.
-Properties:
-
-- Config: info_age
-- Env Var: RCLONE_CACHE_INFO_AGE
-- Type: Duration
-- Default: 6h0m0s
-- Examples:
-
-- "1h"
-
-- 1 hour
-
-- "24h"
-
-- 24 hours
-
-- "48h"
-
-- 48 hours
-
-
-
---cache-chunk-total-size
-The total size that the chunks can take up on the local disk.
-If the cache exceeds this value then it will start to delete the oldest chunks until it goes under this value.
-Properties:
-
-- Config: chunk_total_size
-- Env Var: RCLONE_CACHE_CHUNK_TOTAL_SIZE
-- Type: SizeSuffix
-- Default: 10Gi
-- Examples:
-
-- "500M"
-
-- 500 MiB
-
-- "1G"
-
-- 1 GiB
-
-- "10G"
-
-- 10 GiB
-
-
-
-Advanced options
-Here are the Advanced options specific to cache (Cache a remote).
---cache-plex-token
-The plex token for authentication - auto set normally.
-Properties:
-
-- Config: plex_token
-- Env Var: RCLONE_CACHE_PLEX_TOKEN
-- Type: string
-- Required: false
-
---cache-plex-insecure
-Skip all certificate verification when connecting to the Plex server.
-Properties:
-
-- Config: plex_insecure
-- Env Var: RCLONE_CACHE_PLEX_INSECURE
-- Type: string
-- Required: false
-
---cache-db-path
-Directory to store file structure metadata DB.
-The remote name is used as the DB file name.
-Properties:
-
-- Config: db_path
-- Env Var: RCLONE_CACHE_DB_PATH
-- Type: string
-- Default: "$HOME/.cache/rclone/cache-backend"
-
---cache-chunk-path
-Directory to cache chunk files.
-Path to where partial file data (chunks) are stored locally. The remote name is appended to the final path.
-This config follows the "--cache-db-path". If you specify a custom location for "--cache-db-path" and don't specify one for "--cache-chunk-path" then "--cache-chunk-path" will use the same path as "--cache-db-path".
-Properties:
-
-- Config: chunk_path
-- Env Var: RCLONE_CACHE_CHUNK_PATH
-- Type: string
-- Default: "$HOME/.cache/rclone/cache-backend"
-
---cache-db-purge
-Clear all the cached data for this remote on start.
-Properties:
-
-- Config: db_purge
-- Env Var: RCLONE_CACHE_DB_PURGE
-- Type: bool
-- Default: false
-
---cache-chunk-clean-interval
-How often should the cache perform cleanups of the chunk storage.
-The default value should be ok for most people. If you find that the cache goes over "cache-chunk-total-size" too often then try to lower this value to force it to perform cleanups more often.
-Properties:
-
-- Config: chunk_clean_interval
-- Env Var: RCLONE_CACHE_CHUNK_CLEAN_INTERVAL
-- Type: Duration
-- Default: 1m0s
-
---cache-read-retries
-How many times to retry a read from a cache storage.
-Since reading from a cache stream is independent from downloading file data, readers can get to a point where there's no more data in the cache. Most of the times this can indicate a connectivity issue if cache isn't able to provide file data anymore.
-For really slow connections, increase this to a point where the stream is able to provide data but your experience will be very stuttering.
-Properties:
-
-- Config: read_retries
-- Env Var: RCLONE_CACHE_READ_RETRIES
-- Type: int
-- Default: 10
-
---cache-workers
-How many workers should run in parallel to download chunks.
-Higher values will mean more parallel processing (better CPU needed) and more concurrent requests on the cloud provider. This impacts several aspects like the cloud provider API limits, more stress on the hardware that rclone runs on but it also means that streams will be more fluid and data will be available much more faster to readers.
-Note: If the optional Plex integration is enabled then this setting will adapt to the type of reading performed and the value specified here will be used as a maximum number of workers to use.
-Properties:
-
-- Config: workers
-- Env Var: RCLONE_CACHE_WORKERS
-- Type: int
-- Default: 4
-
---cache-chunk-no-memory
-Disable the in-memory cache for storing chunks during streaming.
-By default, cache will keep file data during streaming in RAM as well to provide it to readers as fast as possible.
-This transient data is evicted as soon as it is read and the number of chunks stored doesn't exceed the number of workers. However, depending on other settings like "cache-chunk-size" and "cache-workers" this footprint can increase if there are parallel streams too (multiple files being read at the same time).
-If the hardware permits it, use this feature to provide an overall better performance during streaming but it can also be disabled if RAM is not available on the local machine.
-Properties:
-
-- Config: chunk_no_memory
-- Env Var: RCLONE_CACHE_CHUNK_NO_MEMORY
-- Type: bool
-- Default: false
-
---cache-rps
-Limits the number of requests per second to the source FS (-1 to disable).
-This setting places a hard limit on the number of requests per second that cache will be doing to the cloud provider remote and try to respect that value by setting waits between reads.
-If you find that you're getting banned or limited on the cloud provider through cache and know that a smaller number of requests per second will allow you to work with it then you can use this setting for that.
-A good balance of all the other settings should make this setting useless but it is available to set for more special cases.
-NOTE: This will limit the number of requests during streams but other API calls to the cloud provider like directory listings will still pass.
-Properties:
-
-- Config: rps
-- Env Var: RCLONE_CACHE_RPS
-- Type: int
-- Default: -1
-
---cache-writes
-Cache file data on writes through the FS.
-If you need to read files immediately after you upload them through cache you can enable this flag to have their data stored in the cache store at the same time during upload.
-Properties:
-
-- Config: writes
-- Env Var: RCLONE_CACHE_WRITES
-- Type: bool
-- Default: false
-
---cache-tmp-upload-path
-Directory to keep temporary files until they are uploaded.
-This is the path where cache will use as a temporary storage for new files that need to be uploaded to the cloud provider.
-Specifying a value will enable this feature. Without it, it is completely disabled and files will be uploaded directly to the cloud provider
-Properties:
-
-- Config: tmp_upload_path
-- Env Var: RCLONE_CACHE_TMP_UPLOAD_PATH
-- Type: string
-- Required: false
-
---cache-tmp-wait-time
-How long should files be stored in local cache before being uploaded.
-This is the duration that a file must wait in the temporary location cache-tmp-upload-path before it is selected for upload.
-Note that only one file is uploaded at a time and it can take longer to start the upload if a queue formed for this purpose.
-Properties:
-
-- Config: tmp_wait_time
-- Env Var: RCLONE_CACHE_TMP_WAIT_TIME
-- Type: Duration
-- Default: 15s
-
---cache-db-wait-time
-How long to wait for the DB to be available - 0 is unlimited.
-Only one process can have the DB open at any one time, so rclone waits for this duration for the DB to become available before it gives an error.
-If you set it to 0 then it will wait forever.
-Properties:
-
-- Config: db_wait_time
-- Env Var: RCLONE_CACHE_DB_WAIT_TIME
-- Type: Duration
-- Default: 1s
-
-Backend commands
-Here are the commands specific to the cache backend.
-Run them with
-rclone backend COMMAND remote:
-The help below will explain what arguments each command takes.
-See the backend command for more info on how to pass options and arguments.
-These can be run on a running backend using the rc command backend/command.
-stats
-Print stats on the cache backend in JSON format.
-rclone backend stats remote: [options] [<arguments>+]
-Chunker
-The chunker
overlay transparently splits large files into smaller chunks during upload to wrapped remote and transparently assembles them back when the file is downloaded. This allows to effectively overcome size limits imposed by storage providers.
-Configuration
-To use it, first set up the underlying remote following the configuration instructions for that remote. You can also use a local pathname instead of a remote.
-First check your chosen remote is working - we'll call it remote:path
here. Note that anything inside remote:path
will be chunked and anything outside won't. This means that if you are using a bucket-based remote (e.g. S3, B2, swift) then you should probably put the bucket in the remote s3:bucket
.
-Now configure chunker
using rclone config
. We will call this one overlay
to separate it from the remote
itself.
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> overlay
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Transparently chunk/split large files
- \ "chunker"
-[snip]
-Storage> chunker
-Remote to chunk/unchunk.
-Normally should contain a ':' and a path, e.g. "myremote:path/to/dir",
-"myremote:bucket" or maybe "myremote:" (not recommended).
-Enter a string value. Press Enter for the default ("").
-remote> remote:path
-Files larger than chunk size will be split in chunks.
-Enter a size with suffix K,M,G,T. Press Enter for the default ("2G").
-chunk_size> 100M
-Choose how chunker handles hash sums. All modes but "none" require metadata.
-Enter a string value. Press Enter for the default ("md5").
-Choose a number from below, or type in your own value
- 1 / Pass any hash supported by wrapped remote for non-chunked files, return nothing otherwise
- \ "none"
- 2 / MD5 for composite files
- \ "md5"
- 3 / SHA1 for composite files
- \ "sha1"
- 4 / MD5 for all files
- \ "md5all"
- 5 / SHA1 for all files
- \ "sha1all"
- 6 / Copying a file to chunker will request MD5 from the source falling back to SHA1 if unsupported
- \ "md5quick"
- 7 / Similar to "md5quick" but prefers SHA1 over MD5
- \ "sha1quick"
-hash_type> md5
-Edit advanced config? (y/n)
-y) Yes
-n) No
-y/n> n
-Remote config
---------------------
-[overlay]
-type = chunker
-remote = remote:bucket
-chunk_size = 100M
-hash_type = md5
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Specifying the remote
-In normal use, make sure the remote has a :
in. If you specify the remote without a :
then rclone will use a local directory of that name. So if you use a remote of /path/to/secret/files
then rclone will chunk stuff in that directory. If you use a remote of name
then rclone will put files in a directory called name
in the current directory.
-Chunking
-When rclone starts a file upload, chunker checks the file size. If it doesn't exceed the configured chunk size, chunker will just pass the file to the wrapped remote. If a file is large, chunker will transparently cut data in pieces with temporary names and stream them one by one, on the fly. Each data chunk will contain the specified number of bytes, except for the last one which may have less data. If file size is unknown in advance (this is called a streaming upload), chunker will internally create a temporary copy, record its size and repeat the above process.
-When upload completes, temporary chunk files are finally renamed. This scheme guarantees that operations can be run in parallel and look from outside as atomic. A similar method with hidden temporary chunks is used for other operations (copy/move/rename, etc.). If an operation fails, hidden chunks are normally destroyed, and the target composite file stays intact.
-When a composite file download is requested, chunker transparently assembles it by concatenating data chunks in order. As the split is trivial one could even manually concatenate data chunks together to obtain the original content.
-When the list
rclone command scans a directory on wrapped remote, the potential chunk files are accounted for, grouped and assembled into composite directory entries. Any temporary chunks are hidden.
-List and other commands can sometimes come across composite files with missing or invalid chunks, e.g. shadowed by like-named directory or another file. This usually means that wrapped file system has been directly tampered with or damaged. If chunker detects a missing chunk it will by default print warning, skip the whole incomplete group of chunks but proceed with current command. You can set the --chunker-fail-hard
flag to have commands abort with error message in such cases.
-Chunk names
-The default chunk name format is *.rclone_chunk.###
, hence by default chunk names are BIG_FILE_NAME.rclone_chunk.001
, BIG_FILE_NAME.rclone_chunk.002
etc. You can configure another name format using the name_format
configuration file option. The format uses asterisk *
as a placeholder for the base file name and one or more consecutive hash characters #
as a placeholder for sequential chunk number. There must be one and only one asterisk. The number of consecutive hash characters defines the minimum length of a string representing a chunk number. If decimal chunk number has less digits than the number of hashes, it is left-padded by zeros. If the decimal string is longer, it is left intact. By default numbering starts from 1 but there is another option that allows user to start from 0, e.g. for compatibility with legacy software.
-For example, if name format is big_*-##.part
and original file name is data.txt
and numbering starts from 0, then the first chunk will be named big_data.txt-00.part
, the 99th chunk will be big_data.txt-98.part
and the 302nd chunk will become big_data.txt-301.part
.
-Note that list
assembles composite directory entries only when chunk names match the configured format and treats non-conforming file names as normal non-chunked files.
-When using norename
transactions, chunk names will additionally have a unique file version suffix. For example, BIG_FILE_NAME.rclone_chunk.001_bp562k
.
-Metadata
-Besides data chunks chunker will by default create metadata object for a composite file. The object is named after the original file. Chunker allows user to disable metadata completely (the none
format). Note that metadata is normally not created for files smaller than the configured chunk size. This may change in future rclone releases.
-Simple JSON metadata format
-This is the default format. It supports hash sums and chunk validation for composite files. Meta objects carry the following fields:
-
-ver
- version of format, currently 1
-size
- total size of composite file
-nchunks
- number of data chunks in file
-md5
- MD5 hashsum of composite file (if present)
-sha1
- SHA1 hashsum (if present)
-txn
- identifies current version of the file
-
-There is no field for composite file name as it's simply equal to the name of meta object on the wrapped remote. Please refer to respective sections for details on hashsums and modified time handling.
-No metadata
-You can disable meta objects by setting the meta format option to none
. In this mode chunker will scan directory for all files that follow configured chunk name format, group them by detecting chunks with the same base name and show group names as virtual composite files. This method is more prone to missing chunk errors (especially missing last chunk) than format with metadata enabled.
-Hashsums
-Chunker supports hashsums only when a compatible metadata is present. Hence, if you choose metadata format of none
, chunker will report hashsum as UNSUPPORTED
.
-Please note that by default metadata is stored only for composite files. If a file is smaller than configured chunk size, chunker will transparently redirect hash requests to wrapped remote, so support depends on that. You will see the empty string as a hashsum of requested type for small files if the wrapped remote doesn't support it.
-Many storage backends support MD5 and SHA1 hash types, so does chunker. With chunker you can choose one or another but not both. MD5 is set by default as the most supported type. Since chunker keeps hashes for composite files and falls back to the wrapped remote hash for non-chunked ones, we advise you to choose the same hash type as supported by wrapped remote so that your file listings look coherent.
-If your storage backend does not support MD5 or SHA1 but you need consistent file hashing, configure chunker with md5all
or sha1all
. These two modes guarantee given hash for all files. If wrapped remote doesn't support it, chunker will then add metadata to all files, even small. However, this can double the amount of small files in storage and incur additional service charges. You can even use chunker to force md5/sha1 support in any other remote at expense of sidecar meta objects by setting e.g. chunk_type=sha1all
to force hashsums and chunk_size=1P
to effectively disable chunking.
-Normally, when a file is copied to chunker controlled remote, chunker will ask the file source for compatible file hash and revert to on-the-fly calculation if none is found. This involves some CPU overhead but provides a guarantee that given hashsum is available. Also, chunker will reject a server-side copy or move operation if source and destination hashsum types are different resulting in the extra network bandwidth, too. In some rare cases this may be undesired, so chunker provides two optional choices: sha1quick
and md5quick
. If the source does not support primary hash type and the quick mode is enabled, chunker will try to fall back to the secondary type. This will save CPU and bandwidth but can result in empty hashsums at destination. Beware of consequences: the sync
command will revert (sometimes silently) to time/size comparison if compatible hashsums between source and target are not found.
-Modified time
-Chunker stores modification times using the wrapped remote so support depends on that. For a small non-chunked file the chunker overlay simply manipulates modification time of the wrapped remote file. For a composite file with metadata chunker will get and set modification time of the metadata object on the wrapped remote. If file is chunked but metadata format is none
then chunker will use modification time of the first data chunk.
-Migrations
-The idiomatic way to migrate to a different chunk size, hash type, transaction style or chunk naming scheme is to:
-
-- Collect all your chunked files under a directory and have your chunker remote point to it.
-- Create another directory (most probably on the same cloud storage) and configure a new remote with desired metadata format, hash type, chunk naming etc.
-- Now run
rclone sync --interactive oldchunks: newchunks:
and all your data will be transparently converted in transfer. This may take some time, yet chunker will try server-side copy if possible.
-- After checking data integrity you may remove configuration section of the old remote.
-
-If rclone gets killed during a long operation on a big composite file, hidden temporary chunks may stay in the directory. They will not be shown by the list
command but will eat up your account quota. Please note that the deletefile
command deletes only active chunks of a file. As a workaround, you can use remote of the wrapped file system to see them. An easy way to get rid of hidden garbage is to copy littered directory somewhere using the chunker remote and purge the original directory. The copy
command will copy only active chunks while the purge
will remove everything including garbage.
-Caveats and Limitations
-Chunker requires wrapped remote to support server-side move
(or copy
+ delete
) operations, otherwise it will explicitly refuse to start. This is because it internally renames temporary chunk files to their final names when an operation completes successfully.
-Chunker encodes chunk number in file name, so with default name_format
setting it adds 17 characters. Also chunker adds 7 characters of temporary suffix during operations. Many file systems limit base file name without path by 255 characters. Using rclone's crypt remote as a base file system limits file name by 143 characters. Thus, maximum name length is 231 for most files and 119 for chunker-over-crypt. A user in need can change name format to e.g. *.rcc##
and save 10 characters (provided at most 99 chunks per file).
-Note that a move implemented using the copy-and-delete method may incur double charging with some cloud storage providers.
-Chunker will not automatically rename existing chunks when you run rclone config
on a live remote and change the chunk name format. Beware that in result of this some files which have been treated as chunks before the change can pop up in directory listings as normal files and vice versa. The same warning holds for the chunk size. If you desperately need to change critical chunking settings, you should run data migration as described above.
-If wrapped remote is case insensitive, the chunker overlay will inherit that property (so you can't have a file called "Hello.doc" and "hello.doc" in the same directory).
-Chunker included in rclone releases up to v1.54
can sometimes fail to detect metadata produced by recent versions of rclone. We recommend users to keep rclone up-to-date to avoid data corruption.
-Changing transactions
is dangerous and requires explicit migration.
-Standard options
-Here are the Standard options specific to chunker (Transparently chunk/split large files).
---chunker-remote
-Remote to chunk/unchunk.
-Normally should contain a ':' and a path, e.g. "myremote:path/to/dir", "myremote:bucket" or maybe "myremote:" (not recommended).
-Properties:
-
-- Config: remote
-- Env Var: RCLONE_CHUNKER_REMOTE
-- Type: string
-- Required: true
-
---chunker-chunk-size
-Files larger than chunk size will be split in chunks.
-Properties:
-
-- Config: chunk_size
-- Env Var: RCLONE_CHUNKER_CHUNK_SIZE
-- Type: SizeSuffix
-- Default: 2Gi
-
---chunker-hash-type
-Choose how chunker handles hash sums.
-All modes but "none" require metadata.
-Properties:
-
-- Config: hash_type
-- Env Var: RCLONE_CHUNKER_HASH_TYPE
-- Type: string
-- Default: "md5"
-- Examples:
-
-- "none"
-
-- Pass any hash supported by wrapped remote for non-chunked files.
-- Return nothing otherwise.
-
-- "md5"
-
-- MD5 for composite files.
-
-- "sha1"
-
-- SHA1 for composite files.
-
-- "md5all"
-
-- MD5 for all files.
-
-- "sha1all"
-
-- SHA1 for all files.
-
-- "md5quick"
-
-- Copying a file to chunker will request MD5 from the source.
-- Falling back to SHA1 if unsupported.
-
-- "sha1quick"
-
-- Similar to "md5quick" but prefers SHA1 over MD5.
-
-
-
-Advanced options
-Here are the Advanced options specific to chunker (Transparently chunk/split large files).
---chunker-name-format
-String format of chunk file names.
-The two placeholders are: base file name (*) and chunk number (#...). There must be one and only one asterisk and one or more consecutive hash characters. If chunk number has less digits than the number of hashes, it is left-padded by zeros. If there are more digits in the number, they are left as is. Possible chunk files are ignored if their name does not match given format.
-Properties:
-
-- Config: name_format
-- Env Var: RCLONE_CHUNKER_NAME_FORMAT
-- Type: string
-- Default: "*.rclone_chunk.###"
-
---chunker-start-from
-Minimum valid chunk number. Usually 0 or 1.
-By default chunk numbers start from 1.
-Properties:
-
-- Config: start_from
-- Env Var: RCLONE_CHUNKER_START_FROM
-- Type: int
-- Default: 1
-
---chunker-meta-format
-Format of the metadata object or "none".
-By default "simplejson". Metadata is a small JSON file named after the composite file.
-Properties:
-
-- Config: meta_format
-- Env Var: RCLONE_CHUNKER_META_FORMAT
-- Type: string
-- Default: "simplejson"
-- Examples:
-
-- "none"
-
-- Do not use metadata files at all.
-- Requires hash type "none".
-
-- "simplejson"
-
-- Simple JSON supports hash sums and chunk validation.
-
-- It has the following fields: ver, size, nchunks, md5, sha1.
-
-
-
---chunker-fail-hard
-Choose how chunker should handle files with missing or invalid chunks.
-Properties:
-
-- Config: fail_hard
-- Env Var: RCLONE_CHUNKER_FAIL_HARD
-- Type: bool
-- Default: false
-- Examples:
-
-- "true"
-
-- Report errors and abort current command.
-
-- "false"
-
-- Warn user, skip incomplete file and proceed.
-
-
-
---chunker-transactions
-Choose how chunker should handle temporary files during transactions.
-Properties:
-
-- Config: transactions
-- Env Var: RCLONE_CHUNKER_TRANSACTIONS
-- Type: string
-- Default: "rename"
-- Examples:
-
-- "rename"
-
-- Rename temporary files after a successful transaction.
-
-- "norename"
-
-- Leave temporary file names and write transaction ID to metadata file.
-- Metadata is required for no rename transactions (meta format cannot be "none").
-- If you are using norename transactions you should be careful not to downgrade Rclone
-- as older versions of Rclone don't support this transaction style and will misinterpret
-- files manipulated by norename transactions.
-- This method is EXPERIMENTAL, don't use on production systems.
-
-- "auto"
-
-- Rename or norename will be used depending on capabilities of the backend.
-- If meta format is set to "none", rename transactions will always be used.
-- This method is EXPERIMENTAL, don't use on production systems.
-
-
-
-Citrix ShareFile
-Citrix ShareFile is a secure file sharing and transfer service aimed as business.
-Configuration
-The initial setup for Citrix ShareFile involves getting a token from Citrix ShareFile which you can in your browser. rclone config
walks you through it.
-Here is an example of how to make a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-XX / Citrix Sharefile
- \ "sharefile"
-Storage> sharefile
-** See help for sharefile backend at: https://rclone.org/sharefile/ **
-
-ID of the root folder
-
-Leave blank to access "Personal Folders". You can use one of the
-standard values here or any folder ID (long hex number ID).
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Access the Personal Folders. (Default)
- \ ""
- 2 / Access the Favorites folder.
- \ "favorites"
- 3 / Access all the shared folders.
- \ "allshared"
- 4 / Access all the individual connectors.
- \ "connectors"
- 5 / Access the home, favorites, and shared folders as well as the connectors.
- \ "top"
-root_folder_id>
-Edit advanced config? (y/n)
-y) Yes
-n) No
-y/n> n
-Remote config
-Use web browser to automatically authenticate rclone with remote?
- * Say Y if the machine running rclone has a web browser you can use
- * Say N if running rclone on a (remote) machine without web browser access
-If not sure try Y. If Y failed, try N.
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth?state=XXX
-Log in and authorize rclone for access
-Waiting for code...
-Got code
---------------------
-[remote]
-type = sharefile
-endpoint = https://XXX.sharefile.com
-token = {"access_token":"XXX","token_type":"bearer","refresh_token":"XXX","expiry":"2019-09-30T19:41:45.878561877+01:00"}
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-See the remote setup docs for how to set it up on a machine with no Internet browser available.
-Note that rclone runs a webserver on your local machine to collect the token as returned from Citrix ShareFile. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/
and this it may require you to unblock it temporarily if you are running a host firewall.
-Once configured you can then use rclone
like this,
-List directories in top level of your ShareFile
-rclone lsd remote:
-List all the files in your ShareFile
-rclone ls remote:
-To copy a local directory to an ShareFile directory called backup
-rclone copy /home/source remote:backup
-Paths may be as deep as required, e.g. remote:directory/subdirectory
.
-Modified time and hashes
-ShareFile allows modification times to be set on objects accurate to 1 second. These will be used to detect whether objects need syncing or not.
-ShareFile supports MD5 type hashes, so you can use the --checksum
flag.
-Transfers
-For files above 128 MiB rclone will use a chunked transfer. Rclone will upload up to --transfers
chunks at the same time (shared among all the multipart uploads). Chunks are buffered in memory and are normally 64 MiB so increasing --transfers
will increase memory use.
-Restricted filename characters
-In addition to the default restricted characters set the following characters are also replaced:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-\
-0x5C
-\
-
-
-*
-0x2A
-*
-
-
-<
-0x3C
-<
-
-
->
-0x3E
->
-
-
-?
-0x3F
-?
-
-
-:
-0x3A
-:
-
-
-|
-0x7C
-|
-
-
-"
-0x22
-"
-
-
-
-File names can also not start or end with the following characters. These only get replaced if they are the first or last character in the name:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-SP
-0x20
-␠
-
-
-.
-0x2E
-.
-
-
-
-Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Standard options
-Here are the Standard options specific to sharefile (Citrix Sharefile).
---sharefile-root-folder-id
-ID of the root folder.
-Leave blank to access "Personal Folders". You can use one of the standard values here or any folder ID (long hex number ID).
-Properties:
-
-- Config: root_folder_id
-- Env Var: RCLONE_SHAREFILE_ROOT_FOLDER_ID
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- Access the Personal Folders (default).
-
-- "favorites"
-
-- Access the Favorites folder.
-
-- "allshared"
-
-- Access all the shared folders.
-
-- "connectors"
-
-- Access all the individual connectors.
-
-- "top"
-
-- Access the home, favorites, and shared folders as well as the connectors.
-
-
-
-Advanced options
-Here are the Advanced options specific to sharefile (Citrix Sharefile).
---sharefile-upload-cutoff
-Cutoff for switching to multipart upload.
-Properties:
-
-- Config: upload_cutoff
-- Env Var: RCLONE_SHAREFILE_UPLOAD_CUTOFF
-- Type: SizeSuffix
-- Default: 128Mi
-
---sharefile-chunk-size
-Upload chunk size.
-Must a power of 2 >= 256k.
-Making this larger will improve performance, but note that each chunk is buffered in memory one per transfer.
-Reducing this will reduce memory usage but decrease performance.
-Properties:
-
-- Config: chunk_size
-- Env Var: RCLONE_SHAREFILE_CHUNK_SIZE
-- Type: SizeSuffix
-- Default: 64Mi
-
---sharefile-endpoint
-Endpoint for API calls.
-This is usually auto discovered as part of the oauth process, but can be set manually to something like: https://XXX.sharefile.com
-Properties:
-
-- Config: endpoint
-- Env Var: RCLONE_SHAREFILE_ENDPOINT
-- Type: string
-- Required: false
-
---sharefile-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_SHAREFILE_ENCODING
-- Type: MultiEncoder
-- Default: Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,LeftSpace,LeftPeriod,RightSpace,RightPeriod,InvalidUtf8,Dot
-
-Limitations
-Note that ShareFile is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
-ShareFile only supports filenames up to 256 characters in length.
-rclone about
is not supported by the Citrix ShareFile backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs
(most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about and rclone about
-Crypt
-Rclone crypt
remotes encrypt and decrypt other remotes.
-A remote of type crypt
does not access a storage system directly, but instead wraps another remote, which in turn accesses the storage system. This is similar to how alias, union, chunker and a few others work. It makes the usage very flexible, as you can add a layer, in this case an encryption layer, on top of any other backend, even in multiple layers. Rclone's functionality can be used as with any other remote, for example you can mount a crypt remote.
-Accessing a storage system through a crypt remote realizes client-side encryption, which makes it safe to keep your data in a location you do not trust will not get compromised. When working against the crypt
remote, rclone will automatically encrypt (before uploading) and decrypt (after downloading) on your local system as needed on the fly, leaving the data encrypted at rest in the wrapped remote. If you access the storage system using an application other than rclone, or access the wrapped remote directly using rclone, there will not be any encryption/decryption: Downloading existing content will just give you the encrypted (scrambled) format, and anything you upload will not become encrypted.
-The encryption is a secret-key encryption (also called symmetric key encryption) algorithm, where a password (or pass phrase) is used to generate real encryption key. The password can be supplied by user, or you may chose to let rclone generate one. It will be stored in the configuration file, in a lightly obscured form. If you are in an environment where you are not able to keep your configuration secured, you should add configuration encryption as protection. As long as you have this configuration file, you will be able to decrypt your data. Without the configuration file, as long as you remember the password (or keep it in a safe place), you can re-create the configuration and gain access to the existing data. You may also configure a corresponding remote in a different installation to access the same data. See below for guidance to changing password.
-Encryption uses cryptographic salt, to permute the encryption key so that the same string may be encrypted in different ways. When configuring the crypt remote it is optional to enter a salt, or to let rclone generate a unique salt. If omitted, rclone uses a built-in unique string. Normally in cryptography, the salt is stored together with the encrypted content, and do not have to be memorized by the user. This is not the case in rclone, because rclone does not store any additional information on the remotes. Use of custom salt is effectively a second password that must be memorized.
-File content encryption is performed using NaCl SecretBox, based on XSalsa20 cipher and Poly1305 for integrity. Names (file- and directory names) are also encrypted by default, but this has some implications and is therefore possible to be turned off.
-Configuration
-Here is an example of how to make a remote called secret
.
-To use crypt
, first set up the underlying remote. Follow the rclone config
instructions for the specific backend.
-Before configuring the crypt remote, check the underlying remote is working. In this example the underlying remote is called remote
. We will configure a path path
within this remote to contain the encrypted content. Anything inside remote:path
will be encrypted and anything outside will not.
-Configure crypt
using rclone config
. In this example the crypt
remote is called secret
, to differentiate it from the underlying remote
.
-When you are done you can use the crypt remote named secret
just as you would with any other remote, e.g. rclone copy D:\docs secret:\docs
, and rclone will encrypt and decrypt as needed on the fly. If you access the wrapped remote remote:path
directly you will bypass the encryption, and anything you read will be in encrypted form, and anything you write will be unencrypted. To avoid issues it is best to configure a dedicated path for encrypted content, and access it exclusively through a crypt remote.
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> secret
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / Encrypt/Decrypt a remote
- \ "crypt"
-[snip]
-Storage> crypt
-** See help for crypt backend at: https://rclone.org/crypt/ **
-
-Remote to encrypt/decrypt.
-Normally should contain a ':' and a path, eg "myremote:path/to/dir",
-"myremote:bucket" or maybe "myremote:" (not recommended).
-Enter a string value. Press Enter for the default ("").
-remote> remote:path
-How to encrypt the filenames.
-Enter a string value. Press Enter for the default ("standard").
-Choose a number from below, or type in your own value.
- / Encrypt the filenames.
- 1 | See the docs for the details.
- \ "standard"
- 2 / Very simple filename obfuscation.
- \ "obfuscate"
- / Don't encrypt the file names.
- 3 | Adds a ".bin" extension only.
- \ "off"
-filename_encryption>
-Option to either encrypt directory names or leave them intact.
-
-NB If filename_encryption is "off" then this option will do nothing.
-Enter a boolean value (true or false). Press Enter for the default ("true").
-Choose a number from below, or type in your own value
- 1 / Encrypt directory names.
- \ "true"
- 2 / Don't encrypt directory names, leave them intact.
- \ "false"
-directory_name_encryption>
-Password or pass phrase for encryption.
-y) Yes type in my own password
-g) Generate random password
-y/g> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Password or pass phrase for salt. Optional but recommended.
-Should be different to the previous password.
-y) Yes type in my own password
-g) Generate random password
-n) No leave this optional password blank (default)
-y/g/n> g
-Password strength in bits.
-64 is just about memorable
-128 is secure
-1024 is the maximum
-Bits> 128
-Your password is: JAsJvRcgR-_veXNfy_sGmQ
-Use this password? Please note that an obscured version of this
-password (and not the password itself) will be stored under your
-configuration file, so keep this generated password in a safe place.
-y) Yes (default)
-n) No
-y/n>
-Edit advanced config? (y/n)
-y) Yes
-n) No (default)
-y/n>
-Remote config
---------------------
-[secret]
-type = crypt
-remote = remote:path
-password = *** ENCRYPTED ***
-password2 = *** ENCRYPTED ***
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d>
-Important The crypt password stored in rclone.conf
is lightly obscured. That only protects it from cursory inspection. It is not secure unless configuration encryption of rclone.conf
is specified.
-A long passphrase is recommended, or rclone config
can generate a random one.
-The obscured password is created using AES-CTR with a static key. The salt is stored verbatim at the beginning of the obscured password. This static key is shared between all versions of rclone.
-If you reconfigure rclone with the same passwords/passphrases elsewhere it will be compatible, but the obscured version will be different due to the different salt.
-Rclone does not encrypt
-
-- file length - this can be calculated within 16 bytes
-- modification time - used for syncing
-
-Specifying the remote
-When configuring the remote to encrypt/decrypt, you may specify any string that rclone accepts as a source/destination of other commands.
-The primary use case is to specify the path into an already configured remote (e.g. remote:path/to/dir
or remote:bucket
), such that data in a remote untrusted location can be stored encrypted.
-You may also specify a local filesystem path, such as /path/to/dir
on Linux, C:\path\to\dir
on Windows. By creating a crypt remote pointing to such a local filesystem path, you can use rclone as a utility for pure local file encryption, for example to keep encrypted files on a removable USB drive.
-Note: A string which do not contain a :
will by rclone be treated as a relative path in the local filesystem. For example, if you enter the name remote
without the trailing :
, it will be treated as a subdirectory of the current directory with name "remote".
-If a path remote:path/to/dir
is specified, rclone stores encrypted files in path/to/dir
on the remote. With file name encryption, files saved to secret:subdir/subfile
are stored in the unencrypted path path/to/dir
but the subdir/subpath
element is encrypted.
-The path you specify does not have to exist, rclone will create it when needed.
-If you intend to use the wrapped remote both directly for keeping unencrypted content, as well as through a crypt remote for encrypted content, it is recommended to point the crypt remote to a separate directory within the wrapped remote. If you use a bucket-based storage system (e.g. Swift, S3, Google Compute Storage, B2) it is generally advisable to wrap the crypt remote around a specific bucket (s3:bucket
). If wrapping around the entire root of the storage (s3:
), and use the optional file name encryption, rclone will encrypt the bucket name.
-Changing password
-Should the password, or the configuration file containing a lightly obscured form of the password, be compromised, you need to re-encrypt your data with a new password. Since rclone uses secret-key encryption, where the encryption key is generated directly from the password kept on the client, it is not possible to change the password/key of already encrypted content. Just changing the password configured for an existing crypt remote means you will no longer able to decrypt any of the previously encrypted content. The only possibility is to re-upload everything via a crypt remote configured with your new password.
-Depending on the size of your data, your bandwidth, storage quota etc, there are different approaches you can take: - If you have everything in a different location, for example on your local system, you could remove all of the prior encrypted files, change the password for your configured crypt remote (or delete and re-create the crypt configuration), and then re-upload everything from the alternative location. - If you have enough space on the storage system you can create a new crypt remote pointing to a separate directory on the same backend, and then use rclone to copy everything from the original crypt remote to the new, effectively decrypting everything on the fly using the old password and re-encrypting using the new password. When done, delete the original crypt remote directory and finally the rclone crypt configuration with the old password. All data will be streamed from the storage system and back, so you will get half the bandwidth and be charged twice if you have upload and download quota on the storage system.
-Note: A security problem related to the random password generator was fixed in rclone version 1.53.3 (released 2020-11-19). Passwords generated by rclone config in version 1.49.0 (released 2019-08-26) to 1.53.2 (released 2020-10-26) are not considered secure and should be changed. If you made up your own password, or used rclone version older than 1.49.0 or newer than 1.53.2 to generate it, you are not affected by this issue. See issue #4783 for more details, and a tool you can use to check if you are affected.
-Example
-Create the following file structure using "standard" file name encryption.
-plaintext/
-├── file0.txt
-├── file1.txt
-└── subdir
- ├── file2.txt
- ├── file3.txt
- └── subsubdir
- └── file4.txt
-Copy these to the remote, and list them
-$ rclone -q copy plaintext secret:
-$ rclone -q ls secret:
- 7 file1.txt
- 6 file0.txt
- 8 subdir/file2.txt
- 10 subdir/subsubdir/file4.txt
- 9 subdir/file3.txt
-The crypt remote looks like
-$ rclone -q ls remote:path
- 55 hagjclgavj2mbiqm6u6cnjjqcg
- 54 v05749mltvv1tf4onltun46gls
- 57 86vhrsv86mpbtd3a0akjuqslj8/dlj7fkq4kdq72emafg7a7s41uo
- 58 86vhrsv86mpbtd3a0akjuqslj8/7uu829995du6o42n32otfhjqp4/b9pausrfansjth5ob3jkdqd4lc
- 56 86vhrsv86mpbtd3a0akjuqslj8/8njh1sk437gttmep3p70g81aps
-The directory structure is preserved
-$ rclone -q ls secret:subdir
- 8 file2.txt
- 9 file3.txt
- 10 subsubdir/file4.txt
-Without file name encryption .bin
extensions are added to underlying names. This prevents the cloud provider attempting to interpret file content.
-$ rclone -q ls remote:path
- 54 file0.txt.bin
- 57 subdir/file3.txt.bin
- 56 subdir/file2.txt.bin
- 58 subdir/subsubdir/file4.txt.bin
- 55 file1.txt.bin
-File name encryption modes
-Off
-
-- doesn't hide file names or directory structure
-- allows for longer file names (~246 characters)
-- can use sub paths and copy single files
-
-Standard
-
-- file names encrypted
-- file names can't be as long (~143 characters)
-- can use sub paths and copy single files
-- directory structure visible
-- identical files names will have identical uploaded names
-- can use shortcuts to shorten the directory recursion
-
-Obfuscation
-This is a simple "rotate" of the filename, with each file having a rot distance based on the filename. Rclone stores the distance at the beginning of the filename. A file called "hello" may become "53.jgnnq".
-Obfuscation is not a strong encryption of filenames, but hinders automated scanning tools picking up on filename patterns. It is an intermediate between "off" and "standard" which allows for longer path segment names.
-There is a possibility with some unicode based filenames that the obfuscation is weak and may map lower case characters to upper case equivalents.
-Obfuscation cannot be relied upon for strong protection.
-
-- file names very lightly obfuscated
-- file names can be longer than standard encryption
-- can use sub paths and copy single files
-- directory structure visible
-- identical files names will have identical uploaded names
-
-Cloud storage systems have limits on file name length and total path length which rclone is more likely to breach using "Standard" file name encryption. Where file names are less than 156 characters in length issues should not be encountered, irrespective of cloud storage provider.
-An experimental advanced option filename_encoding
is now provided to address this problem to a certain degree. For cloud storage systems with case sensitive file names (e.g. Google Drive), base64
can be used to reduce file name length. For cloud storage systems using UTF-16 to store file names internally (e.g. OneDrive), base32768
can be used to drastically reduce file name length.
-An alternative, future rclone file name encryption mode may tolerate backend provider path length limits.
-Directory name encryption
-Crypt offers the option of encrypting dir names or leaving them intact. There are two options:
-True
-Encrypts the whole file path including directory names Example: 1/12/123.txt
is encrypted to p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng/qgm4avr35m5loi1th53ato71v0
-False
-Only encrypts file names, skips directory names Example: 1/12/123.txt
is encrypted to 1/12/qgm4avr35m5loi1th53ato71v0
-Modified time and hashes
-Crypt stores modification times using the underlying remote so support depends on that.
-Hashes are not stored for crypt. However the data integrity is protected by an extremely strong crypto authenticator.
-Use the rclone cryptcheck
command to check the integrity of a crypted remote instead of rclone check
which can't check the checksums properly.
-Standard options
-Here are the Standard options specific to crypt (Encrypt/Decrypt a remote).
---crypt-remote
-Remote to encrypt/decrypt.
-Normally should contain a ':' and a path, e.g. "myremote:path/to/dir", "myremote:bucket" or maybe "myremote:" (not recommended).
-Properties:
-
-- Config: remote
-- Env Var: RCLONE_CRYPT_REMOTE
-- Type: string
-- Required: true
-
---crypt-filename-encryption
-How to encrypt the filenames.
-Properties:
-
-- Config: filename_encryption
-- Env Var: RCLONE_CRYPT_FILENAME_ENCRYPTION
-- Type: string
-- Default: "standard"
-- Examples:
-
-- "standard"
-
-- Encrypt the filenames.
-- See the docs for the details.
-
-- "obfuscate"
-
-- Very simple filename obfuscation.
-
-- "off"
-
-- Don't encrypt the file names.
-- Adds a ".bin" extension only.
-
-
-
---crypt-directory-name-encryption
-Option to either encrypt directory names or leave them intact.
-NB If filename_encryption is "off" then this option will do nothing.
-Properties:
-
-- Config: directory_name_encryption
-- Env Var: RCLONE_CRYPT_DIRECTORY_NAME_ENCRYPTION
-- Type: bool
-- Default: true
-- Examples:
-
-- "true"
-
-- Encrypt directory names.
-
-- "false"
-
-- Don't encrypt directory names, leave them intact.
-
-
-
---crypt-password
-Password or pass phrase for encryption.
-NB Input to this must be obscured - see rclone obscure.
-Properties:
-
-- Config: password
-- Env Var: RCLONE_CRYPT_PASSWORD
-- Type: string
-- Required: true
-
---crypt-password2
-Password or pass phrase for salt.
-Optional but recommended. Should be different to the previous password.
-NB Input to this must be obscured - see rclone obscure.
-Properties:
-
-- Config: password2
-- Env Var: RCLONE_CRYPT_PASSWORD2
-- Type: string
-- Required: false
-
-Advanced options
-Here are the Advanced options specific to crypt (Encrypt/Decrypt a remote).
---crypt-server-side-across-configs
-Allow server-side operations (e.g. copy) to work across different crypt configs.
-Normally this option is not what you want, but if you have two crypts pointing to the same backend you can use it.
-This can be used, for example, to change file name encryption type without re-uploading all the data. Just make two crypt backends pointing to two different directories with the single changed parameter and use rclone move to move the files between the crypt remotes.
-Properties:
-
-- Config: server_side_across_configs
-- Env Var: RCLONE_CRYPT_SERVER_SIDE_ACROSS_CONFIGS
-- Type: bool
-- Default: false
-
---crypt-show-mapping
-For all files listed show how the names encrypt.
-If this flag is set then for each file that the remote is asked to list, it will log (at level INFO) a line stating the decrypted file name and the encrypted file name.
-This is so you can work out which encrypted names are which decrypted names just in case you need to do something with the encrypted file names, or for debugging purposes.
-Properties:
-
-- Config: show_mapping
-- Env Var: RCLONE_CRYPT_SHOW_MAPPING
-- Type: bool
-- Default: false
-
---crypt-no-data-encryption
-Option to either encrypt file data or leave it unencrypted.
-Properties:
-
-- Config: no_data_encryption
-- Env Var: RCLONE_CRYPT_NO_DATA_ENCRYPTION
-- Type: bool
-- Default: false
-- Examples:
-
-- "true"
-
-- Don't encrypt file data, leave it unencrypted.
-
-- "false"
-
-- Encrypt file data.
-
-
-
---crypt-filename-encoding
-How to encode the encrypted filename to text string.
-This option could help with shortening the encrypted filename. The suitable option would depend on the way your remote count the filename length and if it's case sensitive.
-Properties:
-
-- Config: filename_encoding
-- Env Var: RCLONE_CRYPT_FILENAME_ENCODING
-- Type: string
-- Default: "base32"
-- Examples:
-
-- "base32"
-
-- Encode using base32. Suitable for all remote.
-
-- "base64"
-
-- Encode using base64. Suitable for case sensitive remote.
-
-- "base32768"
-
-- Encode using base32768. Suitable if your remote counts UTF-16 or
-- Unicode codepoint instead of UTF-8 byte length. (Eg. Onedrive)
-
-
-
-Metadata
-Any metadata supported by the underlying remote is read and written.
-See the metadata docs for more info.
-Backend commands
-Here are the commands specific to the crypt backend.
-Run them with
-rclone backend COMMAND remote:
-The help below will explain what arguments each command takes.
-See the backend command for more info on how to pass options and arguments.
-These can be run on a running backend using the rc command backend/command.
-encode
-Encode the given filename(s)
-rclone backend encode remote: [options] [<arguments>+]
-This encodes the filenames given as arguments returning a list of strings of the encoded results.
-Usage Example:
-rclone backend encode crypt: file1 [file2...]
-rclone rc backend/command command=encode fs=crypt: file1 [file2...]
-decode
-Decode the given filename(s)
-rclone backend decode remote: [options] [<arguments>+]
-This decodes the filenames given as arguments returning a list of strings of the decoded results. It will return an error if any of the inputs are invalid.
-Usage Example:
-rclone backend decode crypt: encryptedfile1 [encryptedfile2...]
-rclone rc backend/command command=decode fs=crypt: encryptedfile1 [encryptedfile2...]
-Backing up a crypted remote
-If you wish to backup a crypted remote, it is recommended that you use rclone sync
on the encrypted files, and make sure the passwords are the same in the new encrypted remote.
-This will have the following advantages
-
-rclone sync
will check the checksums while copying
-- you can use
rclone check
between the encrypted remotes
-- you don't decrypt and encrypt unnecessarily
-
-For example, let's say you have your original remote at remote:
with the encrypted version at eremote:
with path remote:crypt
. You would then set up the new remote remote2:
and then the encrypted version eremote2:
with path remote2:crypt
using the same passwords as eremote:
.
-To sync the two remotes you would do
-rclone sync --interactive remote:crypt remote2:crypt
-And to check the integrity you would do
-rclone check remote:crypt remote2:crypt
-File formats
-File encryption
-Files are encrypted 1:1 source file to destination object. The file has a header and is divided into chunks.
-Header
-
-- 8 bytes magic string
RCLONE\x00\x00
-- 24 bytes Nonce (IV)
-
-The initial nonce is generated from the operating systems crypto strong random number generator. The nonce is incremented for each chunk read making sure each nonce is unique for each block written. The chance of a nonce being re-used is minuscule. If you wrote an exabyte of data (10¹⁸ bytes) you would have a probability of approximately 2×10⁻³² of re-using a nonce.
-Chunk
-Each chunk will contain 64 KiB of data, except for the last one which may have less data. The data chunk is in standard NaCl SecretBox format. SecretBox uses XSalsa20 and Poly1305 to encrypt and authenticate messages.
-Each chunk contains:
-
-- 16 Bytes of Poly1305 authenticator
-- 1 - 65536 bytes XSalsa20 encrypted data
-
-64k chunk size was chosen as the best performing chunk size (the authenticator takes too much time below this and the performance drops off due to cache effects above this). Note that these chunks are buffered in memory so they can't be too big.
-This uses a 32 byte (256 bit key) key derived from the user password.
-Examples
-1 byte file will encrypt to
-
-- 32 bytes header
-- 17 bytes data chunk
-
-49 bytes total
-1 MiB (1048576 bytes) file will encrypt to
-
-- 32 bytes header
-- 16 chunks of 65568 bytes
-
-1049120 bytes total (a 0.05% overhead). This is the overhead for big files.
-Name encryption
-File names are encrypted segment by segment - the path is broken up into /
separated strings and these are encrypted individually.
-File segments are padded using PKCS#7 to a multiple of 16 bytes before encryption.
-They are then encrypted with EME using AES with 256 bit key. EME (ECB-Mix-ECB) is a wide-block encryption mode presented in the 2003 paper "A Parallelizable Enciphering Mode" by Halevi and Rogaway.
-This makes for deterministic encryption which is what we want - the same filename must encrypt to the same thing otherwise we can't find it on the cloud storage system.
-This means that
-
-- filenames with the same name will encrypt the same
-- filenames which start the same won't have a common prefix
-
-This uses a 32 byte key (256 bits) and a 16 byte (128 bits) IV both of which are derived from the user password.
-After encryption they are written out using a modified version of standard base32
encoding as described in RFC4648. The standard encoding is modified in two ways:
-
-- it becomes lower case (no-one likes upper case filenames!)
-- we strip the padding character
=
-
-base32
is used rather than the more efficient base64
so rclone can be used on case insensitive remotes (e.g. Windows, Amazon Drive).
-Key derivation
-Rclone uses scrypt
with parameters N=16384, r=8, p=1
with an optional user supplied salt (password2) to derive the 32+32+16 = 80 bytes of key material required. If the user doesn't supply a salt then rclone uses an internal one.
-scrypt
makes it impractical to mount a dictionary attack on rclone encrypted data. For full protection against this you should always use a salt.
-SEE ALSO
-
-- rclone cryptdecode - Show forward/reverse mapping of encrypted filenames
-
-Compress
-Warning
-This remote is currently experimental. Things may break and data may be lost. Anything you do with this remote is at your own risk. Please understand the risks associated with using experimental code and don't use this remote in critical applications.
-The Compress
remote adds compression to another remote. It is best used with remotes containing many large compressible files.
-Configuration
-To use this remote, all you need to do is specify another remote and a compression mode to use:
-Current remotes:
-
-Name Type
-==== ====
-remote_to_press sometype
-
-e) Edit existing remote
-$ rclone config
-n) New remote
-d) Delete remote
-r) Rename remote
-c) Copy remote
-s) Set configuration password
-q) Quit config
-e/n/d/r/c/s/q> n
-name> compress
-...
- 8 / Compress a remote
- \ "compress"
-...
-Storage> compress
-** See help for compress backend at: https://rclone.org/compress/ **
-
-Remote to compress.
-Enter a string value. Press Enter for the default ("").
-remote> remote_to_press:subdir
-Compression mode.
-Enter a string value. Press Enter for the default ("gzip").
-Choose a number from below, or type in your own value
- 1 / Gzip compression balanced for speed and compression strength.
- \ "gzip"
-compression_mode> gzip
-Edit advanced config? (y/n)
-y) Yes
-n) No (default)
-y/n> n
-Remote config
---------------------
-[compress]
-type = compress
-remote = remote_to_press:subdir
-compression_mode = gzip
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Compression Modes
-Currently only gzip compression is supported. It provides a decent balance between speed and size and is well supported by other applications. Compression strength can further be configured via an advanced setting where 0 is no compression and 9 is strongest compression.
-File types
-If you open a remote wrapped by compress, you will see that there are many files with an extension corresponding to the compression algorithm you chose. These files are standard files that can be opened by various archive programs, but they have some hidden metadata that allows them to be used by rclone. While you may download and decompress these files at will, do not manually delete or rename files. Files without correct metadata files will not be recognized by rclone.
-File names
-The compressed files will be named *.###########.gz
where *
is the base file and the #
part is base64 encoded size of the uncompressed file. The file names should not be changed by anything other than the rclone compression backend.
-Standard options
-Here are the Standard options specific to compress (Compress a remote).
---compress-remote
-Remote to compress.
-Properties:
-
-- Config: remote
-- Env Var: RCLONE_COMPRESS_REMOTE
-- Type: string
-- Required: true
-
---compress-mode
-Compression mode.
-Properties:
-
-- Config: mode
-- Env Var: RCLONE_COMPRESS_MODE
-- Type: string
-- Default: "gzip"
-- Examples:
-
-- "gzip"
-
-- Standard gzip compression with fastest parameters.
-
-
-
-Advanced options
-Here are the Advanced options specific to compress (Compress a remote).
---compress-level
-GZIP compression level (-2 to 9).
-Generally -1 (default, equivalent to 5) is recommended. Levels 1 to 9 increase compression at the cost of speed. Going past 6 generally offers very little return.
-Level -2 uses Huffman encoding only. Only use if you know what you are doing. Level 0 turns off compression.
-Properties:
-
-- Config: level
-- Env Var: RCLONE_COMPRESS_LEVEL
-- Type: int
-- Default: -1
-
---compress-ram-cache-limit
-Some remotes don't allow the upload of files with unknown size. In this case the compressed file will need to be cached to determine it's size.
-Files smaller than this limit will be cached in RAM, files larger than this limit will be cached on disk.
-Properties:
-
-- Config: ram_cache_limit
-- Env Var: RCLONE_COMPRESS_RAM_CACHE_LIMIT
-- Type: SizeSuffix
-- Default: 20Mi
-
-Metadata
-Any metadata supported by the underlying remote is read and written.
-See the metadata docs for more info.
-Combine
-The combine
backend joins remotes together into a single directory tree.
-For example you might have a remote for images on one provider:
-$ rclone tree s3:imagesbucket
-/
-├── image1.jpg
-└── image2.jpg
-And a remote for files on another:
-$ rclone tree drive:important/files
-/
-├── file1.txt
-└── file2.txt
-The combine
backend can join these together into a synthetic directory structure like this:
-$ rclone tree combined:
-/
-├── files
-│ ├── file1.txt
-│ └── file2.txt
-└── images
- ├── image1.jpg
- └── image2.jpg
-You'd do this by specifying an upstreams
parameter in the config like this
-upstreams = images=s3:imagesbucket files=drive:important/files
-During the initial setup with rclone config
you will specify the upstreams remotes as a space separated list. The upstream remotes can either be a local paths or other remotes.
-Configuration
-Here is an example of how to make a combine called remote
for the example above. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Option Storage.
-Type of storage to configure.
-Choose a number from below, or type in your own value.
-...
-XX / Combine several remotes into one
- \ (combine)
-...
-Storage> combine
-Option upstreams.
-Upstreams for combining
-These should be in the form
- dir=remote:path dir2=remote2:path
-Where before the = is specified the root directory and after is the remote to
-put there.
-Embedded spaces can be added using quotes
- "dir=remote:path with space" "dir2=remote2:path with space"
-Enter a fs.SpaceSepList value.
-upstreams> images=s3:imagesbucket files=drive:important/files
---------------------
-[remote]
-type = combine
-upstreams = images=s3:imagesbucket files=drive:important/files
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Configuring for Google Drive Shared Drives
-Rclone has a convenience feature for making a combine backend for all the shared drives you have access to.
-Assuming your main (non shared drive) Google drive remote is called drive:
you would run
-rclone backend -o config drives drive:
-This would produce something like this:
-[My Drive]
-type = alias
-remote = drive,team_drive=0ABCDEF-01234567890,root_folder_id=:
-
-[Test Drive]
-type = alias
-remote = drive,team_drive=0ABCDEFabcdefghijkl,root_folder_id=:
-
-[AllDrives]
-type = combine
-upstreams = "My Drive=My Drive:" "Test Drive=Test Drive:"
-If you then add that config to your config file (find it with rclone config file
) then you can access all the shared drives in one place with the AllDrives:
remote.
-See the Google Drive docs for full info.
-Standard options
-Here are the Standard options specific to combine (Combine several remotes into one).
---combine-upstreams
-Upstreams for combining
-These should be in the form
-dir=remote:path dir2=remote2:path
-Where before the = is specified the root directory and after is the remote to put there.
-Embedded spaces can be added using quotes
-"dir=remote:path with space" "dir2=remote2:path with space"
-Properties:
-
-- Config: upstreams
-- Env Var: RCLONE_COMBINE_UPSTREAMS
-- Type: SpaceSepList
-- Default:
-
-Metadata
-Any metadata supported by the underlying remote is read and written.
-See the metadata docs for more info.
-Dropbox
-Paths are specified as remote:path
-Dropbox paths may be as deep as required, e.g. remote:directory/subdirectory
.
-Configuration
-The initial setup for dropbox involves getting a token from Dropbox which you need to do in your browser. rclone config
walks you through it.
-Here is an example of how to make a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-n) New remote
-d) Delete remote
-q) Quit config
-e/n/d/q> n
-name> remote
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Dropbox
- \ "dropbox"
-[snip]
-Storage> dropbox
-Dropbox App Key - leave blank normally.
-app_key>
-Dropbox App Secret - leave blank normally.
-app_secret>
-Remote config
-Please visit:
-https://www.dropbox.com/1/oauth2/authorize?client_id=XXXXXXXXXXXXXXX&response_type=code
-Enter the code: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX_XXXXXXXXXX
---------------------
-[remote]
-app_key =
-app_secret =
-token = XXXXXXXXXXXXXXXXXXXXXXXXXXXXX_XXXX_XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-See the remote setup docs for how to set it up on a machine with no Internet browser available.
-Note that rclone runs a webserver on your local machine to collect the token as returned from Dropbox. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/
and it may require you to unblock it temporarily if you are running a host firewall, or use manual mode.
-You can then use it like this,
-List directories in top level of your dropbox
-rclone lsd remote:
-List all the files in your dropbox
-rclone ls remote:
-To copy a local directory to a dropbox directory called backup
-rclone copy /home/source remote:backup
-Dropbox for business
-Rclone supports Dropbox for business and Team Folders.
-When using Dropbox for business remote:
and remote:path/to/file
will refer to your personal folder.
-If you wish to see Team Folders you must use a leading /
in the path, so rclone lsd remote:/
will refer to the root and show you all Team Folders and your User Folder.
-You can then use team folders like this remote:/TeamFolder
and remote:/TeamFolder/path/to/file
.
-A leading /
for a Dropbox personal account will do nothing, but it will take an extra HTTP transaction so it should be avoided.
-Modified time and Hashes
-Dropbox supports modified times, but the only way to set a modification time is to re-upload the file.
-This means that if you uploaded your data with an older version of rclone which didn't support the v2 API and modified times, rclone will decide to upload all your old data to fix the modification times. If you don't want this to happen use --size-only
or --checksum
flag to stop it.
-Dropbox supports its own hash type which is checked for all transfers.
-Restricted filename characters
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-NUL
-0x00
-␀
-
-
-/
-0x2F
-/
-
-
-DEL
-0x7F
-␡
-
-
-\
-0x5C
-\
-
-
-
-File names can also not end with the following characters. These only get replaced if they are the last character in the name:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-SP
-0x20
-␠
-
-
-
-Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Batch mode uploads
-Using batch mode uploads is very important for performance when using the Dropbox API. See the dropbox performance guide for more info.
-There are 3 modes rclone can use for uploads.
---dropbox-batch-mode off
-In this mode rclone will not use upload batching. This was the default before rclone v1.55. It has the disadvantage that it is very likely to encounter too_many_requests
errors like this
-NOTICE: too_many_requests/.: Too many requests or write operations. Trying again in 15 seconds.
-When rclone receives these it has to wait for 15s or sometimes 300s before continuing which really slows down transfers.
-This will happen especially if --transfers
is large, so this mode isn't recommended except for compatibility or investigating problems.
---dropbox-batch-mode sync
-In this mode rclone will batch up uploads to the size specified by --dropbox-batch-size
and commit them together.
-Using this mode means you can use a much higher --transfers
parameter (32 or 64 works fine) without receiving too_many_requests
errors.
-This mode ensures full data integrity.
-Note that there may be a pause when quitting rclone while rclone finishes up the last batch using this mode.
---dropbox-batch-mode async
-In this mode rclone will batch up uploads to the size specified by --dropbox-batch-size
and commit them together.
-However it will not wait for the status of the batch to be returned to the caller. This means rclone can use a much bigger batch size (much bigger than --transfers
), at the cost of not being able to check the status of the upload.
-This provides the maximum possible upload speed especially with lots of small files, however rclone can't check the file got uploaded properly using this mode.
-If you are using this mode then using "rclone check" after the transfer completes is recommended. Or you could do an initial transfer with --dropbox-batch-mode async
then do a final transfer with --dropbox-batch-mode sync
(the default).
-Note that there may be a pause when quitting rclone while rclone finishes up the last batch using this mode.
-Standard options
-Here are the Standard options specific to dropbox (Dropbox).
---dropbox-client-id
-OAuth Client Id.
-Leave blank normally.
-Properties:
-
-- Config: client_id
-- Env Var: RCLONE_DROPBOX_CLIENT_ID
-- Type: string
-- Required: false
-
---dropbox-client-secret
-OAuth Client Secret.
-Leave blank normally.
-Properties:
-
-- Config: client_secret
-- Env Var: RCLONE_DROPBOX_CLIENT_SECRET
-- Type: string
-- Required: false
-
-Advanced options
-Here are the Advanced options specific to dropbox (Dropbox).
---dropbox-token
-OAuth Access Token as a JSON blob.
-Properties:
-
-- Config: token
-- Env Var: RCLONE_DROPBOX_TOKEN
-- Type: string
-- Required: false
-
---dropbox-auth-url
-Auth server URL.
-Leave blank to use the provider defaults.
-Properties:
-
-- Config: auth_url
-- Env Var: RCLONE_DROPBOX_AUTH_URL
-- Type: string
-- Required: false
-
---dropbox-token-url
-Token server url.
-Leave blank to use the provider defaults.
-Properties:
-
-- Config: token_url
-- Env Var: RCLONE_DROPBOX_TOKEN_URL
-- Type: string
-- Required: false
-
---dropbox-chunk-size
-Upload chunk size (< 150Mi).
-Any files larger than this will be uploaded in chunks of this size.
-Note that chunks are buffered in memory (one at a time) so rclone can deal with retries. Setting this larger will increase the speed slightly (at most 10% for 128 MiB in tests) at the cost of using more memory. It can be set smaller if you are tight on memory.
-Properties:
-
-- Config: chunk_size
-- Env Var: RCLONE_DROPBOX_CHUNK_SIZE
-- Type: SizeSuffix
-- Default: 48Mi
-
---dropbox-impersonate
-Impersonate this user when using a business account.
-Note that if you want to use impersonate, you should make sure this flag is set when running "rclone config" as this will cause rclone to request the "members.read" scope which it won't normally. This is needed to lookup a members email address into the internal ID that dropbox uses in the API.
-Using the "members.read" scope will require a Dropbox Team Admin to approve during the OAuth flow.
-You will have to use your own App (setting your own client_id and client_secret) to use this option as currently rclone's default set of permissions doesn't include "members.read". This can be added once v1.55 or later is in use everywhere.
-Properties:
-
-- Config: impersonate
-- Env Var: RCLONE_DROPBOX_IMPERSONATE
-- Type: string
-- Required: false
-
---dropbox-shared-files
-Instructs rclone to work on individual shared files.
-In this mode rclone's features are extremely limited - only list (ls, lsl, etc.) operations and read operations (e.g. downloading) are supported in this mode. All other operations will be disabled.
-Properties:
-
-- Config: shared_files
-- Env Var: RCLONE_DROPBOX_SHARED_FILES
-- Type: bool
-- Default: false
-
---dropbox-shared-folders
-Instructs rclone to work on shared folders.
-When this flag is used with no path only the List operation is supported and all available shared folders will be listed. If you specify a path the first part will be interpreted as the name of shared folder. Rclone will then try to mount this shared to the root namespace. On success shared folder rclone proceeds normally. The shared folder is now pretty much a normal folder and all normal operations are supported.
-Note that we don't unmount the shared folder afterwards so the --dropbox-shared-folders can be omitted after the first use of a particular shared folder.
-Properties:
-
-- Config: shared_folders
-- Env Var: RCLONE_DROPBOX_SHARED_FOLDERS
-- Type: bool
-- Default: false
-
---dropbox-batch-mode
-Upload file batching sync|async|off.
-This sets the batch mode used by rclone.
-For full info see the main docs
-This has 3 possible values
-
-- off - no batching
-- sync - batch uploads and check completion (default)
-- async - batch upload and don't check completion
-
-Rclone will close any outstanding batches when it exits which may make a delay on quit.
-Properties:
-
-- Config: batch_mode
-- Env Var: RCLONE_DROPBOX_BATCH_MODE
-- Type: string
-- Default: "sync"
-
---dropbox-batch-size
-Max number of files in upload batch.
-This sets the batch size of files to upload. It has to be less than 1000.
-By default this is 0 which means rclone which calculate the batch size depending on the setting of batch_mode.
-
-- batch_mode: async - default batch_size is 100
-- batch_mode: sync - default batch_size is the same as --transfers
-- batch_mode: off - not in use
-
-Rclone will close any outstanding batches when it exits which may make a delay on quit.
-Setting this is a great idea if you are uploading lots of small files as it will make them a lot quicker. You can use --transfers 32 to maximise throughput.
-Properties:
-
-- Config: batch_size
-- Env Var: RCLONE_DROPBOX_BATCH_SIZE
-- Type: int
-- Default: 0
-
---dropbox-batch-timeout
-Max time to allow an idle upload batch before uploading.
-If an upload batch is idle for more than this long then it will be uploaded.
-The default for this is 0 which means rclone will choose a sensible default based on the batch_mode in use.
-
-- batch_mode: async - default batch_timeout is 500ms
-- batch_mode: sync - default batch_timeout is 10s
-- batch_mode: off - not in use
-
-Properties:
-
-- Config: batch_timeout
-- Env Var: RCLONE_DROPBOX_BATCH_TIMEOUT
-- Type: Duration
-- Default: 0s
-
---dropbox-batch-commit-timeout
-Max time to wait for a batch to finish committing
-Properties:
-
-- Config: batch_commit_timeout
-- Env Var: RCLONE_DROPBOX_BATCH_COMMIT_TIMEOUT
-- Type: Duration
-- Default: 10m0s
-
---dropbox-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_DROPBOX_ENCODING
-- Type: MultiEncoder
-- Default: Slash,BackSlash,Del,RightSpace,InvalidUtf8,Dot
-
-Limitations
-Note that Dropbox is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
-There are some file names such as thumbs.db
which Dropbox can't store. There is a full list of them in the "Ignored Files" section of this document. Rclone will issue an error message File name disallowed - not uploading
if it attempts to upload one of those file names, but the sync won't fail.
-Some errors may occur if you try to sync copyright-protected files because Dropbox has its own copyright detector that prevents this sort of file being downloaded. This will return the error ERROR : /path/to/your/file: Failed to copy: failed to open source object: path/restricted_content/.
-If you have more than 10,000 files in a directory then rclone purge dropbox:dir
will return the error Failed to purge: There are too many files involved in this operation
. As a work-around do an rclone delete dropbox:dir
followed by an rclone rmdir dropbox:dir
.
-When using rclone link
you'll need to set --expire
if using a non-personal account otherwise the visibility may not be correct. (Note that --expire
isn't supported on personal accounts). See the forum discussion and the dropbox SDK issue.
-Get your own Dropbox App ID
-When you use rclone with Dropbox in its default configuration you are using rclone's App ID. This is shared between all the rclone users.
-Here is how to create your own Dropbox App ID for rclone:
-
-Log into the Dropbox App console with your Dropbox Account (It need not to be the same account as the Dropbox you want to access)
-Choose an API => Usually this should be Dropbox API
-Choose the type of access you want to use => Full Dropbox
or App Folder
-Name your App. The app name is global, so you can't use rclone
for example
-Click the button Create App
-Switch to the Permissions
tab. Enable at least the following permissions: account_info.read
, files.metadata.write
, files.content.write
, files.content.read
, sharing.write
. The files.metadata.read
and sharing.read
checkboxes will be marked too. Click Submit
-Switch to the Settings
tab. Fill OAuth2 - Redirect URIs
as http://localhost:53682/
-Find the App key
and App secret
values on the Settings
tab. Use these values in rclone config to add a new remote or edit an existing remote. The App key
setting corresponds to client_id
in rclone config, the App secret
corresponds to client_secret
-
-Enterprise File Fabric
-This backend supports Storage Made Easy's Enterprise File Fabric™ which provides a software solution to integrate and unify File and Object Storage accessible through a global file system.
-Configuration
-The initial setup for the Enterprise File Fabric backend involves getting a token from the Enterprise File Fabric which you need to do in your browser. rclone config
walks you through it.
-Here is an example of how to make a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / Enterprise File Fabric
- \ "filefabric"
-[snip]
-Storage> filefabric
-** See help for filefabric backend at: https://rclone.org/filefabric/ **
-
-URL of the Enterprise File Fabric to connect to
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Storage Made Easy US
- \ "https://storagemadeeasy.com"
- 2 / Storage Made Easy EU
- \ "https://eu.storagemadeeasy.com"
- 3 / Connect to your Enterprise File Fabric
- \ "https://yourfabric.smestorage.com"
-url> https://yourfabric.smestorage.com/
-ID of the root folder
-Leave blank normally.
-
-Fill in to make rclone start with directory of a given ID.
-
-Enter a string value. Press Enter for the default ("").
-root_folder_id>
-Permanent Authentication Token
-
-A Permanent Authentication Token can be created in the Enterprise File
-Fabric, on the users Dashboard under Security, there is an entry
-you'll see called "My Authentication Tokens". Click the Manage button
-to create one.
-
-These tokens are normally valid for several years.
-
-For more info see: https://docs.storagemadeeasy.com/organisationcloud/api-tokens
-
-Enter a string value. Press Enter for the default ("").
-permanent_token> xxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx
-Edit advanced config? (y/n)
-y) Yes
-n) No (default)
-y/n> n
-Remote config
---------------------
-[remote]
-type = filefabric
-url = https://yourfabric.smestorage.com/
-permanent_token = xxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Once configured you can then use rclone
like this,
-List directories in top level of your Enterprise File Fabric
-rclone lsd remote:
-List all the files in your Enterprise File Fabric
-rclone ls remote:
-To copy a local directory to an Enterprise File Fabric directory called backup
-rclone copy /home/source remote:backup
-Modified time and hashes
-The Enterprise File Fabric allows modification times to be set on files accurate to 1 second. These will be used to detect whether objects need syncing or not.
-The Enterprise File Fabric does not support any data hashes at this time.
-Restricted filename characters
-The default restricted characters set will be replaced.
-Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Empty files
-Empty files aren't supported by the Enterprise File Fabric. Rclone will therefore upload an empty file as a single space with a mime type of application/vnd.rclone.empty.file
and files with that mime type are treated as empty.
-Root folder ID
-You can set the root_folder_id
for rclone. This is the directory (identified by its Folder ID
) that rclone considers to be the root of your Enterprise File Fabric.
-Normally you will leave this blank and rclone will determine the correct root to use itself.
-However you can set this to restrict rclone to a specific folder hierarchy.
-In order to do this you will have to find the Folder ID
of the directory you wish rclone to display. These aren't displayed in the web interface, but you can use rclone lsf
to find them, for example
-$ rclone lsf --dirs-only -Fip --csv filefabric:
-120673758,Burnt PDFs/
-120673759,My Quick Uploads/
-120673755,My Syncs/
-120673756,My backups/
-120673757,My contacts/
-120673761,S3 Storage/
-The ID for "S3 Storage" would be 120673761
.
-Standard options
-Here are the Standard options specific to filefabric (Enterprise File Fabric).
---filefabric-url
-URL of the Enterprise File Fabric to connect to.
-Properties:
-
-- Config: url
-- Env Var: RCLONE_FILEFABRIC_URL
-- Type: string
-- Required: true
-- Examples:
-
-- "https://storagemadeeasy.com"
-
-- Storage Made Easy US
-
-- "https://eu.storagemadeeasy.com"
-
-- Storage Made Easy EU
-
-- "https://yourfabric.smestorage.com"
-
-- Connect to your Enterprise File Fabric
-
-
-
---filefabric-root-folder-id
-ID of the root folder.
-Leave blank normally.
-Fill in to make rclone start with directory of a given ID.
-Properties:
-
-- Config: root_folder_id
-- Env Var: RCLONE_FILEFABRIC_ROOT_FOLDER_ID
-- Type: string
-- Required: false
-
---filefabric-permanent-token
-Permanent Authentication Token.
-A Permanent Authentication Token can be created in the Enterprise File Fabric, on the users Dashboard under Security, there is an entry you'll see called "My Authentication Tokens". Click the Manage button to create one.
-These tokens are normally valid for several years.
-For more info see: https://docs.storagemadeeasy.com/organisationcloud/api-tokens
-Properties:
-
-- Config: permanent_token
-- Env Var: RCLONE_FILEFABRIC_PERMANENT_TOKEN
-- Type: string
-- Required: false
-
-Advanced options
-Here are the Advanced options specific to filefabric (Enterprise File Fabric).
---filefabric-token
-Session Token.
-This is a session token which rclone caches in the config file. It is usually valid for 1 hour.
-Don't set this value - rclone will set it automatically.
-Properties:
-
-- Config: token
-- Env Var: RCLONE_FILEFABRIC_TOKEN
-- Type: string
-- Required: false
-
---filefabric-token-expiry
-Token expiry time.
-Don't set this value - rclone will set it automatically.
-Properties:
-
-- Config: token_expiry
-- Env Var: RCLONE_FILEFABRIC_TOKEN_EXPIRY
-- Type: string
-- Required: false
-
---filefabric-version
-Version read from the file fabric.
-Don't set this value - rclone will set it automatically.
-Properties:
-
-- Config: version
-- Env Var: RCLONE_FILEFABRIC_VERSION
-- Type: string
-- Required: false
-
---filefabric-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_FILEFABRIC_ENCODING
-- Type: MultiEncoder
-- Default: Slash,Del,Ctl,InvalidUtf8,Dot
-
-FTP
-FTP is the File Transfer Protocol. Rclone FTP support is provided using the github.com/jlaffaye/ftp package.
-Limitations of Rclone's FTP backend
-Paths are specified as remote:path
. If the path does not begin with a /
it is relative to the home directory of the user. An empty path remote:
refers to the user's home directory.
-Configuration
-To create an FTP configuration named remote
, run
-rclone config
-Rclone config guides you through an interactive setup process. A minimal rclone FTP remote definition only requires host, username and password. For an anonymous FTP server, see below.
-No remotes found, make a new one?
-n) New remote
-r) Rename remote
-c) Copy remote
-s) Set configuration password
-q) Quit config
-n/r/c/s/q> n
-name> remote
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / FTP
- \ "ftp"
-[snip]
-Storage> ftp
-** See help for ftp backend at: https://rclone.org/ftp/ **
-
-FTP host to connect to
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Connect to ftp.example.com
- \ "ftp.example.com"
-host> ftp.example.com
-FTP username
-Enter a string value. Press Enter for the default ("$USER").
-user>
-FTP port number
-Enter a signed integer. Press Enter for the default (21).
-port>
-FTP password
-y) Yes type in my own password
-g) Generate random password
-y/g> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Use FTP over TLS (Implicit)
-Enter a boolean value (true or false). Press Enter for the default ("false").
-tls>
-Use FTP over TLS (Explicit)
-Enter a boolean value (true or false). Press Enter for the default ("false").
-explicit_tls>
-Remote config
---------------------
-[remote]
-type = ftp
-host = ftp.example.com
-pass = *** ENCRYPTED ***
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-To see all directories in the home directory of remote
-rclone lsd remote:
-Make a new directory
-rclone mkdir remote:path/to/directory
-List the contents of a directory
-rclone ls remote:path/to/directory
-Sync /home/local/directory
to the remote directory, deleting any excess files in the directory.
-rclone sync --interactive /home/local/directory remote:directory
-Anonymous FTP
-When connecting to a FTP server that allows anonymous login, you can use the special "anonymous" username. Traditionally, this user account accepts any string as a password, although it is common to use either the password "anonymous" or "guest". Some servers require the use of a valid e-mail address as password.
-Using on-the-fly or connection string remotes makes it easy to access such servers, without requiring any configuration in advance. The following are examples of that:
-rclone lsf :ftp: --ftp-host=speedtest.tele2.net --ftp-user=anonymous --ftp-pass=$(rclone obscure dummy)
-rclone lsf :ftp,host=speedtest.tele2.net,user=anonymous,pass=$(rclone obscure dummy):
-The above examples work in Linux shells and in PowerShell, but not Windows Command Prompt. They execute the rclone obscure command to create a password string in the format required by the pass option. The following examples are exactly the same, except use an already obscured string representation of the same password "dummy", and therefore works even in Windows Command Prompt:
-rclone lsf :ftp: --ftp-host=speedtest.tele2.net --ftp-user=anonymous --ftp-pass=IXs2wc8OJOz7SYLBk47Ji1rHTmxM
-rclone lsf :ftp,host=speedtest.tele2.net,user=anonymous,pass=IXs2wc8OJOz7SYLBk47Ji1rHTmxM:
-Implicit TLS
-Rlone FTP supports implicit FTP over TLS servers (FTPS). This has to be enabled in the FTP backend config for the remote, or with --ftp-tls
. The default FTPS port is 990
, not 21
and can be set with --ftp-port
.
-Restricted filename characters
-In addition to the default restricted characters set the following characters are also replaced:
-File names cannot end with the following characters. Replacement is limited to the last character in a file name:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-SP
-0x20
-␠
-
-
-
-Not all FTP servers can have all characters in file names, for example:
-
-
-
-FTP Server
-Forbidden characters
-
-
-
-
-proftpd
-*
-
-
-pureftpd
-\ [ ]
-
-
-
-This backend's interactive configuration wizard provides a selection of sensible encoding settings for major FTP servers: ProFTPd, PureFTPd, VsFTPd. Just hit a selection number when prompted.
-Standard options
-Here are the Standard options specific to ftp (FTP).
---ftp-host
-FTP host to connect to.
-E.g. "ftp.example.com".
-Properties:
-
-- Config: host
-- Env Var: RCLONE_FTP_HOST
-- Type: string
-- Required: true
-
---ftp-user
-FTP username.
-Properties:
-
-- Config: user
-- Env Var: RCLONE_FTP_USER
-- Type: string
-- Default: "$USER"
-
---ftp-port
-FTP port number.
-Properties:
-
-- Config: port
-- Env Var: RCLONE_FTP_PORT
-- Type: int
-- Default: 21
-
---ftp-pass
-FTP password.
-NB Input to this must be obscured - see rclone obscure.
-Properties:
-
-- Config: pass
-- Env Var: RCLONE_FTP_PASS
-- Type: string
-- Required: false
-
---ftp-tls
-Use Implicit FTPS (FTP over TLS).
-When using implicit FTP over TLS the client connects using TLS right from the start which breaks compatibility with non-TLS-aware servers. This is usually served over port 990 rather than port 21. Cannot be used in combination with explicit FTPS.
-Properties:
-
-- Config: tls
-- Env Var: RCLONE_FTP_TLS
-- Type: bool
-- Default: false
-
---ftp-explicit-tls
-Use Explicit FTPS (FTP over TLS).
-When using explicit FTP over TLS the client explicitly requests security from the server in order to upgrade a plain text connection to an encrypted one. Cannot be used in combination with implicit FTPS.
-Properties:
-
-- Config: explicit_tls
-- Env Var: RCLONE_FTP_EXPLICIT_TLS
-- Type: bool
-- Default: false
-
-Advanced options
-Here are the Advanced options specific to ftp (FTP).
---ftp-concurrency
-Maximum number of FTP simultaneous connections, 0 for unlimited.
-Note that setting this is very likely to cause deadlocks so it should be used with care.
-If you are doing a sync or copy then make sure concurrency is one more than the sum of --transfers
and --checkers
.
-If you use --check-first
then it just needs to be one more than the maximum of --checkers
and --transfers
.
-So for concurrency 3
you'd use --checkers 2 --transfers 2 --check-first
or --checkers 1 --transfers 1
.
-Properties:
-
-- Config: concurrency
-- Env Var: RCLONE_FTP_CONCURRENCY
-- Type: int
-- Default: 0
-
---ftp-no-check-certificate
-Do not verify the TLS certificate of the server.
-Properties:
-
-- Config: no_check_certificate
-- Env Var: RCLONE_FTP_NO_CHECK_CERTIFICATE
-- Type: bool
-- Default: false
-
---ftp-disable-epsv
-Disable using EPSV even if server advertises support.
-Properties:
-
-- Config: disable_epsv
-- Env Var: RCLONE_FTP_DISABLE_EPSV
-- Type: bool
-- Default: false
-
---ftp-disable-mlsd
-Disable using MLSD even if server advertises support.
-Properties:
-
-- Config: disable_mlsd
-- Env Var: RCLONE_FTP_DISABLE_MLSD
-- Type: bool
-- Default: false
-
---ftp-disable-utf8
-Disable using UTF-8 even if server advertises support.
-Properties:
-
-- Config: disable_utf8
-- Env Var: RCLONE_FTP_DISABLE_UTF8
-- Type: bool
-- Default: false
-
---ftp-writing-mdtm
-Use MDTM to set modification time (VsFtpd quirk)
-Properties:
-
-- Config: writing_mdtm
-- Env Var: RCLONE_FTP_WRITING_MDTM
-- Type: bool
-- Default: false
-
---ftp-force-list-hidden
-Use LIST -a to force listing of hidden files and folders. This will disable the use of MLSD.
-Properties:
-
-- Config: force_list_hidden
-- Env Var: RCLONE_FTP_FORCE_LIST_HIDDEN
-- Type: bool
-- Default: false
-
---ftp-idle-timeout
-Max time before closing idle connections.
-If no connections have been returned to the connection pool in the time given, rclone will empty the connection pool.
-Set to 0 to keep connections indefinitely.
-Properties:
-
-- Config: idle_timeout
-- Env Var: RCLONE_FTP_IDLE_TIMEOUT
-- Type: Duration
-- Default: 1m0s
-
---ftp-close-timeout
-Maximum time to wait for a response to close.
-Properties:
-
-- Config: close_timeout
-- Env Var: RCLONE_FTP_CLOSE_TIMEOUT
-- Type: Duration
-- Default: 1m0s
-
---ftp-tls-cache-size
-Size of TLS session cache for all control and data connections.
-TLS cache allows to resume TLS sessions and reuse PSK between connections. Increase if default size is not enough resulting in TLS resumption errors. Enabled by default. Use 0 to disable.
-Properties:
-
-- Config: tls_cache_size
-- Env Var: RCLONE_FTP_TLS_CACHE_SIZE
-- Type: int
-- Default: 32
-
---ftp-disable-tls13
-Disable TLS 1.3 (workaround for FTP servers with buggy TLS)
-Properties:
-
-- Config: disable_tls13
-- Env Var: RCLONE_FTP_DISABLE_TLS13
-- Type: bool
-- Default: false
-
---ftp-shut-timeout
-Maximum time to wait for data connection closing status.
-Properties:
-
-- Config: shut_timeout
-- Env Var: RCLONE_FTP_SHUT_TIMEOUT
-- Type: Duration
-- Default: 1m0s
-
---ftp-ask-password
-Allow asking for FTP password when needed.
-If this is set and no password is supplied then rclone will ask for a password
-Properties:
-
-- Config: ask_password
-- Env Var: RCLONE_FTP_ASK_PASSWORD
-- Type: bool
-- Default: false
-
---ftp-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_FTP_ENCODING
-- Type: MultiEncoder
-- Default: Slash,Del,Ctl,RightSpace,Dot
-- Examples:
-
-- "Asterisk,Ctl,Dot,Slash"
-
-- ProFTPd can't handle '*' in file names
-
-- "BackSlash,Ctl,Del,Dot,RightSpace,Slash,SquareBracket"
-
-- PureFTPd can't handle '[]' or '*' in file names
-
-- "Ctl,LeftPeriod,Slash"
-
-- VsFTPd can't handle file names starting with dot
-
-
-
-Limitations
-FTP servers acting as rclone remotes must support passive
mode. The mode cannot be configured as passive
is the only supported one. Rclone's FTP implementation is not compatible with active
mode as the library it uses doesn't support it. This will likely never be supported due to security concerns.
-Rclone's FTP backend does not support any checksums but can compare file sizes.
-rclone about
is not supported by the FTP backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs
(most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about and rclone about
-The implementation of : --dump headers
, --dump bodies
, --dump auth
for debugging isn't the same as for rclone HTTP based backends - it has less fine grained control.
---timeout
isn't supported (but --contimeout
is).
---bind
isn't supported.
-Rclone's FTP backend could support server-side move but does not at present.
-The ftp_proxy
environment variable is not currently supported.
-Modified time
-File modification time (timestamps) is supported to 1 second resolution for major FTP servers: ProFTPd, PureFTPd, VsFTPd, and FileZilla FTP server. The VsFTPd
server has non-standard implementation of time related protocol commands and needs a special configuration setting: writing_mdtm = true
.
-Support for precise file time with other FTP servers varies depending on what protocol extensions they advertise. If all the MLSD
, MDTM
and MFTM
extensions are present, rclone will use them together to provide precise time. Otherwise the times you see on the FTP server through rclone are those of the last file upload.
-You can use the following command to check whether rclone can use precise time with your FTP server: rclone backend features your_ftp_remote:
(the trailing colon is important). Look for the number in the line tagged by Precision
designating the remote time precision expressed as nanoseconds. A value of 1000000000
means that file time precision of 1 second is available. A value of 3153600000000000000
(or another large number) means "unsupported".
-Google Cloud Storage
-Paths are specified as remote:bucket
(or remote:
for the lsd
command.) You may put subdirectories in too, e.g. remote:bucket/path/to/dir
.
-Configuration
-The initial setup for google cloud storage involves getting a token from Google Cloud Storage which you need to do in your browser. rclone config
walks you through it.
-Here is an example of how to make a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-n) New remote
-d) Delete remote
-q) Quit config
-e/n/d/q> n
-name> remote
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Google Cloud Storage (this is not Google Drive)
- \ "google cloud storage"
-[snip]
-Storage> google cloud storage
-Google Application Client Id - leave blank normally.
-client_id>
-Google Application Client Secret - leave blank normally.
-client_secret>
-Project number optional - needed only for list/create/delete buckets - see your developer console.
-project_number> 12345678
-Service Account Credentials JSON file path - needed only if you want use SA instead of interactive login.
-service_account_file>
-Access Control List for new objects.
-Choose a number from below, or type in your own value
- 1 / Object owner gets OWNER access, and all Authenticated Users get READER access.
- \ "authenticatedRead"
- 2 / Object owner gets OWNER access, and project team owners get OWNER access.
- \ "bucketOwnerFullControl"
- 3 / Object owner gets OWNER access, and project team owners get READER access.
- \ "bucketOwnerRead"
- 4 / Object owner gets OWNER access [default if left blank].
- \ "private"
- 5 / Object owner gets OWNER access, and project team members get access according to their roles.
- \ "projectPrivate"
- 6 / Object owner gets OWNER access, and all Users get READER access.
- \ "publicRead"
-object_acl> 4
-Access Control List for new buckets.
-Choose a number from below, or type in your own value
- 1 / Project team owners get OWNER access, and all Authenticated Users get READER access.
- \ "authenticatedRead"
- 2 / Project team owners get OWNER access [default if left blank].
- \ "private"
- 3 / Project team members get access according to their roles.
- \ "projectPrivate"
- 4 / Project team owners get OWNER access, and all Users get READER access.
- \ "publicRead"
- 5 / Project team owners get OWNER access, and all Users get WRITER access.
- \ "publicReadWrite"
-bucket_acl> 2
-Location for the newly created buckets.
-Choose a number from below, or type in your own value
- 1 / Empty for default location (US).
- \ ""
- 2 / Multi-regional location for Asia.
- \ "asia"
- 3 / Multi-regional location for Europe.
- \ "eu"
- 4 / Multi-regional location for United States.
- \ "us"
- 5 / Taiwan.
- \ "asia-east1"
- 6 / Tokyo.
- \ "asia-northeast1"
- 7 / Singapore.
- \ "asia-southeast1"
- 8 / Sydney.
- \ "australia-southeast1"
- 9 / Belgium.
- \ "europe-west1"
-10 / London.
- \ "europe-west2"
-11 / Iowa.
- \ "us-central1"
-12 / South Carolina.
- \ "us-east1"
-13 / Northern Virginia.
- \ "us-east4"
-14 / Oregon.
- \ "us-west1"
-location> 12
-The storage class to use when storing objects in Google Cloud Storage.
-Choose a number from below, or type in your own value
- 1 / Default
- \ ""
- 2 / Multi-regional storage class
- \ "MULTI_REGIONAL"
- 3 / Regional storage class
- \ "REGIONAL"
- 4 / Nearline storage class
- \ "NEARLINE"
- 5 / Coldline storage class
- \ "COLDLINE"
- 6 / Durable reduced availability storage class
- \ "DURABLE_REDUCED_AVAILABILITY"
-storage_class> 5
-Remote config
-Use web browser to automatically authenticate rclone with remote?
- * Say Y if the machine running rclone has a web browser you can use
- * Say N if running rclone on a (remote) machine without web browser access
-If not sure try Y. If Y failed, try N.
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
---------------------
-[remote]
-type = google cloud storage
-client_id =
-client_secret =
-token = {"AccessToken":"xxxx.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","RefreshToken":"x/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx_xxxxxxxxx","Expiry":"2014-07-17T20:49:14.929208288+01:00","Extra":null}
-project_number = 12345678
-object_acl = private
-bucket_acl = private
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-See the remote setup docs for how to set it up on a machine with no Internet browser available.
-Note that rclone runs a webserver on your local machine to collect the token as returned from Google if using web browser to automatically authenticate. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/
and this it may require you to unblock it temporarily if you are running a host firewall, or use manual mode.
-This remote is called remote
and can now be used like this
-See all the buckets in your project
-rclone lsd remote:
-Make a new bucket
-rclone mkdir remote:bucket
-List the contents of a bucket
-rclone ls remote:bucket
-Sync /home/local/directory
to the remote bucket, deleting any excess files in the bucket.
-rclone sync --interactive /home/local/directory remote:bucket
-Service Account support
-You can set up rclone with Google Cloud Storage in an unattended mode, i.e. not tied to a specific end-user Google account. This is useful when you want to synchronise files onto machines that don't have actively logged-in users, for example build machines.
-To get credentials for Google Cloud Platform IAM Service Accounts, please head to the Service Account section of the Google Developer Console. Service Accounts behave just like normal User
permissions in Google Cloud Storage ACLs, so you can limit their access (e.g. make them read only). After creating an account, a JSON file containing the Service Account's credentials will be downloaded onto your machines. These credentials are what rclone will use for authentication.
-To use a Service Account instead of OAuth2 token flow, enter the path to your Service Account credentials at the service_account_file
prompt and rclone won't use the browser based authentication flow. If you'd rather stuff the contents of the credentials file into the rclone config file, you can set service_account_credentials
with the actual contents of the file instead, or set the equivalent environment variable.
-Anonymous Access
-For downloads of objects that permit public access you can configure rclone to use anonymous access by setting anonymous
to true
. With unauthorized access you can't write or create files but only read or list those buckets and objects that have public read access.
-Application Default Credentials
-If no other source of credentials is provided, rclone will fall back to Application Default Credentials this is useful both when you already have configured authentication for your developer account, or in production when running on a google compute host. Note that if running in docker, you may need to run additional commands on your google compute machine - see this page.
-Note that in the case application default credentials are used, there is no need to explicitly configure a project number.
---fast-list
-This remote supports --fast-list
which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
-Custom upload headers
-You can set custom upload headers with the --header-upload
flag. Google Cloud Storage supports the headers as described in the working with metadata documentation
-
-- Cache-Control
-- Content-Disposition
-- Content-Encoding
-- Content-Language
-- Content-Type
-- X-Goog-Storage-Class
-- X-Goog-Meta-
-
-Eg --header-upload "Content-Type text/potato"
-Note that the last of these is for setting custom metadata in the form --header-upload "x-goog-meta-key: value"
-Modification time
-Google Cloud Storage stores md5sum natively. Google's gsutil tool stores modification time with one-second precision as goog-reserved-file-mtime
in file metadata.
-To ensure compatibility with gsutil, rclone stores modification time in 2 separate metadata entries. mtime
uses RFC3339 format with one-nanosecond precision. goog-reserved-file-mtime
uses Unix timestamp format with one-second precision. To get modification time from object metadata, rclone reads the metadata in the following order: mtime
, goog-reserved-file-mtime
, object updated time.
-Note that rclone's default modify window is 1ns. Files uploaded by gsutil only contain timestamps with one-second precision. If you use rclone to sync files previously uploaded by gsutil, rclone will attempt to update modification time for all these files. To avoid these possibly unnecessary updates, use --modify-window 1s
.
-Restricted filename characters
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-NUL
-0x00
-␀
-
-
-LF
-0x0A
-␊
-
-
-CR
-0x0D
-␍
-
-
-/
-0x2F
-/
-
-
-
-Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Standard options
-Here are the Standard options specific to google cloud storage (Google Cloud Storage (this is not Google Drive)).
---gcs-client-id
-OAuth Client Id.
-Leave blank normally.
-Properties:
-
-- Config: client_id
-- Env Var: RCLONE_GCS_CLIENT_ID
-- Type: string
-- Required: false
-
---gcs-client-secret
-OAuth Client Secret.
-Leave blank normally.
-Properties:
-
-- Config: client_secret
-- Env Var: RCLONE_GCS_CLIENT_SECRET
-- Type: string
-- Required: false
-
---gcs-project-number
-Project number.
-Optional - needed only for list/create/delete buckets - see your developer console.
-Properties:
-
-- Config: project_number
-- Env Var: RCLONE_GCS_PROJECT_NUMBER
-- Type: string
-- Required: false
-
---gcs-service-account-file
-Service Account Credentials JSON file path.
-Leave blank normally. Needed only if you want use SA instead of interactive login.
-Leading ~
will be expanded in the file name as will environment variables such as ${RCLONE_CONFIG_DIR}
.
-Properties:
-
-- Config: service_account_file
-- Env Var: RCLONE_GCS_SERVICE_ACCOUNT_FILE
-- Type: string
-- Required: false
-
---gcs-service-account-credentials
-Service Account Credentials JSON blob.
-Leave blank normally. Needed only if you want use SA instead of interactive login.
-Properties:
-
-- Config: service_account_credentials
-- Env Var: RCLONE_GCS_SERVICE_ACCOUNT_CREDENTIALS
-- Type: string
-- Required: false
-
---gcs-anonymous
-Access public buckets and objects without credentials.
-Set to 'true' if you just want to download files and don't configure credentials.
-Properties:
-
-- Config: anonymous
-- Env Var: RCLONE_GCS_ANONYMOUS
-- Type: bool
-- Default: false
-
---gcs-object-acl
-Access Control List for new objects.
-Properties:
-
-- Config: object_acl
-- Env Var: RCLONE_GCS_OBJECT_ACL
-- Type: string
-- Required: false
-- Examples:
-
-- "authenticatedRead"
-
-- Object owner gets OWNER access.
-- All Authenticated Users get READER access.
-
-- "bucketOwnerFullControl"
-
-- Object owner gets OWNER access.
-- Project team owners get OWNER access.
-
-- "bucketOwnerRead"
-
-- Object owner gets OWNER access.
-- Project team owners get READER access.
-
-- "private"
-
-- Object owner gets OWNER access.
-- Default if left blank.
-
-- "projectPrivate"
-
-- Object owner gets OWNER access.
-- Project team members get access according to their roles.
-
-- "publicRead"
-
-- Object owner gets OWNER access.
-- All Users get READER access.
-
-
-
---gcs-bucket-acl
-Access Control List for new buckets.
-Properties:
-
-- Config: bucket_acl
-- Env Var: RCLONE_GCS_BUCKET_ACL
-- Type: string
-- Required: false
-- Examples:
-
-- "authenticatedRead"
-
-- Project team owners get OWNER access.
-- All Authenticated Users get READER access.
-
-- "private"
-
-- Project team owners get OWNER access.
-- Default if left blank.
-
-- "projectPrivate"
-
-- Project team members get access according to their roles.
-
-- "publicRead"
-
-- Project team owners get OWNER access.
-- All Users get READER access.
-
-- "publicReadWrite"
-
-- Project team owners get OWNER access.
-- All Users get WRITER access.
-
-
-
---gcs-bucket-policy-only
-Access checks should use bucket-level IAM policies.
-If you want to upload objects to a bucket with Bucket Policy Only set then you will need to set this.
-When it is set, rclone:
-
-- ignores ACLs set on buckets
-- ignores ACLs set on objects
-- creates buckets with Bucket Policy Only set
-
-Docs: https://cloud.google.com/storage/docs/bucket-policy-only
-Properties:
-
-- Config: bucket_policy_only
-- Env Var: RCLONE_GCS_BUCKET_POLICY_ONLY
-- Type: bool
-- Default: false
-
---gcs-location
-Location for the newly created buckets.
-Properties:
-
-- Config: location
-- Env Var: RCLONE_GCS_LOCATION
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- Empty for default location (US)
-
-- "asia"
-
-- Multi-regional location for Asia
-
-- "eu"
-
-- Multi-regional location for Europe
-
-- "us"
-
-- Multi-regional location for United States
-
-- "asia-east1"
-
-- Taiwan
-
-- "asia-east2"
-
-- Hong Kong
-
-- "asia-northeast1"
-
-- Tokyo
-
-- "asia-northeast2"
-
-- Osaka
-
-- "asia-northeast3"
-
-- Seoul
-
-- "asia-south1"
-
-- Mumbai
-
-- "asia-south2"
-
-- Delhi
-
-- "asia-southeast1"
-
-- Singapore
-
-- "asia-southeast2"
-
-- Jakarta
-
-- "australia-southeast1"
-
-- Sydney
-
-- "australia-southeast2"
-
-- Melbourne
-
-- "europe-north1"
-
-- Finland
-
-- "europe-west1"
-
-- Belgium
-
-- "europe-west2"
-
-- London
-
-- "europe-west3"
-
-- Frankfurt
-
-- "europe-west4"
-
-- Netherlands
-
-- "europe-west6"
-
-- Zürich
-
-- "europe-central2"
-
-- Warsaw
-
-- "us-central1"
-
-- Iowa
-
-- "us-east1"
-
-- South Carolina
-
-- "us-east4"
-
-- Northern Virginia
-
-- "us-west1"
-
-- Oregon
-
-- "us-west2"
-
-- California
-
-- "us-west3"
-
-- Salt Lake City
-
-- "us-west4"
-
-- Las Vegas
-
-- "northamerica-northeast1"
-
-- Montréal
-
-- "northamerica-northeast2"
-
-- Toronto
-
-- "southamerica-east1"
-
-- São Paulo
-
-- "southamerica-west1"
-
-- Santiago
-
-- "asia1"
-
-- Dual region: asia-northeast1 and asia-northeast2.
-
-- "eur4"
-
-- Dual region: europe-north1 and europe-west4.
-
-- "nam4"
-
-- Dual region: us-central1 and us-east1.
-
-
-
---gcs-storage-class
-The storage class to use when storing objects in Google Cloud Storage.
-Properties:
-
-- Config: storage_class
-- Env Var: RCLONE_GCS_STORAGE_CLASS
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- Default
-
-- "MULTI_REGIONAL"
-
-- Multi-regional storage class
-
-- "REGIONAL"
-
-- Regional storage class
-
-- "NEARLINE"
-
-- Nearline storage class
-
-- "COLDLINE"
-
-- Coldline storage class
-
-- "ARCHIVE"
-
-- Archive storage class
-
-- "DURABLE_REDUCED_AVAILABILITY"
-
-- Durable reduced availability storage class
-
-
-
---gcs-env-auth
-Get GCP IAM credentials from runtime (environment variables or instance meta data if no env vars).
-Only applies if service_account_file and service_account_credentials is blank.
-Properties:
-
-- Config: env_auth
-- Env Var: RCLONE_GCS_ENV_AUTH
-- Type: bool
-- Default: false
-- Examples:
-
-- "false"
-
-- Enter credentials in the next step.
-
-- "true"
-
-- Get GCP IAM credentials from the environment (env vars or IAM).
-
-
-
-Advanced options
-Here are the Advanced options specific to google cloud storage (Google Cloud Storage (this is not Google Drive)).
---gcs-token
-OAuth Access Token as a JSON blob.
-Properties:
-
-- Config: token
-- Env Var: RCLONE_GCS_TOKEN
-- Type: string
-- Required: false
-
---gcs-auth-url
-Auth server URL.
-Leave blank to use the provider defaults.
-Properties:
-
-- Config: auth_url
-- Env Var: RCLONE_GCS_AUTH_URL
-- Type: string
-- Required: false
-
---gcs-token-url
-Token server url.
-Leave blank to use the provider defaults.
-Properties:
-
-- Config: token_url
-- Env Var: RCLONE_GCS_TOKEN_URL
-- Type: string
-- Required: false
-
---gcs-no-check-bucket
-If set, don't attempt to check the bucket exists or create it.
-This can be useful when trying to minimise the number of transactions rclone does if you know the bucket exists already.
-Properties:
-
-- Config: no_check_bucket
-- Env Var: RCLONE_GCS_NO_CHECK_BUCKET
-- Type: bool
-- Default: false
-
---gcs-decompress
-If set this will decompress gzip encoded objects.
-It is possible to upload objects to GCS with "Content-Encoding: gzip" set. Normally rclone will download these files as compressed objects.
-If this flag is set then rclone will decompress these files with "Content-Encoding: gzip" as they are received. This means that rclone can't check the size and hash but the file contents will be decompressed.
-Properties:
-
-- Config: decompress
-- Env Var: RCLONE_GCS_DECOMPRESS
-- Type: bool
-- Default: false
-
---gcs-endpoint
-Endpoint for the service.
-Leave blank normally.
-Properties:
-
-- Config: endpoint
-- Env Var: RCLONE_GCS_ENDPOINT
-- Type: string
-- Required: false
-
---gcs-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_GCS_ENCODING
-- Type: MultiEncoder
-- Default: Slash,CrLf,InvalidUtf8,Dot
-
-Limitations
-rclone about
is not supported by the Google Cloud Storage backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs
(most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about and rclone about
-Google Drive
-Paths are specified as drive:path
-Drive paths may be as deep as required, e.g. drive:directory/subdirectory
.
-Configuration
-The initial setup for drive involves getting a token from Google drive which you need to do in your browser. rclone config
walks you through it.
-Here is an example of how to make a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-r) Rename remote
-c) Copy remote
-s) Set configuration password
-q) Quit config
-n/r/c/s/q> n
-name> remote
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Google Drive
- \ "drive"
-[snip]
-Storage> drive
-Google Application Client Id - leave blank normally.
-client_id>
-Google Application Client Secret - leave blank normally.
-client_secret>
-Scope that rclone should use when requesting access from drive.
-Choose a number from below, or type in your own value
- 1 / Full access all files, excluding Application Data Folder.
- \ "drive"
- 2 / Read-only access to file metadata and file contents.
- \ "drive.readonly"
- / Access to files created by rclone only.
- 3 | These are visible in the drive website.
- | File authorization is revoked when the user deauthorizes the app.
- \ "drive.file"
- / Allows read and write access to the Application Data folder.
- 4 | This is not visible in the drive website.
- \ "drive.appfolder"
- / Allows read-only access to file metadata but
- 5 | does not allow any access to read or download file content.
- \ "drive.metadata.readonly"
-scope> 1
-Service Account Credentials JSON file path - needed only if you want use SA instead of interactive login.
-service_account_file>
-Remote config
-Use web browser to automatically authenticate rclone with remote?
- * Say Y if the machine running rclone has a web browser you can use
- * Say N if running rclone on a (remote) machine without web browser access
-If not sure try Y. If Y failed, try N.
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
-Configure this as a Shared Drive (Team Drive)?
-y) Yes
-n) No
-y/n> n
---------------------
-[remote]
-client_id =
-client_secret =
-scope = drive
-root_folder_id =
-service_account_file =
-token = {"access_token":"XXX","token_type":"Bearer","refresh_token":"XXX","expiry":"2014-03-16T13:57:58.955387075Z"}
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-See the remote setup docs for how to set it up on a machine with no Internet browser available.
-Note that rclone runs a webserver on your local machine to collect the token as returned from Google if using web browser to automatically authenticate. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/
and it may require you to unblock it temporarily if you are running a host firewall, or use manual mode.
-You can then use it like this,
-List directories in top level of your drive
-rclone lsd remote:
-List all the files in your drive
-rclone ls remote:
-To copy a local directory to a drive directory called backup
-rclone copy /home/source remote:backup
-Scopes
-Rclone allows you to select which scope you would like for rclone to use. This changes what type of token is granted to rclone. The scopes are defined here.
-The scope are
-drive
-This is the default scope and allows full access to all files, except for the Application Data Folder (see below).
-Choose this one if you aren't sure.
-drive.readonly
-This allows read only access to all files. Files may be listed and downloaded but not uploaded, renamed or deleted.
-drive.file
-With this scope rclone can read/view/modify only those files and folders it creates.
-So if you uploaded files to drive via the web interface (or any other means) they will not be visible to rclone.
-This can be useful if you are using rclone to backup data and you want to be sure confidential data on your drive is not visible to rclone.
-Files created with this scope are visible in the web interface.
-drive.appfolder
-This gives rclone its own private area to store files. Rclone will not be able to see any other files on your drive and you won't be able to see rclone's files from the web interface either.
-drive.metadata.readonly
-This allows read only access to file names only. It does not allow rclone to download or upload data, or rename or delete files or directories.
-Root folder ID
-This option has been moved to the advanced section. You can set the root_folder_id
for rclone. This is the directory (identified by its Folder ID
) that rclone considers to be the root of your drive.
-Normally you will leave this blank and rclone will determine the correct root to use itself.
-However you can set this to restrict rclone to a specific folder hierarchy or to access data within the "Computers" tab on the drive web interface (where files from Google's Backup and Sync desktop program go).
-In order to do this you will have to find the Folder ID
of the directory you wish rclone to display. This will be the last segment of the URL when you open the relevant folder in the drive web interface.
-So if the folder you want rclone to use has a URL which looks like https://drive.google.com/drive/folders/1XyfxxxxxxxxxxxxxxxxxxxxxxxxxKHCh
in the browser, then you use 1XyfxxxxxxxxxxxxxxxxxxxxxxxxxKHCh
as the root_folder_id
in the config.
-NB folders under the "Computers" tab seem to be read only (drive gives a 500 error) when using rclone.
-There doesn't appear to be an API to discover the folder IDs of the "Computers" tab - please contact us if you know otherwise!
-Note also that rclone can't access any data under the "Backups" tab on the google drive web interface yet.
-Service Account support
-You can set up rclone with Google Drive in an unattended mode, i.e. not tied to a specific end-user Google account. This is useful when you want to synchronise files onto machines that don't have actively logged-in users, for example build machines.
-To use a Service Account instead of OAuth2 token flow, enter the path to your Service Account credentials at the service_account_file
prompt during rclone config
and rclone won't use the browser based authentication flow. If you'd rather stuff the contents of the credentials file into the rclone config file, you can set service_account_credentials
with the actual contents of the file instead, or set the equivalent environment variable.
-Use case - Google Apps/G-suite account and individual Drive
-Let's say that you are the administrator of a Google Apps (old) or G-suite account. The goal is to store data on an individual's Drive account, who IS a member of the domain. We'll call the domain example.com, and the user foo@example.com.
-There's a few steps we need to go through to accomplish this:
-1. Create a service account for example.com
-
-- To create a service account and obtain its credentials, go to the Google Developer Console.
-- You must have a project - create one if you don't.
-- Then go to "IAM & admin" -> "Service Accounts".
-- Use the "Create Credentials" button. Fill in "Service account name" with something that identifies your client. "Role" can be empty.
-- Tick "Furnish a new private key" - select "Key type JSON".
-- Tick "Enable G Suite Domain-wide Delegation". This option makes "impersonation" possible, as documented here: Delegating domain-wide authority to the service account
-- These credentials are what rclone will use for authentication. If you ever need to remove access, press the "Delete service account key" button.
-
-2. Allowing API access to example.com Google Drive
-
-- Go to example.com's admin console
-- Go into "Security" (or use the search bar)
-- Select "Show more" and then "Advanced settings"
-- Select "Manage API client access" in the "Authentication" section
-- In the "Client Name" field enter the service account's "Client ID" - this can be found in the Developer Console under "IAM & Admin" -> "Service Accounts", then "View Client ID" for the newly created service account. It is a ~21 character numerical string.
-- In the next field, "One or More API Scopes", enter
https://www.googleapis.com/auth/drive
to grant access to Google Drive specifically.
-
-3. Configure rclone, assuming a new install
-rclone config
-
-n/s/q> n # New
-name>gdrive # Gdrive is an example name
-Storage> # Select the number shown for Google Drive
-client_id> # Can be left blank
-client_secret> # Can be left blank
-scope> # Select your scope, 1 for example
-root_folder_id> # Can be left blank
-service_account_file> /home/foo/myJSONfile.json # This is where the JSON file goes!
-y/n> # Auto config, n
-
-4. Verify that it's working
-
-rclone -v --drive-impersonate foo@example.com lsf gdrive:backup
-- The arguments do:
-
--v
- verbose logging
---drive-impersonate foo@example.com
- this is what does the magic, pretending to be user foo.
-lsf
- list files in a parsing friendly way
-gdrive:backup
- use the remote called gdrive, work in the folder named backup.
-
-
-Note: in case you configured a specific root folder on gdrive and rclone is unable to access the contents of that folder when using --drive-impersonate
, do this instead: - in the gdrive web interface, share your root folder with the user/email of the new Service Account you created/selected at step #1 - use rclone without specifying the --drive-impersonate
option, like this: rclone -v lsf gdrive:backup
-Shared drives (team drives)
-If you want to configure the remote to point to a Google Shared Drive (previously known as Team Drives) then answer y
to the question Configure this as a Shared Drive (Team Drive)?
.
-This will fetch the list of Shared Drives from google and allow you to configure which one you want to use. You can also type in a Shared Drive ID if you prefer.
-For example:
-Configure this as a Shared Drive (Team Drive)?
-y) Yes
-n) No
-y/n> y
-Fetching Shared Drive list...
-Choose a number from below, or type in your own value
- 1 / Rclone Test
- \ "xxxxxxxxxxxxxxxxxxxx"
- 2 / Rclone Test 2
- \ "yyyyyyyyyyyyyyyyyyyy"
- 3 / Rclone Test 3
- \ "zzzzzzzzzzzzzzzzzzzz"
-Enter a Shared Drive ID> 1
---------------------
-[remote]
-client_id =
-client_secret =
-token = {"AccessToken":"xxxx.x.xxxxx_xxxxxxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","RefreshToken":"1/xxxxxxxxxxxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxx","Expiry":"2014-03-16T13:57:58.955387075Z","Extra":null}
-team_drive = xxxxxxxxxxxxxxxxxxxx
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
---fast-list
-This remote supports --fast-list
which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
-It does this by combining multiple list
calls into a single API request.
-This works by combining many '%s' in parents
filters into one expression. To list the contents of directories a, b and c, the following requests will be send by the regular List
function:
-trashed=false and 'a' in parents
-trashed=false and 'b' in parents
-trashed=false and 'c' in parents
-These can now be combined into a single request:
-trashed=false and ('a' in parents or 'b' in parents or 'c' in parents)
-The implementation of ListR
will put up to 50 parents
filters into one request. It will use the --checkers
value to specify the number of requests to run in parallel.
-In tests, these batch requests were up to 20x faster than the regular method. Running the following command against different sized folders gives:
-rclone lsjson -vv -R --checkers=6 gdrive:folder
-small folder (220 directories, 700 files):
-
-- without
--fast-list
: 38s
-- with
--fast-list
: 10s
-
-large folder (10600 directories, 39000 files):
-
-- without
--fast-list
: 22:05 min
-- with
--fast-list
: 58s
-
-Modified time
-Google drive stores modification times accurate to 1 ms.
-Restricted filename characters
-Only Invalid UTF-8 bytes will be replaced, as they can't be used in JSON strings.
-In contrast to other backends, /
can also be used in names and .
or ..
are valid names.
-Revisions
-Google drive stores revisions of files. When you upload a change to an existing file to google drive using rclone it will create a new revision of that file.
-Revisions follow the standard google policy which at time of writing was
-
-- They are deleted after 30 days or 100 revisions (whatever comes first).
-- They do not count towards a user storage quota.
-
-Deleting files
-By default rclone will send all files to the trash when deleting files. If deleting them permanently is required then use the --drive-use-trash=false
flag, or set the equivalent environment variable.
-Shortcuts
-In March 2020 Google introduced a new feature in Google Drive called drive shortcuts (API). These will (by September 2020) replace the ability for files or folders to be in multiple folders at once.
-Shortcuts are files that link to other files on Google Drive somewhat like a symlink in unix, except they point to the underlying file data (e.g. the inode in unix terms) so they don't break if the source is renamed or moved about.
-Be default rclone treats these as follows.
-For shortcuts pointing to files:
-
-- When listing a file shortcut appears as the destination file.
-- When downloading the contents of the destination file is downloaded.
-- When updating shortcut file with a non shortcut file, the shortcut is removed then a new file is uploaded in place of the shortcut.
-- When server-side moving (renaming) the shortcut is renamed, not the destination file.
-- When server-side copying the shortcut is copied, not the contents of the shortcut. (unless
--drive-copy-shortcut-content
is in use in which case the contents of the shortcut gets copied).
-- When deleting the shortcut is deleted not the linked file.
-- When setting the modification time, the modification time of the linked file will be set.
-
-For shortcuts pointing to folders:
-
-- When listing the shortcut appears as a folder and that folder will contain the contents of the linked folder appear (including any sub folders)
-- When downloading the contents of the linked folder and sub contents are downloaded
-- When uploading to a shortcut folder the file will be placed in the linked folder
-- When server-side moving (renaming) the shortcut is renamed, not the destination folder
-- When server-side copying the contents of the linked folder is copied, not the shortcut.
-- When deleting with
rclone rmdir
or rclone purge
the shortcut is deleted not the linked folder.
-- NB When deleting with
rclone remove
or rclone mount
the contents of the linked folder will be deleted.
-
-The rclone backend command can be used to create shortcuts.
-Shortcuts can be completely ignored with the --drive-skip-shortcuts
flag or the corresponding skip_shortcuts
configuration setting.
-Emptying trash
-If you wish to empty your trash you can use the rclone cleanup remote:
command which will permanently delete all your trashed files. This command does not take any path arguments.
-Note that Google Drive takes some time (minutes to days) to empty the trash even though the command returns within a few seconds. No output is echoed, so there will be no confirmation even using -v or -vv.
-Quota information
-To view your current quota you can use the rclone about remote:
command which will display your usage limit (quota), the usage in Google Drive, the size of all files in the Trash and the space used by other Google services such as Gmail. This command does not take any path arguments.
-Import/Export of google documents
-Google documents can be exported from and uploaded to Google Drive.
-When rclone downloads a Google doc it chooses a format to download depending upon the --drive-export-formats
setting. By default the export formats are docx,xlsx,pptx,svg
which are a sensible default for an editable document.
-When choosing a format, rclone runs down the list provided in order and chooses the first file format the doc can be exported as from the list. If the file can't be exported to a format on the formats list, then rclone will choose a format from the default list.
-If you prefer an archive copy then you might use --drive-export-formats pdf
, or if you prefer openoffice/libreoffice formats you might use --drive-export-formats ods,odt,odp
.
-Note that rclone adds the extension to the google doc, so if it is called My Spreadsheet
on google docs, it will be exported as My Spreadsheet.xlsx
or My Spreadsheet.pdf
etc.
-When importing files into Google Drive, rclone will convert all files with an extension in --drive-import-formats
to their associated document type. rclone will not convert any files by default, since the conversion is lossy process.
-The conversion must result in a file with the same extension when the --drive-export-formats
rules are applied to the uploaded document.
-Here are some examples for allowed and prohibited conversions.
-
-
-
-export-formats
-import-formats
-Upload Ext
-Document Ext
-Allowed
-
-
-
-
-odt
-odt
-odt
-odt
-Yes
-
-
-odt
-docx,odt
-odt
-odt
-Yes
-
-
-
-docx
-docx
-docx
-Yes
-
-
-
-odt
-odt
-docx
-No
-
-
-odt,docx
-docx,odt
-docx
-odt
-No
-
-
-docx,odt
-docx,odt
-docx
-docx
-Yes
-
-
-docx,odt
-docx,odt
-odt
-docx
-No
-
-
-
-This limitation can be disabled by specifying --drive-allow-import-name-change
. When using this flag, rclone can convert multiple files types resulting in the same document type at once, e.g. with --drive-import-formats docx,odt,txt
, all files having these extension would result in a document represented as a docx file. This brings the additional risk of overwriting a document, if multiple files have the same stem. Many rclone operations will not handle this name change in any way. They assume an equal name when copying files and might copy the file again or delete them when the name changes.
-Here are the possible export extensions with their corresponding mime types. Most of these can also be used for importing, but there more that are not listed here. Some of these additional ones might only be available when the operating system provides the correct MIME type entries.
-This list can be changed by Google Drive at any time and might not represent the currently available conversions.
-
-
-
-
-
-
-
-
-Extension
-Mime Type
-Description
-
-
-
-
-bmp
-image/bmp
-Windows Bitmap format
-
-
-csv
-text/csv
-Standard CSV format for Spreadsheets
-
-
-doc
-application/msword
-Classic Word file
-
-
-docx
-application/vnd.openxmlformats-officedocument.wordprocessingml.document
-Microsoft Office Document
-
-
-epub
-application/epub+zip
-E-book format
-
-
-html
-text/html
-An HTML Document
-
-
-jpg
-image/jpeg
-A JPEG Image File
-
-
-json
-application/vnd.google-apps.script+json
-JSON Text Format for Google Apps scripts
-
-
-odp
-application/vnd.oasis.opendocument.presentation
-Openoffice Presentation
-
-
-ods
-application/vnd.oasis.opendocument.spreadsheet
-Openoffice Spreadsheet
-
-
-ods
-application/x-vnd.oasis.opendocument.spreadsheet
-Openoffice Spreadsheet
-
-
-odt
-application/vnd.oasis.opendocument.text
-Openoffice Document
-
-
-pdf
-application/pdf
-Adobe PDF Format
-
-
-pjpeg
-image/pjpeg
-Progressive JPEG Image
-
-
-png
-image/png
-PNG Image Format
-
-
-pptx
-application/vnd.openxmlformats-officedocument.presentationml.presentation
-Microsoft Office Powerpoint
-
-
-rtf
-application/rtf
-Rich Text Format
-
-
-svg
-image/svg+xml
-Scalable Vector Graphics Format
-
-
-tsv
-text/tab-separated-values
-Standard TSV format for spreadsheets
-
-
-txt
-text/plain
-Plain Text
-
-
-wmf
-application/x-msmetafile
-Windows Meta File
-
-
-xls
-application/vnd.ms-excel
-Classic Excel file
-
-
-xlsx
-application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
-Microsoft Office Spreadsheet
-
-
-zip
-application/zip
-A ZIP file of HTML, Images CSS
-
-
-
-Google documents can also be exported as link files. These files will open a browser window for the Google Docs website of that document when opened. The link file extension has to be specified as a --drive-export-formats
parameter. They will match all available Google Documents.
-
-
-
-Extension
-Description
-OS Support
-
-
-
-
-desktop
-freedesktop.org specified desktop entry
-Linux
-
-
-link.html
-An HTML Document with a redirect
-All
-
-
-url
-INI style link file
-macOS, Windows
-
-
-webloc
-macOS specific XML format
-macOS
-
-
-
-Standard options
-Here are the Standard options specific to drive (Google Drive).
---drive-client-id
-Google Application Client Id Setting your own is recommended. See https://rclone.org/drive/#making-your-own-client-id for how to create your own. If you leave this blank, it will use an internal key which is low performance.
-Properties:
-
-- Config: client_id
-- Env Var: RCLONE_DRIVE_CLIENT_ID
-- Type: string
-- Required: false
-
---drive-client-secret
-OAuth Client Secret.
-Leave blank normally.
-Properties:
-
-- Config: client_secret
-- Env Var: RCLONE_DRIVE_CLIENT_SECRET
-- Type: string
-- Required: false
-
---drive-scope
-Scope that rclone should use when requesting access from drive.
-Properties:
-
-- Config: scope
-- Env Var: RCLONE_DRIVE_SCOPE
-- Type: string
-- Required: false
-- Examples:
-
-- "drive"
-
-- Full access all files, excluding Application Data Folder.
-
-- "drive.readonly"
-
-- Read-only access to file metadata and file contents.
-
-- "drive.file"
-
-- Access to files created by rclone only.
-- These are visible in the drive website.
-- File authorization is revoked when the user deauthorizes the app.
-
-- "drive.appfolder"
-
-- Allows read and write access to the Application Data folder.
-- This is not visible in the drive website.
-
-- "drive.metadata.readonly"
-
-- Allows read-only access to file metadata but
-- does not allow any access to read or download file content.
-
-
-
---drive-service-account-file
-Service Account Credentials JSON file path.
-Leave blank normally. Needed only if you want use SA instead of interactive login.
-Leading ~
will be expanded in the file name as will environment variables such as ${RCLONE_CONFIG_DIR}
.
-Properties:
-
-- Config: service_account_file
-- Env Var: RCLONE_DRIVE_SERVICE_ACCOUNT_FILE
-- Type: string
-- Required: false
-
---drive-alternate-export
-Deprecated: No longer needed.
-Properties:
-
-- Config: alternate_export
-- Env Var: RCLONE_DRIVE_ALTERNATE_EXPORT
-- Type: bool
-- Default: false
-
-Advanced options
-Here are the Advanced options specific to drive (Google Drive).
---drive-token
-OAuth Access Token as a JSON blob.
-Properties:
-
-- Config: token
-- Env Var: RCLONE_DRIVE_TOKEN
-- Type: string
-- Required: false
-
---drive-auth-url
-Auth server URL.
-Leave blank to use the provider defaults.
-Properties:
-
-- Config: auth_url
-- Env Var: RCLONE_DRIVE_AUTH_URL
-- Type: string
-- Required: false
-
---drive-token-url
-Token server url.
-Leave blank to use the provider defaults.
-Properties:
-
-- Config: token_url
-- Env Var: RCLONE_DRIVE_TOKEN_URL
-- Type: string
-- Required: false
-
---drive-root-folder-id
-ID of the root folder. Leave blank normally.
-Fill in to access "Computers" folders (see docs), or for rclone to use a non root folder as its starting point.
-Properties:
-
-- Config: root_folder_id
-- Env Var: RCLONE_DRIVE_ROOT_FOLDER_ID
-- Type: string
-- Required: false
-
---drive-service-account-credentials
-Service Account Credentials JSON blob.
-Leave blank normally. Needed only if you want use SA instead of interactive login.
-Properties:
-
-- Config: service_account_credentials
-- Env Var: RCLONE_DRIVE_SERVICE_ACCOUNT_CREDENTIALS
-- Type: string
-- Required: false
-
---drive-team-drive
-ID of the Shared Drive (Team Drive).
-Properties:
-
-- Config: team_drive
-- Env Var: RCLONE_DRIVE_TEAM_DRIVE
-- Type: string
-- Required: false
-
---drive-auth-owner-only
-Only consider files owned by the authenticated user.
-Properties:
-
-- Config: auth_owner_only
-- Env Var: RCLONE_DRIVE_AUTH_OWNER_ONLY
-- Type: bool
-- Default: false
-
---drive-use-trash
-Send files to the trash instead of deleting permanently.
-Defaults to true, namely sending files to the trash. Use --drive-use-trash=false
to delete files permanently instead.
-Properties:
-
-- Config: use_trash
-- Env Var: RCLONE_DRIVE_USE_TRASH
-- Type: bool
-- Default: true
-
---drive-copy-shortcut-content
-Server side copy contents of shortcuts instead of the shortcut.
-When doing server side copies, normally rclone will copy shortcuts as shortcuts.
-If this flag is used then rclone will copy the contents of shortcuts rather than shortcuts themselves when doing server side copies.
-Properties:
-
-- Config: copy_shortcut_content
-- Env Var: RCLONE_DRIVE_COPY_SHORTCUT_CONTENT
-- Type: bool
-- Default: false
-
---drive-skip-gdocs
-Skip google documents in all listings.
-If given, gdocs practically become invisible to rclone.
-Properties:
-
-- Config: skip_gdocs
-- Env Var: RCLONE_DRIVE_SKIP_GDOCS
-- Type: bool
-- Default: false
-
---drive-skip-checksum-gphotos
-Skip MD5 checksum on Google photos and videos only.
-Use this if you get checksum errors when transferring Google photos or videos.
-Setting this flag will cause Google photos and videos to return a blank MD5 checksum.
-Google photos are identified by being in the "photos" space.
-Corrupted checksums are caused by Google modifying the image/video but not updating the checksum.
-Properties:
-
-- Config: skip_checksum_gphotos
-- Env Var: RCLONE_DRIVE_SKIP_CHECKSUM_GPHOTOS
-- Type: bool
-- Default: false
-
---drive-shared-with-me
-Only show files that are shared with me.
-Instructs rclone to operate on your "Shared with me" folder (where Google Drive lets you access the files and folders others have shared with you).
-This works both with the "list" (lsd, lsl, etc.) and the "copy" commands (copy, sync, etc.), and with all other commands too.
-Properties:
-
-- Config: shared_with_me
-- Env Var: RCLONE_DRIVE_SHARED_WITH_ME
-- Type: bool
-- Default: false
-
---drive-trashed-only
-Only show files that are in the trash.
-This will show trashed files in their original directory structure.
-Properties:
-
-- Config: trashed_only
-- Env Var: RCLONE_DRIVE_TRASHED_ONLY
-- Type: bool
-- Default: false
-
---drive-starred-only
-Only show files that are starred.
-Properties:
-
-- Config: starred_only
-- Env Var: RCLONE_DRIVE_STARRED_ONLY
-- Type: bool
-- Default: false
-
---drive-formats
-Deprecated: See export_formats.
-Properties:
-
-- Config: formats
-- Env Var: RCLONE_DRIVE_FORMATS
-- Type: string
-- Required: false
-
---drive-export-formats
-Comma separated list of preferred formats for downloading Google docs.
-Properties:
-
-- Config: export_formats
-- Env Var: RCLONE_DRIVE_EXPORT_FORMATS
-- Type: string
-- Default: "docx,xlsx,pptx,svg"
-
---drive-import-formats
-Comma separated list of preferred formats for uploading Google docs.
-Properties:
-
-- Config: import_formats
-- Env Var: RCLONE_DRIVE_IMPORT_FORMATS
-- Type: string
-- Required: false
-
---drive-allow-import-name-change
-Allow the filetype to change when uploading Google docs.
-E.g. file.doc to file.docx. This will confuse sync and reupload every time.
-Properties:
-
-- Config: allow_import_name_change
-- Env Var: RCLONE_DRIVE_ALLOW_IMPORT_NAME_CHANGE
-- Type: bool
-- Default: false
-
---drive-use-created-date
-Use file created date instead of modified date.
-Useful when downloading data and you want the creation date used in place of the last modified date.
-WARNING: This flag may have some unexpected consequences.
-When uploading to your drive all files will be overwritten unless they haven't been modified since their creation. And the inverse will occur while downloading. This side effect can be avoided by using the "--checksum" flag.
-This feature was implemented to retain photos capture date as recorded by google photos. You will first need to check the "Create a Google Photos folder" option in your google drive settings. You can then copy or move the photos locally and use the date the image was taken (created) set as the modification date.
-Properties:
-
-- Config: use_created_date
-- Env Var: RCLONE_DRIVE_USE_CREATED_DATE
-- Type: bool
-- Default: false
-
---drive-use-shared-date
-Use date file was shared instead of modified date.
-Note that, as with "--drive-use-created-date", this flag may have unexpected consequences when uploading/downloading files.
-If both this flag and "--drive-use-created-date" are set, the created date is used.
-Properties:
-
-- Config: use_shared_date
-- Env Var: RCLONE_DRIVE_USE_SHARED_DATE
-- Type: bool
-- Default: false
-
---drive-list-chunk
-Size of listing chunk 100-1000, 0 to disable.
-Properties:
-
-- Config: list_chunk
-- Env Var: RCLONE_DRIVE_LIST_CHUNK
-- Type: int
-- Default: 1000
-
---drive-impersonate
-Impersonate this user when using a service account.
-Properties:
-
-- Config: impersonate
-- Env Var: RCLONE_DRIVE_IMPERSONATE
-- Type: string
-- Required: false
-
---drive-upload-cutoff
-Cutoff for switching to chunked upload.
-Properties:
-
-- Config: upload_cutoff
-- Env Var: RCLONE_DRIVE_UPLOAD_CUTOFF
-- Type: SizeSuffix
-- Default: 8Mi
-
---drive-chunk-size
-Upload chunk size.
-Must a power of 2 >= 256k.
-Making this larger will improve performance, but note that each chunk is buffered in memory one per transfer.
-Reducing this will reduce memory usage but decrease performance.
-Properties:
-
-- Config: chunk_size
-- Env Var: RCLONE_DRIVE_CHUNK_SIZE
-- Type: SizeSuffix
-- Default: 8Mi
-
---drive-acknowledge-abuse
-Set to allow files which return cannotDownloadAbusiveFile to be downloaded.
-If downloading a file returns the error "This file has been identified as malware or spam and cannot be downloaded" with the error code "cannotDownloadAbusiveFile" then supply this flag to rclone to indicate you acknowledge the risks of downloading the file and rclone will download it anyway.
-Note that if you are using service account it will need Manager permission (not Content Manager) to for this flag to work. If the SA does not have the right permission, Google will just ignore the flag.
-Properties:
-
-- Config: acknowledge_abuse
-- Env Var: RCLONE_DRIVE_ACKNOWLEDGE_ABUSE
-- Type: bool
-- Default: false
-
---drive-keep-revision-forever
-Keep new head revision of each file forever.
-Properties:
-
-- Config: keep_revision_forever
-- Env Var: RCLONE_DRIVE_KEEP_REVISION_FOREVER
-- Type: bool
-- Default: false
-
---drive-size-as-quota
-Show sizes as storage quota usage, not actual size.
-Show the size of a file as the storage quota used. This is the current version plus any older versions that have been set to keep forever.
-WARNING: This flag may have some unexpected consequences.
-It is not recommended to set this flag in your config - the recommended usage is using the flag form --drive-size-as-quota when doing rclone ls/lsl/lsf/lsjson/etc only.
-If you do use this flag for syncing (not recommended) then you will need to use --ignore size also.
-Properties:
-
-- Config: size_as_quota
-- Env Var: RCLONE_DRIVE_SIZE_AS_QUOTA
-- Type: bool
-- Default: false
-
---drive-v2-download-min-size
-If Object's are greater, use drive v2 API to download.
-Properties:
-
-- Config: v2_download_min_size
-- Env Var: RCLONE_DRIVE_V2_DOWNLOAD_MIN_SIZE
-- Type: SizeSuffix
-- Default: off
-
---drive-pacer-min-sleep
-Minimum time to sleep between API calls.
-Properties:
-
-- Config: pacer_min_sleep
-- Env Var: RCLONE_DRIVE_PACER_MIN_SLEEP
-- Type: Duration
-- Default: 100ms
-
---drive-pacer-burst
-Number of API calls to allow without sleeping.
-Properties:
-
-- Config: pacer_burst
-- Env Var: RCLONE_DRIVE_PACER_BURST
-- Type: int
-- Default: 100
-
---drive-server-side-across-configs
-Allow server-side operations (e.g. copy) to work across different drive configs.
-This can be useful if you wish to do a server-side copy between two different Google drives. Note that this isn't enabled by default because it isn't easy to tell if it will work between any two configurations.
-Properties:
-
-- Config: server_side_across_configs
-- Env Var: RCLONE_DRIVE_SERVER_SIDE_ACROSS_CONFIGS
-- Type: bool
-- Default: false
-
---drive-disable-http2
-Disable drive using http2.
-There is currently an unsolved issue with the google drive backend and HTTP/2. HTTP/2 is therefore disabled by default for the drive backend but can be re-enabled here. When the issue is solved this flag will be removed.
-See: https://github.com/rclone/rclone/issues/3631
-Properties:
-
-- Config: disable_http2
-- Env Var: RCLONE_DRIVE_DISABLE_HTTP2
-- Type: bool
-- Default: true
-
---drive-stop-on-upload-limit
-Make upload limit errors be fatal.
-At the time of writing it is only possible to upload 750 GiB of data to Google Drive a day (this is an undocumented limit). When this limit is reached Google Drive produces a slightly different error message. When this flag is set it causes these errors to be fatal. These will stop the in-progress sync.
-Note that this detection is relying on error message strings which Google don't document so it may break in the future.
-See: https://github.com/rclone/rclone/issues/3857
-Properties:
-
-- Config: stop_on_upload_limit
-- Env Var: RCLONE_DRIVE_STOP_ON_UPLOAD_LIMIT
-- Type: bool
-- Default: false
-
---drive-stop-on-download-limit
-Make download limit errors be fatal.
-At the time of writing it is only possible to download 10 TiB of data from Google Drive a day (this is an undocumented limit). When this limit is reached Google Drive produces a slightly different error message. When this flag is set it causes these errors to be fatal. These will stop the in-progress sync.
-Note that this detection is relying on error message strings which Google don't document so it may break in the future.
-Properties:
-
-- Config: stop_on_download_limit
-- Env Var: RCLONE_DRIVE_STOP_ON_DOWNLOAD_LIMIT
-- Type: bool
-- Default: false
-
---drive-skip-shortcuts
-If set skip shortcut files.
-Normally rclone dereferences shortcut files making them appear as if they are the original file (see the shortcuts section). If this flag is set then rclone will ignore shortcut files completely.
-Properties:
-
-- Config: skip_shortcuts
-- Env Var: RCLONE_DRIVE_SKIP_SHORTCUTS
-- Type: bool
-- Default: false
-
---drive-skip-dangling-shortcuts
-If set skip dangling shortcut files.
-If this is set then rclone will not show any dangling shortcuts in listings.
-Properties:
-
-- Config: skip_dangling_shortcuts
-- Env Var: RCLONE_DRIVE_SKIP_DANGLING_SHORTCUTS
-- Type: bool
-- Default: false
-
---drive-resource-key
-Resource key for accessing a link-shared file.
-If you need to access files shared with a link like this
-https://drive.google.com/drive/folders/XXX?resourcekey=YYY&usp=sharing
-Then you will need to use the first part "XXX" as the "root_folder_id" and the second part "YYY" as the "resource_key" otherwise you will get 404 not found errors when trying to access the directory.
-See: https://developers.google.com/drive/api/guides/resource-keys
-This resource key requirement only applies to a subset of old files.
-Note also that opening the folder once in the web interface (with the user you've authenticated rclone with) seems to be enough so that the resource key is no needed.
-Properties:
-
-- Config: resource_key
-- Env Var: RCLONE_DRIVE_RESOURCE_KEY
-- Type: string
-- Required: false
-
---drive-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_DRIVE_ENCODING
-- Type: MultiEncoder
-- Default: InvalidUtf8
-
-Backend commands
-Here are the commands specific to the drive backend.
-Run them with
-rclone backend COMMAND remote:
-The help below will explain what arguments each command takes.
-See the backend command for more info on how to pass options and arguments.
-These can be run on a running backend using the rc command backend/command.
-get
-Get command for fetching the drive config parameters
-rclone backend get remote: [options] [<arguments>+]
-This is a get command which will be used to fetch the various drive config parameters
-Usage Examples:
-rclone backend get drive: [-o service_account_file] [-o chunk_size]
-rclone rc backend/command command=get fs=drive: [-o service_account_file] [-o chunk_size]
-Options:
-
-- "chunk_size": show the current upload chunk size
-- "service_account_file": show the current service account file
-
-set
-Set command for updating the drive config parameters
-rclone backend set remote: [options] [<arguments>+]
-This is a set command which will be used to update the various drive config parameters
-Usage Examples:
-rclone backend set drive: [-o service_account_file=sa.json] [-o chunk_size=67108864]
-rclone rc backend/command command=set fs=drive: [-o service_account_file=sa.json] [-o chunk_size=67108864]
-Options:
-
-- "chunk_size": update the current upload chunk size
-- "service_account_file": update the current service account file
-
-shortcut
-Create shortcuts from files or directories
-rclone backend shortcut remote: [options] [<arguments>+]
-This command creates shortcuts from files or directories.
-Usage:
-rclone backend shortcut drive: source_item destination_shortcut
-rclone backend shortcut drive: source_item -o target=drive2: destination_shortcut
-In the first example this creates a shortcut from the "source_item" which can be a file or a directory to the "destination_shortcut". The "source_item" and the "destination_shortcut" should be relative paths from "drive:"
-In the second example this creates a shortcut from the "source_item" relative to "drive:" to the "destination_shortcut" relative to "drive2:". This may fail with a permission error if the user authenticated with "drive2:" can't read files from "drive:".
-Options:
-
-- "target": optional target remote for the shortcut destination
-
-drives
-List the Shared Drives available to this account
-rclone backend drives remote: [options] [<arguments>+]
-This command lists the Shared Drives (Team Drives) available to this account.
-Usage:
-rclone backend [-o config] drives drive:
-This will return a JSON list of objects like this
-[
- {
- "id": "0ABCDEF-01234567890",
- "kind": "drive#teamDrive",
- "name": "My Drive"
- },
- {
- "id": "0ABCDEFabcdefghijkl",
- "kind": "drive#teamDrive",
- "name": "Test Drive"
- }
-]
-With the -o config parameter it will output the list in a format suitable for adding to a config file to make aliases for all the drives found and a combined drive.
-[My Drive]
-type = alias
-remote = drive,team_drive=0ABCDEF-01234567890,root_folder_id=:
-
-[Test Drive]
-type = alias
-remote = drive,team_drive=0ABCDEFabcdefghijkl,root_folder_id=:
-
-[AllDrives]
-type = combine
-upstreams = "My Drive=My Drive:" "Test Drive=Test Drive:"
-Adding this to the rclone config file will cause those team drives to be accessible with the aliases shown. Any illegal characters will be substituted with "_" and duplicate names will have numbers suffixed. It will also add a remote called AllDrives which shows all the shared drives combined into one directory tree.
-untrash
-Untrash files and directories
-rclone backend untrash remote: [options] [<arguments>+]
-This command untrashes all the files and directories in the directory passed in recursively.
-Usage:
-This takes an optional directory to trash which make this easier to use via the API.
-rclone backend untrash drive:directory
-rclone backend --interactive untrash drive:directory subdir
-Use the --interactive/-i or --dry-run flag to see what would be restored before restoring it.
-Result:
-{
- "Untrashed": 17,
- "Errors": 0
-}
-copyid
-Copy files by ID
-rclone backend copyid remote: [options] [<arguments>+]
-This command copies files by ID
-Usage:
-rclone backend copyid drive: ID path
-rclone backend copyid drive: ID1 path1 ID2 path2
-It copies the drive file with ID given to the path (an rclone path which will be passed internally to rclone copyto). The ID and path pairs can be repeated.
-The path should end with a / to indicate copy the file as named to this directory. If it doesn't end with a / then the last path component will be used as the file name.
-If the destination is a drive backend then server-side copying will be attempted if possible.
-Use the --interactive/-i or --dry-run flag to see what would be copied before copying.
-exportformats
-Dump the export formats for debug purposes
-rclone backend exportformats remote: [options] [<arguments>+]
-importformats
-Dump the import formats for debug purposes
-rclone backend importformats remote: [options] [<arguments>+]
-Limitations
-Drive has quite a lot of rate limiting. This causes rclone to be limited to transferring about 2 files per second only. Individual files may be transferred much faster at 100s of MiB/s but lots of small files can take a long time.
-Server side copies are also subject to a separate rate limit. If you see User rate limit exceeded errors, wait at least 24 hours and retry. You can disable server-side copies with --disable copy
to download and upload the files if you prefer.
-Limitations of Google Docs
-Google docs will appear as size -1 in rclone ls
, rclone ncdu
etc, and as size 0 in anything which uses the VFS layer, e.g. rclone mount
and rclone serve
. When calculating directory totals, e.g. in rclone size
and rclone ncdu
, they will be counted in as empty files.
-This is because rclone can't find out the size of the Google docs without downloading them.
-Google docs will transfer correctly with rclone sync
, rclone copy
etc as rclone knows to ignore the size when doing the transfer.
-However an unfortunate consequence of this is that you may not be able to download Google docs using rclone mount
. If it doesn't work you will get a 0 sized file. If you try again the doc may gain its correct size and be downloadable. Whether it will work on not depends on the application accessing the mount and the OS you are running - experiment to find out if it does work for you!
-Duplicated files
-Sometimes, for no reason I've been able to track down, drive will duplicate a file that rclone uploads. Drive unlike all the other remotes can have duplicated files.
-Duplicated files cause problems with the syncing and you will see messages in the log about duplicates.
-Use rclone dedupe
to fix duplicated files.
-Note that this isn't just a problem with rclone, even Google Photos on Android duplicates files on drive sometimes.
-Rclone appears to be re-copying files it shouldn't
-The most likely cause of this is the duplicated file issue above - run rclone dedupe
and check your logs for duplicate object or directory messages.
-This can also be caused by a delay/caching on google drive's end when comparing directory listings. Specifically with team drives used in combination with --fast-list. Files that were uploaded recently may not appear on the directory list sent to rclone when using --fast-list.
-Waiting a moderate period of time between attempts (estimated to be approximately 1 hour) and/or not using --fast-list both seem to be effective in preventing the problem.
-Making your own client_id
-When you use rclone with Google drive in its default configuration you are using rclone's client_id. This is shared between all the rclone users. There is a global rate limit on the number of queries per second that each client_id can do set by Google. rclone already has a high quota and I will continue to make sure it is high enough by contacting Google.
-It is strongly recommended to use your own client ID as the default rclone ID is heavily used. If you have multiple services running, it is recommended to use an API key for each service. The default Google quota is 10 transactions per second so it is recommended to stay under that number as if you use more than that, it will cause rclone to rate limit and make things slower.
-Here is how to create your own Google Drive client ID for rclone:
-
-Log into the Google API Console with your Google account. It doesn't matter what Google account you use. (It need not be the same account as the Google Drive you want to access)
-Select a project or create a new project.
-Under "ENABLE APIS AND SERVICES" search for "Drive", and enable the "Google Drive API".
-Click "Credentials" in the left-side panel (not "Create credentials", which opens the wizard), then "Create credentials"
-If you already configured an "Oauth Consent Screen", then skip to the next step; if not, click on "CONFIGURE CONSENT SCREEN" button (near the top right corner of the right panel), then select "External" and click on "CREATE"; on the next screen, enter an "Application name" ("rclone" is OK); enter "User Support Email" (your own email is OK); enter "Developer Contact Email" (your own email is OK); then click on "Save" (all other data is optional). You will also have to add some scopes, including .../auth/docs
and .../auth/drive
in order to be able to edit, create and delete files with RClone. You may also want to include the ../auth/drive.metadata.readonly
scope. After adding scopes, click "Save and continue" to add test users. Be sure to add your own account to the test users. Once you've added yourself as a test user and saved the changes, click again on "Credentials" on the left panel to go back to the "Credentials" screen.
-(PS: if you are a GSuite user, you could also select "Internal" instead of "External" above, but this will restrict API use to Google Workspace users in your organisation).
-Click on the "+ CREATE CREDENTIALS" button at the top of the screen, then select "OAuth client ID".
-Choose an application type of "Desktop app" and click "Create". (the default name is fine)
-It will show you a client ID and client secret. Make a note of these.
-(If you selected "External" at Step 5 continue to Step 9. If you chose "Internal" you don't need to publish and can skip straight to Step 10 but your destination drive must be part of the same Google Workspace.)
-Go to "Oauth consent screen" and then click "PUBLISH APP" button and confirm. You will also want to add yourself as a test user.
-Provide the noted client ID and client secret to rclone.
-
-Be aware that, due to the "enhanced security" recently introduced by Google, you are theoretically expected to "submit your app for verification" and then wait a few weeks(!) for their response; in practice, you can go right ahead and use the client ID and client secret with rclone, the only issue will be a very scary confirmation screen shown when you connect via your browser for rclone to be able to get its token-id (but as this only happens during the remote configuration, it's not such a big deal). Keeping the application in "Testing" will work as well, but the limitation is that any grants will expire after a week, which can be annoying to refresh constantly. If, for whatever reason, a short grant time is not a problem, then keeping the application in testing mode would also be sufficient.
-(Thanks to @balazer on github for these instructions.)
-Sometimes, creation of an OAuth consent in Google API Console fails due to an error message “The request failed because changes to one of the field of the resource is not supported”. As a convenient workaround, the necessary Google Drive API key can be created on the Python Quickstart page. Just push the Enable the Drive API button to receive the Client ID and Secret. Note that it will automatically create a new project in the API Console.
-Google Photos
-The rclone backend for Google Photos is a specialized backend for transferring photos and videos to and from Google Photos.
-NB The Google Photos API which rclone uses has quite a few limitations, so please read the limitations section carefully to make sure it is suitable for your use.
-Configuration
-The initial setup for google cloud storage involves getting a token from Google Photos which you need to do in your browser. rclone config
walks you through it.
-Here is an example of how to make a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / Google Photos
- \ "google photos"
-[snip]
-Storage> google photos
-** See help for google photos backend at: https://rclone.org/googlephotos/ **
-
-Google Application Client Id
-Leave blank normally.
-Enter a string value. Press Enter for the default ("").
-client_id>
-Google Application Client Secret
-Leave blank normally.
-Enter a string value. Press Enter for the default ("").
-client_secret>
-Set to make the Google Photos backend read only.
-
-If you choose read only then rclone will only request read only access
-to your photos, otherwise rclone will request full access.
-Enter a boolean value (true or false). Press Enter for the default ("false").
-read_only>
-Edit advanced config? (y/n)
-y) Yes
-n) No
-y/n> n
-Remote config
-Use web browser to automatically authenticate rclone with remote?
- * Say Y if the machine running rclone has a web browser you can use
- * Say N if running rclone on a (remote) machine without web browser access
-If not sure try Y. If Y failed, try N.
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
-
-*** IMPORTANT: All media items uploaded to Google Photos with rclone
-*** are stored in full resolution at original quality. These uploads
-*** will count towards storage in your Google Account.
-
---------------------
-[remote]
-type = google photos
-token = {"access_token":"XXX","token_type":"Bearer","refresh_token":"XXX","expiry":"2019-06-28T17:38:04.644930156+01:00"}
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-See the remote setup docs for how to set it up on a machine with no Internet browser available.
-Note that rclone runs a webserver on your local machine to collect the token as returned from Google if using web browser to automatically authenticate. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/
and this may require you to unblock it temporarily if you are running a host firewall, or use manual mode.
-This remote is called remote
and can now be used like this
-See all the albums in your photos
-rclone lsd remote:album
-Make a new album
-rclone mkdir remote:album/newAlbum
-List the contents of an album
-rclone ls remote:album/newAlbum
-Sync /home/local/images
to the Google Photos, removing any excess files in the album.
-rclone sync --interactive /home/local/image remote:album/newAlbum
-Layout
-As Google Photos is not a general purpose cloud storage system, the backend is laid out to help you navigate it.
-The directories under media
show different ways of categorizing the media. Each file will appear multiple times. So if you want to make a backup of your google photos you might choose to backup remote:media/by-month
. (NB remote:media/by-day
is rather slow at the moment so avoid for syncing.)
-Note that all your photos and videos will appear somewhere under media
, but they may not appear under album
unless you've put them into albums.
-/
-- upload
- - file1.jpg
- - file2.jpg
- - ...
-- media
- - all
- - file1.jpg
- - file2.jpg
- - ...
- - by-year
- - 2000
- - file1.jpg
- - ...
- - 2001
- - file2.jpg
- - ...
- - ...
- - by-month
- - 2000
- - 2000-01
- - file1.jpg
- - ...
- - 2000-02
- - file2.jpg
- - ...
- - ...
- - by-day
- - 2000
- - 2000-01-01
- - file1.jpg
- - ...
- - 2000-01-02
- - file2.jpg
- - ...
- - ...
-- album
- - album name
- - album name/sub
-- shared-album
- - album name
- - album name/sub
-- feature
- - favorites
- - file1.jpg
- - file2.jpg
-There are two writable parts of the tree, the upload
directory and sub directories of the album
directory.
-The upload
directory is for uploading files you don't want to put into albums. This will be empty to start with and will contain the files you've uploaded for one rclone session only, becoming empty again when you restart rclone. The use case for this would be if you have a load of files you just want to once off dump into Google Photos. For repeated syncing, uploading to album
will work better.
-Directories within the album
directory are also writeable and you may create new directories (albums) under album
. If you copy files with a directory hierarchy in there then rclone will create albums with the /
character in them. For example if you do
-rclone copy /path/to/images remote:album/images
-and the images directory contains
-images
- - file1.jpg
- dir
- file2.jpg
- dir2
- dir3
- file3.jpg
-Then rclone will create the following albums with the following files in
-
-- images
-
-- file1.jpg
-
-- images/dir
-
-- file2.jpg
-
-- images/dir2/dir3
-
-- file3.jpg
-
-
-This means that you can use the album
path pretty much like a normal filesystem and it is a good target for repeated syncing.
-The shared-album
directory shows albums shared with you or by you. This is similar to the Sharing tab in the Google Photos web interface.
-Standard options
-Here are the Standard options specific to google photos (Google Photos).
---gphotos-client-id
-OAuth Client Id.
-Leave blank normally.
-Properties:
-
-- Config: client_id
-- Env Var: RCLONE_GPHOTOS_CLIENT_ID
-- Type: string
-- Required: false
-
---gphotos-client-secret
-OAuth Client Secret.
-Leave blank normally.
-Properties:
-
-- Config: client_secret
-- Env Var: RCLONE_GPHOTOS_CLIENT_SECRET
-- Type: string
-- Required: false
-
---gphotos-read-only
-Set to make the Google Photos backend read only.
-If you choose read only then rclone will only request read only access to your photos, otherwise rclone will request full access.
-Properties:
-
-- Config: read_only
-- Env Var: RCLONE_GPHOTOS_READ_ONLY
-- Type: bool
-- Default: false
-
-Advanced options
-Here are the Advanced options specific to google photos (Google Photos).
---gphotos-token
-OAuth Access Token as a JSON blob.
-Properties:
-
-- Config: token
-- Env Var: RCLONE_GPHOTOS_TOKEN
-- Type: string
-- Required: false
-
---gphotos-auth-url
-Auth server URL.
-Leave blank to use the provider defaults.
-Properties:
-
-- Config: auth_url
-- Env Var: RCLONE_GPHOTOS_AUTH_URL
-- Type: string
-- Required: false
-
---gphotos-token-url
-Token server url.
-Leave blank to use the provider defaults.
-Properties:
-
-- Config: token_url
-- Env Var: RCLONE_GPHOTOS_TOKEN_URL
-- Type: string
-- Required: false
-
---gphotos-read-size
-Set to read the size of media items.
-Normally rclone does not read the size of media items since this takes another transaction. This isn't necessary for syncing. However rclone mount needs to know the size of files in advance of reading them, so setting this flag when using rclone mount is recommended if you want to read the media.
-Properties:
-
-- Config: read_size
-- Env Var: RCLONE_GPHOTOS_READ_SIZE
-- Type: bool
-- Default: false
-
---gphotos-start-year
-Year limits the photos to be downloaded to those which are uploaded after the given year.
-Properties:
-
-- Config: start_year
-- Env Var: RCLONE_GPHOTOS_START_YEAR
-- Type: int
-- Default: 2000
-
---gphotos-include-archived
-Also view and download archived media.
-By default, rclone does not request archived media. Thus, when syncing, archived media is not visible in directory listings or transferred.
-Note that media in albums is always visible and synced, no matter their archive status.
-With this flag, archived media are always visible in directory listings and transferred.
-Without this flag, archived media will not be visible in directory listings and won't be transferred.
-Properties:
-
-- Config: include_archived
-- Env Var: RCLONE_GPHOTOS_INCLUDE_ARCHIVED
-- Type: bool
-- Default: false
-
---gphotos-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_GPHOTOS_ENCODING
-- Type: MultiEncoder
-- Default: Slash,CrLf,InvalidUtf8,Dot
-
-Limitations
-Only images and videos can be uploaded. If you attempt to upload non videos or images or formats that Google Photos doesn't understand, rclone will upload the file, then Google Photos will give an error when it is put turned into a media item.
-Note that all media items uploaded to Google Photos through the API are stored in full resolution at "original quality" and will count towards your storage quota in your Google Account. The API does not offer a way to upload in "high quality" mode..
-rclone about
is not supported by the Google Photos backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs
(most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about See rclone about
-Downloading Images
-When Images are downloaded this strips EXIF location (according to the docs and my tests). This is a limitation of the Google Photos API and is covered by bug #112096115.
-The current google API does not allow photos to be downloaded at original resolution. This is very important if you are, for example, relying on "Google Photos" as a backup of your photos. You will not be able to use rclone to redownload original images. You could use 'google takeout' to recover the original photos as a last resort
-Downloading Videos
-When videos are downloaded they are downloaded in a really compressed version of the video compared to downloading it via the Google Photos web interface. This is covered by bug #113672044.
-Duplicates
-If a file name is duplicated in a directory then rclone will add the file ID into its name. So two files called file.jpg
would then appear as file {123456}.jpg
and file {ABCDEF}.jpg
(the actual IDs are a lot longer alas!).
-If you upload the same image (with the same binary data) twice then Google Photos will deduplicate it. However it will retain the filename from the first upload which may confuse rclone. For example if you uploaded an image to upload
then uploaded the same image to album/my_album
the filename of the image in album/my_album
will be what it was uploaded with initially, not what you uploaded it with to album
. In practise this shouldn't cause too many problems.
-Modified time
-The date shown of media in Google Photos is the creation date as determined by the EXIF information, or the upload date if that is not known.
-This is not changeable by rclone and is not the modification date of the media on local disk. This means that rclone cannot use the dates from Google Photos for syncing purposes.
-Size
-The Google Photos API does not return the size of media. This means that when syncing to Google Photos, rclone can only do a file existence check.
-It is possible to read the size of the media, but this needs an extra HTTP HEAD request per media item so is very slow and uses up a lot of transactions. This can be enabled with the --gphotos-read-size
option or the read_size = true
config parameter.
-If you want to use the backend with rclone mount
you may need to enable this flag (depending on your OS and application using the photos) otherwise you may not be able to read media off the mount. You'll need to experiment to see if it works for you without the flag.
-Albums
-Rclone can only upload files to albums it created. This is a limitation of the Google Photos API.
-Rclone can remove files it uploaded from albums it created only.
-Deleting files
-Rclone can remove files from albums it created, but note that the Google Photos API does not allow media to be deleted permanently so this media will still remain. See bug #109759781.
-Rclone cannot delete files anywhere except under album
.
-Deleting albums
-The Google Photos API does not support deleting albums - see bug #135714733.
-Hasher
-Hasher is a special overlay backend to create remotes which handle checksums for other remotes. It's main functions include: - Emulate hash types unimplemented by backends - Cache checksums to help with slow hashing of large local or (S)FTP files - Warm up checksum cache from external SUM files
-Getting started
-To use Hasher, first set up the underlying remote following the configuration instructions for that remote. You can also use a local pathname instead of a remote. Check that your base remote is working.
-Let's call the base remote myRemote:path
here. Note that anything inside myRemote:path
will be handled by hasher and anything outside won't. This means that if you are using a bucket based remote (S3, B2, Swift) then you should put the bucket in the remote s3:bucket
.
-Now proceed to interactive or manual configuration.
-Interactive configuration
-Run rclone config
:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> Hasher1
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Handle checksums for other remotes
- \ "hasher"
-[snip]
-Storage> hasher
-Remote to cache checksums for, like myremote:mypath.
-Enter a string value. Press Enter for the default ("").
-remote> myRemote:path
-Comma separated list of supported checksum types.
-Enter a string value. Press Enter for the default ("md5,sha1").
-hashsums> md5
-Maximum time to keep checksums in cache. 0 = no cache, off = cache forever.
-max_age> off
-Edit advanced config? (y/n)
-y) Yes
-n) No
-y/n> n
-Remote config
---------------------
-[Hasher1]
-type = hasher
-remote = myRemote:path
-hashsums = md5
-max_age = off
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Manual configuration
-Run rclone config path
to see the path of current active config file, usually YOURHOME/.config/rclone/rclone.conf
. Open it in your favorite text editor, find section for the base remote and create new section for hasher like in the following examples:
-[Hasher1]
-type = hasher
-remote = myRemote:path
-hashes = md5
-max_age = off
-
-[Hasher2]
-type = hasher
-remote = /local/path
-hashes = dropbox,sha1
-max_age = 24h
-Hasher takes basically the following parameters: - remote
is required, - hashes
is a comma separated list of supported checksums (by default md5,sha1
), - max_age
- maximum time to keep a checksum value in the cache, 0
will disable caching completely, off
will cache "forever" (that is until the files get changed).
-Make sure the remote
has :
(colon) in. If you specify the remote without a colon then rclone will use a local directory of that name. So if you use a remote of /local/path
then rclone will handle hashes for that directory. If you use remote = name
literally then rclone will put files in a directory called name
located under current directory.
-Usage
-Basic operations
-Now you can use it as Hasher2:subdir/file
instead of base remote. Hasher will transparently update cache with new checksums when a file is fully read or overwritten, like:
-rclone copy External:path/file Hasher:dest/path
-
-rclone cat Hasher:path/to/file > /dev/null
-The way to refresh all cached checksums (even unsupported by the base backend) for a subtree is to re-download all files in the subtree. For example, use hashsum --download
using any supported hashsum on the command line (we just care to re-read):
-rclone hashsum MD5 --download Hasher:path/to/subtree > /dev/null
-
-rclone backend dump Hasher:path/to/subtree
-You can print or drop hashsum cache using custom backend commands:
-rclone backend dump Hasher:dir/subdir
-
-rclone backend drop Hasher:
-Pre-Seed from a SUM File
-Hasher supports two backend commands: generic SUM file import
and faster but less consistent stickyimport
.
-rclone backend import Hasher:dir/subdir SHA1 /path/to/SHA1SUM [--checkers 4]
-Instead of SHA1 it can be any hash supported by the remote. The last argument can point to either a local or an other-remote:path
text file in SUM format. The command will parse the SUM file, then walk down the path given by the first argument, snapshot current fingerprints and fill in the cache entries correspondingly. - Paths in the SUM file are treated as relative to hasher:dir/subdir
. - The command will not check that supplied values are correct. You must know what you are doing. - This is a one-time action. The SUM file will not get "attached" to the remote. Cache entries can still be overwritten later, should the object's fingerprint change. - The tree walk can take long depending on the tree size. You can increase --checkers
to make it faster. Or use stickyimport
if you don't care about fingerprints and consistency.
-rclone backend stickyimport hasher:path/to/data sha1 remote:/path/to/sum.sha1
-stickyimport
is similar to import
but works much faster because it does not need to stat existing files and skips initial tree walk. Instead of binding cache entries to file fingerprints it creates sticky entries bound to the file name alone ignoring size, modification time etc. Such hash entries can be replaced only by purge
, delete
, backend drop
or by full re-read/re-write of the files.
-Configuration reference
-Standard options
-Here are the Standard options specific to hasher (Better checksums for other remotes).
---hasher-remote
-Remote to cache checksums for (e.g. myRemote:path).
-Properties:
-
-- Config: remote
-- Env Var: RCLONE_HASHER_REMOTE
-- Type: string
-- Required: true
-
---hasher-hashes
-Comma separated list of supported checksum types.
-Properties:
-
-- Config: hashes
-- Env Var: RCLONE_HASHER_HASHES
-- Type: CommaSepList
-- Default: md5,sha1
-
---hasher-max-age
-Maximum time to keep checksums in cache (0 = no cache, off = cache forever).
-Properties:
-
-- Config: max_age
-- Env Var: RCLONE_HASHER_MAX_AGE
-- Type: Duration
-- Default: off
-
-Advanced options
-Here are the Advanced options specific to hasher (Better checksums for other remotes).
---hasher-auto-size
-Auto-update checksum for files smaller than this size (disabled by default).
-Properties:
-
-- Config: auto_size
-- Env Var: RCLONE_HASHER_AUTO_SIZE
-- Type: SizeSuffix
-- Default: 0
-
-Metadata
-Any metadata supported by the underlying remote is read and written.
-See the metadata docs for more info.
-Backend commands
-Here are the commands specific to the hasher backend.
-Run them with
-rclone backend COMMAND remote:
-The help below will explain what arguments each command takes.
-See the backend command for more info on how to pass options and arguments.
-These can be run on a running backend using the rc command backend/command.
-drop
-Drop cache
-rclone backend drop remote: [options] [<arguments>+]
-Completely drop checksum cache. Usage Example: rclone backend drop hasher:
-dump
-Dump the database
-rclone backend dump remote: [options] [<arguments>+]
-Dump cache records covered by the current remote
-fulldump
-Full dump of the database
-rclone backend fulldump remote: [options] [<arguments>+]
-Dump all cache records in the database
-import
-Import a SUM file
-rclone backend import remote: [options] [<arguments>+]
-Amend hash cache from a SUM file and bind checksums to files by size/time. Usage Example: rclone backend import hasher:subdir md5 /path/to/sum.md5
-stickyimport
-Perform fast import of a SUM file
-rclone backend stickyimport remote: [options] [<arguments>+]
-Fill hash cache from a SUM file without verifying file fingerprints. Usage Example: rclone backend stickyimport hasher:subdir md5 remote:path/to/sum.md5
-Implementation details (advanced)
-This section explains how various rclone operations work on a hasher remote.
-Disclaimer. This section describes current implementation which can change in future rclone versions!.
-Hashsum command
-The rclone hashsum
(or md5sum
or sha1sum
) command will:
-
-- if requested hash is supported by lower level, just pass it.
-- if object size is below
auto_size
then download object and calculate requested hashes on the fly.
-- if unsupported and the size is big enough, build object
fingerprint
(including size, modtime if supported, first-found other hash if any).
-- if the strict match is found in cache for the requested remote, return the stored hash.
-- if remote found but fingerprint mismatched, then purge the entry and proceed to step 6.
-- if remote not found or had no requested hash type or after step 5: download object, calculate all supported hashes on the fly and store in cache; return requested hash.
-
-Other operations
-
-- whenever a file is uploaded or downloaded in full, capture the stream to calculate all supported hashes on the fly and update database
-- server-side
move
will update keys of existing cache entries
-deletefile
will remove a single cache entry
-purge
will remove all cache entries under the purged path
-
-Note that setting max_age = 0
will disable checksum caching completely.
-If you set max_age = off
, checksums in cache will never age, unless you fully rewrite or delete the file.
-Cache storage
-Cached checksums are stored as bolt
database files under rclone cache directory, usually ~/.cache/rclone/kv/
. Databases are maintained one per base backend, named like BaseRemote~hasher.bolt
. Checksums for multiple alias
-es into a single base backend will be stored in the single database. All local paths are treated as aliases into the local
backend (unless crypted or chunked) and stored in ~/.cache/rclone/kv/local~hasher.bolt
. Databases can be shared between multiple rclone processes.
-HDFS
-HDFS is a distributed file-system, part of the Apache Hadoop framework.
-Paths are specified as remote:
or remote:path/to/dir
.
-Configuration
-Here is an example of how to make a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[skip]
-XX / Hadoop distributed file system
- \ "hdfs"
-[skip]
-Storage> hdfs
-** See help for hdfs backend at: https://rclone.org/hdfs/ **
-
-hadoop name node and port
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Connect to host namenode at port 8020
- \ "namenode:8020"
-namenode> namenode.hadoop:8020
-hadoop user name
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Connect to hdfs as root
- \ "root"
-username> root
-Edit advanced config? (y/n)
-y) Yes
-n) No (default)
-y/n> n
-Remote config
---------------------
-[remote]
-type = hdfs
-namenode = namenode.hadoop:8020
-username = root
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Current remotes:
-
-Name Type
-==== ====
-hadoop hdfs
-
-e) Edit existing remote
-n) New remote
-d) Delete remote
-r) Rename remote
-c) Copy remote
-s) Set configuration password
-q) Quit config
-e/n/d/r/c/s/q> q
-This remote is called remote
and can now be used like this
-See all the top level directories
-rclone lsd remote:
-List the contents of a directory
-rclone ls remote:directory
-Sync the remote directory
to /home/local/directory
, deleting any excess files.
-rclone sync --interactive remote:directory /home/local/directory
-Setting up your own HDFS instance for testing
-You may start with a manual setup or use the docker image from the tests:
-If you want to build the docker image
-git clone https://github.com/rclone/rclone.git
-cd rclone/fstest/testserver/images/test-hdfs
-docker build --rm -t rclone/test-hdfs .
-Or you can just use the latest one pushed
-docker run --rm --name "rclone-hdfs" -p 127.0.0.1:9866:9866 -p 127.0.0.1:8020:8020 --hostname "rclone-hdfs" rclone/test-hdfs
-NB it need few seconds to startup.
-For this docker image the remote needs to be configured like this:
-[remote]
-type = hdfs
-namenode = 127.0.0.1:8020
-username = root
-You can stop this image with docker kill rclone-hdfs
(NB it does not use volumes, so all data uploaded will be lost.)
-Modified time
-Time accurate to 1 second is stored.
-Checksum
-No checksums are implemented.
-Usage information
-You can use the rclone about remote:
command which will display filesystem size and current usage.
-Restricted filename characters
-In addition to the default restricted characters set the following characters are also replaced:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-:
-0x3A
-:
-
-
-
-Invalid UTF-8 bytes will also be replaced.
-Standard options
-Here are the Standard options specific to hdfs (Hadoop distributed file system).
---hdfs-namenode
-Hadoop name node and port.
-E.g. "namenode:8020" to connect to host namenode at port 8020.
-Properties:
-
-- Config: namenode
-- Env Var: RCLONE_HDFS_NAMENODE
-- Type: string
-- Required: true
-
---hdfs-username
-Hadoop user name.
-Properties:
-
-- Config: username
-- Env Var: RCLONE_HDFS_USERNAME
-- Type: string
-- Required: false
-- Examples:
-
-- "root"
-
-- Connect to hdfs as root.
-
-
-
-Advanced options
-Here are the Advanced options specific to hdfs (Hadoop distributed file system).
---hdfs-service-principal-name
-Kerberos service principal name for the namenode.
-Enables KERBEROS authentication. Specifies the Service Principal Name (SERVICE/FQDN) for the namenode. E.g. "hdfs/namenode.hadoop.docker" for namenode running as service 'hdfs' with FQDN 'namenode.hadoop.docker'.
-Properties:
-
-- Config: service_principal_name
-- Env Var: RCLONE_HDFS_SERVICE_PRINCIPAL_NAME
-- Type: string
-- Required: false
-
---hdfs-data-transfer-protection
-Kerberos data transfer protection: authentication|integrity|privacy.
-Specifies whether or not authentication, data signature integrity checks, and wire encryption is required when communicating the the datanodes. Possible values are 'authentication', 'integrity' and 'privacy'. Used only with KERBEROS enabled.
-Properties:
-
-- Config: data_transfer_protection
-- Env Var: RCLONE_HDFS_DATA_TRANSFER_PROTECTION
-- Type: string
-- Required: false
-- Examples:
-
-- "privacy"
-
-- Ensure authentication, integrity and encryption enabled.
-
-
-
---hdfs-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_HDFS_ENCODING
-- Type: MultiEncoder
-- Default: Slash,Colon,Del,Ctl,InvalidUtf8,Dot
-
-Limitations
-
-- No server-side
Move
or DirMove
.
-- Checksums not implemented.
-
-HiDrive
-Paths are specified as remote:path
-Paths may be as deep as required, e.g. remote:directory/subdirectory
.
-The initial setup for hidrive involves getting a token from HiDrive which you need to do in your browser. rclone config
walks you through it.
-Configuration
-Here is an example of how to make a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found - make a new one
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / HiDrive
- \ "hidrive"
-[snip]
-Storage> hidrive
-OAuth Client Id - Leave blank normally.
-client_id>
-OAuth Client Secret - Leave blank normally.
-client_secret>
-Access permissions that rclone should use when requesting access from HiDrive.
-Leave blank normally.
-scope_access>
-Edit advanced config?
-y/n> n
-Use web browser to automatically authenticate rclone with remote?
- * Say Y if the machine running rclone has a web browser you can use
- * Say N if running rclone on a (remote) machine without web browser access
-If not sure try Y. If Y failed, try N.
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth?state=xxxxxxxxxxxxxxxxxxxxxx
-Log in and authorize rclone for access
-Waiting for code...
-Got code
---------------------
-[remote]
-type = hidrive
-token = {"access_token":"xxxxxxxxxxxxxxxxxxxx","token_type":"Bearer","refresh_token":"xxxxxxxxxxxxxxxxxxxxxxx","expiry":"xxxxxxxxxxxxxxxxxxxxxxx"}
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-You should be aware that OAuth-tokens can be used to access your account and hence should not be shared with other persons. See the below section for more information.
-See the remote setup docs for how to set it up on a machine with no Internet browser available.
-Note that rclone runs a webserver on your local machine to collect the token as returned from HiDrive. This only runs from the moment it opens your browser to the moment you get back the verification code. The webserver runs on http://127.0.0.1:53682/
. If local port 53682
is protected by a firewall you may need to temporarily unblock the firewall to complete authorization.
-Once configured you can then use rclone
like this,
-List directories in top level of your HiDrive root folder
-rclone lsd remote:
-List all the files in your HiDrive filesystem
-rclone ls remote:
-To copy a local directory to a HiDrive directory called backup
-rclone copy /home/source remote:backup
-Keeping your tokens safe
-Any OAuth-tokens will be stored by rclone in the remote's configuration file as unencrypted text. Anyone can use a valid refresh-token to access your HiDrive filesystem without knowing your password. Therefore you should make sure no one else can access your configuration.
-It is possible to encrypt rclone's configuration file. You can find information on securing your configuration file by viewing the configuration encryption docs.
-Invalid refresh token
-As can be verified here, each refresh_token
(for Native Applications) is valid for 60 days. If used to access HiDrivei, its validity will be automatically extended.
-This means that if you
-
-- Don't use the HiDrive remote for 60 days
-
-then rclone will return an error which includes a text that implies the refresh token is invalid or expired.
-To fix this you will need to authorize rclone to access your HiDrive account again.
-Using
-rclone config reconnect remote:
-the process is very similar to the process of initial setup exemplified before.
-Modified time and hashes
-HiDrive allows modification times to be set on objects accurate to 1 second.
-HiDrive supports its own hash type which is used to verify the integrity of file contents after successful transfers.
-Restricted filename characters
-HiDrive cannot store files or folders that include /
(0x2F) or null-bytes (0x00) in their name. Any other characters can be used in the names of files or folders. Additionally, files or folders cannot be named either of the following: .
or ..
-Therefore rclone will automatically replace these characters, if files or folders are stored or accessed with such names.
-You can read about how this filename encoding works in general here.
-Keep in mind that HiDrive only supports file or folder names with a length of 255 characters or less.
-Transfers
-HiDrive limits file sizes per single request to a maximum of 2 GiB. To allow storage of larger files and allow for better upload performance, the hidrive backend will use a chunked transfer for files larger than 96 MiB. Rclone will upload multiple parts/chunks of the file at the same time. Chunks in the process of being uploaded are buffered in memory, so you may want to restrict this behaviour on systems with limited resources.
-You can customize this behaviour using the following options:
-
-chunk_size
: size of file parts
-upload_cutoff
: files larger or equal to this in size will use a chunked transfer
-upload_concurrency
: number of file-parts to upload at the same time
-
-See the below section about configuration options for more details.
-Root folder
-You can set the root folder for rclone. This is the directory that rclone considers to be the root of your HiDrive.
-Usually, you will leave this blank, and rclone will use the root of the account.
-However, you can set this to restrict rclone to a specific folder hierarchy.
-This works by prepending the contents of the root_prefix
option to any paths accessed by rclone. For example, the following two ways to access the home directory are equivalent:
-rclone lsd --hidrive-root-prefix="/users/test/" remote:path
-
-rclone lsd remote:/users/test/path
-See the below section about configuration options for more details.
-Directory member count
-By default, rclone will know the number of directory members contained in a directory. For example, rclone lsd
uses this information.
-The acquisition of this information will result in additional time costs for HiDrive's API. When dealing with large directory structures, it may be desirable to circumvent this time cost, especially when this information is not explicitly needed. For this, the disable_fetching_member_count
option can be used.
-See the below section about configuration options for more details.
-Standard options
-Here are the Standard options specific to hidrive (HiDrive).
---hidrive-client-id
-OAuth Client Id.
-Leave blank normally.
-Properties:
-
-- Config: client_id
-- Env Var: RCLONE_HIDRIVE_CLIENT_ID
-- Type: string
-- Required: false
-
---hidrive-client-secret
-OAuth Client Secret.
-Leave blank normally.
-Properties:
-
-- Config: client_secret
-- Env Var: RCLONE_HIDRIVE_CLIENT_SECRET
-- Type: string
-- Required: false
-
---hidrive-scope-access
-Access permissions that rclone should use when requesting access from HiDrive.
-Properties:
-
-- Config: scope_access
-- Env Var: RCLONE_HIDRIVE_SCOPE_ACCESS
-- Type: string
-- Default: "rw"
-- Examples:
-
-- "rw"
-
-- Read and write access to resources.
-
-- "ro"
-
-- Read-only access to resources.
-
-
-
-Advanced options
-Here are the Advanced options specific to hidrive (HiDrive).
---hidrive-token
-OAuth Access Token as a JSON blob.
-Properties:
-
-- Config: token
-- Env Var: RCLONE_HIDRIVE_TOKEN
-- Type: string
-- Required: false
-
---hidrive-auth-url
-Auth server URL.
-Leave blank to use the provider defaults.
-Properties:
-
-- Config: auth_url
-- Env Var: RCLONE_HIDRIVE_AUTH_URL
-- Type: string
-- Required: false
-
---hidrive-token-url
-Token server url.
-Leave blank to use the provider defaults.
-Properties:
-
-- Config: token_url
-- Env Var: RCLONE_HIDRIVE_TOKEN_URL
-- Type: string
-- Required: false
-
---hidrive-scope-role
-User-level that rclone should use when requesting access from HiDrive.
-Properties:
-
-- Config: scope_role
-- Env Var: RCLONE_HIDRIVE_SCOPE_ROLE
-- Type: string
-- Default: "user"
-- Examples:
-
-- "user"
-
-- User-level access to management permissions.
-- This will be sufficient in most cases.
-
-- "admin"
-
-- Extensive access to management permissions.
-
-- "owner"
-
-- Full access to management permissions.
-
-
-
---hidrive-root-prefix
-The root/parent folder for all paths.
-Fill in to use the specified folder as the parent for all paths given to the remote. This way rclone can use any folder as its starting point.
-Properties:
-
-- Config: root_prefix
-- Env Var: RCLONE_HIDRIVE_ROOT_PREFIX
-- Type: string
-- Default: "/"
-- Examples:
-
-- "/"
-
-- The topmost directory accessible by rclone.
-- This will be equivalent with "root" if rclone uses a regular HiDrive user account.
-
-- "root"
-
-- The topmost directory of the HiDrive user account
-
-- ""
-
-- This specifies that there is no root-prefix for your paths.
-- When using this you will always need to specify paths to this remote with a valid parent e.g. "remote:/path/to/dir" or "remote:root/path/to/dir".
-
-
-
---hidrive-endpoint
-Endpoint for the service.
-This is the URL that API-calls will be made to.
-Properties:
-
-- Config: endpoint
-- Env Var: RCLONE_HIDRIVE_ENDPOINT
-- Type: string
-- Default: "https://api.hidrive.strato.com/2.1"
-
---hidrive-disable-fetching-member-count
-Do not fetch number of objects in directories unless it is absolutely necessary.
-Requests may be faster if the number of objects in subdirectories is not fetched.
-Properties:
-
-- Config: disable_fetching_member_count
-- Env Var: RCLONE_HIDRIVE_DISABLE_FETCHING_MEMBER_COUNT
-- Type: bool
-- Default: false
-
---hidrive-chunk-size
-Chunksize for chunked uploads.
-Any files larger than the configured cutoff (or files of unknown size) will be uploaded in chunks of this size.
-The upper limit for this is 2147483647 bytes (about 2.000Gi). That is the maximum amount of bytes a single upload-operation will support. Setting this above the upper limit or to a negative value will cause uploads to fail.
-Setting this to larger values may increase the upload speed at the cost of using more memory. It can be set to smaller values smaller to save on memory.
-Properties:
-
-- Config: chunk_size
-- Env Var: RCLONE_HIDRIVE_CHUNK_SIZE
-- Type: SizeSuffix
-- Default: 48Mi
-
---hidrive-upload-cutoff
-Cutoff/Threshold for chunked uploads.
-Any files larger than this will be uploaded in chunks of the configured chunksize.
-The upper limit for this is 2147483647 bytes (about 2.000Gi). That is the maximum amount of bytes a single upload-operation will support. Setting this above the upper limit will cause uploads to fail.
-Properties:
-
-- Config: upload_cutoff
-- Env Var: RCLONE_HIDRIVE_UPLOAD_CUTOFF
-- Type: SizeSuffix
-- Default: 96Mi
-
---hidrive-upload-concurrency
-Concurrency for chunked uploads.
-This is the upper limit for how many transfers for the same file are running concurrently. Setting this above to a value smaller than 1 will cause uploads to deadlock.
-If you are uploading small numbers of large files over high-speed links and these uploads do not fully utilize your bandwidth, then increasing this may help to speed up the transfers.
-Properties:
-
-- Config: upload_concurrency
-- Env Var: RCLONE_HIDRIVE_UPLOAD_CONCURRENCY
-- Type: int
-- Default: 4
-
---hidrive-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_HIDRIVE_ENCODING
-- Type: MultiEncoder
-- Default: Slash,Dot
-
-Limitations
-Symbolic links
-HiDrive is able to store symbolic links (symlinks) by design, for example, when unpacked from a zip archive.
-There exists no direct mechanism to manage native symlinks in remotes. As such this implementation has chosen to ignore any native symlinks present in the remote. rclone will not be able to access or show any symlinks stored in the hidrive-remote. This means symlinks cannot be individually removed, copied, or moved, except when removing, copying, or moving the parent folder.
-This does not affect the .rclonelink
-files that rclone uses to encode and store symbolic links.
-Sparse files
-It is possible to store sparse files in HiDrive.
-Note that copying a sparse file will expand the holes into null-byte (0x00) regions that will then consume disk space. Likewise, when downloading a sparse file, the resulting file will have null-byte regions in the place of file holes.
-HTTP
-The HTTP remote is a read only remote for reading files of a webserver. The webserver should provide file listings which rclone will read and turn into a remote. This has been tested with common webservers such as Apache/Nginx/Caddy and will likely work with file listings from most web servers. (If it doesn't then please file an issue, or send a pull request!)
-Paths are specified as remote:
or remote:path
.
-The remote:
represents the configured url, and any path following it will be resolved relative to this url, according to the URL standard. This means with remote url https://beta.rclone.org/branch
and path fix
, the resolved URL will be https://beta.rclone.org/branch/fix
, while with path /fix
the resolved URL will be https://beta.rclone.org/fix
as the absolute path is resolved from the root of the domain.
-If the path following the remote:
ends with /
it will be assumed to point to a directory. If the path does not end with /
, then a HEAD request is sent and the response used to decide if it it is treated as a file or a directory (run with -vv
to see details). When --http-no-head is specified, a path without ending /
is always assumed to be a file. If rclone incorrectly assumes the path is a file, the solution is to specify the path with ending /
. When you know the path is a directory, ending it with /
is always better as it avoids the initial HEAD request.
-To just download a single file it is easier to use copyurl.
-Configuration
-Here is an example of how to make a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / HTTP
- \ "http"
-[snip]
-Storage> http
-URL of http host to connect to
-Choose a number from below, or type in your own value
- 1 / Connect to example.com
- \ "https://example.com"
-url> https://beta.rclone.org
-Remote config
---------------------
-[remote]
-url = https://beta.rclone.org
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Current remotes:
-
-Name Type
-==== ====
-remote http
-
-e) Edit existing remote
-n) New remote
-d) Delete remote
-r) Rename remote
-c) Copy remote
-s) Set configuration password
-q) Quit config
-e/n/d/r/c/s/q> q
-This remote is called remote
and can now be used like this
-See all the top level directories
-rclone lsd remote:
-List the contents of a directory
-rclone ls remote:directory
-Sync the remote directory
to /home/local/directory
, deleting any excess files.
-rclone sync --interactive remote:directory /home/local/directory
-Read only
-This remote is read only - you can't upload files to an HTTP server.
-Modified time
-Most HTTP servers store time accurate to 1 second.
-Checksum
-No checksums are stored.
-Usage without a config file
-Since the http remote only has one config parameter it is easy to use without a config file:
-rclone lsd --http-url https://beta.rclone.org :http:
-or:
-rclone lsd :http,url='https://beta.rclone.org':
-Standard options
-Here are the Standard options specific to http (HTTP).
---http-url
-URL of HTTP host to connect to.
-E.g. "https://example.com", or "https://user:pass@example.com" to use a username and password.
-Properties:
-
-- Config: url
-- Env Var: RCLONE_HTTP_URL
-- Type: string
-- Required: true
-
-Advanced options
-Here are the Advanced options specific to http (HTTP).
---http-headers
-Set HTTP headers for all transactions.
-Use this to set additional HTTP headers for all transactions.
-The input format is comma separated list of key,value pairs. Standard CSV encoding may be used.
-For example, to set a Cookie use 'Cookie,name=value', or '"Cookie","name=value"'.
-You can set multiple headers, e.g. '"Cookie","name=value","Authorization","xxx"'.
-Properties:
-
-- Config: headers
-- Env Var: RCLONE_HTTP_HEADERS
-- Type: CommaSepList
-- Default:
-
---http-no-slash
-Set this if the site doesn't end directories with /.
-Use this if your target website does not use / on the end of directories.
-A / on the end of a path is how rclone normally tells the difference between files and directories. If this flag is set, then rclone will treat all files with Content-Type: text/html as directories and read URLs from them rather than downloading them.
-Note that this may cause rclone to confuse genuine HTML files with directories.
-Properties:
-
-- Config: no_slash
-- Env Var: RCLONE_HTTP_NO_SLASH
-- Type: bool
-- Default: false
-
---http-no-head
-Don't use HEAD requests.
-HEAD requests are mainly used to find file sizes in dir listing. If your site is being very slow to load then you can try this option. Normally rclone does a HEAD request for each potential file in a directory listing to:
-
-- find its size
-- check it really exists
-- check to see if it is a directory
-
-If you set this option, rclone will not do the HEAD request. This will mean that directory listings are much quicker, but rclone won't have the times or sizes of any files, and some files that don't exist may be in the listing.
-Properties:
-
-- Config: no_head
-- Env Var: RCLONE_HTTP_NO_HEAD
-- Type: bool
-- Default: false
-
-Limitations
-rclone about
is not supported by the HTTP backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs
(most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about and rclone about
-Internet Archive
-The Internet Archive backend utilizes Items on archive.org
-Refer to IAS3 API documentation for the API this backend uses.
-Paths are specified as remote:bucket
(or remote:
for the lsd
command.) You may put subdirectories in too, e.g. remote:item/path/to/dir
.
-Unlike S3, listing up all items uploaded by you isn't supported.
-Once you have made a remote, you can use it like this:
-Make a new item
-rclone mkdir remote:item
-List the contents of a item
-rclone ls remote:item
-Sync /home/local/directory
to the remote item, deleting any excess files in the item.
-rclone sync --interactive /home/local/directory remote:item
-Notes
-Because of Internet Archive's architecture, it enqueues write operations (and extra post-processings) in a per-item queue. You can check item's queue at https://catalogd.archive.org/history/item-name-here . Because of that, all uploads/deletes will not show up immediately and takes some time to be available. The per-item queue is enqueued to an another queue, Item Deriver Queue. You can check the status of Item Deriver Queue here. This queue has a limit, and it may block you from uploading, or even deleting. You should avoid uploading a lot of small files for better behavior.
-You can optionally wait for the server's processing to finish, by setting non-zero value to wait_archive
key. By making it wait, rclone can do normal file comparison. Make sure to set a large enough value (e.g. 30m0s
for smaller files) as it can take a long time depending on server's queue.
-About metadata
-This backend supports setting, updating and reading metadata of each file. The metadata will appear as file metadata on Internet Archive. However, some fields are reserved by both Internet Archive and rclone.
-The following are reserved by Internet Archive: - name
- source
- size
- md5
- crc32
- sha1
- format
- old_version
- viruscheck
- summation
-Trying to set values to these keys is ignored with a warning. Only setting mtime
is an exception. Doing so make it the identical behavior as setting ModTime.
-rclone reserves all the keys starting with rclone-
. Setting value for these keys will give you warnings, but values are set according to request.
-If there are multiple values for a key, only the first one is returned. This is a limitation of rclone, that supports one value per one key. It can be triggered when you did a server-side copy.
-Reading metadata will also provide custom (non-standard nor reserved) ones.
-Filtering auto generated files
-The Internet Archive automatically creates metadata files after upload. These can cause problems when doing an rclone sync
as rclone will try, and fail, to delete them. These metadata files are not changeable, as they are created by the Internet Archive automatically.
-These auto-created files can be excluded from the sync using metadata filtering.
-rclone sync ... --metadata-exclude "source=metadata" --metadata-exclude "format=Metadata"
-Which excludes from the sync any files which have the source=metadata
or format=Metadata
flags which are added to Internet Archive auto-created files.
-Configuration
-Here is an example of making an internetarchive configuration. Most applies to the other providers as well, any differences are described below.
-First run
-rclone config
-This will guide you through an interactive setup process.
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Option Storage.
-Type of storage to configure.
-Choose a number from below, or type in your own value.
-XX / InternetArchive Items
- \ (internetarchive)
-Storage> internetarchive
-Option access_key_id.
-IAS3 Access Key.
-Leave blank for anonymous access.
-You can find one here: https://archive.org/account/s3.php
-Enter a value. Press Enter to leave empty.
-access_key_id> XXXX
-Option secret_access_key.
-IAS3 Secret Key (password).
-Leave blank for anonymous access.
-Enter a value. Press Enter to leave empty.
-secret_access_key> XXXX
-Edit advanced config?
-y) Yes
-n) No (default)
-y/n> y
-Option endpoint.
-IAS3 Endpoint.
-Leave blank for default value.
-Enter a string value. Press Enter for the default (https://s3.us.archive.org).
-endpoint>
-Option front_endpoint.
-Host of InternetArchive Frontend.
-Leave blank for default value.
-Enter a string value. Press Enter for the default (https://archive.org).
-front_endpoint>
-Option disable_checksum.
-Don't store MD5 checksum with object metadata.
-Normally rclone will calculate the MD5 checksum of the input before
-uploading it so it can ask the server to check the object against checksum.
-This is great for data integrity checking but can cause long delays for
-large files to start uploading.
-Enter a boolean value (true or false). Press Enter for the default (true).
-disable_checksum> true
-Option encoding.
-The encoding for the backend.
-See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
-Enter a encoder.MultiEncoder value. Press Enter for the default (Slash,Question,Hash,Percent,Del,Ctl,InvalidUtf8,Dot).
-encoding>
-Edit advanced config?
-y) Yes
-n) No (default)
-y/n> n
---------------------
-[remote]
-type = internetarchive
-access_key_id = XXXX
-secret_access_key = XXXX
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Standard options
-Here are the Standard options specific to internetarchive (Internet Archive).
---internetarchive-access-key-id
-IAS3 Access Key.
-Leave blank for anonymous access. You can find one here: https://archive.org/account/s3.php
-Properties:
-
-- Config: access_key_id
-- Env Var: RCLONE_INTERNETARCHIVE_ACCESS_KEY_ID
-- Type: string
-- Required: false
-
---internetarchive-secret-access-key
-IAS3 Secret Key (password).
-Leave blank for anonymous access.
-Properties:
-
-- Config: secret_access_key
-- Env Var: RCLONE_INTERNETARCHIVE_SECRET_ACCESS_KEY
-- Type: string
-- Required: false
-
-Advanced options
-Here are the Advanced options specific to internetarchive (Internet Archive).
---internetarchive-endpoint
-IAS3 Endpoint.
-Leave blank for default value.
-Properties:
-
-- Config: endpoint
-- Env Var: RCLONE_INTERNETARCHIVE_ENDPOINT
-- Type: string
-- Default: "https://s3.us.archive.org"
-
---internetarchive-front-endpoint
-Host of InternetArchive Frontend.
-Leave blank for default value.
-Properties:
-
-- Config: front_endpoint
-- Env Var: RCLONE_INTERNETARCHIVE_FRONT_ENDPOINT
-- Type: string
-- Default: "https://archive.org"
-
---internetarchive-disable-checksum
-Don't ask the server to test against MD5 checksum calculated by rclone. Normally rclone will calculate the MD5 checksum of the input before uploading it so it can ask the server to check the object against checksum. This is great for data integrity checking but can cause long delays for large files to start uploading.
-Properties:
-
-- Config: disable_checksum
-- Env Var: RCLONE_INTERNETARCHIVE_DISABLE_CHECKSUM
-- Type: bool
-- Default: true
-
---internetarchive-wait-archive
-Timeout for waiting the server's processing tasks (specifically archive and book_op) to finish. Only enable if you need to be guaranteed to be reflected after write operations. 0 to disable waiting. No errors to be thrown in case of timeout.
-Properties:
-
-- Config: wait_archive
-- Env Var: RCLONE_INTERNETARCHIVE_WAIT_ARCHIVE
-- Type: Duration
-- Default: 0s
-
---internetarchive-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_INTERNETARCHIVE_ENCODING
-- Type: MultiEncoder
-- Default: Slash,LtGt,CrLf,Del,Ctl,InvalidUtf8,Dot
-
-Metadata
-Metadata fields provided by Internet Archive. If there are multiple values for a key, only the first one is returned. This is a limitation of Rclone, that supports one value per one key.
-Owner is able to add custom keys. Metadata feature grabs all the keys including them.
-Here are the possible system metadata items for the internetarchive backend.
-
-
-
-
-
-
-
-
-
-
-Name
-Help
-Type
-Example
-Read Only
-
-
-
-
-crc32
-CRC32 calculated by Internet Archive
-string
-01234567
-Y
-
-
-format
-Name of format identified by Internet Archive
-string
-Comma-Separated Values
-Y
-
-
-md5
-MD5 hash calculated by Internet Archive
-string
-01234567012345670123456701234567
-Y
-
-
-mtime
-Time of last modification, managed by Rclone
-RFC 3339
-2006-01-02T15:04:05.999999999Z
-Y
-
-
-name
-Full file path, without the bucket part
-filename
-backend/internetarchive/internetarchive.go
-Y
-
-
-old_version
-Whether the file was replaced and moved by keep-old-version flag
-boolean
-true
-Y
-
-
-rclone-ia-mtime
-Time of last modification, managed by Internet Archive
-RFC 3339
-2006-01-02T15:04:05.999999999Z
-N
-
-
-rclone-mtime
-Time of last modification, managed by Rclone
-RFC 3339
-2006-01-02T15:04:05.999999999Z
-N
-
-
-rclone-update-track
-Random value used by Rclone for tracking changes inside Internet Archive
-string
-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
-N
-
-
-sha1
-SHA1 hash calculated by Internet Archive
-string
-0123456701234567012345670123456701234567
-Y
-
-
-size
-File size in bytes
-decimal number
-123456
-Y
-
-
-source
-The source of the file
-string
-original
-Y
-
-
-summation
-Check https://forum.rclone.org/t/31922 for how it is used
-string
-md5
-Y
-
-
-viruscheck
-The last time viruscheck process was run for the file (?)
-unixtime
-1654191352
-Y
-
-
-
-See the metadata docs for more info.
-Jottacloud
-Jottacloud is a cloud storage service provider from a Norwegian company, using its own datacenters in Norway. In addition to the official service at jottacloud.com, it also provides white-label solutions to different companies, such as: * Telia * Telia Cloud (cloud.telia.se) * Telia Sky (sky.telia.no) * Tele2 * Tele2 Cloud (mittcloud.tele2.se) * Elkjøp (with subsidiaries): * Elkjøp Cloud (cloud.elkjop.no) * Elgiganten Sweden (cloud.elgiganten.se) * Elgiganten Denmark (cloud.elgiganten.dk) * Giganti Cloud (cloud.gigantti.fi) * ELKO Cloud (cloud.elko.is)
-Most of the white-label versions are supported by this backend, although may require different authentication setup - described below.
-Paths are specified as remote:path
-Paths may be as deep as required, e.g. remote:directory/subdirectory
.
-Authentication types
-Some of the whitelabel versions uses a different authentication method than the official service, and you have to choose the correct one when setting up the remote.
-Standard authentication
-The standard authentication method used by the official service (jottacloud.com), as well as some of the whitelabel services, requires you to generate a single-use personal login token from the account security settings in the service's web interface. Log in to your account, go to "Settings" and then "Security", or use the direct link presented to you by rclone when configuring the remote: https://www.jottacloud.com/web/secure. Scroll down to the section "Personal login token", and click the "Generate" button. Note that if you are using a whitelabel service you probably can't use the direct link, you need to find the same page in their dedicated web interface, and also it may be in a different location than described above.
-To access your account from multiple instances of rclone, you need to configure each of them with a separate personal login token. E.g. you create a Jottacloud remote with rclone in one location, and copy the configuration file to a second location where you also want to run rclone and access the same remote. Then you need to replace the token for one of them, using the config reconnect command, which requires you to generate a new personal login token and supply as input. If you do not do this, the token may easily end up being invalidated, resulting in both instances failing with an error message something along the lines of:
-oauth2: cannot fetch token: 400 Bad Request
-Response: {"error":"invalid_grant","error_description":"Stale token"}
-When this happens, you need to replace the token as described above to be able to use your remote again.
-All personal login tokens you have taken into use will be listed in the web interface under "My logged in devices", and from the right side of that list you can click the "X" button to revoke individual tokens.
-Legacy authentication
-If you are using one of the whitelabel versions (e.g. from Elkjøp) you may not have the option to generate a CLI token. In this case you'll have to use the legacy authentication. To do this select yes when the setup asks for legacy authentication and enter your username and password. The rest of the setup is identical to the default setup.
-Telia Cloud authentication
-Similar to other whitelabel versions Telia Cloud doesn't offer the option of creating a CLI token, and additionally uses a separate authentication flow where the username is generated internally. To setup rclone to use Telia Cloud, choose Telia Cloud authentication in the setup. The rest of the setup is identical to the default setup.
-Tele2 Cloud authentication
-As Tele2-Com Hem merger was completed this authentication can be used for former Com Hem Cloud and Tele2 Cloud customers as no support for creating a CLI token exists, and additionally uses a separate authentication flow where the username is generated internally. To setup rclone to use Tele2 Cloud, choose Tele2 Cloud authentication in the setup. The rest of the setup is identical to the default setup.
-Configuration
-Here is an example of how to make a remote called remote
with the default setup. First run:
-rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Option Storage.
-Type of storage to configure.
-Choose a number from below, or type in your own value.
-[snip]
-XX / Jottacloud
- \ (jottacloud)
-[snip]
-Storage> jottacloud
-Edit advanced config?
-y) Yes
-n) No (default)
-y/n> n
-Option config_type.
-Select authentication type.
-Choose a number from below, or type in an existing string value.
-Press Enter for the default (standard).
- / Standard authentication.
- 1 | Use this if you're a normal Jottacloud user.
- \ (standard)
- / Legacy authentication.
- 2 | This is only required for certain whitelabel versions of Jottacloud and not recommended for normal users.
- \ (legacy)
- / Telia Cloud authentication.
- 3 | Use this if you are using Telia Cloud.
- \ (telia)
- / Tele2 Cloud authentication.
- 4 | Use this if you are using Tele2 Cloud.
- \ (tele2)
-config_type> 1
-Personal login token.
-Generate here: https://www.jottacloud.com/web/secure
-Login Token> <your token here>
-Use a non-standard device/mountpoint?
-Choosing no, the default, will let you access the storage used for the archive
-section of the official Jottacloud client. If you instead want to access the
-sync or the backup section, for example, you must choose yes.
-y) Yes
-n) No (default)
-y/n> y
-Option config_device.
-The device to use. In standard setup the built-in Jotta device is used,
-which contains predefined mountpoints for archive, sync etc. All other devices
-are treated as backup devices by the official Jottacloud client. You may create
-a new by entering a unique name.
-Choose a number from below, or type in your own string value.
-Press Enter for the default (DESKTOP-3H31129).
- 1 > DESKTOP-3H31129
- 2 > Jotta
-config_device> 2
-Option config_mountpoint.
-The mountpoint to use for the built-in device Jotta.
-The standard setup is to use the Archive mountpoint. Most other mountpoints
-have very limited support in rclone and should generally be avoided.
-Choose a number from below, or type in an existing string value.
-Press Enter for the default (Archive).
- 1 > Archive
- 2 > Shared
- 3 > Sync
-config_mountpoint> 1
---------------------
-[remote]
-type = jottacloud
-configVersion = 1
-client_id = jottacli
-client_secret =
-tokenURL = https://id.jottacloud.com/auth/realms/jottacloud/protocol/openid-connect/token
-token = {........}
-username = 2940e57271a93d987d6f8a21
-device = Jotta
-mountpoint = Archive
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Once configured you can then use rclone
like this,
-List directories in top level of your Jottacloud
-rclone lsd remote:
-List all the files in your Jottacloud
-rclone ls remote:
-To copy a local directory to an Jottacloud directory called backup
-rclone copy /home/source remote:backup
-Devices and Mountpoints
-The official Jottacloud client registers a device for each computer you install it on, and shows them in the backup section of the user interface. For each folder you select for backup it will create a mountpoint within this device. A built-in device called Jotta is special, and contains mountpoints Archive, Sync and some others, used for corresponding features in official clients.
-With rclone you'll want to use the standard Jotta/Archive device/mountpoint in most cases. However, you may for example want to access files from the sync or backup functionality provided by the official clients, and rclone therefore provides the option to select other devices and mountpoints during config.
-You are allowed to create new devices and mountpoints. All devices except the built-in Jotta device are treated as backup devices by official Jottacloud clients, and the mountpoints on them are individual backup sets.
-With the built-in Jotta device, only existing, built-in, mountpoints can be selected. In addition to the mentioned Archive and Sync, it may contain several other mountpoints such as: Latest, Links, Shared and Trash. All of these are special mountpoints with a different internal representation than the "regular" mountpoints. Rclone will only to a very limited degree support them. Generally you should avoid these, unless you know what you are doing.
---fast-list
-This remote supports --fast-list
which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
-Note that the implementation in Jottacloud always uses only a single API request to get the entire list, so for large folders this could lead to long wait time before the first results are shown.
-Note also that with rclone version 1.58 and newer information about MIME types are not available when using --fast-list
.
-Modified time and hashes
-Jottacloud allows modification times to be set on objects accurate to 1 second. These will be used to detect whether objects need syncing or not.
-Jottacloud supports MD5 type hashes, so you can use the --checksum
flag.
-Note that Jottacloud requires the MD5 hash before upload so if the source does not have an MD5 checksum then the file will be cached temporarily on disk (in location given by --temp-dir) before it is uploaded. Small files will be cached in memory - see the --jottacloud-md5-memory-limit flag. When uploading from local disk the source checksum is always available, so this does not apply. Starting with rclone version 1.52 the same is true for crypted remotes (in older versions the crypt backend would not calculate hashes for uploads from local disk, so the Jottacloud backend had to do it as described above).
-Restricted filename characters
-In addition to the default restricted characters set the following characters are also replaced:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-"
-0x22
-"
-
-
-*
-0x2A
-*
-
-
-:
-0x3A
-:
-
-
-<
-0x3C
-<
-
-
->
-0x3E
->
-
-
-?
-0x3F
-?
-
-
-|
-0x7C
-|
-
-
-
-Invalid UTF-8 bytes will also be replaced, as they can't be used in XML strings.
-Deleting files
-By default, rclone will send all files to the trash when deleting files. They will be permanently deleted automatically after 30 days. You may bypass the trash and permanently delete files immediately by using the --jottacloud-hard-delete flag, or set the equivalent environment variable. Emptying the trash is supported by the cleanup command.
-Versions
-Jottacloud supports file versioning. When rclone uploads a new version of a file it creates a new version of it. Currently rclone only supports retrieving the current version but older versions can be accessed via the Jottacloud Website.
-Versioning can be disabled by --jottacloud-no-versions
option. This is achieved by deleting the remote file prior to uploading a new version. If the upload the fails no version of the file will be available in the remote.
-Quota information
-To view your current quota you can use the rclone about remote:
command which will display your usage limit (unless it is unlimited) and the current usage.
-Advanced options
-Here are the Advanced options specific to jottacloud (Jottacloud).
---jottacloud-md5-memory-limit
-Files bigger than this will be cached on disk to calculate the MD5 if required.
-Properties:
-
-- Config: md5_memory_limit
-- Env Var: RCLONE_JOTTACLOUD_MD5_MEMORY_LIMIT
-- Type: SizeSuffix
-- Default: 10Mi
-
---jottacloud-trashed-only
-Only show files that are in the trash.
-This will show trashed files in their original directory structure.
-Properties:
-
-- Config: trashed_only
-- Env Var: RCLONE_JOTTACLOUD_TRASHED_ONLY
-- Type: bool
-- Default: false
-
---jottacloud-hard-delete
-Delete files permanently rather than putting them into the trash.
-Properties:
-
-- Config: hard_delete
-- Env Var: RCLONE_JOTTACLOUD_HARD_DELETE
-- Type: bool
-- Default: false
-
---jottacloud-upload-resume-limit
-Files bigger than this can be resumed if the upload fail's.
-Properties:
-
-- Config: upload_resume_limit
-- Env Var: RCLONE_JOTTACLOUD_UPLOAD_RESUME_LIMIT
-- Type: SizeSuffix
-- Default: 10Mi
-
---jottacloud-no-versions
-Avoid server side versioning by deleting files and recreating files instead of overwriting them.
-Properties:
-
-- Config: no_versions
-- Env Var: RCLONE_JOTTACLOUD_NO_VERSIONS
-- Type: bool
-- Default: false
-
---jottacloud-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_JOTTACLOUD_ENCODING
-- Type: MultiEncoder
-- Default: Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,Del,Ctl,InvalidUtf8,Dot
-
-Limitations
-Note that Jottacloud is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
-There are quite a few characters that can't be in Jottacloud file names. Rclone will map these names to and from an identical looking unicode equivalent. For example if a file has a ? in it will be mapped to ? instead.
-Jottacloud only supports filenames up to 255 characters in length.
-Troubleshooting
-Jottacloud exhibits some inconsistent behaviours regarding deleted files and folders which may cause Copy, Move and DirMove operations to previously deleted paths to fail. Emptying the trash should help in such cases.
-Koofr
-Paths are specified as remote:path
-Paths may be as deep as required, e.g. remote:directory/subdirectory
.
-Configuration
-The initial setup for Koofr involves creating an application password for rclone. You can do that by opening the Koofr web application, giving the password a nice name like rclone
and clicking on generate.
-Here is an example of how to make a remote called koofr
. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> koofr
-Option Storage.
-Type of storage to configure.
-Choose a number from below, or type in your own value.
-[snip]
-22 / Koofr, Digi Storage and other Koofr-compatible storage providers
- \ (koofr)
-[snip]
-Storage> koofr
-Option provider.
-Choose your storage provider.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / Koofr, https://app.koofr.net/
- \ (koofr)
- 2 / Digi Storage, https://storage.rcs-rds.ro/
- \ (digistorage)
- 3 / Any other Koofr API compatible storage service
- \ (other)
-provider> 1
-Option user.
-Your user name.
-Enter a value.
-user> USERNAME
-Option password.
-Your password for rclone (generate one at https://app.koofr.net/app/admin/preferences/password).
-Choose an alternative below.
-y) Yes, type in my own password
-g) Generate random password
-y/g> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Edit advanced config?
-y) Yes
-n) No (default)
-y/n> n
-Remote config
---------------------
-[koofr]
-type = koofr
-provider = koofr
-user = USERNAME
-password = *** ENCRYPTED ***
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-You can choose to edit advanced config in order to enter your own service URL if you use an on-premise or white label Koofr instance, or choose an alternative mount instead of your primary storage.
-Once configured you can then use rclone
like this,
-List directories in top level of your Koofr
-rclone lsd koofr:
-List all the files in your Koofr
-rclone ls koofr:
-To copy a local directory to an Koofr directory called backup
-rclone copy /home/source koofr:backup
-Restricted filename characters
-In addition to the default restricted characters set the following characters are also replaced:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-\
-0x5C
-\
-
-
-
-Invalid UTF-8 bytes will also be replaced, as they can't be used in XML strings.
-Standard options
-Here are the Standard options specific to koofr (Koofr, Digi Storage and other Koofr-compatible storage providers).
---koofr-provider
-Choose your storage provider.
-Properties:
-
-- Config: provider
-- Env Var: RCLONE_KOOFR_PROVIDER
-- Type: string
-- Required: false
-- Examples:
-
-- "koofr"
-
-- Koofr, https://app.koofr.net/
-
-- "digistorage"
-
-- Digi Storage, https://storage.rcs-rds.ro/
-
-- "other"
-
-- Any other Koofr API compatible storage service
-
-
-
---koofr-endpoint
-The Koofr API endpoint to use.
-Properties:
-
-- Config: endpoint
-- Env Var: RCLONE_KOOFR_ENDPOINT
-- Provider: other
-- Type: string
-- Required: true
-
---koofr-user
-Your user name.
-Properties:
-
-- Config: user
-- Env Var: RCLONE_KOOFR_USER
-- Type: string
-- Required: true
-
---koofr-password
-Your password for rclone (generate one at https://app.koofr.net/app/admin/preferences/password).
-NB Input to this must be obscured - see rclone obscure.
-Properties:
-
-- Config: password
-- Env Var: RCLONE_KOOFR_PASSWORD
-- Provider: koofr
-- Type: string
-- Required: true
-
---koofr-password
-Your password for rclone (generate one at https://storage.rcs-rds.ro/app/admin/preferences/password).
-NB Input to this must be obscured - see rclone obscure.
-Properties:
-
-- Config: password
-- Env Var: RCLONE_KOOFR_PASSWORD
-- Provider: digistorage
-- Type: string
-- Required: true
-
---koofr-password
-Your password for rclone (generate one at your service's settings page).
-NB Input to this must be obscured - see rclone obscure.
-Properties:
-
-- Config: password
-- Env Var: RCLONE_KOOFR_PASSWORD
-- Provider: other
-- Type: string
-- Required: true
-
-Advanced options
-Here are the Advanced options specific to koofr (Koofr, Digi Storage and other Koofr-compatible storage providers).
---koofr-mountid
-Mount ID of the mount to use.
-If omitted, the primary mount is used.
-Properties:
-
-- Config: mountid
-- Env Var: RCLONE_KOOFR_MOUNTID
-- Type: string
-- Required: false
-
---koofr-setmtime
-Does the backend support setting modification time.
-Set this to false if you use a mount ID that points to a Dropbox or Amazon Drive backend.
-Properties:
-
-- Config: setmtime
-- Env Var: RCLONE_KOOFR_SETMTIME
-- Type: bool
-- Default: true
-
---koofr-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_KOOFR_ENCODING
-- Type: MultiEncoder
-- Default: Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot
-
-Limitations
-Note that Koofr is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
-Providers
-Koofr
-This is the original Koofr storage provider used as main example and described in the configuration section above.
-Digi Storage
-Digi Storage is a cloud storage service run by Digi.ro that provides a Koofr API.
-Here is an example of how to make a remote called ds
. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> ds
-Option Storage.
-Type of storage to configure.
-Choose a number from below, or type in your own value.
-[snip]
-22 / Koofr, Digi Storage and other Koofr-compatible storage providers
- \ (koofr)
-[snip]
-Storage> koofr
-Option provider.
-Choose your storage provider.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / Koofr, https://app.koofr.net/
- \ (koofr)
- 2 / Digi Storage, https://storage.rcs-rds.ro/
- \ (digistorage)
- 3 / Any other Koofr API compatible storage service
- \ (other)
-provider> 2
-Option user.
-Your user name.
-Enter a value.
-user> USERNAME
-Option password.
-Your password for rclone (generate one at https://storage.rcs-rds.ro/app/admin/preferences/password).
-Choose an alternative below.
-y) Yes, type in my own password
-g) Generate random password
-y/g> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Edit advanced config?
-y) Yes
-n) No (default)
-y/n> n
---------------------
-[ds]
-type = koofr
-provider = digistorage
-user = USERNAME
-password = *** ENCRYPTED ***
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Other
-You may also want to use another, public or private storage provider that runs a Koofr API compatible service, by simply providing the base URL to connect to.
-Here is an example of how to make a remote called other
. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> other
-Option Storage.
-Type of storage to configure.
-Choose a number from below, or type in your own value.
-[snip]
-22 / Koofr, Digi Storage and other Koofr-compatible storage providers
- \ (koofr)
-[snip]
-Storage> koofr
-Option provider.
-Choose your storage provider.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / Koofr, https://app.koofr.net/
- \ (koofr)
- 2 / Digi Storage, https://storage.rcs-rds.ro/
- \ (digistorage)
- 3 / Any other Koofr API compatible storage service
- \ (other)
-provider> 3
-Option endpoint.
-The Koofr API endpoint to use.
-Enter a value.
-endpoint> https://koofr.other.org
-Option user.
-Your user name.
-Enter a value.
-user> USERNAME
-Option password.
-Your password for rclone (generate one at your service's settings page).
-Choose an alternative below.
-y) Yes, type in my own password
-g) Generate random password
-y/g> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Edit advanced config?
-y) Yes
-n) No (default)
-y/n> n
---------------------
-[other]
-type = koofr
-provider = other
-endpoint = https://koofr.other.org
-user = USERNAME
-password = *** ENCRYPTED ***
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Mail.ru Cloud
-Mail.ru Cloud is a cloud storage provided by a Russian internet company Mail.Ru Group. The official desktop client is Disk-O:, available on Windows and Mac OS.
-Currently it is recommended to disable 2FA on Mail.ru accounts intended for rclone until it gets eventually implemented.
-Features highlights
-
-- Paths may be as deep as required, e.g.
remote:directory/subdirectory
-- Files have a
last modified time
property, directories don't
-- Deleted files are by default moved to the trash
-- Files and directories can be shared via public links
-- Partial uploads or streaming are not supported, file size must be known before upload
-- Maximum file size is limited to 2G for a free account, unlimited for paid accounts
-- Storage keeps hash for all files and performs transparent deduplication, the hash algorithm is a modified SHA1
-- If a particular file is already present in storage, one can quickly submit file hash instead of long file upload (this optimization is supported by rclone)
-
-Configuration
-Here is an example of making a mailru configuration.
-First create a Mail.ru Cloud account and choose a tariff.
-You will need to log in and create an app password for rclone. Rclone will not work with your normal username and password - it will give an error like oauth2: server response missing access_token
.
-
-- Click on your user icon in the top right
-- Go to Security / "Пароль и безопасность"
-- Click password for apps / "Пароли для внешних приложений"
-- Add the password - give it a name - eg "rclone"
-- Copy the password and use this password below - your normal login password won't work.
-
-Now run
-rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / Mail.ru Cloud
- \ "mailru"
-[snip]
-Storage> mailru
-User name (usually email)
-Enter a string value. Press Enter for the default ("").
-user> username@mail.ru
-Password
-
-This must be an app password - rclone will not work with your normal
-password. See the Configuration section in the docs for how to make an
-app password.
-y) Yes type in my own password
-g) Generate random password
-y/g> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Skip full upload if there is another file with same data hash.
-This feature is called "speedup" or "put by hash". It is especially efficient
-in case of generally available files like popular books, video or audio clips
-[snip]
-Enter a boolean value (true or false). Press Enter for the default ("true").
-Choose a number from below, or type in your own value
- 1 / Enable
- \ "true"
- 2 / Disable
- \ "false"
-speedup_enable> 1
-Edit advanced config? (y/n)
-y) Yes
-n) No
-y/n> n
-Remote config
---------------------
-[remote]
-type = mailru
-user = username@mail.ru
-pass = *** ENCRYPTED ***
-speedup_enable = true
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Configuration of this backend does not require a local web browser. You can use the configured backend as shown below:
-See top level directories
-rclone lsd remote:
-Make a new directory
-rclone mkdir remote:directory
-List the contents of a directory
-rclone ls remote:directory
-Sync /home/local/directory
to the remote path, deleting any excess files in the path.
-rclone sync --interactive /home/local/directory remote:directory
-Modified time
-Files support a modification time attribute with up to 1 second precision. Directories do not have a modification time, which is shown as "Jan 1 1970".
-Hash checksums
-Hash sums use a custom Mail.ru algorithm based on SHA1. If file size is less than or equal to the SHA1 block size (20 bytes), its hash is simply its data right-padded with zero bytes. Hash sum of a larger file is computed as a SHA1 sum of the file data bytes concatenated with a decimal representation of the data length.
-Emptying Trash
-Removing a file or directory actually moves it to the trash, which is not visible to rclone but can be seen in a web browser. The trashed file still occupies part of total quota. If you wish to empty your trash and free some quota, you can use the rclone cleanup remote:
command, which will permanently delete all your trashed files. This command does not take any path arguments.
-Quota information
-To view your current quota you can use the rclone about remote:
command which will display your usage limit (quota) and the current usage.
-Restricted filename characters
-In addition to the default restricted characters set the following characters are also replaced:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-"
-0x22
-"
-
-
-*
-0x2A
-*
-
-
-:
-0x3A
-:
-
-
-<
-0x3C
-<
-
-
->
-0x3E
->
-
-
-?
-0x3F
-?
-
-
-\
-0x5C
-\
-
-
-|
-0x7C
-|
-
-
-
-Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Standard options
-Here are the Standard options specific to mailru (Mail.ru Cloud).
---mailru-user
-User name (usually email).
-Properties:
-
-- Config: user
-- Env Var: RCLONE_MAILRU_USER
-- Type: string
-- Required: true
-
---mailru-pass
-Password.
-This must be an app password - rclone will not work with your normal password. See the Configuration section in the docs for how to make an app password.
-NB Input to this must be obscured - see rclone obscure.
-Properties:
-
-- Config: pass
-- Env Var: RCLONE_MAILRU_PASS
-- Type: string
-- Required: true
-
---mailru-speedup-enable
-Skip full upload if there is another file with same data hash.
-This feature is called "speedup" or "put by hash". It is especially efficient in case of generally available files like popular books, video or audio clips, because files are searched by hash in all accounts of all mailru users. It is meaningless and ineffective if source file is unique or encrypted. Please note that rclone may need local memory and disk space to calculate content hash in advance and decide whether full upload is required. Also, if rclone does not know file size in advance (e.g. in case of streaming or partial uploads), it will not even try this optimization.
-Properties:
-
-- Config: speedup_enable
-- Env Var: RCLONE_MAILRU_SPEEDUP_ENABLE
-- Type: bool
-- Default: true
-- Examples:
-
-- "true"
-
-- Enable
-
-- "false"
-
-- Disable
-
-
-
-Advanced options
-Here are the Advanced options specific to mailru (Mail.ru Cloud).
---mailru-speedup-file-patterns
-Comma separated list of file name patterns eligible for speedup (put by hash).
-Patterns are case insensitive and can contain '*' or '?' meta characters.
-Properties:
-
-- Config: speedup_file_patterns
-- Env Var: RCLONE_MAILRU_SPEEDUP_FILE_PATTERNS
-- Type: string
-- Default: ".mkv,.avi,.mp4,.mp3,.zip,.gz,.rar,.pdf"
-- Examples:
-
-- ""
-
-- Empty list completely disables speedup (put by hash).
-
-- "*"
-
-- All files will be attempted for speedup.
-
-- ".mkv,.avi,.mp4,.mp3"
-
-- Only common audio/video files will be tried for put by hash.
-
-- ".zip,.gz,.rar,.pdf"
-
-- Only common archives or PDF books will be tried for speedup.
-
-
-
---mailru-speedup-max-disk
-This option allows you to disable speedup (put by hash) for large files.
-Reason is that preliminary hashing can exhaust your RAM or disk space.
-Properties:
-
-- Config: speedup_max_disk
-- Env Var: RCLONE_MAILRU_SPEEDUP_MAX_DISK
-- Type: SizeSuffix
-- Default: 3Gi
-- Examples:
-
-- "0"
-
-- Completely disable speedup (put by hash).
-
-- "1G"
-
-- Files larger than 1Gb will be uploaded directly.
-
-- "3G"
-
-- Choose this option if you have less than 3Gb free on local disk.
-
-
-
---mailru-speedup-max-memory
-Files larger than the size given below will always be hashed on disk.
-Properties:
-
-- Config: speedup_max_memory
-- Env Var: RCLONE_MAILRU_SPEEDUP_MAX_MEMORY
-- Type: SizeSuffix
-- Default: 32Mi
-- Examples:
-
-- "0"
-
-- Preliminary hashing will always be done in a temporary disk location.
-
-- "32M"
-
-- Do not dedicate more than 32Mb RAM for preliminary hashing.
-
-- "256M"
-
-- You have at most 256Mb RAM free for hash calculations.
-
-
-
---mailru-check-hash
-What should copy do if file checksum is mismatched or invalid.
-Properties:
-
-- Config: check_hash
-- Env Var: RCLONE_MAILRU_CHECK_HASH
-- Type: bool
-- Default: true
-- Examples:
-
-- "true"
-
-- Fail with error.
-
-- "false"
-
-- Ignore and continue.
-
-
-
---mailru-user-agent
-HTTP user agent used internally by client.
-Defaults to "rclone/VERSION" or "--user-agent" provided on command line.
-Properties:
-
-- Config: user_agent
-- Env Var: RCLONE_MAILRU_USER_AGENT
-- Type: string
-- Required: false
-
---mailru-quirks
-Comma separated list of internal maintenance flags.
-This option must not be used by an ordinary user. It is intended only to facilitate remote troubleshooting of backend issues. Strict meaning of flags is not documented and not guaranteed to persist between releases. Quirks will be removed when the backend grows stable. Supported quirks: atomicmkdir binlist unknowndirs
-Properties:
-
-- Config: quirks
-- Env Var: RCLONE_MAILRU_QUIRKS
-- Type: string
-- Required: false
-
---mailru-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_MAILRU_ENCODING
-- Type: MultiEncoder
-- Default: Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,InvalidUtf8,Dot
-
-Limitations
-File size limits depend on your account. A single file size is limited by 2G for a free account and unlimited for paid tariffs. Please refer to the Mail.ru site for the total uploaded size limits.
-Note that Mailru is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
-Mega
-Mega is a cloud storage and file hosting service known for its security feature where all files are encrypted locally before they are uploaded. This prevents anyone (including employees of Mega) from accessing the files without knowledge of the key used for encryption.
-This is an rclone backend for Mega which supports the file transfer features of Mega using the same client side encryption.
-Paths are specified as remote:path
-Paths may be as deep as required, e.g. remote:directory/subdirectory
.
-Configuration
-Here is an example of how to make a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Mega
- \ "mega"
-[snip]
-Storage> mega
-User name
-user> you@example.com
-Password.
-y) Yes type in my own password
-g) Generate random password
-n) No leave this optional password blank
-y/g/n> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Remote config
---------------------
-[remote]
-type = mega
-user = you@example.com
-pass = *** ENCRYPTED ***
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-NOTE: The encryption keys need to have been already generated after a regular login via the browser, otherwise attempting to use the credentials in rclone
will fail.
-Once configured you can then use rclone
like this,
-List directories in top level of your Mega
-rclone lsd remote:
-List all the files in your Mega
-rclone ls remote:
-To copy a local directory to an Mega directory called backup
-rclone copy /home/source remote:backup
-Modified time and hashes
-Mega does not support modification times or hashes yet.
-Restricted filename characters
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-NUL
-0x00
-␀
-
-
-/
-0x2F
-/
-
-
-
-Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Duplicated files
-Mega can have two files with exactly the same name and path (unlike a normal file system).
-Duplicated files cause problems with the syncing and you will see messages in the log about duplicates.
-Use rclone dedupe
to fix duplicated files.
-Failure to log-in
-Object not found
-If you are connecting to your Mega remote for the first time, to test access and synchronization, you may receive an error such as
-Failed to create file system for "my-mega-remote:":
-couldn't login: Object (typically, node or user) not found
-The diagnostic steps often recommended in the rclone forum start with the MEGAcmd utility. Note that this refers to the official C++ command from https://github.com/meganz/MEGAcmd and not the go language built command from t3rm1n4l/megacmd that is no longer maintained.
-Follow the instructions for installing MEGAcmd and try accessing your remote as they recommend. You can establish whether or not you can log in using MEGAcmd, and obtain diagnostic information to help you, and search or work with others in the forum.
-MEGA CMD> login me@example.com
-Password:
-Fetching nodes ...
-Loading transfers from local cache
-Login complete as me@example.com
-me@example.com:/$
-Note that some have found issues with passwords containing special characters. If you can not log on with rclone, but MEGAcmd logs on just fine, then consider changing your password temporarily to pure alphanumeric characters, in case that helps.
-Repeated commands blocks access
-Mega remotes seem to get blocked (reject logins) under "heavy use". We haven't worked out the exact blocking rules but it seems to be related to fast paced, successive rclone commands.
-For example, executing this command 90 times in a row rclone link remote:file
will cause the remote to become "blocked". This is not an abnormal situation, for example if you wish to get the public links of a directory with hundred of files... After more or less a week, the remote will remote accept rclone logins normally again.
-You can mitigate this issue by mounting the remote it with rclone mount
. This will log-in when mounting and a log-out when unmounting only. You can also run rclone rcd
and then use rclone rc
to run the commands over the API to avoid logging in each time.
-Rclone does not currently close mega sessions (you can see them in the web interface), however closing the sessions does not solve the issue.
-If you space rclone commands by 3 seconds it will avoid blocking the remote. We haven't identified the exact blocking rules, so perhaps one could execute the command 80 times without waiting and avoid blocking by waiting 3 seconds, then continuing...
-Note that this has been observed by trial and error and might not be set in stone.
-Other tools seem not to produce this blocking effect, as they use a different working approach (state-based, using sessionIDs instead of log-in) which isn't compatible with the current stateless rclone approach.
-Note that once blocked, the use of other tools (such as megacmd) is not a sure workaround: following megacmd login times have been observed in succession for blocked remote: 7 minutes, 20 min, 30min, 30 min, 30min. Web access looks unaffected though.
-Investigation is continuing in relation to workarounds based on timeouts, pacers, retrials and tpslimits - if you discover something relevant, please post on the forum.
-So, if rclone was working nicely and suddenly you are unable to log-in and you are sure the user and the password are correct, likely you have got the remote blocked for a while.
-Standard options
-Here are the Standard options specific to mega (Mega).
---mega-user
-User name.
-Properties:
-
-- Config: user
-- Env Var: RCLONE_MEGA_USER
-- Type: string
-- Required: true
-
---mega-pass
-Password.
-NB Input to this must be obscured - see rclone obscure.
-Properties:
-
-- Config: pass
-- Env Var: RCLONE_MEGA_PASS
-- Type: string
-- Required: true
-
-Advanced options
-Here are the Advanced options specific to mega (Mega).
---mega-debug
-Output more debug from Mega.
-If this flag is set (along with -vv) it will print further debugging information from the mega backend.
-Properties:
-
-- Config: debug
-- Env Var: RCLONE_MEGA_DEBUG
-- Type: bool
-- Default: false
-
---mega-hard-delete
-Delete files permanently rather than putting them into the trash.
-Normally the mega backend will put all deletions into the trash rather than permanently deleting them. If you specify this then rclone will permanently delete objects instead.
-Properties:
-
-- Config: hard_delete
-- Env Var: RCLONE_MEGA_HARD_DELETE
-- Type: bool
-- Default: false
-
---mega-use-https
-Use HTTPS for transfers.
-MEGA uses plain text HTTP connections by default. Some ISPs throttle HTTP connections, this causes transfers to become very slow. Enabling this will force MEGA to use HTTPS for all transfers. HTTPS is normally not necesary since all data is already encrypted anyway. Enabling it will increase CPU usage and add network overhead.
-Properties:
-
-- Config: use_https
-- Env Var: RCLONE_MEGA_USE_HTTPS
-- Type: bool
-- Default: false
-
---mega-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_MEGA_ENCODING
-- Type: MultiEncoder
-- Default: Slash,InvalidUtf8,Dot
-
-Limitations
-This backend uses the go-mega go library which is an opensource go library implementing the Mega API. There doesn't appear to be any documentation for the mega protocol beyond the mega C++ SDK source code so there are likely quite a few errors still remaining in this library.
-Mega allows duplicate files which may confuse rclone.
-Memory
-The memory backend is an in RAM backend. It does not persist its data - use the local backend for that.
-The memory backend behaves like a bucket-based remote (e.g. like s3). Because it has no parameters you can just use it with the :memory:
remote name.
-Configuration
-You can configure it as a remote like this with rclone config
too if you want to:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / Memory
- \ "memory"
-[snip]
-Storage> memory
-** See help for memory backend at: https://rclone.org/memory/ **
-
-Remote config
-
---------------------
-[remote]
-type = memory
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Because the memory backend isn't persistent it is most useful for testing or with an rclone server or rclone mount, e.g.
-rclone mount :memory: /mnt/tmp
-rclone serve webdav :memory:
-rclone serve sftp :memory:
-Modified time and hashes
-The memory backend supports MD5 hashes and modification times accurate to 1 nS.
-Restricted filename characters
-The memory backend replaces the default restricted characters set.
-Akamai NetStorage
-Paths are specified as remote:
You may put subdirectories in too, e.g. remote:/path/to/dir
. If you have a CP code you can use that as the folder after the domain such as <domain>/<cpcode>/<internal directories within cpcode>.
-For example, this is commonly configured with or without a CP code: * With a CP code. [your-domain-prefix]-nsu.akamaihd.net/123456/subdirectory/
* Without a CP code. [your-domain-prefix]-nsu.akamaihd.net
-See all buckets rclone lsd remote: The initial setup for Netstorage involves getting an account and secret. Use rclone config
to walk you through the setup process.
-Configuration
-Here's an example of how to make a remote called ns1
.
-
-- To begin the interactive configuration process, enter this command:
-
-rclone config
-
-- Type
n
to create a new remote.
-
-n) New remote
-d) Delete remote
-q) Quit config
-e/n/d/q> n
-
-- For this example, enter
ns1
when you reach the name> prompt.
-
-name> ns1
-
-- Enter
netstorage
as the type of storage to configure.
-
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-XX / NetStorage
- \ "netstorage"
-Storage> netstorage
-
-- Select between the HTTP or HTTPS protocol. Most users should choose HTTPS, which is the default. HTTP is provided primarily for debugging purposes.
-
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / HTTP protocol
- \ "http"
- 2 / HTTPS protocol
- \ "https"
-protocol> 1
-
-- Specify your NetStorage host, CP code, and any necessary content paths using this format:
<domain>/<cpcode>/<content>/
-
-Enter a string value. Press Enter for the default ("").
-host> baseball-nsu.akamaihd.net/123456/content/
-
-- Set the netstorage account name
-
-Enter a string value. Press Enter for the default ("").
-account> username
-
-- Set the Netstorage account secret/G2O key which will be used for authentication purposes. Select the
y
option to set your own password then enter your secret. Note: The secret is stored in the rclone.conf
file with hex-encoded encryption.
-
-y) Yes type in my own password
-g) Generate random password
-y/g> y
-Enter the password:
-password:
-Confirm the password:
-password:
-
-- View the summary and confirm your remote configuration.
-
-[ns1]
-type = netstorage
-protocol = http
-host = baseball-nsu.akamaihd.net/123456/content/
-account = username
-secret = *** ENCRYPTED ***
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-This remote is called ns1
and can now be used.
-Example operations
-Get started with rclone and NetStorage with these examples. For additional rclone commands, visit https://rclone.org/commands/.
-See contents of a directory in your project
-rclone lsd ns1:/974012/testing/
-Sync the contents local with remote
-rclone sync . ns1:/974012/testing/
-Upload local content to remote
-rclone copy notes.txt ns1:/974012/testing/
-Delete content on remote
-rclone delete ns1:/974012/testing/notes.txt
-Move or copy content between CP codes.
-Your credentials must have access to two CP codes on the same remote. You can't perform operations between different remotes.
-rclone move ns1:/974012/testing/notes.txt ns1:/974450/testing2/
-Features
-Symlink Support
-The Netstorage backend changes the rclone --links, -l
behavior. When uploading, instead of creating the .rclonelink file, use the "symlink" API in order to create the corresponding symlink on the remote. The .rclonelink file will not be created, the upload will be intercepted and only the symlink file that matches the source file name with no suffix will be created on the remote.
-This will effectively allow commands like copy/copyto, move/moveto and sync to upload from local to remote and download from remote to local directories with symlinks. Due to internal rclone limitations, it is not possible to upload an individual symlink file to any remote backend. You can always use the "backend symlink" command to create a symlink on the NetStorage server, refer to "symlink" section below.
-Individual symlink files on the remote can be used with the commands like "cat" to print the destination name, or "delete" to delete symlink, or copy, copy/to and move/moveto to download from the remote to local. Note: individual symlink files on the remote should be specified including the suffix .rclonelink.
-Note: No file with the suffix .rclonelink should ever exist on the server since it is not possible to actually upload/create a file with .rclonelink suffix with rclone, it can only exist if it is manually created through a non-rclone method on the remote.
-Implicit vs. Explicit Directories
-With NetStorage, directories can exist in one of two forms:
-
-- Explicit Directory. This is an actual, physical directory that you have created in a storage group.
-- Implicit Directory. This refers to a directory within a path that has not been physically created. For example, during upload of a file, nonexistent subdirectories can be specified in the target path. NetStorage creates these as "implicit." While the directories aren't physically created, they exist implicitly and the noted path is connected with the uploaded file.
-
-Rclone will intercept all file uploads and mkdir commands for the NetStorage remote and will explicitly issue the mkdir command for each directory in the uploading path. This will help with the interoperability with the other Akamai services such as SFTP and the Content Management Shell (CMShell). Rclone will not guarantee correctness of operations with implicit directories which might have been created as a result of using an upload API directly.
---fast-list
/ ListR support
-NetStorage remote supports the ListR feature by using the "list" NetStorage API action to return a lexicographical list of all objects within the specified CP code, recursing into subdirectories as they're encountered.
-
-Rclone will use the ListR method for some commands by default. Commands such as lsf -R
will use ListR by default. To disable this, include the --disable listR
option to use the non-recursive method of listing objects.
-Rclone will not use the ListR method for some commands. Commands such as sync
don't use ListR by default. To force using the ListR method, include the --fast-list
option.
-
-There are pros and cons of using the ListR method, refer to rclone documentation. In general, the sync command over an existing deep tree on the remote will run faster with the "--fast-list" flag but with extra memory usage as a side effect. It might also result in higher CPU utilization but the whole task can be completed faster.
-Note: There is a known limitation that "lsf -R" will display number of files in the directory and directory size as -1 when ListR method is used. The workaround is to pass "--disable listR" flag if these numbers are important in the output.
-Purge
-NetStorage remote supports the purge feature by using the "quick-delete" NetStorage API action. The quick-delete action is disabled by default for security reasons and can be enabled for the account through the Akamai portal. Rclone will first try to use quick-delete action for the purge command and if this functionality is disabled then will fall back to a standard delete method.
-Note: Read the NetStorage Usage API for considerations when using "quick-delete". In general, using quick-delete method will not delete the tree immediately and objects targeted for quick-delete may still be accessible.
-Standard options
-Here are the Standard options specific to netstorage (Akamai NetStorage).
---netstorage-host
-Domain+path of NetStorage host to connect to.
-Format should be <domain>/<internal folders>
-Properties:
-
-- Config: host
-- Env Var: RCLONE_NETSTORAGE_HOST
-- Type: string
-- Required: true
-
---netstorage-account
-Set the NetStorage account name
-Properties:
-
-- Config: account
-- Env Var: RCLONE_NETSTORAGE_ACCOUNT
-- Type: string
-- Required: true
-
---netstorage-secret
-Set the NetStorage account secret/G2O key for authentication.
-Please choose the 'y' option to set your own password then enter your secret.
-NB Input to this must be obscured - see rclone obscure.
-Properties:
-
-- Config: secret
-- Env Var: RCLONE_NETSTORAGE_SECRET
-- Type: string
-- Required: true
-
-Advanced options
-Here are the Advanced options specific to netstorage (Akamai NetStorage).
---netstorage-protocol
-Select between HTTP or HTTPS protocol.
-Most users should choose HTTPS, which is the default. HTTP is provided primarily for debugging purposes.
-Properties:
-
-- Config: protocol
-- Env Var: RCLONE_NETSTORAGE_PROTOCOL
-- Type: string
-- Default: "https"
-- Examples:
-
-- "http"
-
-- HTTP protocol
-
-- "https"
-
-- HTTPS protocol
-
-
-
-Backend commands
-Here are the commands specific to the netstorage backend.
-Run them with
-rclone backend COMMAND remote:
-The help below will explain what arguments each command takes.
-See the backend command for more info on how to pass options and arguments.
-These can be run on a running backend using the rc command backend/command.
-du
-Return disk usage information for a specified directory
-rclone backend du remote: [options] [<arguments>+]
-The usage information returned, includes the targeted directory as well as all files stored in any sub-directories that may exist.
-symlink
-You can create a symbolic link in ObjectStore with the symlink action.
-rclone backend symlink remote: [options] [<arguments>+]
-The desired path location (including applicable sub-directories) ending in the object that will be the target of the symlink (for example, /links/mylink). Include the file extension for the object, if applicable. rclone backend symlink <src> <path>
-Microsoft Azure Blob Storage
-Paths are specified as remote:container
(or remote:
for the lsd
command.) You may put subdirectories in too, e.g. remote:container/path/to/dir
.
-Configuration
-Here is an example of making a Microsoft Azure Blob Storage configuration. For a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Microsoft Azure Blob Storage
- \ "azureblob"
-[snip]
-Storage> azureblob
-Storage Account Name
-account> account_name
-Storage Account Key
-key> base64encodedkey==
-Endpoint for the service - leave blank normally.
-endpoint>
-Remote config
---------------------
-[remote]
-account = account_name
-key = base64encodedkey==
-endpoint =
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-See all containers
-rclone lsd remote:
-Make a new container
-rclone mkdir remote:container
-List the contents of a container
-rclone ls remote:container
-Sync /home/local/directory
to the remote container, deleting any excess files in the container.
-rclone sync --interactive /home/local/directory remote:container
---fast-list
-This remote supports --fast-list
which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
-Modified time
-The modified time is stored as metadata on the object with the mtime
key. It is stored using RFC3339 Format time with nanosecond precision. The metadata is supplied during directory listings so there is no performance overhead to using it.
-If you wish to use the Azure standard LastModified
time stored on the object as the modified time, then use the --use-server-modtime
flag. Note that rclone can't set LastModified
, so using the --update
flag when syncing is recommended if using --use-server-modtime
.
-Performance
-When uploading large files, increasing the value of --azureblob-upload-concurrency
will increase performance at the cost of using more memory. The default of 16 is set quite conservatively to use less memory. It maybe be necessary raise it to 64 or higher to fully utilize a 1 GBit/s link with a single file transfer.
-Restricted filename characters
-In addition to the default restricted characters set the following characters are also replaced:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-/
-0x2F
-/
-
-
-\
-0x5C
-\
-
-
-
-File names can also not end with the following characters. These only get replaced if they are the last character in the name:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-.
-0x2E
-.
-
-
-
-Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Hashes
-MD5 hashes are stored with blobs. However blobs that were uploaded in chunks only have an MD5 if the source remote was capable of MD5 hashes, e.g. the local disk.
-Authentication
-There are a number of ways of supplying credentials for Azure Blob Storage. Rclone tries them in the order of the sections below.
-Env Auth
-If the env_auth
config parameter is true
then rclone will pull credentials from the environment or runtime.
-It tries these authentication methods in this order:
-
-- Environment Variables
-- Managed Service Identity Credentials
-- Azure CLI credentials (as used by the az tool)
-
-These are described in the following sections
-Env Auth: 1. Environment Variables
-If env_auth
is set and environment variables are present rclone authenticates a service principal with a secret or certificate, or a user with a password, depending on which environment variable are set. It reads configuration from these variables, in the following order:
-
-- Service principal with client secret
-
-AZURE_TENANT_ID
: ID of the service principal's tenant. Also called its "directory" ID.
-AZURE_CLIENT_ID
: the service principal's client ID
-AZURE_CLIENT_SECRET
: one of the service principal's client secrets
-
-- Service principal with certificate
-
-AZURE_TENANT_ID
: ID of the service principal's tenant. Also called its "directory" ID.
-AZURE_CLIENT_ID
: the service principal's client ID
-AZURE_CLIENT_CERTIFICATE_PATH
: path to a PEM or PKCS12 certificate file including the private key.
-AZURE_CLIENT_CERTIFICATE_PASSWORD
: (optional) password for the certificate file.
-AZURE_CLIENT_SEND_CERTIFICATE_CHAIN
: (optional) Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to "true" or "1", authentication requests include the x5c header.
-
-- User with username and password
-
-AZURE_TENANT_ID
: (optional) tenant to authenticate in. Defaults to "organizations".
-AZURE_CLIENT_ID
: client ID of the application the user will authenticate to
-AZURE_USERNAME
: a username (usually an email address)
-AZURE_PASSWORD
: the user's password
-
-
-Env Auth: 2. Managed Service Identity Credentials
-When using Managed Service Identity if the VM(SS) on which this program is running has a system-assigned identity, it will be used by default. If the resource has no system-assigned but exactly one user-assigned identity, the user-assigned identity will be used by default.
-If the resource has multiple user-assigned identities you will need to unset env_auth
and set use_msi
instead. See the use_msi
section.
-Env Auth: 3. Azure CLI credentials (as used by the az tool)
-Credentials created with the az
tool can be picked up using env_auth
.
-For example if you were to login with a service principal like this:
-az login --service-principal -u XXX -p XXX --tenant XXX
-Then you could access rclone resources like this:
-rclone lsf :azureblob,env_auth,account=ACCOUNT:CONTAINER
-Or
-rclone lsf --azureblob-env-auth --azureblob-acccount=ACCOUNT :azureblob:CONTAINER
-Which is analogous to using the az
tool:
-az storage blob list --container-name CONTAINER --account-name ACCOUNT --auth-mode login
-Account and Shared Key
-This is the most straight forward and least flexible way. Just fill in the account
and key
lines and leave the rest blank.
-SAS URL
-This can be an account level SAS URL or container level SAS URL.
-To use it leave account
and key
blank and fill in sas_url
.
-An account level SAS URL or container level SAS URL can be obtained from the Azure portal or the Azure Storage Explorer. To get a container level SAS URL right click on a container in the Azure Blob explorer in the Azure portal.
-If you use a container level SAS URL, rclone operations are permitted only on a particular container, e.g.
-rclone ls azureblob:container
-You can also list the single container from the root. This will only show the container specified by the SAS URL.
-$ rclone lsd azureblob:
-container/
-Note that you can't see or access any other containers - this will fail
-rclone ls azureblob:othercontainer
-Container level SAS URLs are useful for temporarily allowing third parties access to a single container or putting credentials into an untrusted environment such as a CI build server.
-Service principal with client secret
-If these variables are set, rclone will authenticate with a service principal with a client secret.
-
-tenant
: ID of the service principal's tenant. Also called its "directory" ID.
-client_id
: the service principal's client ID
-client_secret
: one of the service principal's client secrets
-
-The credentials can also be placed in a file using the service_principal_file
configuration option.
-Service principal with certificate
-If these variables are set, rclone will authenticate with a service principal with certificate.
-
-tenant
: ID of the service principal's tenant. Also called its "directory" ID.
-client_id
: the service principal's client ID
-client_certificate_path
: path to a PEM or PKCS12 certificate file including the private key.
-client_certificate_password
: (optional) password for the certificate file.
-client_send_certificate_chain
: (optional) Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to "true" or "1", authentication requests include the x5c header.
-
-NB client_certificate_password
must be obscured - see rclone obscure.
-User with username and password
-If these variables are set, rclone will authenticate with username and password.
-
-tenant
: (optional) tenant to authenticate in. Defaults to "organizations".
-client_id
: client ID of the application the user will authenticate to
-username
: a username (usually an email address)
-password
: the user's password
-
-Microsoft doesn't recommend this kind of authentication, because it's less secure than other authentication flows. This method is not interactive, so it isn't compatible with any form of multi-factor authentication, and the application must already have user or admin consent. This credential can only authenticate work and school accounts; it can't authenticate Microsoft accounts.
-NB password
must be obscured - see rclone obscure.
-Managed Service Identity Credentials
-If use_msi
is set then managed service identity credentials are used. This authentication only works when running in an Azure service. env_auth
needs to be unset to use this.
-However if you have multiple user identities to choose from these must be explicitly specified using exactly one of the msi_object_id
, msi_client_id
, or msi_mi_res_id
parameters.
-If none of msi_object_id
, msi_client_id
, or msi_mi_res_id
is set, this is is equivalent to using env_auth
.
-Standard options
-Here are the Standard options specific to azureblob (Microsoft Azure Blob Storage).
---azureblob-account
-Azure Storage Account Name.
-Set this to the Azure Storage Account Name in use.
-Leave blank to use SAS URL or Emulator, otherwise it needs to be set.
-If this is blank and if env_auth is set it will be read from the environment variable AZURE_STORAGE_ACCOUNT_NAME
if possible.
-Properties:
-
-- Config: account
-- Env Var: RCLONE_AZUREBLOB_ACCOUNT
-- Type: string
-- Required: false
-
---azureblob-env-auth
-Read credentials from runtime (environment variables, CLI or MSI).
-See the authentication docs for full info.
-Properties:
-
-- Config: env_auth
-- Env Var: RCLONE_AZUREBLOB_ENV_AUTH
-- Type: bool
-- Default: false
-
---azureblob-key
-Storage Account Shared Key.
-Leave blank to use SAS URL or Emulator.
-Properties:
-
-- Config: key
-- Env Var: RCLONE_AZUREBLOB_KEY
-- Type: string
-- Required: false
-
---azureblob-sas-url
-SAS URL for container level access only.
-Leave blank if using account/key or Emulator.
-Properties:
-
-- Config: sas_url
-- Env Var: RCLONE_AZUREBLOB_SAS_URL
-- Type: string
-- Required: false
-
---azureblob-tenant
-ID of the service principal's tenant. Also called its directory ID.
-Set this if using - Service principal with client secret - Service principal with certificate - User with username and password
-Properties:
-
-- Config: tenant
-- Env Var: RCLONE_AZUREBLOB_TENANT
-- Type: string
-- Required: false
-
---azureblob-client-id
-The ID of the client in use.
-Set this if using - Service principal with client secret - Service principal with certificate - User with username and password
-Properties:
-
-- Config: client_id
-- Env Var: RCLONE_AZUREBLOB_CLIENT_ID
-- Type: string
-- Required: false
-
---azureblob-client-secret
-One of the service principal's client secrets
-Set this if using - Service principal with client secret
-Properties:
-
-- Config: client_secret
-- Env Var: RCLONE_AZUREBLOB_CLIENT_SECRET
-- Type: string
-- Required: false
-
---azureblob-client-certificate-path
-Path to a PEM or PKCS12 certificate file including the private key.
-Set this if using - Service principal with certificate
-Properties:
-
-- Config: client_certificate_path
-- Env Var: RCLONE_AZUREBLOB_CLIENT_CERTIFICATE_PATH
-- Type: string
-- Required: false
-
---azureblob-client-certificate-password
-Password for the certificate file (optional).
-Optionally set this if using - Service principal with certificate
-And the certificate has a password.
-NB Input to this must be obscured - see rclone obscure.
-Properties:
-
-- Config: client_certificate_password
-- Env Var: RCLONE_AZUREBLOB_CLIENT_CERTIFICATE_PASSWORD
-- Type: string
-- Required: false
-
-Advanced options
-Here are the Advanced options specific to azureblob (Microsoft Azure Blob Storage).
---azureblob-client-send-certificate-chain
-Send the certificate chain when using certificate auth.
-Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to true, authentication requests include the x5c header.
-Optionally set this if using - Service principal with certificate
-Properties:
-
-- Config: client_send_certificate_chain
-- Env Var: RCLONE_AZUREBLOB_CLIENT_SEND_CERTIFICATE_CHAIN
-- Type: bool
-- Default: false
-
---azureblob-username
-User name (usually an email address)
-Set this if using - User with username and password
-Properties:
-
-- Config: username
-- Env Var: RCLONE_AZUREBLOB_USERNAME
-- Type: string
-- Required: false
-
---azureblob-password
-The user's password
-Set this if using - User with username and password
-NB Input to this must be obscured - see rclone obscure.
-Properties:
-
-- Config: password
-- Env Var: RCLONE_AZUREBLOB_PASSWORD
-- Type: string
-- Required: false
-
---azureblob-service-principal-file
-Path to file containing credentials for use with a service principal.
-Leave blank normally. Needed only if you want to use a service principal instead of interactive login.
-$ az ad sp create-for-rbac --name "<name>" \
- --role "Storage Blob Data Owner" \
- --scopes "/subscriptions/<subscription>/resourceGroups/<resource-group>/providers/Microsoft.Storage/storageAccounts/<storage-account>/blobServices/default/containers/<container>" \
- > azure-principal.json
-See "Create an Azure service principal" and "Assign an Azure role for access to blob data" pages for more details.
-It may be more convenient to put the credentials directly into the rclone config file under the client_id
, tenant
and client_secret
keys instead of setting service_principal_file
.
-Properties:
-
-- Config: service_principal_file
-- Env Var: RCLONE_AZUREBLOB_SERVICE_PRINCIPAL_FILE
-- Type: string
-- Required: false
-
---azureblob-use-msi
-Use a managed service identity to authenticate (only works in Azure).
-When true, use a managed service identity to authenticate to Azure Storage instead of a SAS token or account key.
-If the VM(SS) on which this program is running has a system-assigned identity, it will be used by default. If the resource has no system-assigned but exactly one user-assigned identity, the user-assigned identity will be used by default. If the resource has multiple user-assigned identities, the identity to use must be explicitly specified using exactly one of the msi_object_id, msi_client_id, or msi_mi_res_id parameters.
-Properties:
-
-- Config: use_msi
-- Env Var: RCLONE_AZUREBLOB_USE_MSI
-- Type: bool
-- Default: false
-
---azureblob-msi-object-id
-Object ID of the user-assigned MSI to use, if any.
-Leave blank if msi_client_id or msi_mi_res_id specified.
-Properties:
-
-- Config: msi_object_id
-- Env Var: RCLONE_AZUREBLOB_MSI_OBJECT_ID
-- Type: string
-- Required: false
-
---azureblob-msi-client-id
-Object ID of the user-assigned MSI to use, if any.
-Leave blank if msi_object_id or msi_mi_res_id specified.
-Properties:
-
-- Config: msi_client_id
-- Env Var: RCLONE_AZUREBLOB_MSI_CLIENT_ID
-- Type: string
-- Required: false
-
---azureblob-msi-mi-res-id
-Azure resource ID of the user-assigned MSI to use, if any.
-Leave blank if msi_client_id or msi_object_id specified.
-Properties:
-
-- Config: msi_mi_res_id
-- Env Var: RCLONE_AZUREBLOB_MSI_MI_RES_ID
-- Type: string
-- Required: false
-
---azureblob-use-emulator
-Uses local storage emulator if provided as 'true'.
-Leave blank if using real azure storage endpoint.
-Properties:
-
-- Config: use_emulator
-- Env Var: RCLONE_AZUREBLOB_USE_EMULATOR
-- Type: bool
-- Default: false
-
---azureblob-endpoint
-Endpoint for the service.
-Leave blank normally.
-Properties:
-
-- Config: endpoint
-- Env Var: RCLONE_AZUREBLOB_ENDPOINT
-- Type: string
-- Required: false
-
---azureblob-upload-cutoff
-Cutoff for switching to chunked upload (<= 256 MiB) (deprecated).
-Properties:
-
-- Config: upload_cutoff
-- Env Var: RCLONE_AZUREBLOB_UPLOAD_CUTOFF
-- Type: string
-- Required: false
-
---azureblob-chunk-size
-Upload chunk size.
-Note that this is stored in memory and there may be up to "--transfers" * "--azureblob-upload-concurrency" chunks stored at once in memory.
-Properties:
-
-- Config: chunk_size
-- Env Var: RCLONE_AZUREBLOB_CHUNK_SIZE
-- Type: SizeSuffix
-- Default: 4Mi
-
---azureblob-upload-concurrency
-Concurrency for multipart uploads.
-This is the number of chunks of the same file that are uploaded concurrently.
-If you are uploading small numbers of large files over high-speed links and these uploads do not fully utilize your bandwidth, then increasing this may help to speed up the transfers.
-In tests, upload speed increases almost linearly with upload concurrency. For example to fill a gigabit pipe it may be necessary to raise this to 64. Note that this will use more memory.
-Note that chunks are stored in memory and there may be up to "--transfers" * "--azureblob-upload-concurrency" chunks stored at once in memory.
-Properties:
-
-- Config: upload_concurrency
-- Env Var: RCLONE_AZUREBLOB_UPLOAD_CONCURRENCY
-- Type: int
-- Default: 16
-
---azureblob-list-chunk
-Size of blob list.
-This sets the number of blobs requested in each listing chunk. Default is the maximum, 5000. "List blobs" requests are permitted 2 minutes per megabyte to complete. If an operation is taking longer than 2 minutes per megabyte on average, it will time out ( source ). This can be used to limit the number of blobs items to return, to avoid the time out.
-Properties:
-
-- Config: list_chunk
-- Env Var: RCLONE_AZUREBLOB_LIST_CHUNK
-- Type: int
-- Default: 5000
-
---azureblob-access-tier
-Access tier of blob: hot, cool or archive.
-Archived blobs can be restored by setting access tier to hot or cool. Leave blank if you intend to use default access tier, which is set at account level
-If there is no "access tier" specified, rclone doesn't apply any tier. rclone performs "Set Tier" operation on blobs while uploading, if objects are not modified, specifying "access tier" to new one will have no effect. If blobs are in "archive tier" at remote, trying to perform data transfer operations from remote will not be allowed. User should first restore by tiering blob to "Hot" or "Cool".
-Properties:
-
-- Config: access_tier
-- Env Var: RCLONE_AZUREBLOB_ACCESS_TIER
-- Type: string
-- Required: false
-
---azureblob-archive-tier-delete
-Delete archive tier blobs before overwriting.
-Archive tier blobs cannot be updated. So without this flag, if you attempt to update an archive tier blob, then rclone will produce the error:
-can't update archive tier blob without --azureblob-archive-tier-delete
-With this flag set then before rclone attempts to overwrite an archive tier blob, it will delete the existing blob before uploading its replacement. This has the potential for data loss if the upload fails (unlike updating a normal blob) and also may cost more since deleting archive tier blobs early may be chargable.
-Properties:
-
-- Config: archive_tier_delete
-- Env Var: RCLONE_AZUREBLOB_ARCHIVE_TIER_DELETE
-- Type: bool
-- Default: false
-
---azureblob-disable-checksum
-Don't store MD5 checksum with object metadata.
-Normally rclone will calculate the MD5 checksum of the input before uploading it so it can add it to metadata on the object. This is great for data integrity checking but can cause long delays for large files to start uploading.
-Properties:
-
-- Config: disable_checksum
-- Env Var: RCLONE_AZUREBLOB_DISABLE_CHECKSUM
-- Type: bool
-- Default: false
-
---azureblob-memory-pool-flush-time
-How often internal memory buffer pools will be flushed.
-Uploads which requires additional buffers (f.e multipart) will use memory pool for allocations. This option controls how often unused buffers will be removed from the pool.
-Properties:
-
-- Config: memory_pool_flush_time
-- Env Var: RCLONE_AZUREBLOB_MEMORY_POOL_FLUSH_TIME
-- Type: Duration
-- Default: 1m0s
-
---azureblob-memory-pool-use-mmap
-Whether to use mmap buffers in internal memory pool.
-Properties:
-
-- Config: memory_pool_use_mmap
-- Env Var: RCLONE_AZUREBLOB_MEMORY_POOL_USE_MMAP
-- Type: bool
-- Default: false
-
---azureblob-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_AZUREBLOB_ENCODING
-- Type: MultiEncoder
-- Default: Slash,BackSlash,Del,Ctl,RightPeriod,InvalidUtf8
-
---azureblob-public-access
-Public access level of a container: blob or container.
-Properties:
-
-- Config: public_access
-- Env Var: RCLONE_AZUREBLOB_PUBLIC_ACCESS
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- The container and its blobs can be accessed only with an authorized request.
-- It's a default value.
-
-- "blob"
-
-- Blob data within this container can be read via anonymous request.
-
-- "container"
-
-- Allow full public read access for container and blob data.
-
-
-
---azureblob-no-check-container
-If set, don't attempt to check the container exists or create it.
-This can be useful when trying to minimise the number of transactions rclone does if you know the container exists already.
-Properties:
-
-- Config: no_check_container
-- Env Var: RCLONE_AZUREBLOB_NO_CHECK_CONTAINER
-- Type: bool
-- Default: false
-
---azureblob-no-head-object
-If set, do not do HEAD before GET when getting objects.
-Properties:
-
-- Config: no_head_object
-- Env Var: RCLONE_AZUREBLOB_NO_HEAD_OBJECT
-- Type: bool
-- Default: false
-
-Custom upload headers
-You can set custom upload headers with the --header-upload
flag.
-
-- Cache-Control
-- Content-Disposition
-- Content-Encoding
-- Content-Language
-- Content-Type
-
-Eg --header-upload "Content-Type: text/potato"
-Limitations
-MD5 sums are only uploaded with chunked files if the source has an MD5 sum. This will always be the case for a local to azure copy.
-rclone about
is not supported by the Microsoft Azure Blob storage backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs
(most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about and rclone about
-Azure Storage Emulator Support
-You can run rclone with the storage emulator (usually azurite).
-To do this, just set up a new remote with rclone config
following the instructions in the introduction and set use_emulator
in the advanced settings as true
. You do not need to provide a default account name nor an account key. But you can override them in the account
and key
options. (Prior to v1.61 they were hard coded to azurite's devstoreaccount1
.)
-Also, if you want to access a storage emulator instance running on a different machine, you can override the endpoint
parameter in the advanced settings, setting it to http(s)://<host>:<port>/devstoreaccount1
(e.g. http://10.254.2.5:10000/devstoreaccount1
).
-Microsoft OneDrive
-Paths are specified as remote:path
-Paths may be as deep as required, e.g. remote:directory/subdirectory
.
-Configuration
-The initial setup for OneDrive involves getting a token from Microsoft which you need to do in your browser. rclone config
walks you through it.
-Here is an example of how to make a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-e) Edit existing remote
-n) New remote
-d) Delete remote
-r) Rename remote
-c) Copy remote
-s) Set configuration password
-q) Quit config
-e/n/d/r/c/s/q> n
-name> remote
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / Microsoft OneDrive
- \ "onedrive"
-[snip]
-Storage> onedrive
-Microsoft App Client Id
-Leave blank normally.
-Enter a string value. Press Enter for the default ("").
-client_id>
-Microsoft App Client Secret
-Leave blank normally.
-Enter a string value. Press Enter for the default ("").
-client_secret>
-Edit advanced config? (y/n)
-y) Yes
-n) No
-y/n> n
-Remote config
-Use web browser to automatically authenticate rclone with remote?
- * Say Y if the machine running rclone has a web browser you can use
- * Say N if running rclone on a (remote) machine without web browser access
-If not sure try Y. If Y failed, try N.
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
-Choose a number from below, or type in an existing value
- 1 / OneDrive Personal or Business
- \ "onedrive"
- 2 / Sharepoint site
- \ "sharepoint"
- 3 / Type in driveID
- \ "driveid"
- 4 / Type in SiteID
- \ "siteid"
- 5 / Search a Sharepoint site
- \ "search"
-Your choice> 1
-Found 1 drives, please select the one you want to use:
-0: OneDrive (business) id=b!Eqwertyuiopasdfghjklzxcvbnm-7mnbvcxzlkjhgfdsapoiuytrewqk
-Chose drive to use:> 0
-Found drive 'root' of type 'business', URL: https://org-my.sharepoint.com/personal/you/Documents
-Is that okay?
-y) Yes
-n) No
-y/n> y
---------------------
-[remote]
-type = onedrive
-token = {"access_token":"youraccesstoken","token_type":"Bearer","refresh_token":"yourrefreshtoken","expiry":"2018-08-26T22:39:52.486512262+08:00"}
-drive_id = b!Eqwertyuiopasdfghjklzxcvbnm-7mnbvcxzlkjhgfdsapoiuytrewqk
-drive_type = business
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-See the remote setup docs for how to set it up on a machine with no Internet browser available.
-Note that rclone runs a webserver on your local machine to collect the token as returned from Microsoft. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/
and this it may require you to unblock it temporarily if you are running a host firewall.
-Once configured you can then use rclone
like this,
-List directories in top level of your OneDrive
-rclone lsd remote:
-List all the files in your OneDrive
-rclone ls remote:
-To copy a local directory to an OneDrive directory called backup
-rclone copy /home/source remote:backup
-Getting your own Client ID and Key
-rclone uses a default Client ID when talking to OneDrive, unless a custom client_id
is specified in the config. The default Client ID and Key are shared by all rclone users when performing requests.
-You may choose to create and use your own Client ID, in case the default one does not work well for you. For example, you might see throttling.
-Creating Client ID for OneDrive Personal
-To create your own Client ID, please follow these steps:
-
-- Open https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade and then click
New registration
.
-- Enter a name for your app, choose account type
Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)
, select Web
in Redirect URI
, then type (do not copy and paste) http://localhost:53682/
and click Register. Copy and keep the Application (client) ID
under the app name for later use.
-- Under
manage
select Certificates & secrets
, click New client secret
. Enter a description (can be anything) and set Expires
to 24 months. Copy and keep that secret Value for later use (you won't be able to see this value afterwards).
-- Under
manage
select API permissions
, click Add a permission
and select Microsoft Graph
then select delegated permissions
.
-- Search and select the following permissions:
Files.Read
, Files.ReadWrite
, Files.Read.All
, Files.ReadWrite.All
, offline_access
, User.Read
and Sites.Read.All
(if custom access scopes are configured, select the permissions accordingly). Once selected click Add permissions
at the bottom.
-
-Now the application is complete. Run rclone config
to create or edit a OneDrive remote. Supply the app ID and password as Client ID and Secret, respectively. rclone will walk you through the remaining steps.
-The access_scopes option allows you to configure the permissions requested by rclone. See Microsoft Docs for more information about the different scopes.
-The Sites.Read.All
permission is required if you need to search SharePoint sites when configuring the remote. However, if that permission is not assigned, you need to exclude Sites.Read.All
from your access scopes or set disable_site_permission
option to true in the advanced options.
-Creating Client ID for OneDrive Business
-The steps for OneDrive Personal may or may not work for OneDrive Business, depending on the security settings of the organization. A common error is that the publisher of the App is not verified.
-You may try to verify you account, or try to limit the App to your organization only, as shown below.
-
-- Make sure to create the App with your business account.
-- Follow the steps above to create an App. However, we need a different account type here:
Accounts in this organizational directory only (*** - Single tenant)
. Note that you can also change the account type after creating the App.
-- Find the tenant ID of your organization.
-- In the rclone config, set
auth_url
to https://login.microsoftonline.com/YOUR_TENANT_ID/oauth2/v2.0/authorize
.
-- In the rclone config, set
token_url
to https://login.microsoftonline.com/YOUR_TENANT_ID/oauth2/v2.0/token
.
-
-Note: If you have a special region, you may need a different host in step 4 and 5. Here are some hints.
-Modification time and hashes
-OneDrive allows modification times to be set on objects accurate to 1 second. These will be used to detect whether objects need syncing or not.
-OneDrive Personal, OneDrive for Business and Sharepoint Server support QuickXorHash.
-Before rclone 1.62 the default hash for Onedrive Personal was SHA1
. For rclone 1.62 and above the default for all Onedrive backends is QuickXorHash
.
-Starting from July 2023 SHA1
support is being phased out in Onedrive Personal in favour of QuickXorHash
. If necessary the --onedrive-hash-type
flag (or hash_type
config option) can be used to select SHA1
during the transition period if this is important your workflow.
-For all types of OneDrive you can use the --checksum
flag.
-Restricted filename characters
-In addition to the default restricted characters set the following characters are also replaced:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-"
-0x22
-"
-
-
-*
-0x2A
-*
-
-
-:
-0x3A
-:
-
-
-<
-0x3C
-<
-
-
->
-0x3E
->
-
-
-?
-0x3F
-?
-
-
-\
-0x5C
-\
-
-
-|
-0x7C
-|
-
-
-
-File names can also not end with the following characters. These only get replaced if they are the last character in the name:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-SP
-0x20
-␠
-
-
-.
-0x2E
-.
-
-
-
-File names can also not begin with the following characters. These only get replaced if they are the first character in the name:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-SP
-0x20
-␠
-
-
-~
-0x7E
-~
-
-
-
-Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Deleting files
-Any files you delete with rclone will end up in the trash. Microsoft doesn't provide an API to permanently delete files, nor to empty the trash, so you will have to do that with one of Microsoft's apps or via the OneDrive website.
-Standard options
-Here are the Standard options specific to onedrive (Microsoft OneDrive).
---onedrive-client-id
-OAuth Client Id.
-Leave blank normally.
-Properties:
-
-- Config: client_id
-- Env Var: RCLONE_ONEDRIVE_CLIENT_ID
-- Type: string
-- Required: false
-
---onedrive-client-secret
-OAuth Client Secret.
-Leave blank normally.
-Properties:
-
-- Config: client_secret
-- Env Var: RCLONE_ONEDRIVE_CLIENT_SECRET
-- Type: string
-- Required: false
-
---onedrive-region
-Choose national cloud region for OneDrive.
-Properties:
-
-- Config: region
-- Env Var: RCLONE_ONEDRIVE_REGION
-- Type: string
-- Default: "global"
-- Examples:
-
-- "global"
-
-- Microsoft Cloud Global
-
-- "us"
-
-- Microsoft Cloud for US Government
-
-- "de"
-
-- Microsoft Cloud Germany
-
-- "cn"
-
-- Azure and Office 365 operated by Vnet Group in China
-
-
-
-Advanced options
-Here are the Advanced options specific to onedrive (Microsoft OneDrive).
---onedrive-token
-OAuth Access Token as a JSON blob.
-Properties:
-
-- Config: token
-- Env Var: RCLONE_ONEDRIVE_TOKEN
-- Type: string
-- Required: false
-
---onedrive-auth-url
-Auth server URL.
-Leave blank to use the provider defaults.
-Properties:
-
-- Config: auth_url
-- Env Var: RCLONE_ONEDRIVE_AUTH_URL
-- Type: string
-- Required: false
-
---onedrive-token-url
-Token server url.
-Leave blank to use the provider defaults.
-Properties:
-
-- Config: token_url
-- Env Var: RCLONE_ONEDRIVE_TOKEN_URL
-- Type: string
-- Required: false
-
---onedrive-chunk-size
-Chunk size to upload files with - must be multiple of 320k (327,680 bytes).
-Above this size files will be chunked - must be multiple of 320k (327,680 bytes) and should not exceed 250M (262,144,000 bytes) else you may encounter "Microsoft.SharePoint.Client.InvalidClientQueryException: The request message is too big." Note that the chunks will be buffered into memory.
-Properties:
-
-- Config: chunk_size
-- Env Var: RCLONE_ONEDRIVE_CHUNK_SIZE
-- Type: SizeSuffix
-- Default: 10Mi
-
---onedrive-drive-id
-The ID of the drive to use.
-Properties:
-
-- Config: drive_id
-- Env Var: RCLONE_ONEDRIVE_DRIVE_ID
-- Type: string
-- Required: false
-
---onedrive-drive-type
-The type of the drive (personal | business | documentLibrary).
-Properties:
-
-- Config: drive_type
-- Env Var: RCLONE_ONEDRIVE_DRIVE_TYPE
-- Type: string
-- Required: false
-
---onedrive-root-folder-id
-ID of the root folder.
-This isn't normally needed, but in special circumstances you might know the folder ID that you wish to access but not be able to get there through a path traversal.
-Properties:
-
-- Config: root_folder_id
-- Env Var: RCLONE_ONEDRIVE_ROOT_FOLDER_ID
-- Type: string
-- Required: false
-
---onedrive-access-scopes
-Set scopes to be requested by rclone.
-Choose or manually enter a custom space separated list with all scopes, that rclone should request.
-Properties:
-
-- Config: access_scopes
-- Env Var: RCLONE_ONEDRIVE_ACCESS_SCOPES
-- Type: SpaceSepList
-- Default: Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All Sites.Read.All offline_access
-- Examples:
-
-- "Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All Sites.Read.All offline_access"
-
-- Read and write access to all resources
-
-- "Files.Read Files.Read.All Sites.Read.All offline_access"
-
-- Read only access to all resources
-
-- "Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All offline_access"
-
-- Read and write access to all resources, without the ability to browse SharePoint sites.
-- Same as if disable_site_permission was set to true
-
-
-
---onedrive-disable-site-permission
-Disable the request for Sites.Read.All permission.
-If set to true, you will no longer be able to search for a SharePoint site when configuring drive ID, because rclone will not request Sites.Read.All permission. Set it to true if your organization didn't assign Sites.Read.All permission to the application, and your organization disallows users to consent app permission request on their own.
-Properties:
-
-- Config: disable_site_permission
-- Env Var: RCLONE_ONEDRIVE_DISABLE_SITE_PERMISSION
-- Type: bool
-- Default: false
-
---onedrive-expose-onenote-files
-Set to make OneNote files show up in directory listings.
-By default, rclone will hide OneNote files in directory listings because operations like "Open" and "Update" won't work on them. But this behaviour may also prevent you from deleting them. If you want to delete OneNote files or otherwise want them to show up in directory listing, set this option.
-Properties:
-
-- Config: expose_onenote_files
-- Env Var: RCLONE_ONEDRIVE_EXPOSE_ONENOTE_FILES
-- Type: bool
-- Default: false
-
---onedrive-server-side-across-configs
-Allow server-side operations (e.g. copy) to work across different onedrive configs.
-This will only work if you are copying between two OneDrive Personal drives AND the files to copy are already shared between them. In other cases, rclone will fall back to normal copy (which will be slightly slower).
-Properties:
-
-- Config: server_side_across_configs
-- Env Var: RCLONE_ONEDRIVE_SERVER_SIDE_ACROSS_CONFIGS
-- Type: bool
-- Default: false
-
---onedrive-list-chunk
-Size of listing chunk.
-Properties:
-
-- Config: list_chunk
-- Env Var: RCLONE_ONEDRIVE_LIST_CHUNK
-- Type: int
-- Default: 1000
-
---onedrive-no-versions
-Remove all versions on modifying operations.
-Onedrive for business creates versions when rclone uploads new files overwriting an existing one and when it sets the modification time.
-These versions take up space out of the quota.
-This flag checks for versions after file upload and setting modification time and removes all but the last version.
-NB Onedrive personal can't currently delete versions so don't use this flag there.
-Properties:
-
-- Config: no_versions
-- Env Var: RCLONE_ONEDRIVE_NO_VERSIONS
-- Type: bool
-- Default: false
-
---onedrive-link-scope
-Set the scope of the links created by the link command.
-Properties:
-
-- Config: link_scope
-- Env Var: RCLONE_ONEDRIVE_LINK_SCOPE
-- Type: string
-- Default: "anonymous"
-- Examples:
-
-- "anonymous"
-
-- Anyone with the link has access, without needing to sign in.
-- This may include people outside of your organization.
-- Anonymous link support may be disabled by an administrator.
-
-- "organization"
-
-- Anyone signed into your organization (tenant) can use the link to get access.
-- Only available in OneDrive for Business and SharePoint.
-
-
-
---onedrive-link-type
-Set the type of the links created by the link command.
-Properties:
-
-- Config: link_type
-- Env Var: RCLONE_ONEDRIVE_LINK_TYPE
-- Type: string
-- Default: "view"
-- Examples:
-
-- "view"
-
-- Creates a read-only link to the item.
-
-- "edit"
-
-- Creates a read-write link to the item.
-
-- "embed"
-
-- Creates an embeddable link to the item.
-
-
-
---onedrive-link-password
-Set the password for links created by the link command.
-At the time of writing this only works with OneDrive personal paid accounts.
-Properties:
-
-- Config: link_password
-- Env Var: RCLONE_ONEDRIVE_LINK_PASSWORD
-- Type: string
-- Required: false
-
---onedrive-hash-type
-Specify the hash in use for the backend.
-This specifies the hash type in use. If set to "auto" it will use the default hash which is is QuickXorHash.
-Before rclone 1.62 an SHA1 hash was used by default for Onedrive Personal. For 1.62 and later the default is to use a QuickXorHash for all onedrive types. If an SHA1 hash is desired then set this option accordingly.
-From July 2023 QuickXorHash will be the only available hash for both OneDrive for Business and OneDriver Personal.
-This can be set to "none" to not use any hashes.
-If the hash requested does not exist on the object, it will be returned as an empty string which is treated as a missing hash by rclone.
-Properties:
-
-- Config: hash_type
-- Env Var: RCLONE_ONEDRIVE_HASH_TYPE
-- Type: string
-- Default: "auto"
-- Examples:
-
-- "auto"
-
-- Rclone chooses the best hash
-
-- "quickxor"
-
-- QuickXor
-
-- "sha1"
-
-- SHA1
-
-- "sha256"
-
-- SHA256
-
-- "crc32"
-
-- CRC32
-
-- "none"
-
-- None - don't use any hashes
-
-
-
---onedrive-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_ONEDRIVE_ENCODING
-- Type: MultiEncoder
-- Default: Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,LeftSpace,LeftTilde,RightSpace,RightPeriod,InvalidUtf8,Dot
-
-Limitations
-If you don't use rclone for 90 days the refresh token will expire. This will result in authorization problems. This is easy to fix by running the rclone config reconnect remote:
command to get a new token and refresh token.
-Naming
-Note that OneDrive is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
-There are quite a few characters that can't be in OneDrive file names. These can't occur on Windows platforms, but on non-Windows platforms they are common. Rclone will map these names to and from an identical looking unicode equivalent. For example if a file has a ?
in it will be mapped to ?
instead.
-File sizes
-The largest allowed file size is 250 GiB for both OneDrive Personal and OneDrive for Business (Updated 13 Jan 2021).
-Path length
-The entire path, including the file name, must contain fewer than 400 characters for OneDrive, OneDrive for Business and SharePoint Online. If you are encrypting file and folder names with rclone, you may want to pay attention to this limitation because the encrypted names are typically longer than the original ones.
-Number of files
-OneDrive seems to be OK with at least 50,000 files in a folder, but at 100,000 rclone will get errors listing the directory like couldn’t list files: UnknownError:
. See #2707 for more info.
-An official document about the limitations for different types of OneDrive can be found here.
-Versions
-Every change in a file OneDrive causes the service to create a new version of the file. This counts against a users quota. For example changing the modification time of a file creates a second version, so the file apparently uses twice the space.
-For example the copy
command is affected by this as rclone copies the file and then afterwards sets the modification time to match the source file which uses another version.
-You can use the rclone cleanup
command (see below) to remove all old versions.
-Or you can set the no_versions
parameter to true
and rclone will remove versions after operations which create new versions. This takes extra transactions so only enable it if you need it.
-Note At the time of writing Onedrive Personal creates versions (but not for setting the modification time) but the API for removing them returns "API not found" so cleanup and no_versions
should not be used on Onedrive Personal.
-Disabling versioning
-Starting October 2018, users will no longer be able to disable versioning by default. This is because Microsoft has brought an update to the mechanism. To change this new default setting, a PowerShell command is required to be run by a SharePoint admin. If you are an admin, you can run these commands in PowerShell to change that setting:
+cleanup-hidden
+Remove old versions of files.
+rclone backend cleanup-hidden remote: [options] [<arguments>+]
+This command removes any old hidden versions of files on a versions enabled bucket.
+Note that you can use --interactive/-i or --dry-run with this command to see what it would do.
+rclone backend cleanup-hidden s3:bucket/path/to/dir
+versioning
+Set/get versioning support for a bucket.
+rclone backend versioning remote: [options] [<arguments>+]
+This command sets versioning support if a parameter is passed and then returns the current versioning status for the bucket supplied.
+rclone backend versioning s3:bucket # read status only
+rclone backend versioning s3:bucket Enabled
+rclone backend versioning s3:bucket Suspended
+It may return "Enabled", "Suspended" or "Unversioned". Note that once versioning has been enabled the status can't be set back to "Unversioned".
+set
+Set command for updating the config parameters.
+rclone backend set remote: [options] [<arguments>+]
+This set command can be used to update the config parameters for a running s3 backend.
+Usage Examples:
+rclone backend set s3: [-o opt_name=opt_value] [-o opt_name2=opt_value2]
+rclone rc backend/command command=set fs=s3: [-o opt_name=opt_value] [-o opt_name2=opt_value2]
+rclone rc backend/command command=set fs=s3: -o session_token=X -o access_key_id=X -o secret_access_key=X
+The option keys are named as they are in the config file.
+This rebuilds the connection to the s3 backend when it is called with the new parameters. Only new parameters need be passed as the values will default to those currently in use.
+It doesn't return anything.
+Anonymous access to public buckets
+If you want to use rclone to access a public bucket, configure with a blank access_key_id
and secret_access_key
. Your config should end up looking like this:
+[anons3]
+type = s3
+provider = AWS
+env_auth = false
+access_key_id =
+secret_access_key =
+region = us-east-1
+endpoint =
+location_constraint =
+acl = private
+server_side_encryption =
+storage_class =
+Then use it as normal with the name of the public bucket, e.g.
+rclone lsd anons3:1000genomes
+You will be able to list and copy data but not upload it.
+Providers
+AWS S3
+This is the provider used as main example and described in the configuration section above.
+AWS Snowball Edge
+AWS Snowball is a hardware appliance used for transferring bulk data back to AWS. Its main software interface is S3 object storage.
+To use rclone with AWS Snowball Edge devices, configure as standard for an 'S3 Compatible Service'.
+If using rclone pre v1.59 be sure to set upload_cutoff = 0
otherwise you will run into authentication header issues as the snowball device does not support query parameter based authentication.
+With rclone v1.59 or later setting upload_cutoff
should not be necessary.
+eg.
+[snowball]
+type = s3
+provider = Other
+access_key_id = YOUR_ACCESS_KEY
+secret_access_key = YOUR_SECRET_KEY
+endpoint = http://[IP of Snowball]:8080
+upload_cutoff = 0
+Ceph
+Ceph is an open-source, unified, distributed storage system designed for excellent performance, reliability and scalability. It has an S3 compatible object storage interface.
+To use rclone with Ceph, configure as above but leave the region blank and set the endpoint. You should end up with something like this in your config:
+[ceph]
+type = s3
+provider = Ceph
+env_auth = false
+access_key_id = XXX
+secret_access_key = YYY
+region =
+endpoint = https://ceph.endpoint.example.com
+location_constraint =
+acl =
+server_side_encryption =
+storage_class =
+If you are using an older version of CEPH (e.g. 10.2.x Jewel) and a version of rclone before v1.59 then you may need to supply the parameter --s3-upload-cutoff 0
or put this in the config file as upload_cutoff 0
to work around a bug which causes uploading of small files to fail.
+Note also that Ceph sometimes puts /
in the passwords it gives users. If you read the secret access key using the command line tools you will get a JSON blob with the /
escaped as \/
. Make sure you only write /
in the secret access key.
+Eg the dump from Ceph looks something like this (irrelevant keys removed).
+{
+ "user_id": "xxx",
+ "display_name": "xxxx",
+ "keys": [
+ {
+ "user": "xxx",
+ "access_key": "xxxxxx",
+ "secret_key": "xxxxxx\/xxxx"
+ }
+ ],
+}
+Because this is a json dump, it is encoding the /
as \/
, so if you use the secret key as xxxxxx/xxxx
it will work fine.
+Cloudflare R2
+Cloudflare R2 Storage allows developers to store large amounts of unstructured data without the costly egress bandwidth fees associated with typical cloud storage services.
+Here is an example of making a Cloudflare R2 configuration. First run:
+rclone config
+This will guide you through an interactive setup process.
+Note that all buckets are private, and all are stored in the same "auto" region. It is necessary to use Cloudflare workers to share the content of a bucket publicly.
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> r2
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+...
+XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Synology, Tencent COS and Wasabi
+ \ (s3)
+...
+Storage> s3
+Option provider.
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+...
+XX / Cloudflare R2 Storage
+ \ (Cloudflare)
+...
+provider> Cloudflare
+Option env_auth.
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth> 1
+Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> ACCESS_KEY
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> SECRET_ACCESS_KEY
+Option region.
+Region to connect to.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / R2 buckets are automatically distributed across Cloudflare's data centers for low latency.
+ \ (auto)
+region> 1
+Option endpoint.
+Endpoint for S3 API.
+Required when using an S3 clone.
+Enter a value. Press Enter to leave empty.
+endpoint> https://ACCOUNT_ID.r2.cloudflarestorage.com
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> n
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+This will leave your config looking something like:
+[r2]
+type = s3
+provider = Cloudflare
+access_key_id = ACCESS_KEY
+secret_access_key = SECRET_ACCESS_KEY
+region = auto
+endpoint = https://ACCOUNT_ID.r2.cloudflarestorage.com
+acl = private
+Now run rclone lsf r2:
to see your buckets and rclone lsf r2:bucket
to look within a bucket.
+Dreamhost
+Dreamhost DreamObjects is an object storage system based on CEPH.
+To use rclone with Dreamhost, configure as above but leave the region blank and set the endpoint. You should end up with something like this in your config:
+[dreamobjects]
+type = s3
+provider = DreamHost
+env_auth = false
+access_key_id = your_access_key
+secret_access_key = your_secret_key
+region =
+endpoint = objects-us-west-1.dream.io
+location_constraint =
+acl = private
+server_side_encryption =
+storage_class =
+Google Cloud Storage
+GoogleCloudStorage is an S3-interoperable object storage service from Google Cloud Platform.
+To connect to Google Cloud Storage you will need an access key and secret key. These can be retrieved by creating an HMAC key.
+[gs]
+type = s3
+provider = GCS
+access_key_id = your_access_key
+secret_access_key = your_secret_key
+endpoint = https://storage.googleapis.com
+Note that --s3-versions
does not work with GCS when it needs to do directory paging. Rclone will return the error:
+s3 protocol error: received versions listing with IsTruncated set with no NextKeyMarker
+This is Google bug #312292516.
+DigitalOcean Spaces
+Spaces is an S3-interoperable object storage service from cloud provider DigitalOcean.
+To connect to DigitalOcean Spaces you will need an access key and secret key. These can be retrieved on the "Applications & API" page of the DigitalOcean control panel. They will be needed when prompted by rclone config
for your access_key_id
and secret_access_key
.
+When prompted for a region
or location_constraint
, press enter to use the default value. The region must be included in the endpoint
setting (e.g. nyc3.digitaloceanspaces.com
). The default values can be used for other settings.
+Going through the whole process of creating a new remote by running rclone config
, each prompt should be answered as shown below:
+Storage> s3
+env_auth> 1
+access_key_id> YOUR_ACCESS_KEY
+secret_access_key> YOUR_SECRET_KEY
+region>
+endpoint> nyc3.digitaloceanspaces.com
+location_constraint>
+acl>
+storage_class>
+The resulting configuration file should look like:
+[spaces]
+type = s3
+provider = DigitalOcean
+env_auth = false
+access_key_id = YOUR_ACCESS_KEY
+secret_access_key = YOUR_SECRET_KEY
+region =
+endpoint = nyc3.digitaloceanspaces.com
+location_constraint =
+acl =
+server_side_encryption =
+storage_class =
+Once configured, you can create a new Space and begin copying files. For example:
+rclone mkdir spaces:my-new-space
+rclone copy /path/to/files spaces:my-new-space
+Huawei OBS
+Object Storage Service (OBS) provides stable, secure, efficient, and easy-to-use cloud storage that lets you store virtually any volume of unstructured data in any format and access it from anywhere.
+OBS provides an S3 interface, you can copy and modify the following configuration and add it to your rclone configuration file.
+[obs]
+type = s3
+provider = HuaweiOBS
+access_key_id = your-access-key-id
+secret_access_key = your-secret-access-key
+region = af-south-1
+endpoint = obs.af-south-1.myhuaweicloud.com
+acl = private
+Or you can also configure via the interactive command line:
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> obs
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+[snip]
+ 5 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Synology, Tencent COS and Wasabi
+ \ (s3)
+[snip]
+Storage> 5
+Option provider.
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+[snip]
+ 9 / Huawei Object Storage Service
+ \ (HuaweiOBS)
+[snip]
+provider> 9
+Option env_auth.
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth> 1
+Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> your-access-key-id
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> your-secret-access-key
+Option region.
+Region to connect to.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / AF-Johannesburg
+ \ (af-south-1)
+ 2 / AP-Bangkok
+ \ (ap-southeast-2)
+[snip]
+region> 1
+Option endpoint.
+Endpoint for OBS API.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / AF-Johannesburg
+ \ (obs.af-south-1.myhuaweicloud.com)
+ 2 / AP-Bangkok
+ \ (obs.ap-southeast-2.myhuaweicloud.com)
+[snip]
+endpoint> 1
+Option acl.
+Canned ACL used when creating buckets and storing or copying objects.
+This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+[snip]
+acl> 1
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n>
+--------------------
+[obs]
+type = s3
+provider = HuaweiOBS
+access_key_id = your-access-key-id
+secret_access_key = your-secret-access-key
+region = af-south-1
+endpoint = obs.af-south-1.myhuaweicloud.com
+acl = private
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+Current remotes:
+
+Name Type
+==== ====
+obs s3
+
+e) Edit existing remote
+n) New remote
+d) Delete remote
+r) Rename remote
+c) Copy remote
+s) Set configuration password
+q) Quit config
+e/n/d/r/c/s/q> q
+IBM COS (S3)
+Information stored with IBM Cloud Object Storage is encrypted and dispersed across multiple geographic locations, and accessed through an implementation of the S3 API. This service makes use of the distributed storage technologies provided by IBM’s Cloud Object Storage System (formerly Cleversafe). For more information visit: (http://www.ibm.com/cloud/object-storage)
+To configure access to IBM COS S3, follow the steps below:
+
+- Run rclone config and select n for a new remote.
+
+ 2018/02/14 14:13:11 NOTICE: Config file "C:\\Users\\a\\.config\\rclone\\rclone.conf" not found - using defaults
+ No remotes found, make a new one?
+ n) New remote
+ s) Set configuration password
+ q) Quit config
+ n/s/q> n
+
+- Enter the name for the configuration
+
+ name> <YOUR NAME>
+
+- Select "s3" storage.
+
+Choose a number from below, or type in your own value
+ 1 / Alias for an existing remote
+ \ "alias"
+ 2 / Amazon Drive
+ \ "amazon cloud drive"
+ 3 / Amazon S3 Complaint Storage Providers (Dreamhost, Ceph, ChinaMobile, Liara, ArvanCloud, Minio, IBM COS)
+ \ "s3"
+ 4 / Backblaze B2
+ \ "b2"
+[snip]
+ 23 / HTTP
+ \ "http"
+Storage> 3
+
+- Select IBM COS as the S3 Storage Provider.
+
+Choose the S3 provider.
+Choose a number from below, or type in your own value
+ 1 / Choose this option to configure Storage to AWS S3
+ \ "AWS"
+ 2 / Choose this option to configure Storage to Ceph Systems
+ \ "Ceph"
+ 3 / Choose this option to configure Storage to Dreamhost
+ \ "Dreamhost"
+ 4 / Choose this option to the configure Storage to IBM COS S3
+ \ "IBMCOS"
+ 5 / Choose this option to the configure Storage to Minio
+ \ "Minio"
+ Provider>4
+
+- Enter the Access Key and Secret.
+
+ AWS Access Key ID - leave blank for anonymous access or runtime credentials.
+ access_key_id> <>
+ AWS Secret Access Key (password) - leave blank for anonymous access or runtime credentials.
+ secret_access_key> <>
+
+- Specify the endpoint for IBM COS. For Public IBM COS, choose from the option below. For On Premise IBM COS, enter an endpoint address.
+
+ Endpoint for IBM COS S3 API.
+ Specify if using an IBM COS On Premise.
+ Choose a number from below, or type in your own value
+ 1 / US Cross Region Endpoint
+ \ "s3-api.us-geo.objectstorage.softlayer.net"
+ 2 / US Cross Region Dallas Endpoint
+ \ "s3-api.dal.us-geo.objectstorage.softlayer.net"
+ 3 / US Cross Region Washington DC Endpoint
+ \ "s3-api.wdc-us-geo.objectstorage.softlayer.net"
+ 4 / US Cross Region San Jose Endpoint
+ \ "s3-api.sjc-us-geo.objectstorage.softlayer.net"
+ 5 / US Cross Region Private Endpoint
+ \ "s3-api.us-geo.objectstorage.service.networklayer.com"
+ 6 / US Cross Region Dallas Private Endpoint
+ \ "s3-api.dal-us-geo.objectstorage.service.networklayer.com"
+ 7 / US Cross Region Washington DC Private Endpoint
+ \ "s3-api.wdc-us-geo.objectstorage.service.networklayer.com"
+ 8 / US Cross Region San Jose Private Endpoint
+ \ "s3-api.sjc-us-geo.objectstorage.service.networklayer.com"
+ 9 / US Region East Endpoint
+ \ "s3.us-east.objectstorage.softlayer.net"
+ 10 / US Region East Private Endpoint
+ \ "s3.us-east.objectstorage.service.networklayer.com"
+ 11 / US Region South Endpoint
+[snip]
+ 34 / Toronto Single Site Private Endpoint
+ \ "s3.tor01.objectstorage.service.networklayer.com"
+ endpoint>1
+
+- Specify a IBM COS Location Constraint. The location constraint must match endpoint when using IBM Cloud Public. For on-prem COS, do not make a selection from this list, hit enter
+
+ 1 / US Cross Region Standard
+ \ "us-standard"
+ 2 / US Cross Region Vault
+ \ "us-vault"
+ 3 / US Cross Region Cold
+ \ "us-cold"
+ 4 / US Cross Region Flex
+ \ "us-flex"
+ 5 / US East Region Standard
+ \ "us-east-standard"
+ 6 / US East Region Vault
+ \ "us-east-vault"
+ 7 / US East Region Cold
+ \ "us-east-cold"
+ 8 / US East Region Flex
+ \ "us-east-flex"
+ 9 / US South Region Standard
+ \ "us-south-standard"
+ 10 / US South Region Vault
+ \ "us-south-vault"
+[snip]
+ 32 / Toronto Flex
+ \ "tor01-flex"
+location_constraint>1
+
+- Specify a canned ACL. IBM Cloud (Storage) supports "public-read" and "private". IBM Cloud(Infra) supports all the canned ACLs. On-Premise COS supports all the canned ACLs.
+
+Canned ACL used when creating buckets and/or storing objects in S3.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Choose a number from below, or type in your own value
+ 1 / Owner gets FULL_CONTROL. No one else has access rights (default). This acl is available on IBM Cloud (Infra), IBM Cloud (Storage), On-Premise COS
+ \ "private"
+ 2 / Owner gets FULL_CONTROL. The AllUsers group gets READ access. This acl is available on IBM Cloud (Infra), IBM Cloud (Storage), On-Premise IBM COS
+ \ "public-read"
+ 3 / Owner gets FULL_CONTROL. The AllUsers group gets READ and WRITE access. This acl is available on IBM Cloud (Infra), On-Premise IBM COS
+ \ "public-read-write"
+ 4 / Owner gets FULL_CONTROL. The AuthenticatedUsers group gets READ access. Not supported on Buckets. This acl is available on IBM Cloud (Infra) and On-Premise IBM COS
+ \ "authenticated-read"
+acl> 1
+
+- Review the displayed configuration and accept to save the "remote" then quit. The config file should look like this
+
+ [xxx]
+ type = s3
+ Provider = IBMCOS
+ access_key_id = xxx
+ secret_access_key = yyy
+ endpoint = s3-api.us-geo.objectstorage.softlayer.net
+ location_constraint = us-standard
+ acl = private
+
+- Execute rclone commands
+
+ 1) Create a bucket.
+ rclone mkdir IBM-COS-XREGION:newbucket
+ 2) List available buckets.
+ rclone lsd IBM-COS-XREGION:
+ -1 2017-11-08 21:16:22 -1 test
+ -1 2018-02-14 20:16:39 -1 newbucket
+ 3) List contents of a bucket.
+ rclone ls IBM-COS-XREGION:newbucket
+ 18685952 test.exe
+ 4) Copy a file from local to remote.
+ rclone copy /Users/file.txt IBM-COS-XREGION:newbucket
+ 5) Copy a file from remote to local.
+ rclone copy IBM-COS-XREGION:newbucket/file.txt .
+ 6) Delete a file on remote.
+ rclone delete IBM-COS-XREGION:newbucket/file.txt
+IDrive e2
+Here is an example of making an IDrive e2 configuration. First run:
+rclone config
+This will guide you through an interactive setup process.
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+
+Enter name for new remote.
+name> e2
+
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+[snip]
+XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Synology, Tencent COS and Wasabi
+ \ (s3)
+[snip]
+Storage> s3
+
+Option provider.
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+[snip]
+XX / IDrive e2
+ \ (IDrive)
+[snip]
+provider> IDrive
+
+Option env_auth.
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth>
+
+Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> YOUR_ACCESS_KEY
+
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> YOUR_SECRET_KEY
+
+Option acl.
+Canned ACL used when creating buckets and storing or copying objects.
+This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+ 2 | The AllUsers group gets READ access.
+ \ (public-read)
+ / Owner gets FULL_CONTROL.
+ 3 | The AllUsers group gets READ and WRITE access.
+ | Granting this on a bucket is generally not recommended.
+ \ (public-read-write)
+ / Owner gets FULL_CONTROL.
+ 4 | The AuthenticatedUsers group gets READ access.
+ \ (authenticated-read)
+ / Object owner gets FULL_CONTROL.
+ 5 | Bucket owner gets READ access.
+ | If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
+ \ (bucket-owner-read)
+ / Both the object owner and the bucket owner get FULL_CONTROL over the object.
+ 6 | If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
+ \ (bucket-owner-full-control)
+acl>
+
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n>
+
+Configuration complete.
+Options:
+- type: s3
+- provider: IDrive
+- access_key_id: YOUR_ACCESS_KEY
+- secret_access_key: YOUR_SECRET_KEY
+- endpoint: q9d9.la12.idrivee2-5.com
+Keep this "e2" remote?
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+IONOS Cloud
+IONOS S3 Object Storage is a service offered by IONOS for storing and accessing unstructured data. To connect to the service, you will need an access key and a secret key. These can be found in the Data Center Designer, by selecting Manager resources > Object Storage Key Manager.
+Here is an example of a configuration. First, run rclone config
. This will walk you through an interactive setup process. Type n
to add the new remote, and then enter a name:
+Enter name for new remote.
+name> ionos-fra
+Type s3
to choose the connection type:
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+[snip]
+XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, IONOS Cloud, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Synology, Tencent COS and Wasabi
+ \ (s3)
+[snip]
+Storage> s3
+Type IONOS
:
+Option provider.
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+[snip]
+XX / IONOS Cloud
+ \ (IONOS)
+[snip]
+provider> IONOS
+Press Enter to choose the default option Enter AWS credentials in the next step
:
+Option env_auth.
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth>
+Enter your Access Key and Secret key. These can be retrieved in the Data Center Designer, click on the menu “Manager resources” / "Object Storage Key Manager".
+Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> YOUR_ACCESS_KEY
+
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> YOUR_SECRET_KEY
+Choose the region where your bucket is located:
+Option region.
+Region where your bucket will be created and your data stored.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / Frankfurt, Germany
+ \ (de)
+ 2 / Berlin, Germany
+ \ (eu-central-2)
+ 3 / Logrono, Spain
+ \ (eu-south-2)
+region> 2
+Choose the endpoint from the same region:
+Option endpoint.
+Endpoint for IONOS S3 Object Storage.
+Specify the endpoint from the same region.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / Frankfurt, Germany
+ \ (s3-eu-central-1.ionoscloud.com)
+ 2 / Berlin, Germany
+ \ (s3-eu-central-2.ionoscloud.com)
+ 3 / Logrono, Spain
+ \ (s3-eu-south-2.ionoscloud.com)
+endpoint> 1
+Press Enter to choose the default option or choose the desired ACL setting:
+Option acl.
+Canned ACL used when creating buckets and storing or copying objects.
+This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+[snip]
+acl>
+Press Enter to skip the advanced config:
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n>
+Press Enter to save the configuration, and then q
to quit the configuration process:
+Configuration complete.
+Options:
+- type: s3
+- provider: IONOS
+- access_key_id: YOUR_ACCESS_KEY
+- secret_access_key: YOUR_SECRET_KEY
+- endpoint: s3-eu-central-1.ionoscloud.com
+Keep this "ionos-fra" remote?
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+Done! Now you can try some commands (for macOS, use ./rclone
instead of rclone
).
+
+- Create a bucket (the name must be unique within the whole IONOS S3)
+
+rclone mkdir ionos-fra:my-bucket
+
+- List available buckets
+
+rclone lsd ionos-fra:
+
+- Copy a file from local to remote
+
+rclone copy /Users/file.txt ionos-fra:my-bucket
+
+- List contents of a bucket
+
+rclone ls ionos-fra:my-bucket
+
+- Copy a file from remote to local
+
+rclone copy ionos-fra:my-bucket/file.txt
+Minio
+Minio is an object storage server built for cloud application developers and devops.
+It is very easy to install and provides an S3 compatible server which can be used by rclone.
+To use it, install Minio following the instructions here.
+When it configures itself Minio will print something like this
+Endpoint: http://192.168.1.106:9000 http://172.23.0.1:9000
+AccessKey: USWUXHGYZQYFYFFIT3RE
+SecretKey: MOJRH0mkL1IPauahWITSVvyDrQbEEIwljvmxdq03
+Region: us-east-1
+SQS ARNs: arn:minio:sqs:us-east-1:1:redis arn:minio:sqs:us-east-1:2:redis
+
+Browser Access:
+ http://192.168.1.106:9000 http://172.23.0.1:9000
+
+Command-line Access: https://docs.minio.io/docs/minio-client-quickstart-guide
+ $ mc config host add myminio http://192.168.1.106:9000 USWUXHGYZQYFYFFIT3RE MOJRH0mkL1IPauahWITSVvyDrQbEEIwljvmxdq03
+
+Object API (Amazon S3 compatible):
+ Go: https://docs.minio.io/docs/golang-client-quickstart-guide
+ Java: https://docs.minio.io/docs/java-client-quickstart-guide
+ Python: https://docs.minio.io/docs/python-client-quickstart-guide
+ JavaScript: https://docs.minio.io/docs/javascript-client-quickstart-guide
+ .NET: https://docs.minio.io/docs/dotnet-client-quickstart-guide
+
+Drive Capacity: 26 GiB Free, 165 GiB Total
+These details need to go into rclone config
like this. Note that it is important to put the region in as stated above.
+env_auth> 1
+access_key_id> USWUXHGYZQYFYFFIT3RE
+secret_access_key> MOJRH0mkL1IPauahWITSVvyDrQbEEIwljvmxdq03
+region> us-east-1
+endpoint> http://192.168.1.106:9000
+location_constraint>
+server_side_encryption>
+Which makes the config file look like this
+[minio]
+type = s3
+provider = Minio
+env_auth = false
+access_key_id = USWUXHGYZQYFYFFIT3RE
+secret_access_key = MOJRH0mkL1IPauahWITSVvyDrQbEEIwljvmxdq03
+region = us-east-1
+endpoint = http://192.168.1.106:9000
+location_constraint =
+server_side_encryption =
+So once set up, for example, to copy files into a bucket
+rclone copy /path/to/files minio:bucket
+Qiniu Cloud Object Storage (Kodo)
+Qiniu Cloud Object Storage (Kodo), a completely independent-researched core technology which is proven by repeated customer experience has occupied absolute leading market leader position. Kodo can be widely applied to mass data management.
+To configure access to Qiniu Kodo, follow the steps below:
+
+- Run
rclone config
and select n
for a new remote.
+
+rclone config
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+
+- Give the name of the configuration. For example, name it 'qiniu'.
+
+name> qiniu
+
+- Select
s3
storage.
+
+Choose a number from below, or type in your own value
+ 1 / 1Fichier
+ \ (fichier)
+ 2 / Akamai NetStorage
+ \ (netstorage)
+ 3 / Alias for an existing remote
+ \ (alias)
+ 4 / Amazon Drive
+ \ (amazon cloud drive)
+ 5 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, Liara, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Synology, Tencent COS, Qiniu and Wasabi
+ \ (s3)
+[snip]
+Storage> s3
+
+- Select
Qiniu
provider.
+
+Choose a number from below, or type in your own value
+1 / Amazon Web Services (AWS) S3
+ \ "AWS"
+[snip]
+22 / Qiniu Object Storage (Kodo)
+ \ (Qiniu)
+[snip]
+provider> Qiniu
+
+- Enter your SecretId and SecretKey of Qiniu Kodo.
+
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Enter a boolean value (true or false). Press Enter for the default ("false").
+Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+env_auth> 1
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a string value. Press Enter for the default ("").
+access_key_id> AKIDxxxxxxxxxx
+AWS Secret Access Key (password)
+Leave blank for anonymous access or runtime credentials.
+Enter a string value. Press Enter for the default ("").
+secret_access_key> xxxxxxxxxxx
+
+- Select endpoint for Qiniu Kodo. This is the standard endpoint for different region.
+
+ / The default endpoint - a good choice if you are unsure.
+ 1 | East China Region 1.
+ | Needs location constraint cn-east-1.
+ \ (cn-east-1)
+ / East China Region 2.
+ 2 | Needs location constraint cn-east-2.
+ \ (cn-east-2)
+ / North China Region 1.
+ 3 | Needs location constraint cn-north-1.
+ \ (cn-north-1)
+ / South China Region 1.
+ 4 | Needs location constraint cn-south-1.
+ \ (cn-south-1)
+ / North America Region.
+ 5 | Needs location constraint us-north-1.
+ \ (us-north-1)
+ / Southeast Asia Region 1.
+ 6 | Needs location constraint ap-southeast-1.
+ \ (ap-southeast-1)
+ / Northeast Asia Region 1.
+ 7 | Needs location constraint ap-northeast-1.
+ \ (ap-northeast-1)
+[snip]
+endpoint> 1
+
+Option endpoint.
+Endpoint for Qiniu Object Storage.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / East China Endpoint 1
+ \ (s3-cn-east-1.qiniucs.com)
+ 2 / East China Endpoint 2
+ \ (s3-cn-east-2.qiniucs.com)
+ 3 / North China Endpoint 1
+ \ (s3-cn-north-1.qiniucs.com)
+ 4 / South China Endpoint 1
+ \ (s3-cn-south-1.qiniucs.com)
+ 5 / North America Endpoint 1
+ \ (s3-us-north-1.qiniucs.com)
+ 6 / Southeast Asia Endpoint 1
+ \ (s3-ap-southeast-1.qiniucs.com)
+ 7 / Northeast Asia Endpoint 1
+ \ (s3-ap-northeast-1.qiniucs.com)
+endpoint> 1
+
+Option location_constraint.
+Location constraint - must be set to match the Region.
+Used when creating buckets only.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / East China Region 1
+ \ (cn-east-1)
+ 2 / East China Region 2
+ \ (cn-east-2)
+ 3 / North China Region 1
+ \ (cn-north-1)
+ 4 / South China Region 1
+ \ (cn-south-1)
+ 5 / North America Region 1
+ \ (us-north-1)
+ 6 / Southeast Asia Region 1
+ \ (ap-southeast-1)
+ 7 / Northeast Asia Region 1
+ \ (ap-northeast-1)
+location_constraint> 1
+
+- Choose acl and storage class.
+
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+ 2 | The AllUsers group gets READ access.
+ \ (public-read)
+[snip]
+acl> 2
+The storage class to use when storing new objects in Tencent COS.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 1 / Standard storage class
+ \ (STANDARD)
+ 2 / Infrequent access storage mode
+ \ (LINE)
+ 3 / Archive storage mode
+ \ (GLACIER)
+ 4 / Deep archive storage mode
+ \ (DEEP_ARCHIVE)
+[snip]
+storage_class> 1
+Edit advanced config? (y/n)
+y) Yes
+n) No (default)
+y/n> n
+Remote config
+--------------------
+[qiniu]
+- type: s3
+- provider: Qiniu
+- access_key_id: xxx
+- secret_access_key: xxx
+- region: cn-east-1
+- endpoint: s3-cn-east-1.qiniucs.com
+- location_constraint: cn-east-1
+- acl: public-read
+- storage_class: STANDARD
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+Current remotes:
+
+Name Type
+==== ====
+qiniu s3
+RackCorp
+RackCorp Object Storage is an S3 compatible object storage platform from your friendly cloud provider RackCorp. The service is fast, reliable, well priced and located in many strategic locations unserviced by others, to ensure you can maintain data sovereignty.
+Before you can use RackCorp Object Storage, you'll need to "sign up" for an account on our "portal". Next you can create an access key
, a secret key
and buckets
, in your location of choice with ease. These details are required for the next steps of configuration, when rclone config
asks for your access_key_id
and secret_access_key
.
+Your config should end up looking a bit like this:
+[RCS3-demo-config]
+type = s3
+provider = RackCorp
+env_auth = true
+access_key_id = YOURACCESSKEY
+secret_access_key = YOURSECRETACCESSKEY
+region = au-nsw
+endpoint = s3.rackcorp.com
+location_constraint = au-nsw
+Rclone Serve S3
+Rclone can serve any remote over the S3 protocol. For details see the rclone serve s3 documentation.
+For example, to serve remote:path
over s3, run the server like this:
+rclone serve s3 --auth-key ACCESS_KEY_ID,SECRET_ACCESS_KEY remote:path
+This will be compatible with an rclone remote which is defined like this:
+[serves3]
+type = s3
+provider = Rclone
+endpoint = http://127.0.0.1:8080/
+access_key_id = ACCESS_KEY_ID
+secret_access_key = SECRET_ACCESS_KEY
+use_multipart_uploads = false
+Note that setting disable_multipart_uploads = true
is to work around a bug which will be fixed in due course.
+Scaleway
+Scaleway The Object Storage platform allows you to store anything from backups, logs and web assets to documents and photos. Files can be dropped from the Scaleway console or transferred through our API and CLI or using any S3-compatible tool.
+Scaleway provides an S3 interface which can be configured for use with rclone like this:
+[scaleway]
+type = s3
+provider = Scaleway
+env_auth = false
+endpoint = s3.nl-ams.scw.cloud
+access_key_id = SCWXXXXXXXXXXXXXX
+secret_access_key = 1111111-2222-3333-44444-55555555555555
+region = nl-ams
+location_constraint =
+acl = private
+server_side_encryption =
+storage_class =
+C14 Cold Storage is the low-cost S3 Glacier alternative from Scaleway and it works the same way as on S3 by accepting the "GLACIER" storage_class
. So you can configure your remote with the storage_class = GLACIER
option to upload directly to C14. Don't forget that in this state you can't read files back after, you will need to restore them to "STANDARD" storage_class first before being able to read them (see "restore" section above)
+Seagate Lyve Cloud
+Seagate Lyve Cloud is an S3 compatible object storage platform from Seagate intended for enterprise use.
+Here is a config run through for a remote called remote
- you may choose a different name of course. Note that to create an access key and secret key you will need to create a service account first.
+$ rclone config
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> remote
+Choose s3
backend
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+[snip]
+XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Liara, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent COS
+ \ (s3)
+[snip]
+Storage> s3
+Choose LyveCloud
as S3 provider
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+[snip]
+XX / Seagate Lyve Cloud
+ \ (LyveCloud)
+[snip]
+provider> LyveCloud
+Take the default (just press enter) to enter access key and secret in the config file.
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth>
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> XXX
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> YYY
+Leave region blank
+Region to connect to.
+Leave blank if you are using an S3 clone and you don't have a region.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / Use this if unsure.
+ 1 | Will use v4 signatures and an empty region.
+ \ ()
+ / Use this only if v4 signatures don't work.
+ 2 | E.g. pre Jewel/v10 CEPH.
+ \ (other-v2-signature)
+region>
+Choose an endpoint from the list
+Endpoint for S3 API.
+Required when using an S3 clone.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / Seagate Lyve Cloud US East 1 (Virginia)
+ \ (s3.us-east-1.lyvecloud.seagate.com)
+ 2 / Seagate Lyve Cloud US West 1 (California)
+ \ (s3.us-west-1.lyvecloud.seagate.com)
+ 3 / Seagate Lyve Cloud AP Southeast 1 (Singapore)
+ \ (s3.ap-southeast-1.lyvecloud.seagate.com)
+endpoint> 1
+Leave location constraint blank
+Location constraint - must be set to match the Region.
+Leave blank if not sure. Used when creating buckets only.
+Enter a value. Press Enter to leave empty.
+location_constraint>
+Choose default ACL (private
).
+Canned ACL used when creating buckets and storing or copying objects.
+This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+[snip]
+acl>
+And the config file should end up looking like this:
+[remote]
+type = s3
+provider = LyveCloud
+access_key_id = XXX
+secret_access_key = YYY
+endpoint = s3.us-east-1.lyvecloud.seagate.com
+SeaweedFS
+SeaweedFS is a distributed storage system for blobs, objects, files, and data lake, with O(1) disk seek and a scalable file metadata store. It has an S3 compatible object storage interface. SeaweedFS can also act as a gateway to remote S3 compatible object store to cache data and metadata with asynchronous write back, for fast local speed and minimize access cost.
+Assuming the SeaweedFS are configured with weed shell
as such:
+> s3.bucket.create -name foo
+> s3.configure -access_key=any -secret_key=any -buckets=foo -user=me -actions=Read,Write,List,Tagging,Admin -apply
+{
+ "identities": [
+ {
+ "name": "me",
+ "credentials": [
+ {
+ "accessKey": "any",
+ "secretKey": "any"
+ }
+ ],
+ "actions": [
+ "Read:foo",
+ "Write:foo",
+ "List:foo",
+ "Tagging:foo",
+ "Admin:foo"
+ ]
+ }
+ ]
+}
+To use rclone with SeaweedFS, above configuration should end up with something like this in your config:
+[seaweedfs_s3]
+type = s3
+provider = SeaweedFS
+access_key_id = any
+secret_access_key = any
+endpoint = localhost:8333
+So once set up, for example to copy files into a bucket
+rclone copy /path/to/files seaweedfs_s3:foo
+Wasabi
+Wasabi is a cloud-based object storage service for a broad range of applications and use cases. Wasabi is designed for individuals and organizations that require a high-performance, reliable, and secure data storage infrastructure at minimal cost.
+Wasabi provides an S3 interface which can be configured for use with rclone like this.
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+n/s> n
+name> wasabi
+Type of storage to configure.
+Choose a number from below, or type in your own value
+[snip]
+XX / Amazon S3 (also Dreamhost, Ceph, ChinaMobile, ArvanCloud, Minio, Liara)
+ \ "s3"
+[snip]
+Storage> s3
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars). Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+env_auth> 1
+AWS Access Key ID - leave blank for anonymous access or runtime credentials.
+access_key_id> YOURACCESSKEY
+AWS Secret Access Key (password) - leave blank for anonymous access or runtime credentials.
+secret_access_key> YOURSECRETACCESSKEY
+Region to connect to.
+Choose a number from below, or type in your own value
+ / The default endpoint - a good choice if you are unsure.
+ 1 | US Region, Northern Virginia, or Pacific Northwest.
+ | Leave location constraint empty.
+ \ "us-east-1"
+[snip]
+region> us-east-1
+Endpoint for S3 API.
+Leave blank if using AWS to use the default endpoint for the region.
+Specify if using an S3 clone such as Ceph.
+endpoint> s3.wasabisys.com
+Location constraint - must be set to match the Region. Used when creating buckets only.
+Choose a number from below, or type in your own value
+ 1 / Empty for US Region, Northern Virginia, or Pacific Northwest.
+ \ ""
+[snip]
+location_constraint>
+Canned ACL used when creating buckets and/or storing objects in S3.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Choose a number from below, or type in your own value
+ 1 / Owner gets FULL_CONTROL. No one else has access rights (default).
+ \ "private"
+[snip]
+acl>
+The server-side encryption algorithm used when storing this object in S3.
+Choose a number from below, or type in your own value
+ 1 / None
+ \ ""
+ 2 / AES256
+ \ "AES256"
+server_side_encryption>
+The storage class to use when storing objects in S3.
+Choose a number from below, or type in your own value
+ 1 / Default
+ \ ""
+ 2 / Standard storage class
+ \ "STANDARD"
+ 3 / Reduced redundancy storage class
+ \ "REDUCED_REDUNDANCY"
+ 4 / Standard Infrequent Access storage class
+ \ "STANDARD_IA"
+storage_class>
+Remote config
+--------------------
+[wasabi]
+env_auth = false
+access_key_id = YOURACCESSKEY
+secret_access_key = YOURSECRETACCESSKEY
+region = us-east-1
+endpoint = s3.wasabisys.com
+location_constraint =
+acl =
+server_side_encryption =
+storage_class =
+--------------------
+y) Yes this is OK
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+This will leave the config file looking like this.
+[wasabi]
+type = s3
+provider = Wasabi
+env_auth = false
+access_key_id = YOURACCESSKEY
+secret_access_key = YOURSECRETACCESSKEY
+region =
+endpoint = s3.wasabisys.com
+location_constraint =
+acl =
+server_side_encryption =
+storage_class =
+Alibaba OSS
+Here is an example of making an Alibaba Cloud (Aliyun) OSS configuration. First run:
+rclone config
+This will guide you through an interactive setup process.
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> oss
+Type of storage to configure.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+[snip]
+ 4 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Liara, Minio, and Tencent COS
+ \ "s3"
+[snip]
+Storage> s3
+Choose your S3 provider.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 1 / Amazon Web Services (AWS) S3
+ \ "AWS"
+ 2 / Alibaba Cloud Object Storage System (OSS) formerly Aliyun
+ \ "Alibaba"
+ 3 / Ceph Object Storage
+ \ "Ceph"
+[snip]
+provider> Alibaba
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Enter a boolean value (true or false). Press Enter for the default ("false").
+Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+env_auth> 1
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a string value. Press Enter for the default ("").
+access_key_id> accesskeyid
+AWS Secret Access Key (password)
+Leave blank for anonymous access or runtime credentials.
+Enter a string value. Press Enter for the default ("").
+secret_access_key> secretaccesskey
+Endpoint for OSS API.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 1 / East China 1 (Hangzhou)
+ \ "oss-cn-hangzhou.aliyuncs.com"
+ 2 / East China 2 (Shanghai)
+ \ "oss-cn-shanghai.aliyuncs.com"
+ 3 / North China 1 (Qingdao)
+ \ "oss-cn-qingdao.aliyuncs.com"
+[snip]
+endpoint> 1
+Canned ACL used when creating buckets and storing or copying objects.
+
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 1 / Owner gets FULL_CONTROL. No one else has access rights (default).
+ \ "private"
+ 2 / Owner gets FULL_CONTROL. The AllUsers group gets READ access.
+ \ "public-read"
+ / Owner gets FULL_CONTROL. The AllUsers group gets READ and WRITE access.
+[snip]
+acl> 1
+The storage class to use when storing new objects in OSS.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 1 / Default
+ \ ""
+ 2 / Standard storage class
+ \ "STANDARD"
+ 3 / Archive storage mode.
+ \ "GLACIER"
+ 4 / Infrequent access storage mode.
+ \ "STANDARD_IA"
+storage_class> 1
+Edit advanced config? (y/n)
+y) Yes
+n) No
+y/n> n
+Remote config
+--------------------
+[oss]
+type = s3
+provider = Alibaba
+env_auth = false
+access_key_id = accesskeyid
+secret_access_key = secretaccesskey
+endpoint = oss-cn-hangzhou.aliyuncs.com
+acl = private
+storage_class = Standard
+--------------------
+y) Yes this is OK
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+China Mobile Ecloud Elastic Object Storage (EOS)
+Here is an example of making an China Mobile Ecloud Elastic Object Storage (EOS) configuration. First run:
+rclone config
+This will guide you through an interactive setup process.
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> ChinaMobile
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+ ...
+ 5 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent COS
+ \ (s3)
+ ...
+Storage> s3
+Option provider.
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ ...
+ 4 / China Mobile Ecloud Elastic Object Storage (EOS)
+ \ (ChinaMobile)
+ ...
+provider> ChinaMobile
+Option env_auth.
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth>
+Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> accesskeyid
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> secretaccesskey
+Option endpoint.
+Endpoint for China Mobile Ecloud Elastic Object Storage (EOS) API.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / The default endpoint - a good choice if you are unsure.
+ 1 | East China (Suzhou)
+ \ (eos-wuxi-1.cmecloud.cn)
+ 2 / East China (Jinan)
+ \ (eos-jinan-1.cmecloud.cn)
+ 3 / East China (Hangzhou)
+ \ (eos-ningbo-1.cmecloud.cn)
+ 4 / East China (Shanghai-1)
+ \ (eos-shanghai-1.cmecloud.cn)
+ 5 / Central China (Zhengzhou)
+ \ (eos-zhengzhou-1.cmecloud.cn)
+ 6 / Central China (Changsha-1)
+ \ (eos-hunan-1.cmecloud.cn)
+ 7 / Central China (Changsha-2)
+ \ (eos-zhuzhou-1.cmecloud.cn)
+ 8 / South China (Guangzhou-2)
+ \ (eos-guangzhou-1.cmecloud.cn)
+ 9 / South China (Guangzhou-3)
+ \ (eos-dongguan-1.cmecloud.cn)
+10 / North China (Beijing-1)
+ \ (eos-beijing-1.cmecloud.cn)
+11 / North China (Beijing-2)
+ \ (eos-beijing-2.cmecloud.cn)
+12 / North China (Beijing-3)
+ \ (eos-beijing-4.cmecloud.cn)
+13 / North China (Huhehaote)
+ \ (eos-huhehaote-1.cmecloud.cn)
+14 / Southwest China (Chengdu)
+ \ (eos-chengdu-1.cmecloud.cn)
+15 / Southwest China (Chongqing)
+ \ (eos-chongqing-1.cmecloud.cn)
+16 / Southwest China (Guiyang)
+ \ (eos-guiyang-1.cmecloud.cn)
+17 / Nouthwest China (Xian)
+ \ (eos-xian-1.cmecloud.cn)
+18 / Yunnan China (Kunming)
+ \ (eos-yunnan.cmecloud.cn)
+19 / Yunnan China (Kunming-2)
+ \ (eos-yunnan-2.cmecloud.cn)
+20 / Tianjin China (Tianjin)
+ \ (eos-tianjin-1.cmecloud.cn)
+21 / Jilin China (Changchun)
+ \ (eos-jilin-1.cmecloud.cn)
+22 / Hubei China (Xiangyan)
+ \ (eos-hubei-1.cmecloud.cn)
+23 / Jiangxi China (Nanchang)
+ \ (eos-jiangxi-1.cmecloud.cn)
+24 / Gansu China (Lanzhou)
+ \ (eos-gansu-1.cmecloud.cn)
+25 / Shanxi China (Taiyuan)
+ \ (eos-shanxi-1.cmecloud.cn)
+26 / Liaoning China (Shenyang)
+ \ (eos-liaoning-1.cmecloud.cn)
+27 / Hebei China (Shijiazhuang)
+ \ (eos-hebei-1.cmecloud.cn)
+28 / Fujian China (Xiamen)
+ \ (eos-fujian-1.cmecloud.cn)
+29 / Guangxi China (Nanning)
+ \ (eos-guangxi-1.cmecloud.cn)
+30 / Anhui China (Huainan)
+ \ (eos-anhui-1.cmecloud.cn)
+endpoint> 1
+Option location_constraint.
+Location constraint - must match endpoint.
+Used when creating buckets only.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / East China (Suzhou)
+ \ (wuxi1)
+ 2 / East China (Jinan)
+ \ (jinan1)
+ 3 / East China (Hangzhou)
+ \ (ningbo1)
+ 4 / East China (Shanghai-1)
+ \ (shanghai1)
+ 5 / Central China (Zhengzhou)
+ \ (zhengzhou1)
+ 6 / Central China (Changsha-1)
+ \ (hunan1)
+ 7 / Central China (Changsha-2)
+ \ (zhuzhou1)
+ 8 / South China (Guangzhou-2)
+ \ (guangzhou1)
+ 9 / South China (Guangzhou-3)
+ \ (dongguan1)
+10 / North China (Beijing-1)
+ \ (beijing1)
+11 / North China (Beijing-2)
+ \ (beijing2)
+12 / North China (Beijing-3)
+ \ (beijing4)
+13 / North China (Huhehaote)
+ \ (huhehaote1)
+14 / Southwest China (Chengdu)
+ \ (chengdu1)
+15 / Southwest China (Chongqing)
+ \ (chongqing1)
+16 / Southwest China (Guiyang)
+ \ (guiyang1)
+17 / Nouthwest China (Xian)
+ \ (xian1)
+18 / Yunnan China (Kunming)
+ \ (yunnan)
+19 / Yunnan China (Kunming-2)
+ \ (yunnan2)
+20 / Tianjin China (Tianjin)
+ \ (tianjin1)
+21 / Jilin China (Changchun)
+ \ (jilin1)
+22 / Hubei China (Xiangyan)
+ \ (hubei1)
+23 / Jiangxi China (Nanchang)
+ \ (jiangxi1)
+24 / Gansu China (Lanzhou)
+ \ (gansu1)
+25 / Shanxi China (Taiyuan)
+ \ (shanxi1)
+26 / Liaoning China (Shenyang)
+ \ (liaoning1)
+27 / Hebei China (Shijiazhuang)
+ \ (hebei1)
+28 / Fujian China (Xiamen)
+ \ (fujian1)
+29 / Guangxi China (Nanning)
+ \ (guangxi1)
+30 / Anhui China (Huainan)
+ \ (anhui1)
+location_constraint> 1
+Option acl.
+Canned ACL used when creating buckets and storing or copying objects.
+This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+ 2 | The AllUsers group gets READ access.
+ \ (public-read)
+ / Owner gets FULL_CONTROL.
+ 3 | The AllUsers group gets READ and WRITE access.
+ | Granting this on a bucket is generally not recommended.
+ \ (public-read-write)
+ / Owner gets FULL_CONTROL.
+ 4 | The AuthenticatedUsers group gets READ access.
+ \ (authenticated-read)
+ / Object owner gets FULL_CONTROL.
+acl> private
+Option server_side_encryption.
+The server-side encryption algorithm used when storing this object in S3.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / None
+ \ ()
+ 2 / AES256
+ \ (AES256)
+server_side_encryption>
+Option storage_class.
+The storage class to use when storing new objects in ChinaMobile.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / Default
+ \ ()
+ 2 / Standard storage class
+ \ (STANDARD)
+ 3 / Archive storage mode
+ \ (GLACIER)
+ 4 / Infrequent access storage mode
+ \ (STANDARD_IA)
+storage_class>
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> n
+--------------------
+[ChinaMobile]
+type = s3
+provider = ChinaMobile
+access_key_id = accesskeyid
+secret_access_key = secretaccesskey
+endpoint = eos-wuxi-1.cmecloud.cn
+location_constraint = wuxi1
+acl = private
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+Leviia Cloud Object Storage
+Leviia Object Storage, backup and secure your data in a 100% French cloud, independent of GAFAM..
+To configure access to Leviia, follow the steps below:
-Install-Module -Name Microsoft.Online.SharePoint.PowerShell
(in case you haven't installed this already)
-Import-Module Microsoft.Online.SharePoint.PowerShell -DisableNameChecking
-Connect-SPOService -Url https://YOURSITE-admin.sharepoint.com -Credential YOU@YOURSITE.COM
(replacing YOURSITE
, YOU
, YOURSITE.COM
with the actual values; this will prompt for your credentials)
-Set-SPOTenant -EnableMinimumVersionRequirement $False
-Disconnect-SPOService
(to disconnect from the server)
+- Run
rclone config
and select n
for a new remote.
-Below are the steps for normal users to disable versioning. If you don't see the "No Versioning" option, make sure the above requirements are met.
-User Weropol has found a method to disable versioning on OneDrive
-
-- Open the settings menu by clicking on the gear symbol at the top of the OneDrive Business page.
-- Click Site settings.
-- Once on the Site settings page, navigate to Site Administration > Site libraries and lists.
-- Click Customize "Documents".
-- Click General Settings > Versioning Settings.
-- Under Document Version History select the option No versioning. Note: This will disable the creation of new file versions, but will not remove any previous versions. Your documents are safe.
-- Apply the changes by clicking OK.
-- Use rclone to upload or modify files. (I also use the --no-update-modtime flag)
-- Restore the versioning settings after using rclone. (Optional)
+rclone config
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+
+- Give the name of the configuration. For example, name it 'leviia'.
-Cleanup
-OneDrive supports rclone cleanup
which causes rclone to look through every file under the path supplied and delete all version but the current version. Because this involves traversing all the files, then querying each file for versions it can be quite slow. Rclone does --checkers
tests in parallel. The command also supports --interactive
/i
or --dry-run
which is a great way to see what it would do.
-rclone cleanup --interactive remote:path/subdir # interactively remove all old version for path/subdir
-rclone cleanup remote:path/subdir # unconditionally remove all old version for path/subdir
-NB Onedrive personal can't currently delete versions
-Troubleshooting
-Excessive throttling or blocked on SharePoint
-If you experience excessive throttling or is being blocked on SharePoint then it may help to set the user agent explicitly with a flag like this: --user-agent "ISV|rclone.org|rclone/v1.55.1"
-The specific details can be found in the Microsoft document: Avoid getting throttled or blocked in SharePoint Online
-Unexpected file size/hash differences on Sharepoint
-It is a known issue that Sharepoint (not OneDrive or OneDrive for Business) silently modifies uploaded files, mainly Office files (.docx, .xlsx, etc.), causing file size and hash checks to fail. There are also other situations that will cause OneDrive to report inconsistent file sizes. To use rclone with such affected files on Sharepoint, you may disable these checks with the following command line arguments:
---ignore-checksum --ignore-size
-Alternatively, if you have write access to the OneDrive files, it may be possible to fix this problem for certain files, by attempting the steps below. Open the web interface for OneDrive and find the affected files (which will be in the error messages/log for rclone). Simply click on each of these files, causing OneDrive to open them on the web. This will cause each file to be converted in place to a format that is functionally equivalent but which will no longer trigger the size discrepancy. Once all problematic files are converted you will no longer need the ignore options above.
-Replacing/deleting existing files on Sharepoint gets "item not found"
-It is a known issue that Sharepoint (not OneDrive or OneDrive for Business) may return "item not found" errors when users try to replace or delete uploaded files; this seems to mainly affect Office files (.docx, .xlsx, etc.) and web files (.html, .aspx, etc.). As a workaround, you may use the --backup-dir <BACKUP_DIR>
command line argument so rclone moves the files to be replaced/deleted into a given backup directory (instead of directly replacing/deleting them). For example, to instruct rclone to move the files into the directory rclone-backup-dir
on backend mysharepoint
, you may use:
---backup-dir mysharepoint:rclone-backup-dir
-access_denied (AADSTS65005)
-Error: access_denied
-Code: AADSTS65005
-Description: Using application 'rclone' is currently not supported for your organization [YOUR_ORGANIZATION] because it is in an unmanaged state. An administrator needs to claim ownership of the company by DNS validation of [YOUR_ORGANIZATION] before the application rclone can be provisioned.
-This means that rclone can't use the OneDrive for Business API with your account. You can't do much about it, maybe write an email to your admins.
-However, there are other ways to interact with your OneDrive account. Have a look at the WebDAV backend: https://rclone.org/webdav/#sharepoint
-invalid_grant (AADSTS50076)
-Error: invalid_grant
-Code: AADSTS50076
-Description: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '...'.
-If you see the error above after enabling multi-factor authentication for your account, you can fix it by refreshing your OAuth refresh token. To do that, run rclone config
, and choose to edit your OneDrive backend. Then, you don't need to actually make any changes until you reach this question: Already have a token - refresh?
. For this question, answer y
and go through the process to refresh your token, just like the first time the backend is configured. After this, rclone should work again for this backend.
-Invalid request when making public links
-On Sharepoint and OneDrive for Business, rclone link
may return an "Invalid request" error. A possible cause is that the organisation admin didn't allow public links to be made for the organisation/sharepoint library. To fix the permissions as an admin, take a look at the docs: 1, 2.
-Can not access Shared
with me files
-Shared with me files is not supported by rclone currently, but there is a workaround:
-
-- Visit https://onedrive.live.com
-- Right click a item in
Shared
, then click Add shortcut to My files
in the context
-- The shortcut will appear in
My files
, you can access it with rclone, it behaves like a normal folder/file.
+name> leviia
+
+- Select
s3
storage.
-Live Photos uploaded from iOS (small video clips in .heic files)
-The iOS OneDrive app introduced upload and storage of Live Photos in 2020. The usage and download of these uploaded Live Photos is unfortunately still work-in-progress and this introduces several issues when copying, synchronising and mounting – both in rclone and in the native OneDrive client on Windows.
-The root cause can easily be seen if you locate one of your Live Photos in the OneDrive web interface. Then download the photo from the web interface. You will then see that the size of downloaded .heic file is smaller than the size displayed in the web interface. The downloaded file is smaller because it only contains a single frame (still photo) extracted from the Live Photo (movie) stored in OneDrive.
-The different sizes will cause rclone copy/sync
to repeatedly recopy unmodified photos something like this:
-DEBUG : 20230203_123826234_iOS.heic: Sizes differ (src 4470314 vs dst 1298667)
-DEBUG : 20230203_123826234_iOS.heic: sha1 = fc2edde7863b7a7c93ca6771498ac797f8460750 OK
-INFO : 20230203_123826234_iOS.heic: Copied (replaced existing)
-These recopies can be worked around by adding --ignore-size
. Please note that this workaround only syncs the still-picture not the movie clip, and relies on modification dates being correctly updated on all files in all situations.
-The different sizes will also cause rclone check
to report size errors something like this:
-ERROR : 20230203_123826234_iOS.heic: sizes differ
-These check errors can be suppressed by adding --ignore-size
.
-The different sizes will also cause rclone mount
to fail downloading with an error something like this:
-ERROR : 20230203_123826234_iOS.heic: ReadFileHandle.Read error: low level retry 1/10: unexpected EOF
-or like this when using --cache-mode=full
:
-INFO : 20230203_123826234_iOS.heic: vfs cache: downloader: error count now 1: vfs reader: failed to write to cache file: 416 Requested Range Not Satisfiable:
-ERROR : 20230203_123826234_iOS.heic: vfs cache: failed to download: vfs reader: failed to write to cache file: 416 Requested Range Not Satisfiable:
-OpenDrive
-Paths are specified as remote:path
-Paths may be as deep as required, e.g. remote:directory/subdirectory
.
-Configuration
-Here is an example of how to make a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-n) New remote
-d) Delete remote
-q) Quit config
-e/n/d/q> n
-name> remote
+Choose a number from below, or type in your own value
+ 1 / 1Fichier
+ \ (fichier)
+ 2 / Akamai NetStorage
+ \ (netstorage)
+ 3 / Alias for an existing remote
+ \ (alias)
+ 4 / Amazon Drive
+ \ (amazon cloud drive)
+ 5 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, Liara, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Synology, Tencent COS, Qiniu and Wasabi
+ \ (s3)
+[snip]
+Storage> s3
+
+- Select
Leviia
provider.
+
+Choose a number from below, or type in your own value
+1 / Amazon Web Services (AWS) S3
+ \ "AWS"
+[snip]
+15 / Leviia Object Storage
+ \ (Leviia)
+[snip]
+provider> Leviia
+
+- Enter your SecretId and SecretKey of Leviia.
+
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Enter a boolean value (true or false). Press Enter for the default ("false").
+Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+env_auth> 1
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a string value. Press Enter for the default ("").
+access_key_id> ZnIx.xxxxxxxxxxxxxxx
+AWS Secret Access Key (password)
+Leave blank for anonymous access or runtime credentials.
+Enter a string value. Press Enter for the default ("").
+secret_access_key> xxxxxxxxxxx
+
+- Select endpoint for Leviia.
+
+ / The default endpoint
+ 1 | Leviia.
+ \ (s3.leviia.com)
+[snip]
+endpoint> 1
+
+- Choose acl.
+
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+ 2 | The AllUsers group gets READ access.
+ \ (public-read)
+[snip]
+acl> 1
+Edit advanced config? (y/n)
+y) Yes
+n) No (default)
+y/n> n
+Remote config
+--------------------
+[leviia]
+- type: s3
+- provider: Leviia
+- access_key_id: ZnIx.xxxxxxx
+- secret_access_key: xxxxxxxx
+- endpoint: s3.leviia.com
+- acl: private
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+Current remotes:
+
+Name Type
+==== ====
+leviia s3
+Liara
+Here is an example of making a Liara Object Storage configuration. First run:
+rclone config
+This will guide you through an interactive setup process.
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+n/s> n
+name> Liara
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / OpenDrive
- \ "opendrive"
+XX / Amazon S3 (also Dreamhost, Ceph, ChinaMobile, ArvanCloud, Liara, Minio)
+ \ "s3"
[snip]
-Storage> opendrive
-Username
-username>
-Password
-y) Yes type in my own password
-g) Generate random password
-y/g> y
-Enter the password:
-password:
-Confirm the password:
-password:
+Storage> s3
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars). Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+env_auth> 1
+AWS Access Key ID - leave blank for anonymous access or runtime credentials.
+access_key_id> YOURACCESSKEY
+AWS Secret Access Key (password) - leave blank for anonymous access or runtime credentials.
+secret_access_key> YOURSECRETACCESSKEY
+Region to connect to.
+Choose a number from below, or type in your own value
+ / The default endpoint
+ 1 | US Region, Northern Virginia, or Pacific Northwest.
+ | Leave location constraint empty.
+ \ "us-east-1"
+[snip]
+region>
+Endpoint for S3 API.
+Leave blank if using Liara to use the default endpoint for the region.
+Specify if using an S3 clone such as Ceph.
+endpoint> storage.iran.liara.space
+Canned ACL used when creating buckets and/or storing objects in S3.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Choose a number from below, or type in your own value
+ 1 / Owner gets FULL_CONTROL. No one else has access rights (default).
+ \ "private"
+[snip]
+acl>
+The server-side encryption algorithm used when storing this object in S3.
+Choose a number from below, or type in your own value
+ 1 / None
+ \ ""
+ 2 / AES256
+ \ "AES256"
+server_side_encryption>
+The storage class to use when storing objects in S3.
+Choose a number from below, or type in your own value
+ 1 / Default
+ \ ""
+ 2 / Standard storage class
+ \ "STANDARD"
+storage_class>
+Remote config
--------------------
-[remote]
-username =
-password = *** ENCRYPTED ***
+[Liara]
+env_auth = false
+access_key_id = YOURACCESSKEY
+secret_access_key = YOURSECRETACCESSKEY
+endpoint = storage.iran.liara.space
+location_constraint =
+acl =
+server_side_encryption =
+storage_class =
--------------------
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y
-List directories in top level of your OpenDrive
-rclone lsd remote:
-List all the files in your OpenDrive
-rclone ls remote:
-To copy a local directory to an OpenDrive directory called backup
-rclone copy /home/source remote:backup
-Modified time and MD5SUMs
-OpenDrive allows modification times to be set on objects accurate to 1 second. These will be used to detect whether objects need syncing or not.
-Restricted filename characters
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-NUL
-0x00
-␀
-
-
-/
-0x2F
-/
-
-
-"
-0x22
-"
-
-
-*
-0x2A
-*
-
-
-:
-0x3A
-:
-
-
-<
-0x3C
-<
-
-
->
-0x3E
->
-
-
-?
-0x3F
-?
-
-
-\
-0x5C
-\
-
-
-|
-0x7C
-|
-
-
-
-File names can also not begin or end with the following characters. These only get replaced if they are the first or last character in the name:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-SP
-0x20
-␠
-
-
-HT
-0x09
-␉
-
-
-LF
-0x0A
-␊
-
-
-VT
-0x0B
-␋
-
-
-CR
-0x0D
-␍
-
-
-
-Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Standard options
-Here are the Standard options specific to opendrive (OpenDrive).
---opendrive-username
-Username.
-Properties:
-
-- Config: username
-- Env Var: RCLONE_OPENDRIVE_USERNAME
-- Type: string
-- Required: true
-
---opendrive-password
-Password.
-NB Input to this must be obscured - see rclone obscure.
-Properties:
-
-- Config: password
-- Env Var: RCLONE_OPENDRIVE_PASSWORD
-- Type: string
-- Required: true
-
-Advanced options
-Here are the Advanced options specific to opendrive (OpenDrive).
---opendrive-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_OPENDRIVE_ENCODING
-- Type: MultiEncoder
-- Default: Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,LeftSpace,LeftCrLfHtVt,RightSpace,RightCrLfHtVt,InvalidUtf8,Dot
-
---opendrive-chunk-size
-Files will be uploaded in chunks this size.
-Note that these chunks are buffered in memory so increasing them will increase memory use.
-Properties:
-
-- Config: chunk_size
-- Env Var: RCLONE_OPENDRIVE_CHUNK_SIZE
-- Type: SizeSuffix
-- Default: 10Mi
-
-Limitations
-Note that OpenDrive is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
-There are quite a few characters that can't be in OpenDrive file names. These can't occur on Windows platforms, but on non-Windows platforms they are common. Rclone will map these names to and from an identical looking unicode equivalent. For example if a file has a ?
in it will be mapped to ?
instead.
-rclone about
is not supported by the OpenDrive backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs
(most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about and rclone about
-Oracle Object Storage
-Oracle Object Storage Overview
-
-Paths are specified as remote:bucket
(or remote:
for the lsd
command.) You may put subdirectories in too, e.g. remote:bucket/path/to/dir
.
-Configuration
-Here is an example of making an oracle object storage configuration. rclone config
walks you through it.
-Here is an example of how to make a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-n) New remote
-d) Delete remote
-r) Rename remote
-c) Copy remote
+This will leave the config file looking like this.
+[Liara]
+type = s3
+provider = Liara
+env_auth = false
+access_key_id = YOURACCESSKEY
+secret_access_key = YOURSECRETACCESSKEY
+region =
+endpoint = storage.iran.liara.space
+location_constraint =
+acl =
+server_side_encryption =
+storage_class =
+Linode
+Here is an example of making a Linode Object Storage configuration. First run:
+rclone config
+This will guide you through an interactive setup process.
+No remotes found, make a new one?
+n) New remote
s) Set configuration password
q) Quit config
-e/n/d/r/c/s/q> n
+n/s/q> n
Enter name for new remote.
-name> remote
+name> linode
Option Storage.
Type of storage to configure.
Choose a number from below, or type in your own value.
[snip]
-XX / Oracle Cloud Infrastructure Object Storage
- \ (oracleobjectstorage)
-Storage> oracleobjectstorage
+ X / Amazon S3 Compliant Storage Providers including AWS, ...Linode, ...and others
+ \ (s3)
+[snip]
+Storage> s3
Option provider.
-Choose your Auth Provider
-Choose a number from below, or type in your own string value.
-Press Enter for the default (env_auth).
- 1 / automatically pickup the credentials from runtime(env), first one to provide auth wins
- \ (env_auth)
- / use an OCI user and an API key for authentication.
- 2 | you’ll need to put in a config file your tenancy OCID, user OCID, region, the path, fingerprint to an API key.
- | https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm
- \ (user_principal_auth)
- / use instance principals to authorize an instance to make API calls.
- 3 | each instance has its own identity, and authenticates using the certificates that are read from instance metadata.
- | https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm
- \ (instance_principal_auth)
- 4 / use resource principals to make API calls
- \ (resource_principal_auth)
- 5 / no credentials needed, this is typically for reading public buckets
- \ (no_auth)
-provider> 2
-
-Option namespace.
-Object storage namespace
-Enter a value.
-namespace> idbamagbg734
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+[snip]
+XX / Linode Object Storage
+ \ (Linode)
+[snip]
+provider> Linode
-Option compartment.
-Object storage compartment OCID
-Enter a value.
-compartment> ocid1.compartment.oc1..aaaaaaaapufkxc7ame3sthry5i7ujrwfc7ejnthhu6bhanm5oqfjpyasjkba
+Option env_auth.
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth>
-Option region.
-Object storage Region
-Enter a value.
-region> us-ashburn-1
+Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> ACCESS_KEY
-Option endpoint.
-Endpoint for Object storage API.
-Leave blank to use the default endpoint for the region.
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
Enter a value. Press Enter to leave empty.
-endpoint>
-
-Option config_file.
-Full Path to OCI config file
-Choose a number from below, or type in your own string value.
-Press Enter for the default (~/.oci/config).
- 1 / oci configuration file location
- \ (~/.oci/config)
-config_file> /etc/oci/dev.conf
-
-Option config_profile.
-Profile name inside OCI config file
-Choose a number from below, or type in your own string value.
-Press Enter for the default (Default).
- 1 / Use the default profile
- \ (Default)
-config_profile> Test
+secret_access_key> SECRET_ACCESS_KEY
+
+Option endpoint.
+Endpoint for Linode Object Storage API.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / Atlanta, GA (USA), us-southeast-1
+ \ (us-southeast-1.linodeobjects.com)
+ 2 / Chicago, IL (USA), us-ord-1
+ \ (us-ord-1.linodeobjects.com)
+ 3 / Frankfurt (Germany), eu-central-1
+ \ (eu-central-1.linodeobjects.com)
+ 4 / Milan (Italy), it-mil-1
+ \ (it-mil-1.linodeobjects.com)
+ 5 / Newark, NJ (USA), us-east-1
+ \ (us-east-1.linodeobjects.com)
+ 6 / Paris (France), fr-par-1
+ \ (fr-par-1.linodeobjects.com)
+ 7 / Seattle, WA (USA), us-sea-1
+ \ (us-sea-1.linodeobjects.com)
+ 8 / Singapore ap-south-1
+ \ (ap-south-1.linodeobjects.com)
+ 9 / Stockholm (Sweden), se-sto-1
+ \ (se-sto-1.linodeobjects.com)
+10 / Washington, DC, (USA), us-iad-1
+ \ (us-iad-1.linodeobjects.com)
+endpoint> 3
+
+Option acl.
+Canned ACL used when creating buckets and storing or copying objects.
+This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+If the acl is an empty string then no X-Amz-Acl: header is added and
+the default (private) will be used.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+[snip]
+acl>
Edit advanced config?
y) Yes
n) No (default)
y/n> n
-
-Configuration complete.
-Options:
-- type: oracleobjectstorage
-- namespace: idbamagbg734
-- compartment: ocid1.compartment.oc1..aaaaaaaapufkxc7ame3sthry5i7ujrwfc7ejnthhu6bhanm5oqfjpyasjkba
-- region: us-ashburn-1
-- provider: user_principal_auth
-- config_file: /etc/oci/dev.conf
-- config_profile: Test
-Keep this "remote" remote?
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-See all buckets
-rclone lsd remote:
-Create a new bucket
-rclone mkdir remote:bucket
-List the contents of a bucket
-rclone ls remote:bucket
-rclone ls remote:bucket --max-depth 1
-OCI Authentication Provider
-OCI has various authentication methods. To learn more about authentication methods please refer oci authentication methods These choices can be specified in the rclone config file.
-Rclone supports the following OCI authentication provider.
-User Principal
-Instance Principal
-Resource Principal
-No authentication
-Authentication provider choice: User Principal
-Sample rclone config file for Authentication Provider User Principal:
-[oos]
-type = oracleobjectstorage
-namespace = id<redacted>34
-compartment = ocid1.compartment.oc1..aa<redacted>ba
-region = us-ashburn-1
-provider = user_principal_auth
-config_file = /home/opc/.oci/config
-config_profile = Default
-Advantages: - One can use this method from any server within OCI or on-premises or from other cloud provider.
-Considerations: - you need to configure user’s privileges / policy to allow access to object storage - Overhead of managing users and keys. - If the user is deleted, the config file will no longer work and may cause automation regressions that use the user's credentials.
-Authentication provider choice: Instance Principal
-An OCI compute instance can be authorized to use rclone by using it's identity and certificates as an instance principal. With this approach no credentials have to be stored and managed.
-Sample rclone configuration file for Authentication Provider Instance Principal:
-[opc@rclone ~]$ cat ~/.config/rclone/rclone.conf
-[oos]
-type = oracleobjectstorage
-namespace = id<redacted>fn
-compartment = ocid1.compartment.oc1..aa<redacted>k7a
-region = us-ashburn-1
-provider = instance_principal_auth
-Advantages:
-
-- With instance principals, you don't need to configure user credentials and transfer/ save it to disk in your compute instances or rotate the credentials.
-- You don’t need to deal with users and keys.
-- Greatly helps in automation as you don't have to manage access keys, user private keys, storing them in vault, using kms etc.
-
-Considerations:
-
-- You need to configure a dynamic group having this instance as member and add policy to read object storage to that dynamic group.
-- Everyone who has access to this machine can execute the CLI commands.
-- It is applicable for oci compute instances only. It cannot be used on external instance or resources.
-
-Authentication provider choice: Resource Principal
-Resource principal auth is very similar to instance principal auth but used for resources that are not compute instances such as serverless functions. To use resource principal ensure Rclone process is started with these environment variables set in its process.
-export OCI_RESOURCE_PRINCIPAL_VERSION=2.2
-export OCI_RESOURCE_PRINCIPAL_REGION=us-ashburn-1
-export OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM=/usr/share/model-server/key.pem
-export OCI_RESOURCE_PRINCIPAL_RPST=/usr/share/model-server/security_token
-Sample rclone configuration file for Authentication Provider Resource Principal:
-[oos]
-type = oracleobjectstorage
-namespace = id<redacted>34
-compartment = ocid1.compartment.oc1..aa<redacted>ba
-region = us-ashburn-1
-provider = resource_principal_auth
-Authentication provider choice: No authentication
-Public buckets do not require any authentication mechanism to read objects. Sample rclone configuration file for No authentication:
-[oos]
-type = oracleobjectstorage
-namespace = id<redacted>34
-compartment = ocid1.compartment.oc1..aa<redacted>ba
-region = us-ashburn-1
-provider = no_auth
-Options
-Modified time
-The modified time is stored as metadata on the object as opc-meta-mtime
as floating point since the epoch, accurate to 1 ns.
-If the modification time needs to be updated rclone will attempt to perform a server side copy to update the modification if the object can be copied in a single part. In the case the object is larger than 5Gb, the object will be uploaded rather than copied.
-Note that reading this from the object takes an additional HEAD
request as the metadata isn't returned in object listings.
-Multipart uploads
-rclone supports multipart uploads with OOS which means that it can upload files bigger than 5 GiB.
-Note that files uploaded both with multipart upload and through crypt remotes do not have MD5 sums.
-rclone switches from single part uploads to multipart uploads at the point specified by --oos-upload-cutoff
. This can be a maximum of 5 GiB and a minimum of 0 (ie always upload multipart files).
-The chunk sizes used in the multipart upload are specified by --oos-chunk-size
and the number of chunks uploaded concurrently is specified by --oos-upload-concurrency
.
-Multipart uploads will use --transfers
* --oos-upload-concurrency
* --oos-chunk-size
extra memory. Single part uploads to not use extra memory.
-Single part transfers can be faster than multipart transfers or slower depending on your latency from oos - the more latency, the more likely single part transfers will be faster.
-Increasing --oos-upload-concurrency
will increase throughput (8 would be a sensible value) and increasing --oos-chunk-size
also increases throughput (16M would be sensible). Increasing either of these will use more memory. The default values are high enough to gain most of the possible performance without using too much memory.
-Standard options
-Here are the Standard options specific to oracleobjectstorage (Oracle Cloud Infrastructure Object Storage).
---oos-provider
-Choose your Auth Provider
-Properties:
-
-- Config: provider
-- Env Var: RCLONE_OOS_PROVIDER
-- Type: string
-- Default: "env_auth"
-- Examples:
-
-- "env_auth"
-
-- automatically pickup the credentials from runtime(env), first one to provide auth wins
-
-- "user_principal_auth"
-
-- use an OCI user and an API key for authentication.
-- you’ll need to put in a config file your tenancy OCID, user OCID, region, the path, fingerprint to an API key.
-- https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm
-
-- "instance_principal_auth"
-
-- use instance principals to authorize an instance to make API calls.
-- each instance has its own identity, and authenticates using the certificates that are read from instance metadata.
-- https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm
-
-- "resource_principal_auth"
-
-- use resource principals to make API calls
-
-- "no_auth"
-
-- no credentials needed, this is typically for reading public buckets
-
-
-
---oos-namespace
-Object storage namespace
-Properties:
-
-- Config: namespace
-- Env Var: RCLONE_OOS_NAMESPACE
-- Type: string
-- Required: true
-
---oos-compartment
-Object storage compartment OCID
-Properties:
-
-- Config: compartment
-- Env Var: RCLONE_OOS_COMPARTMENT
-- Provider: !no_auth
-- Type: string
-- Required: true
-
---oos-region
-Object storage Region
-Properties:
-
-- Config: region
-- Env Var: RCLONE_OOS_REGION
-- Type: string
-- Required: true
-
---oos-endpoint
-Endpoint for Object storage API.
-Leave blank to use the default endpoint for the region.
-Properties:
-
-- Config: endpoint
-- Env Var: RCLONE_OOS_ENDPOINT
-- Type: string
-- Required: false
-
---oos-config-file
-Path to OCI config file
-Properties:
-
-- Config: config_file
-- Env Var: RCLONE_OOS_CONFIG_FILE
-- Provider: user_principal_auth
-- Type: string
-- Default: "~/.oci/config"
-- Examples:
-
-- "~/.oci/config"
-
-- oci configuration file location
-
-
-
---oos-config-profile
-Profile name inside the oci config file
-Properties:
-
-- Config: config_profile
-- Env Var: RCLONE_OOS_CONFIG_PROFILE
-- Provider: user_principal_auth
-- Type: string
-- Default: "Default"
-- Examples:
-
-- "Default"
-
-- Use the default profile
-
-
-
-Advanced options
-Here are the Advanced options specific to oracleobjectstorage (Oracle Cloud Infrastructure Object Storage).
---oos-storage-tier
-The storage class to use when storing new objects in storage. https://docs.oracle.com/en-us/iaas/Content/Object/Concepts/understandingstoragetiers.htm
-Properties:
-
-- Config: storage_tier
-- Env Var: RCLONE_OOS_STORAGE_TIER
-- Type: string
-- Default: "Standard"
-- Examples:
-
-- "Standard"
-
-- Standard storage tier, this is the default tier
-
-- "InfrequentAccess"
-
-- InfrequentAccess storage tier
-
-- "Archive"
-
-- Archive storage tier
-
-
-
---oos-upload-cutoff
-Cutoff for switching to chunked upload.
-Any files larger than this will be uploaded in chunks of chunk_size. The minimum is 0 and the maximum is 5 GiB.
-Properties:
-
-- Config: upload_cutoff
-- Env Var: RCLONE_OOS_UPLOAD_CUTOFF
-- Type: SizeSuffix
-- Default: 200Mi
-
---oos-chunk-size
-Chunk size to use for uploading.
-When uploading files larger than upload_cutoff or files with unknown size (e.g. from "rclone rcat" or uploaded with "rclone mount" or google photos or google docs) they will be uploaded as multipart uploads using this chunk size.
-Note that "upload_concurrency" chunks of this size are buffered in memory per transfer.
-If you are transferring large files over high-speed links and you have enough memory, then increasing this will speed up the transfers.
-Rclone will automatically increase the chunk size when uploading a large file of known size to stay below the 10,000 chunks limit.
-Files of unknown size are uploaded with the configured chunk_size. Since the default chunk size is 5 MiB and there can be at most 10,000 chunks, this means that by default the maximum size of a file you can stream upload is 48 GiB. If you wish to stream upload larger files then you will need to increase chunk_size.
-Increasing the chunk size decreases the accuracy of the progress statistics displayed with "-P" flag.
-Properties:
-
-- Config: chunk_size
-- Env Var: RCLONE_OOS_CHUNK_SIZE
-- Type: SizeSuffix
-- Default: 5Mi
-
---oos-upload-concurrency
-Concurrency for multipart uploads.
-This is the number of chunks of the same file that are uploaded concurrently.
-If you are uploading small numbers of large files over high-speed links and these uploads do not fully utilize your bandwidth, then increasing this may help to speed up the transfers.
-Properties:
-
-- Config: upload_concurrency
-- Env Var: RCLONE_OOS_UPLOAD_CONCURRENCY
-- Type: int
-- Default: 10
-
---oos-copy-cutoff
-Cutoff for switching to multipart copy.
-Any files larger than this that need to be server-side copied will be copied in chunks of this size.
-The minimum is 0 and the maximum is 5 GiB.
-Properties:
-
-- Config: copy_cutoff
-- Env Var: RCLONE_OOS_COPY_CUTOFF
-- Type: SizeSuffix
-- Default: 4.656Gi
-
---oos-copy-timeout
-Timeout for copy.
-Copy is an asynchronous operation, specify timeout to wait for copy to succeed
-Properties:
-
-- Config: copy_timeout
-- Env Var: RCLONE_OOS_COPY_TIMEOUT
-- Type: Duration
-- Default: 1m0s
-
---oos-disable-checksum
-Don't store MD5 checksum with object metadata.
-Normally rclone will calculate the MD5 checksum of the input before uploading it so it can add it to metadata on the object. This is great for data integrity checking but can cause long delays for large files to start uploading.
-Properties:
-
-- Config: disable_checksum
-- Env Var: RCLONE_OOS_DISABLE_CHECKSUM
-- Type: bool
-- Default: false
-
---oos-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_OOS_ENCODING
-- Type: MultiEncoder
-- Default: Slash,InvalidUtf8,Dot
-
---oos-leave-parts-on-error
-If true avoid calling abort upload on a failure, leaving all successfully uploaded parts on S3 for manual recovery.
-It should be set to true for resuming uploads across different sessions.
-WARNING: Storing parts of an incomplete multipart upload counts towards space usage on object storage and will add additional costs if not cleaned up.
-Properties:
-
-- Config: leave_parts_on_error
-- Env Var: RCLONE_OOS_LEAVE_PARTS_ON_ERROR
-- Type: bool
-- Default: false
-
---oos-no-check-bucket
-If set, don't attempt to check the bucket exists or create it.
-This can be useful when trying to minimise the number of transactions rclone does if you know the bucket exists already.
-It can also be needed if the user you are using does not have bucket creation permissions.
-Properties:
-
-- Config: no_check_bucket
-- Env Var: RCLONE_OOS_NO_CHECK_BUCKET
-- Type: bool
-- Default: false
-
---oos-sse-customer-key-file
-To use SSE-C, a file containing the base64-encoded string of the AES-256 encryption key associated with the object. Please note only one of sse_customer_key_file|sse_customer_key|sse_kms_key_id is needed.'
-Properties:
-
-- Config: sse_customer_key_file
-- Env Var: RCLONE_OOS_SSE_CUSTOMER_KEY_FILE
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- None
-
-
-
---oos-sse-customer-key
-To use SSE-C, the optional header that specifies the base64-encoded 256-bit encryption key to use to encrypt or decrypt the data. Please note only one of sse_customer_key_file|sse_customer_key|sse_kms_key_id is needed. For more information, see Using Your Own Keys for Server-Side Encryption (https://docs.cloud.oracle.com/Content/Object/Tasks/usingyourencryptionkeys.htm)
-Properties:
-
-- Config: sse_customer_key
-- Env Var: RCLONE_OOS_SSE_CUSTOMER_KEY
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- None
-
-
-
---oos-sse-customer-key-sha256
-If using SSE-C, The optional header that specifies the base64-encoded SHA256 hash of the encryption key. This value is used to check the integrity of the encryption key. see Using Your Own Keys for Server-Side Encryption (https://docs.cloud.oracle.com/Content/Object/Tasks/usingyourencryptionkeys.htm).
-Properties:
-
-- Config: sse_customer_key_sha256
-- Env Var: RCLONE_OOS_SSE_CUSTOMER_KEY_SHA256
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- None
-
-
-
---oos-sse-kms-key-id
-if using using your own master key in vault, this header specifies the OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of a master encryption key used to call the Key Management service to generate a data encryption key or to encrypt or decrypt a data encryption key. Please note only one of sse_customer_key_file|sse_customer_key|sse_kms_key_id is needed.
-Properties:
-
-- Config: sse_kms_key_id
-- Env Var: RCLONE_OOS_SSE_KMS_KEY_ID
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- None
-
-
-
---oos-sse-customer-algorithm
-If using SSE-C, the optional header that specifies "AES256" as the encryption algorithm. Object Storage supports "AES256" as the encryption algorithm. For more information, see Using Your Own Keys for Server-Side Encryption (https://docs.cloud.oracle.com/Content/Object/Tasks/usingyourencryptionkeys.htm).
-Properties:
-
-- Config: sse_customer_algorithm
-- Env Var: RCLONE_OOS_SSE_CUSTOMER_ALGORITHM
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- None
-
-- "AES256"
-
-- AES256
-
-
-
-Backend commands
-Here are the commands specific to the oracleobjectstorage backend.
-Run them with
-rclone backend COMMAND remote:
-The help below will explain what arguments each command takes.
-See the backend command for more info on how to pass options and arguments.
-These can be run on a running backend using the rc command backend/command.
-rename
-change the name of an object
-rclone backend rename remote: [options] [<arguments>+]
-This command can be used to rename a object.
-Usage Examples:
-rclone backend rename oos:bucket relative-object-path-under-bucket object-new-name
-list-multipart-uploads
-List the unfinished multipart uploads
-rclone backend list-multipart-uploads remote: [options] [<arguments>+]
-This command lists the unfinished multipart uploads in JSON format.
-rclone backend list-multipart-uploads oos:bucket/path/to/object
-It returns a dictionary of buckets with values as lists of unfinished multipart uploads.
-You can call it with no bucket in which case it lists all bucket, with a bucket or with a bucket and path.
-{
- "test-bucket": [
- {
- "namespace": "test-namespace",
- "bucket": "test-bucket",
- "object": "600m.bin",
- "uploadId": "51dd8114-52a4-b2f2-c42f-5291f05eb3c8",
- "timeCreated": "2022-07-29T06:21:16.595Z",
- "storageTier": "Standard"
- }
- ]
-cleanup
-Remove unfinished multipart uploads.
-rclone backend cleanup remote: [options] [<arguments>+]
-This command removes unfinished multipart uploads of age greater than max-age which defaults to 24 hours.
-Note that you can use --interactive/-i or --dry-run with this command to see what it would do.
-rclone backend cleanup oos:bucket/path/to/object
-rclone backend cleanup -o max-age=7w oos:bucket/path/to/object
-Durations are parsed as per the rest of rclone, 2h, 7d, 7w etc.
-Options:
-
-- "max-age": Max age of upload to delete
-
-QingStor
-Paths are specified as remote:bucket
(or remote:
for the lsd
command.) You may put subdirectories in too, e.g. remote:bucket/path/to/dir
.
-Configuration
-Here is an example of making an QingStor configuration. First run
-rclone config
+
+Configuration complete.
+Options:
+- type: s3
+- provider: Linode
+- access_key_id: ACCESS_KEY
+- secret_access_key: SECRET_ACCESS_KEY
+- endpoint: eu-central-1.linodeobjects.com
+Keep this "linode" remote?
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+This will leave the config file looking like this.
+[linode]
+type = s3
+provider = Linode
+access_key_id = ACCESS_KEY
+secret_access_key = SECRET_ACCESS_KEY
+endpoint = eu-central-1.linodeobjects.com
+ArvanCloud
+ArvanCloud ArvanCloud Object Storage goes beyond the limited traditional file storage. It gives you access to backup and archived files and allows sharing. Files like profile image in the app, images sent by users or scanned documents can be stored securely and easily in our Object Storage service.
+ArvanCloud provides an S3 interface which can be configured for use with rclone like this.
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+n/s> n
+name> ArvanCloud
+Type of storage to configure.
+Choose a number from below, or type in your own value
+[snip]
+XX / Amazon S3 (also Dreamhost, Ceph, ChinaMobile, ArvanCloud, Liara, Minio)
+ \ "s3"
+[snip]
+Storage> s3
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars). Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+env_auth> 1
+AWS Access Key ID - leave blank for anonymous access or runtime credentials.
+access_key_id> YOURACCESSKEY
+AWS Secret Access Key (password) - leave blank for anonymous access or runtime credentials.
+secret_access_key> YOURSECRETACCESSKEY
+Region to connect to.
+Choose a number from below, or type in your own value
+ / The default endpoint - a good choice if you are unsure.
+ 1 | US Region, Northern Virginia, or Pacific Northwest.
+ | Leave location constraint empty.
+ \ "us-east-1"
+[snip]
+region>
+Endpoint for S3 API.
+Leave blank if using ArvanCloud to use the default endpoint for the region.
+Specify if using an S3 clone such as Ceph.
+endpoint> s3.arvanstorage.com
+Location constraint - must be set to match the Region. Used when creating buckets only.
+Choose a number from below, or type in your own value
+ 1 / Empty for Iran-Tehran Region.
+ \ ""
+[snip]
+location_constraint>
+Canned ACL used when creating buckets and/or storing objects in S3.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Choose a number from below, or type in your own value
+ 1 / Owner gets FULL_CONTROL. No one else has access rights (default).
+ \ "private"
+[snip]
+acl>
+The server-side encryption algorithm used when storing this object in S3.
+Choose a number from below, or type in your own value
+ 1 / None
+ \ ""
+ 2 / AES256
+ \ "AES256"
+server_side_encryption>
+The storage class to use when storing objects in S3.
+Choose a number from below, or type in your own value
+ 1 / Default
+ \ ""
+ 2 / Standard storage class
+ \ "STANDARD"
+storage_class>
+Remote config
+--------------------
+[ArvanCloud]
+env_auth = false
+access_key_id = YOURACCESSKEY
+secret_access_key = YOURSECRETACCESSKEY
+region = ir-thr-at1
+endpoint = s3.arvanstorage.com
+location_constraint =
+acl =
+server_side_encryption =
+storage_class =
+--------------------
+y) Yes this is OK
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+This will leave the config file looking like this.
+[ArvanCloud]
+type = s3
+provider = ArvanCloud
+env_auth = false
+access_key_id = YOURACCESSKEY
+secret_access_key = YOURSECRETACCESSKEY
+region =
+endpoint = s3.arvanstorage.com
+location_constraint =
+acl =
+server_side_encryption =
+storage_class =
+Tencent COS
+Tencent Cloud Object Storage (COS) is a distributed storage service offered by Tencent Cloud for unstructured data. It is secure, stable, massive, convenient, low-delay and low-cost.
+To configure access to Tencent COS, follow the steps below:
+
+- Run
rclone config
and select n
for a new remote.
+
+rclone config
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+
+- Give the name of the configuration. For example, name it 'cos'.
+
+name> cos
+
+- Select
s3
storage.
+
+Choose a number from below, or type in your own value
+1 / 1Fichier
+ \ "fichier"
+ 2 / Alias for an existing remote
+ \ "alias"
+ 3 / Amazon Drive
+ \ "amazon cloud drive"
+ 4 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Liara, Minio, and Tencent COS
+ \ "s3"
+[snip]
+Storage> s3
+
+- Select
TencentCOS
provider.
+
+Choose a number from below, or type in your own value
+1 / Amazon Web Services (AWS) S3
+ \ "AWS"
+[snip]
+11 / Tencent Cloud Object Storage (COS)
+ \ "TencentCOS"
+[snip]
+provider> TencentCOS
+
+- Enter your SecretId and SecretKey of Tencent Cloud.
+
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Enter a boolean value (true or false). Press Enter for the default ("false").
+Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+env_auth> 1
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a string value. Press Enter for the default ("").
+access_key_id> AKIDxxxxxxxxxx
+AWS Secret Access Key (password)
+Leave blank for anonymous access or runtime credentials.
+Enter a string value. Press Enter for the default ("").
+secret_access_key> xxxxxxxxxxx
+
+- Select endpoint for Tencent COS. This is the standard endpoint for different region.
+
+ 1 / Beijing Region.
+ \ "cos.ap-beijing.myqcloud.com"
+ 2 / Nanjing Region.
+ \ "cos.ap-nanjing.myqcloud.com"
+ 3 / Shanghai Region.
+ \ "cos.ap-shanghai.myqcloud.com"
+ 4 / Guangzhou Region.
+ \ "cos.ap-guangzhou.myqcloud.com"
+[snip]
+endpoint> 4
+
+- Choose acl and storage class.
+
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 1 / Owner gets Full_CONTROL. No one else has access rights (default).
+ \ "default"
+[snip]
+acl> 1
+The storage class to use when storing new objects in Tencent COS.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 1 / Default
+ \ ""
+[snip]
+storage_class> 1
+Edit advanced config? (y/n)
+y) Yes
+n) No (default)
+y/n> n
+Remote config
+--------------------
+[cos]
+type = s3
+provider = TencentCOS
+env_auth = false
+access_key_id = xxx
+secret_access_key = xxx
+endpoint = cos.ap-guangzhou.myqcloud.com
+acl = default
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+Current remotes:
+
+Name Type
+==== ====
+cos s3
+Netease NOS
+For Netease NOS configure as per the configurator rclone config
setting the provider Netease
. This will automatically set force_path_style = false
which is necessary for it to run properly.
+Petabox
+Here is an example of making a Petabox configuration. First run:
+rclone config
This will guide you through an interactive setup process.
No remotes found, make a new one?
n) New remote
-r) Rename remote
-c) Copy remote
s) Set configuration password
-q) Quit config
-n/r/c/s/q> n
-name> remote
+n/s> n
+
+Enter name for new remote.
+name> My Petabox Storage
+
+Option Storage.
Type of storage to configure.
-Choose a number from below, or type in your own value
+Choose a number from below, or type in your own value.
[snip]
-XX / QingStor Object Storage
- \ "qingstor"
+XX / Amazon S3 Compliant Storage Providers including AWS, ...
+ \ "s3"
[snip]
-Storage> qingstor
-Get QingStor credentials from runtime. Only applies if access_key_id and secret_access_key is blank.
-Choose a number from below, or type in your own value
- 1 / Enter QingStor credentials in the next step
- \ "false"
- 2 / Get QingStor credentials from the environment (env vars or IAM)
- \ "true"
+Storage> s3
+
+Option provider.
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+[snip]
+XX / Petabox Object Storage
+ \ (Petabox)
+[snip]
+provider> Petabox
+
+Option env_auth.
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
env_auth> 1
-QingStor Access Key ID - leave blank for anonymous access or runtime credentials.
-access_key_id> access_key
-QingStor Secret Access Key (password) - leave blank for anonymous access or runtime credentials.
-secret_access_key> secret_key
-Enter an endpoint URL to connection QingStor API.
-Leave blank will use the default value "https://qingstor.com:443"
-endpoint>
-Zone connect to. Default is "pek3a".
-Choose a number from below, or type in your own value
- / The Beijing (China) Three Zone
- 1 | Needs location constraint pek3a.
- \ "pek3a"
- / The Shanghai (China) First Zone
- 2 | Needs location constraint sh1a.
- \ "sh1a"
-zone> 1
-Number of connection retry.
-Leave blank will use the default value "3".
-connection_retries>
-Remote config
---------------------
-[remote]
-env_auth = false
-access_key_id = access_key
-secret_access_key = secret_key
-endpoint =
-zone = pek3a
-connection_retries =
---------------------
-y) Yes this is OK
+
+Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> YOUR_ACCESS_KEY_ID
+
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> YOUR_SECRET_ACCESS_KEY
+
+Option region.
+Region where your bucket will be created and your data stored.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / US East (N. Virginia)
+ \ (us-east-1)
+ 2 / Europe (Frankfurt)
+ \ (eu-central-1)
+ 3 / Asia Pacific (Singapore)
+ \ (ap-southeast-1)
+ 4 / Middle East (Bahrain)
+ \ (me-south-1)
+ 5 / South America (São Paulo)
+ \ (sa-east-1)
+region> 1
+
+Option endpoint.
+Endpoint for Petabox S3 Object Storage.
+Specify the endpoint from the same region.
+Choose a number from below, or type in your own value.
+ 1 / US East (N. Virginia)
+ \ (s3.petabox.io)
+ 2 / US East (N. Virginia)
+ \ (s3.us-east-1.petabox.io)
+ 3 / Europe (Frankfurt)
+ \ (s3.eu-central-1.petabox.io)
+ 4 / Asia Pacific (Singapore)
+ \ (s3.ap-southeast-1.petabox.io)
+ 5 / Middle East (Bahrain)
+ \ (s3.me-south-1.petabox.io)
+ 6 / South America (São Paulo)
+ \ (s3.sa-east-1.petabox.io)
+endpoint> 1
+
+Option acl.
+Canned ACL used when creating buckets and storing or copying objects.
+This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+If the acl is an empty string then no X-Amz-Acl: header is added and
+the default (private) will be used.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+ 2 | The AllUsers group gets READ access.
+ \ (public-read)
+ / Owner gets FULL_CONTROL.
+ 3 | The AllUsers group gets READ and WRITE access.
+ | Granting this on a bucket is generally not recommended.
+ \ (public-read-write)
+ / Owner gets FULL_CONTROL.
+ 4 | The AuthenticatedUsers group gets READ access.
+ \ (authenticated-read)
+ / Object owner gets FULL_CONTROL.
+ 5 | Bucket owner gets READ access.
+ | If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
+ \ (bucket-owner-read)
+ / Both the object owner and the bucket owner get FULL_CONTROL over the object.
+ 6 | If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
+ \ (bucket-owner-full-control)
+acl> 1
+
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> No
+
+Configuration complete.
+Options:
+- type: s3
+- provider: Petabox
+- access_key_id: YOUR_ACCESS_KEY_ID
+- secret_access_key: YOUR_SECRET_ACCESS_KEY
+- region: us-east-1
+- endpoint: s3.petabox.io
+Keep this "My Petabox Storage" remote?
+y) Yes this is OK (default)
e) Edit this remote
d) Delete this remote
y/e/d> y
-This remote is called remote
and can now be used like this
-See all buckets
-rclone lsd remote:
-Make a new bucket
-rclone mkdir remote:bucket
-List the contents of a bucket
-rclone ls remote:bucket
-Sync /home/local/directory
to the remote bucket, deleting any excess files in the bucket.
-rclone sync --interactive /home/local/directory remote:bucket
---fast-list
-This remote supports --fast-list
which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
-Multipart uploads
-rclone supports multipart uploads with QingStor which means that it can upload files bigger than 5 GiB. Note that files uploaded with multipart upload don't have an MD5SUM.
-Note that incomplete multipart uploads older than 24 hours can be removed with rclone cleanup remote:bucket
just for one bucket rclone cleanup remote:
for all buckets. QingStor does not ever remove incomplete multipart uploads so it may be necessary to run this from time to time.
-Buckets and Zone
-With QingStor you can list buckets (rclone lsd
) using any zone, but you can only access the content of a bucket from the zone it was created in. If you attempt to access a bucket from the wrong zone, you will get an error, incorrect zone, the bucket is not in 'XXX' zone
.
-Authentication
-There are two ways to supply rclone
with a set of QingStor credentials. In order of precedence:
-
-- Directly in the rclone configuration file (as configured by
rclone config
)
-
-- set
access_key_id
and secret_access_key
-
-- Runtime configuration:
-
-- set
env_auth
to true
in the config file
-- Exporting the following environment variables before running
rclone
-
-- Access Key ID:
QS_ACCESS_KEY_ID
or QS_ACCESS_KEY
-- Secret Access Key:
QS_SECRET_ACCESS_KEY
or QS_SECRET_KEY
-
-
-
-Restricted filename characters
-The control characters 0x00-0x1F and / are replaced as in the default restricted characters set. Note that 0x7F is not replaced.
-Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Standard options
-Here are the Standard options specific to qingstor (QingCloud Object Storage).
---qingstor-env-auth
-Get QingStor credentials from runtime.
-Only applies if access_key_id and secret_access_key is blank.
-Properties:
-
-- Config: env_auth
-- Env Var: RCLONE_QINGSTOR_ENV_AUTH
-- Type: bool
-- Default: false
-- Examples:
-
-- "false"
-
-- Enter QingStor credentials in the next step.
-
-- "true"
-
-- Get QingStor credentials from the environment (env vars or IAM).
-
-
-
---qingstor-access-key-id
-QingStor Access Key ID.
-Leave blank for anonymous access or runtime credentials.
-Properties:
-
-- Config: access_key_id
-- Env Var: RCLONE_QINGSTOR_ACCESS_KEY_ID
-- Type: string
-- Required: false
-
---qingstor-secret-access-key
-QingStor Secret Access Key (password).
-Leave blank for anonymous access or runtime credentials.
-Properties:
-
-- Config: secret_access_key
-- Env Var: RCLONE_QINGSTOR_SECRET_ACCESS_KEY
-- Type: string
-- Required: false
-
---qingstor-endpoint
-Enter an endpoint URL to connection QingStor API.
-Leave blank will use the default value "https://qingstor.com:443".
-Properties:
-
-- Config: endpoint
-- Env Var: RCLONE_QINGSTOR_ENDPOINT
-- Type: string
-- Required: false
-
---qingstor-zone
-Zone to connect to.
-Default is "pek3a".
-Properties:
-
-- Config: zone
-- Env Var: RCLONE_QINGSTOR_ZONE
-- Type: string
-- Required: false
-- Examples:
-
-- "pek3a"
-
-- The Beijing (China) Three Zone.
-- Needs location constraint pek3a.
-
-- "sh1a"
-
-- The Shanghai (China) First Zone.
-- Needs location constraint sh1a.
-
-- "gd2a"
-
-- The Guangdong (China) Second Zone.
-- Needs location constraint gd2a.
-
-
-
-Advanced options
-Here are the Advanced options specific to qingstor (QingCloud Object Storage).
---qingstor-connection-retries
-Number of connection retries.
-Properties:
-
-- Config: connection_retries
-- Env Var: RCLONE_QINGSTOR_CONNECTION_RETRIES
-- Type: int
-- Default: 3
-
---qingstor-upload-cutoff
-Cutoff for switching to chunked upload.
-Any files larger than this will be uploaded in chunks of chunk_size. The minimum is 0 and the maximum is 5 GiB.
-Properties:
-
-- Config: upload_cutoff
-- Env Var: RCLONE_QINGSTOR_UPLOAD_CUTOFF
-- Type: SizeSuffix
-- Default: 200Mi
-
---qingstor-chunk-size
-Chunk size to use for uploading.
-When uploading files larger than upload_cutoff they will be uploaded as multipart uploads using this chunk size.
-Note that "--qingstor-upload-concurrency" chunks of this size are buffered in memory per transfer.
-If you are transferring large files over high-speed links and you have enough memory, then increasing this will speed up the transfers.
-Properties:
-
-- Config: chunk_size
-- Env Var: RCLONE_QINGSTOR_CHUNK_SIZE
-- Type: SizeSuffix
-- Default: 4Mi
-
---qingstor-upload-concurrency
-Concurrency for multipart uploads.
-This is the number of chunks of the same file that are uploaded concurrently.
-NB if you set this to > 1 then the checksums of multipart uploads become corrupted (the uploads themselves are not corrupted though).
-If you are uploading small numbers of large files over high-speed links and these uploads do not fully utilize your bandwidth, then increasing this may help to speed up the transfers.
-Properties:
+This will leave the config file looking like this.
+[My Petabox Storage]
+type = s3
+provider = Petabox
+access_key_id = YOUR_ACCESS_KEY_ID
+secret_access_key = YOUR_SECRET_ACCESS_KEY
+region = us-east-1
+endpoint = s3.petabox.io
+Storj
+Storj is a decentralized cloud storage which can be used through its native protocol or an S3 compatible gateway.
+The S3 compatible gateway is configured using rclone config
with a type of s3
and with a provider name of Storj
. Here is an example run of the configurator.
+Type of storage to configure.
+Storage> s3
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth> 1
+Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> XXXX (as shown when creating the access grant)
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> XXXX (as shown when creating the access grant)
+Option endpoint.
+Endpoint of the Shared Gateway.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / EU1 Shared Gateway
+ \ (gateway.eu1.storjshare.io)
+ 2 / US1 Shared Gateway
+ \ (gateway.us1.storjshare.io)
+ 3 / Asia-Pacific Shared Gateway
+ \ (gateway.ap1.storjshare.io)
+endpoint> 1 (as shown when creating the access grant)
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> n
+Note that s3 credentials are generated when you create an access grant.
+Backend quirks
-- Config: upload_concurrency
-- Env Var: RCLONE_QINGSTOR_UPLOAD_CONCURRENCY
-- Type: int
-- Default: 1
+--chunk-size
is forced to be 64 MiB or greater. This will use more memory than the default of 5 MiB.
+- Server side copy is disabled as it isn't currently supported in the gateway.
+- GetTier and SetTier are not supported.
---qingstor-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
+Backend bugs
+Due to issue #39 uploading multipart files via the S3 gateway causes them to lose their metadata. For rclone's purpose this means that the modification time is not stored, nor is any MD5SUM (if one is available from the source).
+This has the following consequences:
-- Config: encoding
-- Env Var: RCLONE_QINGSTOR_ENCODING
-- Type: MultiEncoder
-- Default: Slash,Ctl,InvalidUtf8
+- Using
rclone rcat
will fail as the medatada doesn't match after upload
+- Uploading files with
rclone mount
will fail for the same reason
+
+- This can worked around by using
--vfs-cache-mode writes
or --vfs-cache-mode full
or setting --s3-upload-cutoff
large
+
+- Files uploaded via a multipart upload won't have their modtimes
+
+- This will mean that
rclone sync
will likely keep trying to upload files bigger than --s3-upload-cutoff
+- This can be worked around with
--checksum
or --size-only
or setting --s3-upload-cutoff
large
+- The maximum value for
--s3-upload-cutoff
is 5GiB though
+
-Limitations
-rclone about
is not supported by the qingstor backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs
(most free space) as a member of an rclone union remote.
+One general purpose workaround is to set --s3-upload-cutoff 5G
. This means that rclone will upload files smaller than 5GiB as single parts. Note that this can be set in the config file with upload_cutoff = 5G
or configured in the advanced settings. If you regularly transfer files larger than 5G then using --checksum
or --size-only
in rclone sync
is the recommended workaround.
+Comparison with the native protocol
+Use the the native protocol to take advantage of client-side encryption as well as to achieve the best possible download performance. Uploads will be erasure-coded locally, thus a 1gb upload will result in 2.68gb of data being uploaded to storage nodes across the network.
+Use this backend and the S3 compatible Hosted Gateway to increase upload performance and reduce the load on your systems and network. Uploads will be encrypted and erasure-coded server-side, thus a 1GB upload will result in only in 1GB of data being uploaded to storage nodes across the network.
+For more detailed comparison please check the documentation of the storj backend.
+Limitations
+rclone about
is not supported by the S3 backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs
(most free space) as a member of an rclone union remote.
See List of backends that do not support rclone about and rclone about
-Sia
-Sia (sia.tech) is a decentralized cloud storage platform based on the blockchain technology. With rclone you can use it like any other remote filesystem or mount Sia folders locally. The technology behind it involves a number of new concepts such as Siacoins and Wallet, Blockchain and Consensus, Renting and Hosting, and so on. If you are new to it, you'd better first familiarize yourself using their excellent support documentation.
-Introduction
-Before you can use rclone with Sia, you will need to have a running copy of Sia-UI
or siad
(the Sia daemon) locally on your computer or on local network (e.g. a NAS). Please follow the Get started guide and install one.
-rclone interacts with Sia network by talking to the Sia daemon via HTTP API which is usually available on port 9980. By default you will run the daemon locally on the same computer so it's safe to leave the API password blank (the API URL will be http://127.0.0.1:9980
making external access impossible).
-However, if you want to access Sia daemon running on another node, for example due to memory constraints or because you want to share single daemon between several rclone and Sia-UI instances, you'll need to make a few more provisions: - Ensure you have Sia daemon installed directly or in a docker container because Sia-UI does not support this mode natively. - Run it on externally accessible port, for example provide --api-addr :9980
and --disable-api-security
arguments on the daemon command line. - Enforce API password for the siad
daemon via environment variable SIA_API_PASSWORD
or text file named apipassword
in the daemon directory. - Set rclone backend option api_password
taking it from above locations.
-Notes: 1. If your wallet is locked, rclone cannot unlock it automatically. You should either unlock it in advance by using Sia-UI or via command line siac wallet unlock
. Alternatively you can make siad
unlock your wallet automatically upon startup by running it with environment variable SIA_WALLET_PASSWORD
. 2. If siad
cannot find the SIA_API_PASSWORD
variable or the apipassword
file in the SIA_DIR
directory, it will generate a random password and store in the text file named apipassword
under YOUR_HOME/.sia/
directory on Unix or C:\Users\YOUR_HOME\AppData\Local\Sia\apipassword
on Windows. Remember this when you configure password in rclone. 3. The only way to use siad
without API password is to run it on localhost with command line argument --authorize-api=false
, but this is insecure and strongly discouraged.
-Configuration
-Here is an example of how to make a sia
remote called mySia
. First, run:
- rclone config
-This will guide you through an interactive setup process:
+Synology C2 Object Storage
+Synology C2 Object Storage provides a secure, S3-compatible, and cost-effective cloud storage solution without API request, download fees, and deletion penalty.
+The S3 compatible gateway is configured using rclone config
with a type of s3
and with a provider name of Synology
. Here is an example run of the configurator.
+First run:
+rclone config
+This will guide you through an interactive setup process.
No remotes found, make a new one?
n) New remote
s) Set configuration password
q) Quit config
+
n/s/q> n
-name> mySia
+
+Enter name for new remote.1
+name> syno
+
Type of storage to configure.
Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
-...
-29 / Sia Decentralized Cloud
- \ "sia"
-...
-Storage> sia
-Sia daemon API URL, like http://sia.daemon.host:9980.
-Note that siad must run with --disable-api-security to open API port for other hosts (not recommended).
-Keep default if Sia daemon runs on localhost.
-Enter a string value. Press Enter for the default ("http://127.0.0.1:9980").
-api_url> http://127.0.0.1:9980
-Sia Daemon API Password.
-Can be found in the apipassword file located in HOME/.sia/ or in the daemon directory.
-y) Yes type in my own password
-g) Generate random password
-n) No leave this optional password blank (default)
-y/g/n> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Edit advanced config?
+
+ 5 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, GCS, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, IONOS Cloud, Liara, Lyve Cloud, Minio, Netease, Petabox, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Synology, Tencent COS, Qiniu and Wasabi
+ \ "s3"
+
+Storage> s3
+
+Choose your S3 provider.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 24 / Synology C2 Object Storage
+ \ (Synology)
+
+provider> Synology
+
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Enter a boolean value (true or false). Press Enter for the default ("false").
+Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+
+env_auth> 1
+
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a string value. Press Enter for the default ("").
+
+access_key_id> accesskeyid
+
+AWS Secret Access Key (password)
+Leave blank for anonymous access or runtime credentials.
+Enter a string value. Press Enter for the default ("").
+
+secret_access_key> secretaccesskey
+
+Region where your data stored.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / Europe Region 1
+ \ (eu-001)
+ 2 / Europe Region 2
+ \ (eu-002)
+ 3 / US Region 1
+ \ (us-001)
+ 4 / US Region 2
+ \ (us-002)
+ 5 / Asia (Taiwan)
+ \ (tw-001)
+
+region > 1
+
+Option endpoint.
+Endpoint for Synology C2 Object Storage API.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / EU Endpoint 1
+ \ (eu-001.s3.synologyc2.net)
+ 2 / US Endpoint 1
+ \ (us-001.s3.synologyc2.net)
+ 3 / TW Endpoint 1
+ \ (tw-001.s3.synologyc2.net)
+
+endpoint> 1
+
+Option location_constraint.
+Location constraint - must be set to match the Region.
+Leave blank if not sure. Used when creating buckets only.
+Enter a value. Press Enter to leave empty.
+location_constraint>
+
+Edit advanced config? (y/n)
y) Yes
-n) No (default)
-y/n> n
---------------------
-[mySia]
-type = sia
-api_url = http://127.0.0.1:9980
-api_password = *** ENCRYPTED ***
---------------------
+n) No
+y/n> y
+
+Option no_check_bucket.
+If set, don't attempt to check the bucket exists or create it.
+This can be useful when trying to minimise the number of transactions
+rclone does if you know the bucket exists already.
+It can also be needed if the user you are using does not have bucket
+creation permissions. Before v1.52.0 this would have passed silently
+due to a bug.
+Enter a boolean value (true or false). Press Enter for the default (true).
+
+no_check_bucket> true
+
+Configuration complete.
+Options:
+- type: s3
+- provider: Synology
+- region: eu-001
+- endpoint: eu-001.s3.synologyc2.net
+- no_check_bucket: true
+Keep this "syno" remote?
y) Yes this is OK (default)
e) Edit this remote
d) Delete this remote
-y/e/d> y
-Once configured, you can then use rclone
like this:
-
-- List directories in top level of your Sia storage
-
-rclone lsd mySia:
-
-- List all the files in your Sia storage
-
-rclone ls mySia:
-
-- Upload a local directory to the Sia directory called backup
-
-rclone copy /home/source mySia:backup
-Standard options
-Here are the Standard options specific to sia (Sia Decentralized Cloud).
---sia-api-url
-Sia daemon API URL, like http://sia.daemon.host:9980.
-Note that siad must run with --disable-api-security to open API port for other hosts (not recommended). Keep default if Sia daemon runs on localhost.
-Properties:
-
-- Config: api_url
-- Env Var: RCLONE_SIA_API_URL
-- Type: string
-- Default: "http://127.0.0.1:9980"
-
---sia-api-password
-Sia Daemon API Password.
-Can be found in the apipassword file located in HOME/.sia/ or in the daemon directory.
-NB Input to this must be obscured - see rclone obscure.
-Properties:
+
+y/e/d> y
+
+# Backblaze B2
+
+B2 is [Backblaze's cloud storage system](https://www.backblaze.com/b2/).
+
+Paths are specified as `remote:bucket` (or `remote:` for the `lsd`
+command.) You may put subdirectories in too, e.g. `remote:bucket/path/to/dir`.
+
+## Configuration
+
+Here is an example of making a b2 configuration. First run
+
+ rclone config
+
+This will guide you through an interactive setup process. To authenticate
+you will either need your Account ID (a short hex number) and Master
+Application Key (a long hex number) OR an Application Key, which is the
+recommended method. See below for further details on generating and using
+an Application Key.
+
+No remotes found, make a new one? n) New remote q) Quit config n/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / Backblaze B2 "b2" [snip] Storage> b2 Account ID or Application Key ID account> 123456789abc Application Key key> 0123456789abcdef0123456789abcdef0123456789 Endpoint for the service - leave blank normally. endpoint> Remote config -------------------- [remote] account = 123456789abc key = 0123456789abcdef0123456789abcdef0123456789 endpoint = -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y
+
+This remote is called `remote` and can now be used like this
+
+See all buckets
+
+ rclone lsd remote:
+
+Create a new bucket
+
+ rclone mkdir remote:bucket
+
+List the contents of a bucket
+
+ rclone ls remote:bucket
+
+Sync `/home/local/directory` to the remote bucket, deleting any
+excess files in the bucket.
+
+ rclone sync --interactive /home/local/directory remote:bucket
+
+### Application Keys
+
+B2 supports multiple [Application Keys for different access permission
+to B2 Buckets](https://www.backblaze.com/b2/docs/application_keys.html).
+
+You can use these with rclone too; you will need to use rclone version 1.43
+or later.
+
+Follow Backblaze's docs to create an Application Key with the required
+permission and add the `applicationKeyId` as the `account` and the
+`Application Key` itself as the `key`.
+
+Note that you must put the _applicationKeyId_ as the `account` – you
+can't use the master Account ID. If you try then B2 will return 401
+errors.
+
+### --fast-list
+
+This remote supports `--fast-list` which allows you to use fewer
+transactions in exchange for more memory. See the [rclone
+docs](https://rclone.org/docs/#fast-list) for more details.
+
+### Modification times
+
+The modification time is stored as metadata on the object as
+`X-Bz-Info-src_last_modified_millis` as milliseconds since 1970-01-01
+in the Backblaze standard. Other tools should be able to use this as
+a modified time.
+
+Modified times are used in syncing and are fully supported. Note that
+if a modification time needs to be updated on an object then it will
+create a new version of the object.
+
+### Restricted filename characters
+
+In addition to the [default restricted characters set](https://rclone.org/overview/#restricted-characters)
+the following characters are also replaced:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| \ | 0x5C | \ |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+Note that in 2020-05 Backblaze started allowing \ characters in file
+names. Rclone hasn't changed its encoding as this could cause syncs to
+re-transfer files. If you want rclone not to replace \ then see the
+`--b2-encoding` flag below and remove the `BackSlash` from the
+string. This can be set in the config.
+
+### SHA1 checksums
+
+The SHA1 checksums of the files are checked on upload and download and
+will be used in the syncing process.
+
+Large files (bigger than the limit in `--b2-upload-cutoff`) which are
+uploaded in chunks will store their SHA1 on the object as
+`X-Bz-Info-large_file_sha1` as recommended by Backblaze.
+
+For a large file to be uploaded with an SHA1 checksum, the source
+needs to support SHA1 checksums. The local disk supports SHA1
+checksums so large file transfers from local disk will have an SHA1.
+See [the overview](https://rclone.org/overview/#features) for exactly which remotes
+support SHA1.
+
+Sources which don't support SHA1, in particular `crypt` will upload
+large files without SHA1 checksums. This may be fixed in the future
+(see [#1767](https://github.com/rclone/rclone/issues/1767)).
+
+Files sizes below `--b2-upload-cutoff` will always have an SHA1
+regardless of the source.
+
+### Transfers
+
+Backblaze recommends that you do lots of transfers simultaneously for
+maximum speed. In tests from my SSD equipped laptop the optimum
+setting is about `--transfers 32` though higher numbers may be used
+for a slight speed improvement. The optimum number for you may vary
+depending on your hardware, how big the files are, how much you want
+to load your computer, etc. The default of `--transfers 4` is
+definitely too low for Backblaze B2 though.
+
+Note that uploading big files (bigger than 200 MiB by default) will use
+a 96 MiB RAM buffer by default. There can be at most `--transfers` of
+these in use at any moment, so this sets the upper limit on the memory
+used.
+
+### Versions
+
+When rclone uploads a new version of a file it creates a [new version
+of it](https://www.backblaze.com/b2/docs/file_versions.html).
+Likewise when you delete a file, the old version will be marked hidden
+and still be available. Conversely, you may opt in to a "hard delete"
+of files with the `--b2-hard-delete` flag which would permanently remove
+the file instead of hiding it.
+
+Old versions of files, where available, are visible using the
+`--b2-versions` flag.
+
+It is also possible to view a bucket as it was at a certain point in time,
+using the `--b2-version-at` flag. This will show the file versions as they
+were at that time, showing files that have been deleted afterwards, and
+hiding files that were created since.
+
+If you wish to remove all the old versions then you can use the
+`rclone cleanup remote:bucket` command which will delete all the old
+versions of files, leaving the current ones intact. You can also
+supply a path and only old versions under that path will be deleted,
+e.g. `rclone cleanup remote:bucket/path/to/stuff`.
+
+Note that `cleanup` will remove partially uploaded files from the bucket
+if they are more than a day old.
+
+When you `purge` a bucket, the current and the old versions will be
+deleted then the bucket will be deleted.
+
+However `delete` will cause the current versions of the files to
+become hidden old versions.
+
+Here is a session showing the listing and retrieval of an old
+version followed by a `cleanup` of the old versions.
+
+Show current version and all the versions with `--b2-versions` flag.
+
+$ rclone -q ls b2:cleanup-test 9 one.txt
+$ rclone -q --b2-versions ls b2:cleanup-test 9 one.txt 8 one-v2016-07-04-141032-000.txt 16 one-v2016-07-04-141003-000.txt 15 one-v2016-07-02-155621-000.txt
+
+Retrieve an old version
+
+$ rclone -q --b2-versions copy b2:cleanup-test/one-v2016-07-04-141003-000.txt /tmp
+$ ls -l /tmp/one-v2016-07-04-141003-000.txt -rw-rw-r-- 1 ncw ncw 16 Jul 2 17:46 /tmp/one-v2016-07-04-141003-000.txt
+
+Clean up all the old versions and show that they've gone.
+
+$ rclone -q cleanup b2:cleanup-test
+$ rclone -q ls b2:cleanup-test 9 one.txt
+$ rclone -q --b2-versions ls b2:cleanup-test 9 one.txt
+
+#### Versions naming caveat
+
+When using `--b2-versions` flag rclone is relying on the file name
+to work out whether the objects are versions or not. Versions' names
+are created by inserting timestamp between file name and its extension.
+ 9 file.txt
+ 8 file-v2023-07-17-161032-000.txt
+ 16 file-v2023-06-15-141003-000.txt
+If there are real files present with the same names as versions, then
+behaviour of `--b2-versions` can be unpredictable.
+
+### Data usage
+
+It is useful to know how many requests are sent to the server in different scenarios.
+
+All copy commands send the following 4 requests:
+
+/b2api/v1/b2_authorize_account /b2api/v1/b2_create_bucket /b2api/v1/b2_list_buckets /b2api/v1/b2_list_file_names
+
+The `b2_list_file_names` request will be sent once for every 1k files
+in the remote path, providing the checksum and modification time of
+the listed files. As of version 1.33 issue
+[#818](https://github.com/rclone/rclone/issues/818) causes extra requests
+to be sent when using B2 with Crypt. When a copy operation does not
+require any files to be uploaded, no more requests will be sent.
+
+Uploading files that do not require chunking, will send 2 requests per
+file upload:
+
+/b2api/v1/b2_get_upload_url /b2api/v1/b2_upload_file/
+
+Uploading files requiring chunking, will send 2 requests (one each to
+start and finish the upload) and another 2 requests for each chunk:
+
+/b2api/v1/b2_start_large_file /b2api/v1/b2_get_upload_part_url /b2api/v1/b2_upload_part/ /b2api/v1/b2_finish_large_file
+
+#### Versions
+
+Versions can be viewed with the `--b2-versions` flag. When it is set
+rclone will show and act on older versions of files. For example
+
+Listing without `--b2-versions`
+
+$ rclone -q ls b2:cleanup-test 9 one.txt
+
+And with
+
+$ rclone -q --b2-versions ls b2:cleanup-test 9 one.txt 8 one-v2016-07-04-141032-000.txt 16 one-v2016-07-04-141003-000.txt 15 one-v2016-07-02-155621-000.txt
+
+Showing that the current version is unchanged but older versions can
+be seen. These have the UTC date that they were uploaded to the
+server to the nearest millisecond appended to them.
+
+Note that when using `--b2-versions` no file write operations are
+permitted, so you can't upload files or delete them.
+
+### B2 and rclone link
+
+Rclone supports generating file share links for private B2 buckets.
+They can either be for a file for example:
+
+./rclone link B2:bucket/path/to/file.txt https://f002.backblazeb2.com/file/bucket/path/to/file.txt?Authorization=xxxxxxxx
+
+or if run on a directory you will get:
+
+./rclone link B2:bucket/path https://f002.backblazeb2.com/file/bucket/path?Authorization=xxxxxxxx
+
+you can then use the authorization token (the part of the url from the
+ `?Authorization=` on) on any file path under that directory. For example:
+
+https://f002.backblazeb2.com/file/bucket/path/to/file1?Authorization=xxxxxxxx https://f002.backblazeb2.com/file/bucket/path/file2?Authorization=xxxxxxxx https://f002.backblazeb2.com/file/bucket/path/folder/file3?Authorization=xxxxxxxx
+
+
+### Standard options
+
+Here are the Standard options specific to b2 (Backblaze B2).
+
+#### --b2-account
+
+Account ID or Application Key ID.
+
+Properties:
+
+- Config: account
+- Env Var: RCLONE_B2_ACCOUNT
+- Type: string
+- Required: true
+
+#### --b2-key
+
+Application Key.
+
+Properties:
+
+- Config: key
+- Env Var: RCLONE_B2_KEY
+- Type: string
+- Required: true
+
+#### --b2-hard-delete
+
+Permanently delete files on remote removal, otherwise hide files.
+
+Properties:
+
+- Config: hard_delete
+- Env Var: RCLONE_B2_HARD_DELETE
+- Type: bool
+- Default: false
+
+### Advanced options
+
+Here are the Advanced options specific to b2 (Backblaze B2).
+
+#### --b2-endpoint
+
+Endpoint for the service.
+
+Leave blank normally.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_B2_ENDPOINT
+- Type: string
+- Required: false
+
+#### --b2-test-mode
+
+A flag string for X-Bz-Test-Mode header for debugging.
+
+This is for debugging purposes only. Setting it to one of the strings
+below will cause b2 to return specific errors:
+
+ * "fail_some_uploads"
+ * "expire_some_account_authorization_tokens"
+ * "force_cap_exceeded"
+
+These will be set in the "X-Bz-Test-Mode" header which is documented
+in the [b2 integrations checklist](https://www.backblaze.com/b2/docs/integration_checklist.html).
+
+Properties:
+
+- Config: test_mode
+- Env Var: RCLONE_B2_TEST_MODE
+- Type: string
+- Required: false
+
+#### --b2-versions
+
+Include old versions in directory listings.
+
+Note that when using this no file write operations are permitted,
+so you can't upload files or delete them.
+
+Properties:
+
+- Config: versions
+- Env Var: RCLONE_B2_VERSIONS
+- Type: bool
+- Default: false
+
+#### --b2-version-at
+
+Show file versions as they were at the specified time.
+
+Note that when using this no file write operations are permitted,
+so you can't upload files or delete them.
+
+Properties:
+
+- Config: version_at
+- Env Var: RCLONE_B2_VERSION_AT
+- Type: Time
+- Default: off
+
+#### --b2-upload-cutoff
+
+Cutoff for switching to chunked upload.
+
+Files above this size will be uploaded in chunks of "--b2-chunk-size".
+
+This value should be set no larger than 4.657 GiB (== 5 GB).
+
+Properties:
+
+- Config: upload_cutoff
+- Env Var: RCLONE_B2_UPLOAD_CUTOFF
+- Type: SizeSuffix
+- Default: 200Mi
+
+#### --b2-copy-cutoff
+
+Cutoff for switching to multipart copy.
+
+Any files larger than this that need to be server-side copied will be
+copied in chunks of this size.
+
+The minimum is 0 and the maximum is 4.6 GiB.
+
+Properties:
+
+- Config: copy_cutoff
+- Env Var: RCLONE_B2_COPY_CUTOFF
+- Type: SizeSuffix
+- Default: 4Gi
+
+#### --b2-chunk-size
+
+Upload chunk size.
+
+When uploading large files, chunk the file into this size.
+
+Must fit in memory. These chunks are buffered in memory and there
+might a maximum of "--transfers" chunks in progress at once.
+
+5,000,000 Bytes is the minimum size.
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_B2_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 96Mi
+
+#### --b2-upload-concurrency
+
+Concurrency for multipart uploads.
+
+This is the number of chunks of the same file that are uploaded
+concurrently.
+
+Note that chunks are stored in memory and there may be up to
+"--transfers" * "--b2-upload-concurrency" chunks stored at once
+in memory.
+
+Properties:
+
+- Config: upload_concurrency
+- Env Var: RCLONE_B2_UPLOAD_CONCURRENCY
+- Type: int
+- Default: 4
+
+#### --b2-disable-checksum
+
+Disable checksums for large (> upload cutoff) files.
+
+Normally rclone will calculate the SHA1 checksum of the input before
+uploading it so it can add it to metadata on the object. This is great
+for data integrity checking but can cause long delays for large files
+to start uploading.
+
+Properties:
+
+- Config: disable_checksum
+- Env Var: RCLONE_B2_DISABLE_CHECKSUM
+- Type: bool
+- Default: false
+
+#### --b2-download-url
+
+Custom endpoint for downloads.
+
+This is usually set to a Cloudflare CDN URL as Backblaze offers
+free egress for data downloaded through the Cloudflare network.
+Rclone works with private buckets by sending an "Authorization" header.
+If the custom endpoint rewrites the requests for authentication,
+e.g., in Cloudflare Workers, this header needs to be handled properly.
+Leave blank if you want to use the endpoint provided by Backblaze.
+
+The URL provided here SHOULD have the protocol and SHOULD NOT have
+a trailing slash or specify the /file/bucket subpath as rclone will
+request files with "{download_url}/file/{bucket_name}/{path}".
+
+Example:
+> https://mysubdomain.mydomain.tld
+(No trailing "/", "file" or "bucket")
+
+Properties:
+
+- Config: download_url
+- Env Var: RCLONE_B2_DOWNLOAD_URL
+- Type: string
+- Required: false
+
+#### --b2-download-auth-duration
+
+Time before the authorization token will expire in s or suffix ms|s|m|h|d.
+
+The duration before the download authorization token will expire.
+The minimum value is 1 second. The maximum value is one week.
+
+Properties:
+
+- Config: download_auth_duration
+- Env Var: RCLONE_B2_DOWNLOAD_AUTH_DURATION
+- Type: Duration
+- Default: 1w
+
+#### --b2-memory-pool-flush-time
+
+How often internal memory buffer pools will be flushed. (no longer used)
+
+Properties:
+
+- Config: memory_pool_flush_time
+- Env Var: RCLONE_B2_MEMORY_POOL_FLUSH_TIME
+- Type: Duration
+- Default: 1m0s
+
+#### --b2-memory-pool-use-mmap
+
+Whether to use mmap buffers in internal memory pool. (no longer used)
+
+Properties:
+
+- Config: memory_pool_use_mmap
+- Env Var: RCLONE_B2_MEMORY_POOL_USE_MMAP
+- Type: bool
+- Default: false
+
+#### --b2-lifecycle
+
+Set the number of days deleted files should be kept when creating a bucket.
+
+On bucket creation, this parameter is used to create a lifecycle rule
+for the entire bucket.
+
+If lifecycle is 0 (the default) it does not create a lifecycle rule so
+the default B2 behaviour applies. This is to create versions of files
+on delete and overwrite and to keep them indefinitely.
+
+If lifecycle is >0 then it creates a single rule setting the number of
+days before a file that is deleted or overwritten is deleted
+permanently. This is known as daysFromHidingToDeleting in the b2 docs.
+
+The minimum value for this parameter is 1 day.
+
+You can also enable hard_delete in the config also which will mean
+deletions won't cause versions but overwrites will still cause
+versions to be made.
+
+See: [rclone backend lifecycle](#lifecycle) for setting lifecycles after bucket creation.
+
+
+Properties:
+
+- Config: lifecycle
+- Env Var: RCLONE_B2_LIFECYCLE
+- Type: int
+- Default: 0
+
+#### --b2-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_B2_ENCODING
+- Type: Encoding
+- Default: Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot
+
+## Backend commands
+
+Here are the commands specific to the b2 backend.
+
+Run them with
+
+ rclone backend COMMAND remote:
+
+The help below will explain what arguments each command takes.
+
+See the [backend](https://rclone.org/commands/rclone_backend/) command for more
+info on how to pass options and arguments.
+
+These can be run on a running backend using the rc command
+[backend/command](https://rclone.org/rc/#backend-command).
+
+### lifecycle
+
+Read or set the lifecycle for a bucket
+
+ rclone backend lifecycle remote: [options] [<arguments>+]
+
+This command can be used to read or set the lifecycle for a bucket.
+
+Usage Examples:
+
+To show the current lifecycle rules:
+
+ rclone backend lifecycle b2:bucket
+
+This will dump something like this showing the lifecycle rules.
+
+ [
+ {
+ "daysFromHidingToDeleting": 1,
+ "daysFromUploadingToHiding": null,
+ "fileNamePrefix": ""
+ }
+ ]
+
+If there are no lifecycle rules (the default) then it will just return [].
+
+To reset the current lifecycle rules:
+
+ rclone backend lifecycle b2:bucket -o daysFromHidingToDeleting=30
+ rclone backend lifecycle b2:bucket -o daysFromUploadingToHiding=5 -o daysFromHidingToDeleting=1
+
+This will run and then print the new lifecycle rules as above.
+
+Rclone only lets you set lifecycles for the whole bucket with the
+fileNamePrefix = "".
+
+You can't disable versioning with B2. The best you can do is to set
+the daysFromHidingToDeleting to 1 day. You can enable hard_delete in
+the config also which will mean deletions won't cause versions but
+overwrites will still cause versions to be made.
+
+ rclone backend lifecycle b2:bucket -o daysFromHidingToDeleting=1
+
+See: https://www.backblaze.com/docs/cloud-storage-lifecycle-rules
+
+
+Options:
+
+- "daysFromHidingToDeleting": After a file has been hidden for this many days it is deleted. 0 is off.
+- "daysFromUploadingToHiding": This many days after uploading a file is hidden
+
+
+
+## Limitations
+
+`rclone about` is not supported by the B2 backend. Backends without
+this capability cannot determine free space for an rclone mount or
+use policy `mfs` (most free space) as a member of an rclone union
+remote.
+
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
+
+# Box
+
+Paths are specified as `remote:path`
+
+Paths may be as deep as required, e.g. `remote:directory/subdirectory`.
+
+The initial setup for Box involves getting a token from Box which you
+can do either in your browser, or with a config.json downloaded from Box
+to use JWT authentication. `rclone config` walks you through it.
+
+## Configuration
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / Box "box" [snip] Storage> box Box App Client Id - leave blank normally. client_id> Box App Client Secret - leave blank normally. client_secret> Box App config.json location Leave blank normally. Enter a string value. Press Enter for the default (""). box_config_file> Box App Primary Access Token Leave blank normally. Enter a string value. Press Enter for the default (""). access_token>
+Enter a string value. Press Enter for the default ("user"). Choose a number from below, or type in your own value 1 / Rclone should act on behalf of a user "user" 2 / Rclone should act on behalf of a service account "enterprise" box_sub_type> Remote config Use web browser to automatically authenticate rclone with remote? * Say Y if the machine running rclone has a web browser you can use * Say N if running rclone on a (remote) machine without web browser access If not sure try Y. If Y failed, try N. y) Yes n) No y/n> y If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth Log in and authorize rclone for access Waiting for code... Got code -------------------- [remote] client_id = client_secret = token = {"access_token":"XXX","token_type":"bearer","refresh_token":"XXX","expiry":"XXX"} -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y
+
+See the [remote setup docs](https://rclone.org/remote_setup/) for how to set it up on a
+machine with no Internet browser available.
+
+Note that rclone runs a webserver on your local machine to collect the
+token as returned from Box. This only runs from the moment it opens
+your browser to the moment you get back the verification code. This
+is on `http://127.0.0.1:53682/` and this it may require you to unblock
+it temporarily if you are running a host firewall.
+
+Once configured you can then use `rclone` like this,
+
+List directories in top level of your Box
+
+ rclone lsd remote:
+
+List all the files in your Box
+
+ rclone ls remote:
+
+To copy a local directory to an Box directory called backup
+
+ rclone copy /home/source remote:backup
+
+### Using rclone with an Enterprise account with SSO
+
+If you have an "Enterprise" account type with Box with single sign on
+(SSO), you need to create a password to use Box with rclone. This can
+be done at your Enterprise Box account by going to Settings, "Account"
+Tab, and then set the password in the "Authentication" field.
+
+Once you have done this, you can setup your Enterprise Box account
+using the same procedure detailed above in the, using the password you
+have just set.
+
+### Invalid refresh token
+
+According to the [box docs](https://developer.box.com/v2.0/docs/oauth-20#section-6-using-the-access-and-refresh-tokens):
+
+> Each refresh_token is valid for one use in 60 days.
+
+This means that if you
+
+ * Don't use the box remote for 60 days
+ * Copy the config file with a box refresh token in and use it in two places
+ * Get an error on a token refresh
+
+then rclone will return an error which includes the text `Invalid
+refresh token`.
+
+To fix this you will need to use oauth2 again to update the refresh
+token. You can use the methods in [the remote setup
+docs](https://rclone.org/remote_setup/), bearing in mind that if you use the copy the
+config file method, you should not use that remote on the computer you
+did the authentication on.
+
+Here is how to do it.
+
+$ rclone config Current remotes:
+Name Type ==== ==== remote box
+
+- Edit existing remote
+- New remote
+- Delete remote
+- Rename remote
+- Copy remote
+- Set configuration password
+- Quit config e/n/d/r/c/s/q> e Choose a number from below, or type in an existing value 1 > remote remote> remote -------------------- [remote] type = box token = {"access_token":"XXX","token_type":"bearer","refresh_token":"XXX","expiry":"2017-07-08T23:40:08.059167677+01:00"} -------------------- Edit remote Value "client_id" = "" Edit? (y/n)>
+- Yes
+- No y/n> n Value "client_secret" = "" Edit? (y/n)>
+- Yes
+- No y/n> n Remote config Already have a token - refresh?
+- Yes
+- No y/n> y Use web browser to automatically authenticate rclone with remote?
+
-- Config: api_password
-- Env Var: RCLONE_SIA_API_PASSWORD
-- Type: string
-- Required: false
+- Say Y if the machine running rclone has a web browser you can use
+- Say N if running rclone on a (remote) machine without web browser access If not sure try Y. If Y failed, try N.
-Advanced options
-Here are the Advanced options specific to sia (Sia Decentralized Cloud).
---sia-user-agent
-Siad User Agent
-Sia daemon requires the 'Sia-Agent' user agent by default for security
-Properties:
+
+- Yes
+- No y/n> y If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth Log in and authorize rclone for access Waiting for code... Got code -------------------- [remote] type = box token = {"access_token":"YYY","token_type":"bearer","refresh_token":"YYY","expiry":"2017-07-23T12:22:29.259137901+01:00"} --------------------
+- Yes this is OK
+- Edit this remote
+- Delete this remote y/e/d> y
+
+
+### Modification times and hashes
+
+Box allows modification times to be set on objects accurate to 1
+second. These will be used to detect whether objects need syncing or
+not.
+
+Box supports SHA1 type hashes, so you can use the `--checksum`
+flag.
+
+### Restricted filename characters
+
+In addition to the [default restricted characters set](https://rclone.org/overview/#restricted-characters)
+the following characters are also replaced:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| \ | 0x5C | \ |
+
+File names can also not end with the following characters.
+These only get replaced if they are the last character in the name:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| SP | 0x20 | ␠ |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+### Transfers
+
+For files above 50 MiB rclone will use a chunked transfer. Rclone will
+upload up to `--transfers` chunks at the same time (shared among all
+the multipart uploads). Chunks are buffered in memory and are
+normally 8 MiB so increasing `--transfers` will increase memory use.
+
+### Deleting files
+
+Depending on the enterprise settings for your user, the item will
+either be actually deleted from Box or moved to the trash.
+
+Emptying the trash is supported via the rclone however cleanup command
+however this deletes every trashed file and folder individually so it
+may take a very long time.
+Emptying the trash via the WebUI does not have this limitation
+so it is advised to empty the trash via the WebUI.
+
+### Root folder ID
+
+You can set the `root_folder_id` for rclone. This is the directory
+(identified by its `Folder ID`) that rclone considers to be the root
+of your Box drive.
+
+Normally you will leave this blank and rclone will determine the
+correct root to use itself.
+
+However you can set this to restrict rclone to a specific folder
+hierarchy.
+
+In order to do this you will have to find the `Folder ID` of the
+directory you wish rclone to display. This will be the last segment
+of the URL when you open the relevant folder in the Box web
+interface.
+
+So if the folder you want rclone to use has a URL which looks like
+`https://app.box.com/folder/11xxxxxxxxx8`
+in the browser, then you use `11xxxxxxxxx8` as
+the `root_folder_id` in the config.
+
+
+### Standard options
+
+Here are the Standard options specific to box (Box).
+
+#### --box-client-id
+
+OAuth Client Id.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_BOX_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --box-client-secret
+
+OAuth Client Secret.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_BOX_CLIENT_SECRET
+- Type: string
+- Required: false
+
+#### --box-box-config-file
+
+Box App config.json location
+
+Leave blank normally.
+
+Leading `~` will be expanded in the file name as will environment variables such as `${RCLONE_CONFIG_DIR}`.
+
+Properties:
+
+- Config: box_config_file
+- Env Var: RCLONE_BOX_BOX_CONFIG_FILE
+- Type: string
+- Required: false
+
+#### --box-access-token
+
+Box App Primary Access Token
+
+Leave blank normally.
+
+Properties:
+
+- Config: access_token
+- Env Var: RCLONE_BOX_ACCESS_TOKEN
+- Type: string
+- Required: false
+
+#### --box-box-sub-type
+
+
+
+Properties:
+
+- Config: box_sub_type
+- Env Var: RCLONE_BOX_BOX_SUB_TYPE
+- Type: string
+- Default: "user"
+- Examples:
+ - "user"
+ - Rclone should act on behalf of a user.
+ - "enterprise"
+ - Rclone should act on behalf of a service account.
+
+### Advanced options
+
+Here are the Advanced options specific to box (Box).
+
+#### --box-token
+
+OAuth Access Token as a JSON blob.
+
+Properties:
+
+- Config: token
+- Env Var: RCLONE_BOX_TOKEN
+- Type: string
+- Required: false
+
+#### --box-auth-url
+
+Auth server URL.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: auth_url
+- Env Var: RCLONE_BOX_AUTH_URL
+- Type: string
+- Required: false
+
+#### --box-token-url
+
+Token server url.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: token_url
+- Env Var: RCLONE_BOX_TOKEN_URL
+- Type: string
+- Required: false
+
+#### --box-root-folder-id
+
+Fill in for rclone to use a non root folder as its starting point.
+
+Properties:
+
+- Config: root_folder_id
+- Env Var: RCLONE_BOX_ROOT_FOLDER_ID
+- Type: string
+- Default: "0"
+
+#### --box-upload-cutoff
+
+Cutoff for switching to multipart upload (>= 50 MiB).
+
+Properties:
+
+- Config: upload_cutoff
+- Env Var: RCLONE_BOX_UPLOAD_CUTOFF
+- Type: SizeSuffix
+- Default: 50Mi
+
+#### --box-commit-retries
+
+Max number of times to try committing a multipart file.
+
+Properties:
+
+- Config: commit_retries
+- Env Var: RCLONE_BOX_COMMIT_RETRIES
+- Type: int
+- Default: 100
+
+#### --box-list-chunk
+
+Size of listing chunk 1-1000.
+
+Properties:
+
+- Config: list_chunk
+- Env Var: RCLONE_BOX_LIST_CHUNK
+- Type: int
+- Default: 1000
+
+#### --box-owned-by
+
+Only show items owned by the login (email address) passed in.
+
+Properties:
+
+- Config: owned_by
+- Env Var: RCLONE_BOX_OWNED_BY
+- Type: string
+- Required: false
+
+#### --box-impersonate
+
+Impersonate this user ID when using a service account.
+
+Setting this flag allows rclone, when using a JWT service account, to
+act on behalf of another user by setting the as-user header.
+
+The user ID is the Box identifier for a user. User IDs can found for
+any user via the GET /users endpoint, which is only available to
+admins, or by calling the GET /users/me endpoint with an authenticated
+user session.
+
+See: https://developer.box.com/guides/authentication/jwt/as-user/
+
+
+Properties:
+
+- Config: impersonate
+- Env Var: RCLONE_BOX_IMPERSONATE
+- Type: string
+- Required: false
+
+#### --box-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_BOX_ENCODING
+- Type: Encoding
+- Default: Slash,BackSlash,Del,Ctl,RightSpace,InvalidUtf8,Dot
+
+
+
+## Limitations
+
+Note that Box is case insensitive so you can't have a file called
+"Hello.doc" and one called "hello.doc".
+
+Box file names can't have the `\` character in. rclone maps this to
+and from an identical looking unicode equivalent `\` (U+FF3C Fullwidth
+Reverse Solidus).
+
+Box only supports filenames up to 255 characters in length.
+
+Box has [API rate limits](https://developer.box.com/guides/api-calls/permissions-and-errors/rate-limits/) that sometimes reduce the speed of rclone.
+
+`rclone about` is not supported by the Box backend. Backends without
+this capability cannot determine free space for an rclone mount or
+use policy `mfs` (most free space) as a member of an rclone union
+remote.
+
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
+
+## Get your own Box App ID
+
+Here is how to create your own Box App ID for rclone:
+
+1. Go to the [Box Developer Console](https://app.box.com/developers/console)
+and login, then click `My Apps` on the sidebar. Click `Create New App`
+and select `Custom App`.
+
+2. In the first screen on the box that pops up, you can pretty much enter
+whatever you want. The `App Name` can be whatever. For `Purpose` choose
+automation to avoid having to fill out anything else. Click `Next`.
+
+3. In the second screen of the creation screen, select
+`User Authentication (OAuth 2.0)`. Then click `Create App`.
+
+4. You should now be on the `Configuration` tab of your new app. If not,
+click on it at the top of the webpage. Copy down `Client ID`
+and `Client Secret`, you'll need those for rclone.
+
+5. Under "OAuth 2.0 Redirect URI", add `http://127.0.0.1:53682/`
+
+6. For `Application Scopes`, select `Read all files and folders stored in Box`
+and `Write all files and folders stored in box` (assuming you want to do both).
+Leave others unchecked. Click `Save Changes` at the top right.
+
+# Cache
+
+The `cache` remote wraps another existing remote and stores file structure
+and its data for long running tasks like `rclone mount`.
+
+## Status
+
+The cache backend code is working but it currently doesn't
+have a maintainer so there are [outstanding bugs](https://github.com/rclone/rclone/issues?q=is%3Aopen+is%3Aissue+label%3Abug+label%3A%22Remote%3A+Cache%22) which aren't getting fixed.
+
+The cache backend is due to be phased out in favour of the VFS caching
+layer eventually which is more tightly integrated into rclone.
+
+Until this happens we recommend only using the cache backend if you
+find you can't work without it. There are many docs online describing
+the use of the cache backend to minimize API hits and by-and-large
+these are out of date and the cache backend isn't needed in those
+scenarios any more.
+
+## Configuration
+
+To get started you just need to have an existing remote which can be configured
+with `cache`.
+
+Here is an example of how to make a remote called `test-cache`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote r) Rename remote c) Copy remote s) Set configuration password q) Quit config n/r/c/s/q> n name> test-cache Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / Cache a remote "cache" [snip] Storage> cache Remote to cache. Normally should contain a ':' and a path, e.g. "myremote:path/to/dir", "myremote:bucket" or maybe "myremote:" (not recommended). remote> local:/test Optional: The URL of the Plex server plex_url> http://127.0.0.1:32400 Optional: The username of the Plex user plex_username> dummyusername Optional: The password of the Plex user y) Yes type in my own password g) Generate random password n) No leave this optional password blank y/g/n> y Enter the password: password: Confirm the password: password: The size of a chunk. Lower value good for slow connections but can affect seamless reading. Default: 5M Choose a number from below, or type in your own value 1 / 1 MiB "1M" 2 / 5 MiB "5M" 3 / 10 MiB "10M" chunk_size> 2 How much time should object info (file size, file hashes, etc.) be stored in cache. Use a very high value if you don't plan on changing the source FS from outside the cache. Accepted units are: "s", "m", "h". Default: 5m Choose a number from below, or type in your own value 1 / 1 hour "1h" 2 / 24 hours "24h" 3 / 24 hours "48h" info_age> 2 The maximum size of stored chunks. When the storage grows beyond this size, the oldest chunks will be deleted. Default: 10G Choose a number from below, or type in your own value 1 / 500 MiB "500M" 2 / 1 GiB "1G" 3 / 10 GiB "10G" chunk_total_size> 3 Remote config -------------------- [test-cache] remote = local:/test plex_url = http://127.0.0.1:32400 plex_username = dummyusername plex_password = *** ENCRYPTED *** chunk_size = 5M info_age = 48h chunk_total_size = 10G
+
+You can then use it like this,
+
+List directories in top level of your drive
+
+ rclone lsd test-cache:
+
+List all the files in your drive
+
+ rclone ls test-cache:
+
+To start a cached mount
+
+ rclone mount --allow-other test-cache: /var/tmp/test-cache
+
+### Write Features ###
+
+### Offline uploading ###
+
+In an effort to make writing through cache more reliable, the backend
+now supports this feature which can be activated by specifying a
+`cache-tmp-upload-path`.
+
+A files goes through these states when using this feature:
+
+1. An upload is started (usually by copying a file on the cache remote)
+2. When the copy to the temporary location is complete the file is part
+of the cached remote and looks and behaves like any other file (reading included)
+3. After `cache-tmp-wait-time` passes and the file is next in line, `rclone move`
+is used to move the file to the cloud provider
+4. Reading the file still works during the upload but most modifications on it will be prohibited
+5. Once the move is complete the file is unlocked for modifications as it
+becomes as any other regular file
+6. If the file is being read through `cache` when it's actually
+deleted from the temporary path then `cache` will simply swap the source
+to the cloud provider without interrupting the reading (small blip can happen though)
+
+Files are uploaded in sequence and only one file is uploaded at a time.
+Uploads will be stored in a queue and be processed based on the order they were added.
+The queue and the temporary storage is persistent across restarts but
+can be cleared on startup with the `--cache-db-purge` flag.
+
+### Write Support ###
+
+Writes are supported through `cache`.
+One caveat is that a mounted cache remote does not add any retry or fallback
+mechanism to the upload operation. This will depend on the implementation
+of the wrapped remote. Consider using `Offline uploading` for reliable writes.
+
+One special case is covered with `cache-writes` which will cache the file
+data at the same time as the upload when it is enabled making it available
+from the cache store immediately once the upload is finished.
+
+### Read Features ###
+
+#### Multiple connections ####
+
+To counter the high latency between a local PC where rclone is running
+and cloud providers, the cache remote can split multiple requests to the
+cloud provider for smaller file chunks and combines them together locally
+where they can be available almost immediately before the reader usually
+needs them.
+
+This is similar to buffering when media files are played online. Rclone
+will stay around the current marker but always try its best to stay ahead
+and prepare the data before.
+
+#### Plex Integration ####
+
+There is a direct integration with Plex which allows cache to detect during reading
+if the file is in playback or not. This helps cache to adapt how it queries
+the cloud provider depending on what is needed for.
+
+Scans will have a minimum amount of workers (1) while in a confirmed playback cache
+will deploy the configured number of workers.
+
+This integration opens the doorway to additional performance improvements
+which will be explored in the near future.
+
+**Note:** If Plex options are not configured, `cache` will function with its
+configured options without adapting any of its settings.
+
+How to enable? Run `rclone config` and add all the Plex options (endpoint, username
+and password) in your remote and it will be automatically enabled.
+
+Affected settings:
+- `cache-workers`: _Configured value_ during confirmed playback or _1_ all the other times
+
+##### Certificate Validation #####
+
+When the Plex server is configured to only accept secure connections, it is
+possible to use `.plex.direct` URLs to ensure certificate validation succeeds.
+These URLs are used by Plex internally to connect to the Plex server securely.
+
+The format for these URLs is the following:
+
+`https://ip-with-dots-replaced.server-hash.plex.direct:32400/`
+
+The `ip-with-dots-replaced` part can be any IPv4 address, where the dots
+have been replaced with dashes, e.g. `127.0.0.1` becomes `127-0-0-1`.
+
+To get the `server-hash` part, the easiest way is to visit
+
+https://plex.tv/api/resources?includeHttps=1&X-Plex-Token=your-plex-token
+
+This page will list all the available Plex servers for your account
+with at least one `.plex.direct` link for each. Copy one URL and replace
+the IP address with the desired address. This can be used as the
+`plex_url` value.
+
+### Known issues ###
+
+#### Mount and --dir-cache-time ####
+
+--dir-cache-time controls the first layer of directory caching which works at the mount layer.
+Being an independent caching mechanism from the `cache` backend, it will manage its own entries
+based on the configured time.
+
+To avoid getting in a scenario where dir cache has obsolete data and cache would have the correct
+one, try to set `--dir-cache-time` to a lower time than `--cache-info-age`. Default values are
+already configured in this way.
+
+#### Windows support - Experimental ####
+
+There are a couple of issues with Windows `mount` functionality that still require some investigations.
+It should be considered as experimental thus far as fixes come in for this OS.
+
+Most of the issues seem to be related to the difference between filesystems
+on Linux flavors and Windows as cache is heavily dependent on them.
+
+Any reports or feedback on how cache behaves on this OS is greatly appreciated.
+
+- https://github.com/rclone/rclone/issues/1935
+- https://github.com/rclone/rclone/issues/1907
+- https://github.com/rclone/rclone/issues/1834
+
+#### Risk of throttling ####
+
+Future iterations of the cache backend will make use of the pooling functionality
+of the cloud provider to synchronize and at the same time make writing through it
+more tolerant to failures.
+
+There are a couple of enhancements in track to add these but in the meantime
+there is a valid concern that the expiring cache listings can lead to cloud provider
+throttles or bans due to repeated queries on it for very large mounts.
+
+Some recommendations:
+- don't use a very small interval for entry information (`--cache-info-age`)
+- while writes aren't yet optimised, you can still write through `cache` which gives you the advantage
+of adding the file in the cache at the same time if configured to do so.
+
+Future enhancements:
+
+- https://github.com/rclone/rclone/issues/1937
+- https://github.com/rclone/rclone/issues/1936
+
+#### cache and crypt ####
+
+One common scenario is to keep your data encrypted in the cloud provider
+using the `crypt` remote. `crypt` uses a similar technique to wrap around
+an existing remote and handles this translation in a seamless way.
+
+There is an issue with wrapping the remotes in this order:
+**cloud remote** -> **crypt** -> **cache**
+
+During testing, I experienced a lot of bans with the remotes in this order.
+I suspect it might be related to how crypt opens files on the cloud provider
+which makes it think we're downloading the full file instead of small chunks.
+Organizing the remotes in this order yields better results:
+**cloud remote** -> **cache** -> **crypt**
+
+#### absolute remote paths ####
+
+`cache` can not differentiate between relative and absolute paths for the wrapped remote.
+Any path given in the `remote` config setting and on the command line will be passed to
+the wrapped remote as is, but for storing the chunks on disk the path will be made
+relative by removing any leading `/` character.
+
+This behavior is irrelevant for most backend types, but there are backends where a leading `/`
+changes the effective directory, e.g. in the `sftp` backend paths starting with a `/` are
+relative to the root of the SSH server and paths without are relative to the user home directory.
+As a result `sftp:bin` and `sftp:/bin` will share the same cache folder, even if they represent
+a different directory on the SSH server.
+
+### Cache and Remote Control (--rc) ###
+Cache supports the new `--rc` mode in rclone and can be remote controlled through the following end points:
+By default, the listener is disabled if you do not add the flag.
+
+### rc cache/expire
+Purge a remote from the cache backend. Supports either a directory or a file.
+It supports both encrypted and unencrypted file names if cache is wrapped by crypt.
+
+Params:
+ - **remote** = path to remote **(required)**
+ - **withData** = true/false to delete cached data (chunks) as well _(optional, false by default)_
+
+
+### Standard options
+
+Here are the Standard options specific to cache (Cache a remote).
+
+#### --cache-remote
+
+Remote to cache.
+
+Normally should contain a ':' and a path, e.g. "myremote:path/to/dir",
+"myremote:bucket" or maybe "myremote:" (not recommended).
+
+Properties:
+
+- Config: remote
+- Env Var: RCLONE_CACHE_REMOTE
+- Type: string
+- Required: true
+
+#### --cache-plex-url
+
+The URL of the Plex server.
+
+Properties:
+
+- Config: plex_url
+- Env Var: RCLONE_CACHE_PLEX_URL
+- Type: string
+- Required: false
+
+#### --cache-plex-username
+
+The username of the Plex user.
+
+Properties:
+
+- Config: plex_username
+- Env Var: RCLONE_CACHE_PLEX_USERNAME
+- Type: string
+- Required: false
+
+#### --cache-plex-password
+
+The password of the Plex user.
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: plex_password
+- Env Var: RCLONE_CACHE_PLEX_PASSWORD
+- Type: string
+- Required: false
+
+#### --cache-chunk-size
+
+The size of a chunk (partial file data).
+
+Use lower numbers for slower connections. If the chunk size is
+changed, any downloaded chunks will be invalid and cache-chunk-path
+will need to be cleared or unexpected EOF errors will occur.
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_CACHE_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 5Mi
+- Examples:
+ - "1M"
+ - 1 MiB
+ - "5M"
+ - 5 MiB
+ - "10M"
+ - 10 MiB
+
+#### --cache-info-age
+
+How long to cache file structure information (directory listings, file size, times, etc.).
+If all write operations are done through the cache then you can safely make
+this value very large as the cache store will also be updated in real time.
+
+Properties:
+
+- Config: info_age
+- Env Var: RCLONE_CACHE_INFO_AGE
+- Type: Duration
+- Default: 6h0m0s
+- Examples:
+ - "1h"
+ - 1 hour
+ - "24h"
+ - 24 hours
+ - "48h"
+ - 48 hours
+
+#### --cache-chunk-total-size
+
+The total size that the chunks can take up on the local disk.
+
+If the cache exceeds this value then it will start to delete the
+oldest chunks until it goes under this value.
+
+Properties:
+
+- Config: chunk_total_size
+- Env Var: RCLONE_CACHE_CHUNK_TOTAL_SIZE
+- Type: SizeSuffix
+- Default: 10Gi
+- Examples:
+ - "500M"
+ - 500 MiB
+ - "1G"
+ - 1 GiB
+ - "10G"
+ - 10 GiB
+
+### Advanced options
+
+Here are the Advanced options specific to cache (Cache a remote).
+
+#### --cache-plex-token
+
+The plex token for authentication - auto set normally.
+
+Properties:
+
+- Config: plex_token
+- Env Var: RCLONE_CACHE_PLEX_TOKEN
+- Type: string
+- Required: false
+
+#### --cache-plex-insecure
+
+Skip all certificate verification when connecting to the Plex server.
+
+Properties:
+
+- Config: plex_insecure
+- Env Var: RCLONE_CACHE_PLEX_INSECURE
+- Type: string
+- Required: false
+
+#### --cache-db-path
+
+Directory to store file structure metadata DB.
+
+The remote name is used as the DB file name.
+
+Properties:
+
+- Config: db_path
+- Env Var: RCLONE_CACHE_DB_PATH
+- Type: string
+- Default: "$HOME/.cache/rclone/cache-backend"
+
+#### --cache-chunk-path
+
+Directory to cache chunk files.
+
+Path to where partial file data (chunks) are stored locally. The remote
+name is appended to the final path.
+
+This config follows the "--cache-db-path". If you specify a custom
+location for "--cache-db-path" and don't specify one for "--cache-chunk-path"
+then "--cache-chunk-path" will use the same path as "--cache-db-path".
+
+Properties:
+
+- Config: chunk_path
+- Env Var: RCLONE_CACHE_CHUNK_PATH
+- Type: string
+- Default: "$HOME/.cache/rclone/cache-backend"
+
+#### --cache-db-purge
+
+Clear all the cached data for this remote on start.
+
+Properties:
+
+- Config: db_purge
+- Env Var: RCLONE_CACHE_DB_PURGE
+- Type: bool
+- Default: false
+
+#### --cache-chunk-clean-interval
+
+How often should the cache perform cleanups of the chunk storage.
+
+The default value should be ok for most people. If you find that the
+cache goes over "cache-chunk-total-size" too often then try to lower
+this value to force it to perform cleanups more often.
+
+Properties:
+
+- Config: chunk_clean_interval
+- Env Var: RCLONE_CACHE_CHUNK_CLEAN_INTERVAL
+- Type: Duration
+- Default: 1m0s
+
+#### --cache-read-retries
+
+How many times to retry a read from a cache storage.
+
+Since reading from a cache stream is independent from downloading file
+data, readers can get to a point where there's no more data in the
+cache. Most of the times this can indicate a connectivity issue if
+cache isn't able to provide file data anymore.
+
+For really slow connections, increase this to a point where the stream is
+able to provide data but your experience will be very stuttering.
+
+Properties:
+
+- Config: read_retries
+- Env Var: RCLONE_CACHE_READ_RETRIES
+- Type: int
+- Default: 10
+
+#### --cache-workers
+
+How many workers should run in parallel to download chunks.
+
+Higher values will mean more parallel processing (better CPU needed)
+and more concurrent requests on the cloud provider. This impacts
+several aspects like the cloud provider API limits, more stress on the
+hardware that rclone runs on but it also means that streams will be
+more fluid and data will be available much more faster to readers.
+
+**Note**: If the optional Plex integration is enabled then this
+setting will adapt to the type of reading performed and the value
+specified here will be used as a maximum number of workers to use.
+
+Properties:
+
+- Config: workers
+- Env Var: RCLONE_CACHE_WORKERS
+- Type: int
+- Default: 4
+
+#### --cache-chunk-no-memory
+
+Disable the in-memory cache for storing chunks during streaming.
+
+By default, cache will keep file data during streaming in RAM as well
+to provide it to readers as fast as possible.
+
+This transient data is evicted as soon as it is read and the number of
+chunks stored doesn't exceed the number of workers. However, depending
+on other settings like "cache-chunk-size" and "cache-workers" this footprint
+can increase if there are parallel streams too (multiple files being read
+at the same time).
+
+If the hardware permits it, use this feature to provide an overall better
+performance during streaming but it can also be disabled if RAM is not
+available on the local machine.
+
+Properties:
+
+- Config: chunk_no_memory
+- Env Var: RCLONE_CACHE_CHUNK_NO_MEMORY
+- Type: bool
+- Default: false
+
+#### --cache-rps
+
+Limits the number of requests per second to the source FS (-1 to disable).
+
+This setting places a hard limit on the number of requests per second
+that cache will be doing to the cloud provider remote and try to
+respect that value by setting waits between reads.
+
+If you find that you're getting banned or limited on the cloud
+provider through cache and know that a smaller number of requests per
+second will allow you to work with it then you can use this setting
+for that.
+
+A good balance of all the other settings should make this setting
+useless but it is available to set for more special cases.
+
+**NOTE**: This will limit the number of requests during streams but
+other API calls to the cloud provider like directory listings will
+still pass.
+
+Properties:
+
+- Config: rps
+- Env Var: RCLONE_CACHE_RPS
+- Type: int
+- Default: -1
+
+#### --cache-writes
+
+Cache file data on writes through the FS.
+
+If you need to read files immediately after you upload them through
+cache you can enable this flag to have their data stored in the
+cache store at the same time during upload.
+
+Properties:
+
+- Config: writes
+- Env Var: RCLONE_CACHE_WRITES
+- Type: bool
+- Default: false
+
+#### --cache-tmp-upload-path
+
+Directory to keep temporary files until they are uploaded.
+
+This is the path where cache will use as a temporary storage for new
+files that need to be uploaded to the cloud provider.
+
+Specifying a value will enable this feature. Without it, it is
+completely disabled and files will be uploaded directly to the cloud
+provider
+
+Properties:
+
+- Config: tmp_upload_path
+- Env Var: RCLONE_CACHE_TMP_UPLOAD_PATH
+- Type: string
+- Required: false
+
+#### --cache-tmp-wait-time
+
+How long should files be stored in local cache before being uploaded.
+
+This is the duration that a file must wait in the temporary location
+_cache-tmp-upload-path_ before it is selected for upload.
+
+Note that only one file is uploaded at a time and it can take longer
+to start the upload if a queue formed for this purpose.
+
+Properties:
+
+- Config: tmp_wait_time
+- Env Var: RCLONE_CACHE_TMP_WAIT_TIME
+- Type: Duration
+- Default: 15s
+
+#### --cache-db-wait-time
+
+How long to wait for the DB to be available - 0 is unlimited.
+
+Only one process can have the DB open at any one time, so rclone waits
+for this duration for the DB to become available before it gives an
+error.
+
+If you set it to 0 then it will wait forever.
+
+Properties:
+
+- Config: db_wait_time
+- Env Var: RCLONE_CACHE_DB_WAIT_TIME
+- Type: Duration
+- Default: 1s
+
+## Backend commands
+
+Here are the commands specific to the cache backend.
+
+Run them with
+
+ rclone backend COMMAND remote:
+
+The help below will explain what arguments each command takes.
+
+See the [backend](https://rclone.org/commands/rclone_backend/) command for more
+info on how to pass options and arguments.
+
+These can be run on a running backend using the rc command
+[backend/command](https://rclone.org/rc/#backend-command).
+
+### stats
+
+Print stats on the cache backend in JSON format.
+
+ rclone backend stats remote: [options] [<arguments>+]
+
+
+
+# Chunker
+
+The `chunker` overlay transparently splits large files into smaller chunks
+during upload to wrapped remote and transparently assembles them back
+when the file is downloaded. This allows to effectively overcome size limits
+imposed by storage providers.
+
+## Configuration
+
+To use it, first set up the underlying remote following the configuration
+instructions for that remote. You can also use a local pathname instead of
+a remote.
+
+First check your chosen remote is working - we'll call it `remote:path` here.
+Note that anything inside `remote:path` will be chunked and anything outside
+won't. This means that if you are using a bucket-based remote (e.g. S3, B2, swift)
+then you should probably put the bucket in the remote `s3:bucket`.
+
+Now configure `chunker` using `rclone config`. We will call this one `overlay`
+to separate it from the `remote` itself.
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> overlay Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / Transparently chunk/split large files "chunker" [snip] Storage> chunker Remote to chunk/unchunk. Normally should contain a ':' and a path, e.g. "myremote:path/to/dir", "myremote:bucket" or maybe "myremote:" (not recommended). Enter a string value. Press Enter for the default (""). remote> remote:path Files larger than chunk size will be split in chunks. Enter a size with suffix K,M,G,T. Press Enter for the default ("2G"). chunk_size> 100M Choose how chunker handles hash sums. All modes but "none" require metadata. Enter a string value. Press Enter for the default ("md5"). Choose a number from below, or type in your own value 1 / Pass any hash supported by wrapped remote for non-chunked files, return nothing otherwise "none" 2 / MD5 for composite files "md5" 3 / SHA1 for composite files "sha1" 4 / MD5 for all files "md5all" 5 / SHA1 for all files "sha1all" 6 / Copying a file to chunker will request MD5 from the source falling back to SHA1 if unsupported "md5quick" 7 / Similar to "md5quick" but prefers SHA1 over MD5 "sha1quick" hash_type> md5 Edit advanced config? (y/n) y) Yes n) No y/n> n Remote config -------------------- [overlay] type = chunker remote = remote:bucket chunk_size = 100M hash_type = md5 -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y
+
+### Specifying the remote
+
+In normal use, make sure the remote has a `:` in. If you specify the remote
+without a `:` then rclone will use a local directory of that name.
+So if you use a remote of `/path/to/secret/files` then rclone will
+chunk stuff in that directory. If you use a remote of `name` then rclone
+will put files in a directory called `name` in the current directory.
+
+
+### Chunking
+
+When rclone starts a file upload, chunker checks the file size. If it
+doesn't exceed the configured chunk size, chunker will just pass the file
+to the wrapped remote (however, see caveat below). If a file is large, chunker will transparently cut
+data in pieces with temporary names and stream them one by one, on the fly.
+Each data chunk will contain the specified number of bytes, except for the
+last one which may have less data. If file size is unknown in advance
+(this is called a streaming upload), chunker will internally create
+a temporary copy, record its size and repeat the above process.
+
+When upload completes, temporary chunk files are finally renamed.
+This scheme guarantees that operations can be run in parallel and look
+from outside as atomic.
+A similar method with hidden temporary chunks is used for other operations
+(copy/move/rename, etc.). If an operation fails, hidden chunks are normally
+destroyed, and the target composite file stays intact.
+
+When a composite file download is requested, chunker transparently
+assembles it by concatenating data chunks in order. As the split is trivial
+one could even manually concatenate data chunks together to obtain the
+original content.
+
+When the `list` rclone command scans a directory on wrapped remote,
+the potential chunk files are accounted for, grouped and assembled into
+composite directory entries. Any temporary chunks are hidden.
+
+List and other commands can sometimes come across composite files with
+missing or invalid chunks, e.g. shadowed by like-named directory or
+another file. This usually means that wrapped file system has been directly
+tampered with or damaged. If chunker detects a missing chunk it will
+by default print warning, skip the whole incomplete group of chunks but
+proceed with current command.
+You can set the `--chunker-fail-hard` flag to have commands abort with
+error message in such cases.
+
+**Caveat**: As it is now, chunker will always create a temporary file in the
+backend and then rename it, even if the file is below the chunk threshold.
+This will result in unnecessary API calls and can severely restrict throughput
+when handling transfers primarily composed of small files on some backends (e.g. Box).
+A workaround to this issue is to use chunker only for files above the chunk threshold
+via `--min-size` and then perform a separate call without chunker on the remaining
+files.
+
+
+#### Chunk names
+
+The default chunk name format is `*.rclone_chunk.###`, hence by default
+chunk names are `BIG_FILE_NAME.rclone_chunk.001`,
+`BIG_FILE_NAME.rclone_chunk.002` etc. You can configure another name format
+using the `name_format` configuration file option. The format uses asterisk
+`*` as a placeholder for the base file name and one or more consecutive
+hash characters `#` as a placeholder for sequential chunk number.
+There must be one and only one asterisk. The number of consecutive hash
+characters defines the minimum length of a string representing a chunk number.
+If decimal chunk number has less digits than the number of hashes, it is
+left-padded by zeros. If the decimal string is longer, it is left intact.
+By default numbering starts from 1 but there is another option that allows
+user to start from 0, e.g. for compatibility with legacy software.
+
+For example, if name format is `big_*-##.part` and original file name is
+`data.txt` and numbering starts from 0, then the first chunk will be named
+`big_data.txt-00.part`, the 99th chunk will be `big_data.txt-98.part`
+and the 302nd chunk will become `big_data.txt-301.part`.
+
+Note that `list` assembles composite directory entries only when chunk names
+match the configured format and treats non-conforming file names as normal
+non-chunked files.
+
+When using `norename` transactions, chunk names will additionally have a unique
+file version suffix. For example, `BIG_FILE_NAME.rclone_chunk.001_bp562k`.
+
+
+### Metadata
+
+Besides data chunks chunker will by default create metadata object for
+a composite file. The object is named after the original file.
+Chunker allows user to disable metadata completely (the `none` format).
+Note that metadata is normally not created for files smaller than the
+configured chunk size. This may change in future rclone releases.
+
+#### Simple JSON metadata format
+
+This is the default format. It supports hash sums and chunk validation
+for composite files. Meta objects carry the following fields:
+
+- `ver` - version of format, currently `1`
+- `size` - total size of composite file
+- `nchunks` - number of data chunks in file
+- `md5` - MD5 hashsum of composite file (if present)
+- `sha1` - SHA1 hashsum (if present)
+- `txn` - identifies current version of the file
+
+There is no field for composite file name as it's simply equal to the name
+of meta object on the wrapped remote. Please refer to respective sections
+for details on hashsums and modified time handling.
+
+#### No metadata
+
+You can disable meta objects by setting the meta format option to `none`.
+In this mode chunker will scan directory for all files that follow
+configured chunk name format, group them by detecting chunks with the same
+base name and show group names as virtual composite files.
+This method is more prone to missing chunk errors (especially missing
+last chunk) than format with metadata enabled.
+
+
+### Hashsums
+
+Chunker supports hashsums only when a compatible metadata is present.
+Hence, if you choose metadata format of `none`, chunker will report hashsum
+as `UNSUPPORTED`.
+
+Please note that by default metadata is stored only for composite files.
+If a file is smaller than configured chunk size, chunker will transparently
+redirect hash requests to wrapped remote, so support depends on that.
+You will see the empty string as a hashsum of requested type for small
+files if the wrapped remote doesn't support it.
+
+Many storage backends support MD5 and SHA1 hash types, so does chunker.
+With chunker you can choose one or another but not both.
+MD5 is set by default as the most supported type.
+Since chunker keeps hashes for composite files and falls back to the
+wrapped remote hash for non-chunked ones, we advise you to choose the same
+hash type as supported by wrapped remote so that your file listings
+look coherent.
+
+If your storage backend does not support MD5 or SHA1 but you need consistent
+file hashing, configure chunker with `md5all` or `sha1all`. These two modes
+guarantee given hash for all files. If wrapped remote doesn't support it,
+chunker will then add metadata to all files, even small. However, this can
+double the amount of small files in storage and incur additional service charges.
+You can even use chunker to force md5/sha1 support in any other remote
+at expense of sidecar meta objects by setting e.g. `hash_type=sha1all`
+to force hashsums and `chunk_size=1P` to effectively disable chunking.
+
+Normally, when a file is copied to chunker controlled remote, chunker
+will ask the file source for compatible file hash and revert to on-the-fly
+calculation if none is found. This involves some CPU overhead but provides
+a guarantee that given hashsum is available. Also, chunker will reject
+a server-side copy or move operation if source and destination hashsum
+types are different resulting in the extra network bandwidth, too.
+In some rare cases this may be undesired, so chunker provides two optional
+choices: `sha1quick` and `md5quick`. If the source does not support primary
+hash type and the quick mode is enabled, chunker will try to fall back to
+the secondary type. This will save CPU and bandwidth but can result in empty
+hashsums at destination. Beware of consequences: the `sync` command will
+revert (sometimes silently) to time/size comparison if compatible hashsums
+between source and target are not found.
+
+
+### Modification times
+
+Chunker stores modification times using the wrapped remote so support
+depends on that. For a small non-chunked file the chunker overlay simply
+manipulates modification time of the wrapped remote file.
+For a composite file with metadata chunker will get and set
+modification time of the metadata object on the wrapped remote.
+If file is chunked but metadata format is `none` then chunker will
+use modification time of the first data chunk.
+
+
+### Migrations
+
+The idiomatic way to migrate to a different chunk size, hash type, transaction
+style or chunk naming scheme is to:
+
+- Collect all your chunked files under a directory and have your
+ chunker remote point to it.
+- Create another directory (most probably on the same cloud storage)
+ and configure a new remote with desired metadata format,
+ hash type, chunk naming etc.
+- Now run `rclone sync --interactive oldchunks: newchunks:` and all your data
+ will be transparently converted in transfer.
+ This may take some time, yet chunker will try server-side
+ copy if possible.
+- After checking data integrity you may remove configuration section
+ of the old remote.
+
+If rclone gets killed during a long operation on a big composite file,
+hidden temporary chunks may stay in the directory. They will not be
+shown by the `list` command but will eat up your account quota.
+Please note that the `deletefile` command deletes only active
+chunks of a file. As a workaround, you can use remote of the wrapped
+file system to see them.
+An easy way to get rid of hidden garbage is to copy littered directory
+somewhere using the chunker remote and purge the original directory.
+The `copy` command will copy only active chunks while the `purge` will
+remove everything including garbage.
+
+
+### Caveats and Limitations
+
+Chunker requires wrapped remote to support server-side `move` (or `copy` +
+`delete`) operations, otherwise it will explicitly refuse to start.
+This is because it internally renames temporary chunk files to their final
+names when an operation completes successfully.
+
+Chunker encodes chunk number in file name, so with default `name_format`
+setting it adds 17 characters. Also chunker adds 7 characters of temporary
+suffix during operations. Many file systems limit base file name without path
+by 255 characters. Using rclone's crypt remote as a base file system limits
+file name by 143 characters. Thus, maximum name length is 231 for most files
+and 119 for chunker-over-crypt. A user in need can change name format to
+e.g. `*.rcc##` and save 10 characters (provided at most 99 chunks per file).
+
+Note that a move implemented using the copy-and-delete method may incur
+double charging with some cloud storage providers.
+
+Chunker will not automatically rename existing chunks when you run
+`rclone config` on a live remote and change the chunk name format.
+Beware that in result of this some files which have been treated as chunks
+before the change can pop up in directory listings as normal files
+and vice versa. The same warning holds for the chunk size.
+If you desperately need to change critical chunking settings, you should
+run data migration as described above.
+
+If wrapped remote is case insensitive, the chunker overlay will inherit
+that property (so you can't have a file called "Hello.doc" and "hello.doc"
+in the same directory).
+
+Chunker included in rclone releases up to `v1.54` can sometimes fail to
+detect metadata produced by recent versions of rclone. We recommend users
+to keep rclone up-to-date to avoid data corruption.
+
+Changing `transactions` is dangerous and requires explicit migration.
+
+
+### Standard options
+
+Here are the Standard options specific to chunker (Transparently chunk/split large files).
+
+#### --chunker-remote
+
+Remote to chunk/unchunk.
+
+Normally should contain a ':' and a path, e.g. "myremote:path/to/dir",
+"myremote:bucket" or maybe "myremote:" (not recommended).
+
+Properties:
+
+- Config: remote
+- Env Var: RCLONE_CHUNKER_REMOTE
+- Type: string
+- Required: true
+
+#### --chunker-chunk-size
+
+Files larger than chunk size will be split in chunks.
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_CHUNKER_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 2Gi
+
+#### --chunker-hash-type
+
+Choose how chunker handles hash sums.
+
+All modes but "none" require metadata.
+
+Properties:
+
+- Config: hash_type
+- Env Var: RCLONE_CHUNKER_HASH_TYPE
+- Type: string
+- Default: "md5"
+- Examples:
+ - "none"
+ - Pass any hash supported by wrapped remote for non-chunked files.
+ - Return nothing otherwise.
+ - "md5"
+ - MD5 for composite files.
+ - "sha1"
+ - SHA1 for composite files.
+ - "md5all"
+ - MD5 for all files.
+ - "sha1all"
+ - SHA1 for all files.
+ - "md5quick"
+ - Copying a file to chunker will request MD5 from the source.
+ - Falling back to SHA1 if unsupported.
+ - "sha1quick"
+ - Similar to "md5quick" but prefers SHA1 over MD5.
+
+### Advanced options
+
+Here are the Advanced options specific to chunker (Transparently chunk/split large files).
+
+#### --chunker-name-format
+
+String format of chunk file names.
+
+The two placeholders are: base file name (*) and chunk number (#...).
+There must be one and only one asterisk and one or more consecutive hash characters.
+If chunk number has less digits than the number of hashes, it is left-padded by zeros.
+If there are more digits in the number, they are left as is.
+Possible chunk files are ignored if their name does not match given format.
+
+Properties:
+
+- Config: name_format
+- Env Var: RCLONE_CHUNKER_NAME_FORMAT
+- Type: string
+- Default: "*.rclone_chunk.###"
+
+#### --chunker-start-from
+
+Minimum valid chunk number. Usually 0 or 1.
+
+By default chunk numbers start from 1.
+
+Properties:
+
+- Config: start_from
+- Env Var: RCLONE_CHUNKER_START_FROM
+- Type: int
+- Default: 1
+
+#### --chunker-meta-format
+
+Format of the metadata object or "none".
+
+By default "simplejson".
+Metadata is a small JSON file named after the composite file.
+
+Properties:
+
+- Config: meta_format
+- Env Var: RCLONE_CHUNKER_META_FORMAT
+- Type: string
+- Default: "simplejson"
+- Examples:
+ - "none"
+ - Do not use metadata files at all.
+ - Requires hash type "none".
+ - "simplejson"
+ - Simple JSON supports hash sums and chunk validation.
+ -
+ - It has the following fields: ver, size, nchunks, md5, sha1.
+
+#### --chunker-fail-hard
+
+Choose how chunker should handle files with missing or invalid chunks.
+
+Properties:
+
+- Config: fail_hard
+- Env Var: RCLONE_CHUNKER_FAIL_HARD
+- Type: bool
+- Default: false
+- Examples:
+ - "true"
+ - Report errors and abort current command.
+ - "false"
+ - Warn user, skip incomplete file and proceed.
+
+#### --chunker-transactions
+
+Choose how chunker should handle temporary files during transactions.
+
+Properties:
+
+- Config: transactions
+- Env Var: RCLONE_CHUNKER_TRANSACTIONS
+- Type: string
+- Default: "rename"
+- Examples:
+ - "rename"
+ - Rename temporary files after a successful transaction.
+ - "norename"
+ - Leave temporary file names and write transaction ID to metadata file.
+ - Metadata is required for no rename transactions (meta format cannot be "none").
+ - If you are using norename transactions you should be careful not to downgrade Rclone
+ - as older versions of Rclone don't support this transaction style and will misinterpret
+ - files manipulated by norename transactions.
+ - This method is EXPERIMENTAL, don't use on production systems.
+ - "auto"
+ - Rename or norename will be used depending on capabilities of the backend.
+ - If meta format is set to "none", rename transactions will always be used.
+ - This method is EXPERIMENTAL, don't use on production systems.
+
+
+
+# Citrix ShareFile
+
+[Citrix ShareFile](https://sharefile.com) is a secure file sharing and transfer service aimed as business.
+
+## Configuration
+
+The initial setup for Citrix ShareFile involves getting a token from
+Citrix ShareFile which you can in your browser. `rclone config` walks you
+through it.
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value XX / Citrix Sharefile "sharefile" Storage> sharefile ** See help for sharefile backend at: https://rclone.org/sharefile/ **
+ID of the root folder
+Leave blank to access "Personal Folders". You can use one of the standard values here or any folder ID (long hex number ID). Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value 1 / Access the Personal Folders. (Default) "" 2 / Access the Favorites folder. "favorites" 3 / Access all the shared folders. "allshared" 4 / Access all the individual connectors. "connectors" 5 / Access the home, favorites, and shared folders as well as the connectors. "top" root_folder_id> Edit advanced config? (y/n) y) Yes n) No y/n> n Remote config Use web browser to automatically authenticate rclone with remote? * Say Y if the machine running rclone has a web browser you can use * Say N if running rclone on a (remote) machine without web browser access If not sure try Y. If Y failed, try N. y) Yes n) No y/n> y If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth?state=XXX Log in and authorize rclone for access Waiting for code... Got code -------------------- [remote] type = sharefile endpoint = https://XXX.sharefile.com token = {"access_token":"XXX","token_type":"bearer","refresh_token":"XXX","expiry":"2019-09-30T19:41:45.878561877+01:00"} -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y
+
+See the [remote setup docs](https://rclone.org/remote_setup/) for how to set it up on a
+machine with no Internet browser available.
+
+Note that rclone runs a webserver on your local machine to collect the
+token as returned from Citrix ShareFile. This only runs from the moment it opens
+your browser to the moment you get back the verification code. This
+is on `http://127.0.0.1:53682/` and this it may require you to unblock
+it temporarily if you are running a host firewall.
+
+Once configured you can then use `rclone` like this,
+
+List directories in top level of your ShareFile
+
+ rclone lsd remote:
+
+List all the files in your ShareFile
+
+ rclone ls remote:
+
+To copy a local directory to an ShareFile directory called backup
+
+ rclone copy /home/source remote:backup
+
+Paths may be as deep as required, e.g. `remote:directory/subdirectory`.
+
+### Modification times and hashes
+
+ShareFile allows modification times to be set on objects accurate to 1
+second. These will be used to detect whether objects need syncing or
+not.
+
+ShareFile supports MD5 type hashes, so you can use the `--checksum`
+flag.
+
+### Transfers
+
+For files above 128 MiB rclone will use a chunked transfer. Rclone will
+upload up to `--transfers` chunks at the same time (shared among all
+the multipart uploads). Chunks are buffered in memory and are
+normally 64 MiB so increasing `--transfers` will increase memory use.
+
+### Restricted filename characters
+
+In addition to the [default restricted characters set](https://rclone.org/overview/#restricted-characters)
+the following characters are also replaced:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| \\ | 0x5C | \ |
+| * | 0x2A | * |
+| < | 0x3C | < |
+| > | 0x3E | > |
+| ? | 0x3F | ? |
+| : | 0x3A | : |
+| \| | 0x7C | | |
+| " | 0x22 | " |
+
+File names can also not start or end with the following characters.
+These only get replaced if they are the first or last character in the
+name:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| SP | 0x20 | ␠ |
+| . | 0x2E | . |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+
+### Standard options
+
+Here are the Standard options specific to sharefile (Citrix Sharefile).
+
+#### --sharefile-client-id
+
+OAuth Client Id.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_SHAREFILE_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --sharefile-client-secret
+
+OAuth Client Secret.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_SHAREFILE_CLIENT_SECRET
+- Type: string
+- Required: false
+
+#### --sharefile-root-folder-id
+
+ID of the root folder.
+
+Leave blank to access "Personal Folders". You can use one of the
+standard values here or any folder ID (long hex number ID).
+
+Properties:
+
+- Config: root_folder_id
+- Env Var: RCLONE_SHAREFILE_ROOT_FOLDER_ID
+- Type: string
+- Required: false
+- Examples:
+ - ""
+ - Access the Personal Folders (default).
+ - "favorites"
+ - Access the Favorites folder.
+ - "allshared"
+ - Access all the shared folders.
+ - "connectors"
+ - Access all the individual connectors.
+ - "top"
+ - Access the home, favorites, and shared folders as well as the connectors.
+
+### Advanced options
+
+Here are the Advanced options specific to sharefile (Citrix Sharefile).
+
+#### --sharefile-token
+
+OAuth Access Token as a JSON blob.
+
+Properties:
+
+- Config: token
+- Env Var: RCLONE_SHAREFILE_TOKEN
+- Type: string
+- Required: false
+
+#### --sharefile-auth-url
+
+Auth server URL.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: auth_url
+- Env Var: RCLONE_SHAREFILE_AUTH_URL
+- Type: string
+- Required: false
+
+#### --sharefile-token-url
+
+Token server url.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: token_url
+- Env Var: RCLONE_SHAREFILE_TOKEN_URL
+- Type: string
+- Required: false
+
+#### --sharefile-upload-cutoff
+
+Cutoff for switching to multipart upload.
+
+Properties:
+
+- Config: upload_cutoff
+- Env Var: RCLONE_SHAREFILE_UPLOAD_CUTOFF
+- Type: SizeSuffix
+- Default: 128Mi
+
+#### --sharefile-chunk-size
+
+Upload chunk size.
+
+Must a power of 2 >= 256k.
+
+Making this larger will improve performance, but note that each chunk
+is buffered in memory one per transfer.
+
+Reducing this will reduce memory usage but decrease performance.
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_SHAREFILE_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 64Mi
+
+#### --sharefile-endpoint
+
+Endpoint for API calls.
+
+This is usually auto discovered as part of the oauth process, but can
+be set manually to something like: https://XXX.sharefile.com
+
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_SHAREFILE_ENDPOINT
+- Type: string
+- Required: false
+
+#### --sharefile-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_SHAREFILE_ENCODING
+- Type: Encoding
+- Default: Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,LeftSpace,LeftPeriod,RightSpace,RightPeriod,InvalidUtf8,Dot
+
+
+## Limitations
+
+Note that ShareFile is case insensitive so you can't have a file called
+"Hello.doc" and one called "hello.doc".
+
+ShareFile only supports filenames up to 256 characters in length.
+
+`rclone about` is not supported by the Citrix ShareFile backend. Backends without
+this capability cannot determine free space for an rclone mount or
+use policy `mfs` (most free space) as a member of an rclone union
+remote.
+
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
+
+# Crypt
+
+Rclone `crypt` remotes encrypt and decrypt other remotes.
+
+A remote of type `crypt` does not access a [storage system](https://rclone.org/overview/)
+directly, but instead wraps another remote, which in turn accesses
+the storage system. This is similar to how [alias](https://rclone.org/alias/),
+[union](https://rclone.org/union/), [chunker](https://rclone.org/chunker/)
+and a few others work. It makes the usage very flexible, as you can
+add a layer, in this case an encryption layer, on top of any other
+backend, even in multiple layers. Rclone's functionality
+can be used as with any other remote, for example you can
+[mount](https://rclone.org/commands/rclone_mount/) a crypt remote.
+
+Accessing a storage system through a crypt remote realizes client-side
+encryption, which makes it safe to keep your data in a location you do
+not trust will not get compromised.
+When working against the `crypt` remote, rclone will automatically
+encrypt (before uploading) and decrypt (after downloading) on your local
+system as needed on the fly, leaving the data encrypted at rest in the
+wrapped remote. If you access the storage system using an application
+other than rclone, or access the wrapped remote directly using rclone,
+there will not be any encryption/decryption: Downloading existing content
+will just give you the encrypted (scrambled) format, and anything you
+upload will *not* become encrypted.
+
+The encryption is a secret-key encryption (also called symmetric key encryption)
+algorithm, where a password (or pass phrase) is used to generate real encryption key.
+The password can be supplied by user, or you may chose to let rclone
+generate one. It will be stored in the configuration file, in a lightly obscured form.
+If you are in an environment where you are not able to keep your configuration
+secured, you should add
+[configuration encryption](https://rclone.org/docs/#configuration-encryption)
+as protection. As long as you have this configuration file, you will be able to
+decrypt your data. Without the configuration file, as long as you remember
+the password (or keep it in a safe place), you can re-create the configuration
+and gain access to the existing data. You may also configure a corresponding
+remote in a different installation to access the same data.
+See below for guidance to [changing password](#changing-password).
+
+Encryption uses [cryptographic salt](https://en.wikipedia.org/wiki/Salt_(cryptography)),
+to permute the encryption key so that the same string may be encrypted in
+different ways. When configuring the crypt remote it is optional to enter a salt,
+or to let rclone generate a unique salt. If omitted, rclone uses a built-in unique string.
+Normally in cryptography, the salt is stored together with the encrypted content,
+and do not have to be memorized by the user. This is not the case in rclone,
+because rclone does not store any additional information on the remotes. Use of
+custom salt is effectively a second password that must be memorized.
+
+[File content](#file-encryption) encryption is performed using
+[NaCl SecretBox](https://godoc.org/golang.org/x/crypto/nacl/secretbox),
+based on XSalsa20 cipher and Poly1305 for integrity.
+[Names](#name-encryption) (file- and directory names) are also encrypted
+by default, but this has some implications and is therefore
+possible to be turned off.
+
+## Configuration
+
+Here is an example of how to make a remote called `secret`.
+
+To use `crypt`, first set up the underlying remote. Follow the
+`rclone config` instructions for the specific backend.
+
+Before configuring the crypt remote, check the underlying remote is
+working. In this example the underlying remote is called `remote`.
+We will configure a path `path` within this remote to contain the
+encrypted content. Anything inside `remote:path` will be encrypted
+and anything outside will not.
+
+Configure `crypt` using `rclone config`. In this example the `crypt`
+remote is called `secret`, to differentiate it from the underlying
+`remote`.
+
+When you are done you can use the crypt remote named `secret` just
+as you would with any other remote, e.g. `rclone copy D:\docs secret:\docs`,
+and rclone will encrypt and decrypt as needed on the fly.
+If you access the wrapped remote `remote:path` directly you will bypass
+the encryption, and anything you read will be in encrypted form, and
+anything you write will be unencrypted. To avoid issues it is best to
+configure a dedicated path for encrypted content, and access it
+exclusively through a crypt remote.
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> secret Type of storage to configure. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value [snip] XX / Encrypt/Decrypt a remote "crypt" [snip] Storage> crypt ** See help for crypt backend at: https://rclone.org/crypt/ **
+Remote to encrypt/decrypt. Normally should contain a ':' and a path, eg "myremote:path/to/dir", "myremote:bucket" or maybe "myremote:" (not recommended). Enter a string value. Press Enter for the default (""). remote> remote:path How to encrypt the filenames. Enter a string value. Press Enter for the default ("standard"). Choose a number from below, or type in your own value. / Encrypt the filenames. 1 | See the docs for the details. "standard" 2 / Very simple filename obfuscation. "obfuscate" / Don't encrypt the file names. 3 | Adds a ".bin" extension only. "off" filename_encryption> Option to either encrypt directory names or leave them intact.
+NB If filename_encryption is "off" then this option will do nothing. Enter a boolean value (true or false). Press Enter for the default ("true"). Choose a number from below, or type in your own value 1 / Encrypt directory names. "true" 2 / Don't encrypt directory names, leave them intact. "false" directory_name_encryption> Password or pass phrase for encryption. y) Yes type in my own password g) Generate random password y/g> y Enter the password: password: Confirm the password: password: Password or pass phrase for salt. Optional but recommended. Should be different to the previous password. y) Yes type in my own password g) Generate random password n) No leave this optional password blank (default) y/g/n> g Password strength in bits. 64 is just about memorable 128 is secure 1024 is the maximum Bits> 128 Your password is: JAsJvRcgR-_veXNfy_sGmQ Use this password? Please note that an obscured version of this password (and not the password itself) will be stored under your configuration file, so keep this generated password in a safe place. y) Yes (default) n) No y/n> Edit advanced config? (y/n) y) Yes n) No (default) y/n> Remote config -------------------- [secret] type = crypt remote = remote:path password = *** ENCRYPTED password2 = ENCRYPTED *** -------------------- y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d>
+
+**Important** The crypt password stored in `rclone.conf` is lightly
+obscured. That only protects it from cursory inspection. It is not
+secure unless [configuration encryption](https://rclone.org/docs/#configuration-encryption) of `rclone.conf` is specified.
+
+A long passphrase is recommended, or `rclone config` can generate a
+random one.
+
+The obscured password is created using AES-CTR with a static key. The
+salt is stored verbatim at the beginning of the obscured password. This
+static key is shared between all versions of rclone.
+
+If you reconfigure rclone with the same passwords/passphrases
+elsewhere it will be compatible, but the obscured version will be different
+due to the different salt.
+
+Rclone does not encrypt
+
+ * file length - this can be calculated within 16 bytes
+ * modification time - used for syncing
+
+### Specifying the remote
+
+When configuring the remote to encrypt/decrypt, you may specify any
+string that rclone accepts as a source/destination of other commands.
+
+The primary use case is to specify the path into an already configured
+remote (e.g. `remote:path/to/dir` or `remote:bucket`), such that
+data in a remote untrusted location can be stored encrypted.
+
+You may also specify a local filesystem path, such as
+`/path/to/dir` on Linux, `C:\path\to\dir` on Windows. By creating
+a crypt remote pointing to such a local filesystem path, you can
+use rclone as a utility for pure local file encryption, for example
+to keep encrypted files on a removable USB drive.
+
+**Note**: A string which do not contain a `:` will by rclone be treated
+as a relative path in the local filesystem. For example, if you enter
+the name `remote` without the trailing `:`, it will be treated as
+a subdirectory of the current directory with name "remote".
+
+If a path `remote:path/to/dir` is specified, rclone stores encrypted
+files in `path/to/dir` on the remote. With file name encryption, files
+saved to `secret:subdir/subfile` are stored in the unencrypted path
+`path/to/dir` but the `subdir/subpath` element is encrypted.
+
+The path you specify does not have to exist, rclone will create
+it when needed.
+
+If you intend to use the wrapped remote both directly for keeping
+unencrypted content, as well as through a crypt remote for encrypted
+content, it is recommended to point the crypt remote to a separate
+directory within the wrapped remote. If you use a bucket-based storage
+system (e.g. Swift, S3, Google Compute Storage, B2) it is generally
+advisable to wrap the crypt remote around a specific bucket (`s3:bucket`).
+If wrapping around the entire root of the storage (`s3:`), and use the
+optional file name encryption, rclone will encrypt the bucket name.
+
+### Changing password
+
+Should the password, or the configuration file containing a lightly obscured
+form of the password, be compromised, you need to re-encrypt your data with
+a new password. Since rclone uses secret-key encryption, where the encryption
+key is generated directly from the password kept on the client, it is not
+possible to change the password/key of already encrypted content. Just changing
+the password configured for an existing crypt remote means you will no longer
+able to decrypt any of the previously encrypted content. The only possibility
+is to re-upload everything via a crypt remote configured with your new password.
+
+Depending on the size of your data, your bandwidth, storage quota etc, there are
+different approaches you can take:
+- If you have everything in a different location, for example on your local system,
+you could remove all of the prior encrypted files, change the password for your
+configured crypt remote (or delete and re-create the crypt configuration),
+and then re-upload everything from the alternative location.
+- If you have enough space on the storage system you can create a new crypt
+remote pointing to a separate directory on the same backend, and then use
+rclone to copy everything from the original crypt remote to the new,
+effectively decrypting everything on the fly using the old password and
+re-encrypting using the new password. When done, delete the original crypt
+remote directory and finally the rclone crypt configuration with the old password.
+All data will be streamed from the storage system and back, so you will
+get half the bandwidth and be charged twice if you have upload and download quota
+on the storage system.
+
+**Note**: A security problem related to the random password generator
+was fixed in rclone version 1.53.3 (released 2020-11-19). Passwords generated
+by rclone config in version 1.49.0 (released 2019-08-26) to 1.53.2
+(released 2020-10-26) are not considered secure and should be changed.
+If you made up your own password, or used rclone version older than 1.49.0 or
+newer than 1.53.2 to generate it, you are *not* affected by this issue.
+See [issue #4783](https://github.com/rclone/rclone/issues/4783) for more
+details, and a tool you can use to check if you are affected.
+
+### Example
+
+Create the following file structure using "standard" file name
+encryption.
+
+plaintext/ ├── file0.txt ├── file1.txt └── subdir ├── file2.txt ├── file3.txt └── subsubdir └── file4.txt
+
+Copy these to the remote, and list them
+
+$ rclone -q copy plaintext secret: $ rclone -q ls secret: 7 file1.txt 6 file0.txt 8 subdir/file2.txt 10 subdir/subsubdir/file4.txt 9 subdir/file3.txt
+
+The crypt remote looks like
+
+$ rclone -q ls remote:path 55 hagjclgavj2mbiqm6u6cnjjqcg 54 v05749mltvv1tf4onltun46gls 57 86vhrsv86mpbtd3a0akjuqslj8/dlj7fkq4kdq72emafg7a7s41uo 58 86vhrsv86mpbtd3a0akjuqslj8/7uu829995du6o42n32otfhjqp4/b9pausrfansjth5ob3jkdqd4lc 56 86vhrsv86mpbtd3a0akjuqslj8/8njh1sk437gttmep3p70g81aps
+
+The directory structure is preserved
+
+$ rclone -q ls secret:subdir 8 file2.txt 9 file3.txt 10 subsubdir/file4.txt
+
+Without file name encryption `.bin` extensions are added to underlying
+names. This prevents the cloud provider attempting to interpret file
+content.
+
+$ rclone -q ls remote:path 54 file0.txt.bin 57 subdir/file3.txt.bin 56 subdir/file2.txt.bin 58 subdir/subsubdir/file4.txt.bin 55 file1.txt.bin
+
+### File name encryption modes
+
+Off
+
+ * doesn't hide file names or directory structure
+ * allows for longer file names (~246 characters)
+ * can use sub paths and copy single files
+
+Standard
+
+ * file names encrypted
+ * file names can't be as long (~143 characters)
+ * can use sub paths and copy single files
+ * directory structure visible
+ * identical files names will have identical uploaded names
+ * can use shortcuts to shorten the directory recursion
+
+Obfuscation
+
+This is a simple "rotate" of the filename, with each file having a rot
+distance based on the filename. Rclone stores the distance at the
+beginning of the filename. A file called "hello" may become "53.jgnnq".
+
+Obfuscation is not a strong encryption of filenames, but hinders
+automated scanning tools picking up on filename patterns. It is an
+intermediate between "off" and "standard" which allows for longer path
+segment names.
+
+There is a possibility with some unicode based filenames that the
+obfuscation is weak and may map lower case characters to upper case
+equivalents.
+
+Obfuscation cannot be relied upon for strong protection.
+
+ * file names very lightly obfuscated
+ * file names can be longer than standard encryption
+ * can use sub paths and copy single files
+ * directory structure visible
+ * identical files names will have identical uploaded names
+
+Cloud storage systems have limits on file name length and
+total path length which rclone is more likely to breach using
+"Standard" file name encryption. Where file names are less than 156
+characters in length issues should not be encountered, irrespective of
+cloud storage provider.
+
+An experimental advanced option `filename_encoding` is now provided to
+address this problem to a certain degree.
+For cloud storage systems with case sensitive file names (e.g. Google Drive),
+`base64` can be used to reduce file name length.
+For cloud storage systems using UTF-16 to store file names internally
+(e.g. OneDrive, Dropbox, Box), `base32768` can be used to drastically reduce
+file name length.
+
+An alternative, future rclone file name encryption mode may tolerate
+backend provider path length limits.
+
+### Directory name encryption
+
+Crypt offers the option of encrypting dir names or leaving them intact.
+There are two options:
+
+True
+
+Encrypts the whole file path including directory names
+Example:
+`1/12/123.txt` is encrypted to
+`p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng/qgm4avr35m5loi1th53ato71v0`
+
+False
+
+Only encrypts file names, skips directory names
+Example:
+`1/12/123.txt` is encrypted to
+`1/12/qgm4avr35m5loi1th53ato71v0`
+
+
+### Modification times and hashes
+
+Crypt stores modification times using the underlying remote so support
+depends on that.
+
+Hashes are not stored for crypt. However the data integrity is
+protected by an extremely strong crypto authenticator.
+
+Use the `rclone cryptcheck` command to check the
+integrity of an encrypted remote instead of `rclone check` which can't
+check the checksums properly.
+
+
+### Standard options
+
+Here are the Standard options specific to crypt (Encrypt/Decrypt a remote).
+
+#### --crypt-remote
+
+Remote to encrypt/decrypt.
+
+Normally should contain a ':' and a path, e.g. "myremote:path/to/dir",
+"myremote:bucket" or maybe "myremote:" (not recommended).
+
+Properties:
+
+- Config: remote
+- Env Var: RCLONE_CRYPT_REMOTE
+- Type: string
+- Required: true
+
+#### --crypt-filename-encryption
+
+How to encrypt the filenames.
+
+Properties:
+
+- Config: filename_encryption
+- Env Var: RCLONE_CRYPT_FILENAME_ENCRYPTION
+- Type: string
+- Default: "standard"
+- Examples:
+ - "standard"
+ - Encrypt the filenames.
+ - See the docs for the details.
+ - "obfuscate"
+ - Very simple filename obfuscation.
+ - "off"
+ - Don't encrypt the file names.
+ - Adds a ".bin", or "suffix" extension only.
+
+#### --crypt-directory-name-encryption
+
+Option to either encrypt directory names or leave them intact.
+
+NB If filename_encryption is "off" then this option will do nothing.
+
+Properties:
+
+- Config: directory_name_encryption
+- Env Var: RCLONE_CRYPT_DIRECTORY_NAME_ENCRYPTION
+- Type: bool
+- Default: true
+- Examples:
+ - "true"
+ - Encrypt directory names.
+ - "false"
+ - Don't encrypt directory names, leave them intact.
+
+#### --crypt-password
+
+Password or pass phrase for encryption.
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: password
+- Env Var: RCLONE_CRYPT_PASSWORD
+- Type: string
+- Required: true
+
+#### --crypt-password2
+
+Password or pass phrase for salt.
+
+Optional but recommended.
+Should be different to the previous password.
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: password2
+- Env Var: RCLONE_CRYPT_PASSWORD2
+- Type: string
+- Required: false
+
+### Advanced options
+
+Here are the Advanced options specific to crypt (Encrypt/Decrypt a remote).
+
+#### --crypt-server-side-across-configs
+
+Deprecated: use --server-side-across-configs instead.
+
+Allow server-side operations (e.g. copy) to work across different crypt configs.
+
+Normally this option is not what you want, but if you have two crypts
+pointing to the same backend you can use it.
+
+This can be used, for example, to change file name encryption type
+without re-uploading all the data. Just make two crypt backends
+pointing to two different directories with the single changed
+parameter and use rclone move to move the files between the crypt
+remotes.
+
+Properties:
+
+- Config: server_side_across_configs
+- Env Var: RCLONE_CRYPT_SERVER_SIDE_ACROSS_CONFIGS
+- Type: bool
+- Default: false
+
+#### --crypt-show-mapping
+
+For all files listed show how the names encrypt.
+
+If this flag is set then for each file that the remote is asked to
+list, it will log (at level INFO) a line stating the decrypted file
+name and the encrypted file name.
+
+This is so you can work out which encrypted names are which decrypted
+names just in case you need to do something with the encrypted file
+names, or for debugging purposes.
+
+Properties:
+
+- Config: show_mapping
+- Env Var: RCLONE_CRYPT_SHOW_MAPPING
+- Type: bool
+- Default: false
+
+#### --crypt-no-data-encryption
+
+Option to either encrypt file data or leave it unencrypted.
+
+Properties:
+
+- Config: no_data_encryption
+- Env Var: RCLONE_CRYPT_NO_DATA_ENCRYPTION
+- Type: bool
+- Default: false
+- Examples:
+ - "true"
+ - Don't encrypt file data, leave it unencrypted.
+ - "false"
+ - Encrypt file data.
+
+#### --crypt-pass-bad-blocks
+
+If set this will pass bad blocks through as all 0.
+
+This should not be set in normal operation, it should only be set if
+trying to recover an encrypted file with errors and it is desired to
+recover as much of the file as possible.
+
+Properties:
+
+- Config: pass_bad_blocks
+- Env Var: RCLONE_CRYPT_PASS_BAD_BLOCKS
+- Type: bool
+- Default: false
+
+#### --crypt-filename-encoding
+
+How to encode the encrypted filename to text string.
+
+This option could help with shortening the encrypted filename. The
+suitable option would depend on the way your remote count the filename
+length and if it's case sensitive.
+
+Properties:
+
+- Config: filename_encoding
+- Env Var: RCLONE_CRYPT_FILENAME_ENCODING
+- Type: string
+- Default: "base32"
+- Examples:
+ - "base32"
+ - Encode using base32. Suitable for all remote.
+ - "base64"
+ - Encode using base64. Suitable for case sensitive remote.
+ - "base32768"
+ - Encode using base32768. Suitable if your remote counts UTF-16 or
+ - Unicode codepoint instead of UTF-8 byte length. (Eg. Onedrive, Dropbox)
+
+#### --crypt-suffix
+
+If this is set it will override the default suffix of ".bin".
+
+Setting suffix to "none" will result in an empty suffix. This may be useful
+when the path length is critical.
+
+Properties:
+
+- Config: suffix
+- Env Var: RCLONE_CRYPT_SUFFIX
+- Type: string
+- Default: ".bin"
+
+### Metadata
+
+Any metadata supported by the underlying remote is read and written.
+
+See the [metadata](https://rclone.org/docs/#metadata) docs for more info.
+
+## Backend commands
+
+Here are the commands specific to the crypt backend.
+
+Run them with
+
+ rclone backend COMMAND remote:
+
+The help below will explain what arguments each command takes.
+
+See the [backend](https://rclone.org/commands/rclone_backend/) command for more
+info on how to pass options and arguments.
+
+These can be run on a running backend using the rc command
+[backend/command](https://rclone.org/rc/#backend-command).
+
+### encode
+
+Encode the given filename(s)
+
+ rclone backend encode remote: [options] [<arguments>+]
+
+This encodes the filenames given as arguments returning a list of
+strings of the encoded results.
+
+Usage Example:
+
+ rclone backend encode crypt: file1 [file2...]
+ rclone rc backend/command command=encode fs=crypt: file1 [file2...]
+
+
+### decode
+
+Decode the given filename(s)
+
+ rclone backend decode remote: [options] [<arguments>+]
+
+This decodes the filenames given as arguments returning a list of
+strings of the decoded results. It will return an error if any of the
+inputs are invalid.
+
+Usage Example:
+
+ rclone backend decode crypt: encryptedfile1 [encryptedfile2...]
+ rclone rc backend/command command=decode fs=crypt: encryptedfile1 [encryptedfile2...]
+
+
+
+
+## Backing up an encrypted remote
+
+If you wish to backup an encrypted remote, it is recommended that you use
+`rclone sync` on the encrypted files, and make sure the passwords are
+the same in the new encrypted remote.
+
+This will have the following advantages
+
+ * `rclone sync` will check the checksums while copying
+ * you can use `rclone check` between the encrypted remotes
+ * you don't decrypt and encrypt unnecessarily
+
+For example, let's say you have your original remote at `remote:` with
+the encrypted version at `eremote:` with path `remote:crypt`. You
+would then set up the new remote `remote2:` and then the encrypted
+version `eremote2:` with path `remote2:crypt` using the same passwords
+as `eremote:`.
+
+To sync the two remotes you would do
+
+ rclone sync --interactive remote:crypt remote2:crypt
+
+And to check the integrity you would do
+
+ rclone check remote:crypt remote2:crypt
+
+## File formats
+
+### File encryption
+
+Files are encrypted 1:1 source file to destination object. The file
+has a header and is divided into chunks.
+
+#### Header
+
+ * 8 bytes magic string `RCLONE\x00\x00`
+ * 24 bytes Nonce (IV)
+
+The initial nonce is generated from the operating systems crypto
+strong random number generator. The nonce is incremented for each
+chunk read making sure each nonce is unique for each block written.
+The chance of a nonce being reused is minuscule. If you wrote an
+exabyte of data (10¹⁸ bytes) you would have a probability of
+approximately 2×10⁻³² of re-using a nonce.
+
+#### Chunk
+
+Each chunk will contain 64 KiB of data, except for the last one which
+may have less data. The data chunk is in standard NaCl SecretBox
+format. SecretBox uses XSalsa20 and Poly1305 to encrypt and
+authenticate messages.
+
+Each chunk contains:
+
+ * 16 Bytes of Poly1305 authenticator
+ * 1 - 65536 bytes XSalsa20 encrypted data
+
+64k chunk size was chosen as the best performing chunk size (the
+authenticator takes too much time below this and the performance drops
+off due to cache effects above this). Note that these chunks are
+buffered in memory so they can't be too big.
+
+This uses a 32 byte (256 bit key) key derived from the user password.
+
+#### Examples
+
+1 byte file will encrypt to
+
+ * 32 bytes header
+ * 17 bytes data chunk
+
+49 bytes total
+
+1 MiB (1048576 bytes) file will encrypt to
+
+ * 32 bytes header
+ * 16 chunks of 65568 bytes
+
+1049120 bytes total (a 0.05% overhead). This is the overhead for big
+files.
+
+### Name encryption
+
+File names are encrypted segment by segment - the path is broken up
+into `/` separated strings and these are encrypted individually.
+
+File segments are padded using PKCS#7 to a multiple of 16 bytes
+before encryption.
+
+They are then encrypted with EME using AES with 256 bit key. EME
+(ECB-Mix-ECB) is a wide-block encryption mode presented in the 2003
+paper "A Parallelizable Enciphering Mode" by Halevi and Rogaway.
+
+This makes for deterministic encryption which is what we want - the
+same filename must encrypt to the same thing otherwise we can't find
+it on the cloud storage system.
+
+This means that
+
+ * filenames with the same name will encrypt the same
+ * filenames which start the same won't have a common prefix
+
+This uses a 32 byte key (256 bits) and a 16 byte (128 bits) IV both of
+which are derived from the user password.
+
+After encryption they are written out using a modified version of
+standard `base32` encoding as described in RFC4648. The standard
+encoding is modified in two ways:
+
+ * it becomes lower case (no-one likes upper case filenames!)
+ * we strip the padding character `=`
+
+`base32` is used rather than the more efficient `base64` so rclone can be
+used on case insensitive remotes (e.g. Windows, Amazon Drive).
+
+### Key derivation
+
+Rclone uses `scrypt` with parameters `N=16384, r=8, p=1` with an
+optional user supplied salt (password2) to derive the 32+32+16 = 80
+bytes of key material required. If the user doesn't supply a salt
+then rclone uses an internal one.
+
+`scrypt` makes it impractical to mount a dictionary attack on rclone
+encrypted data. For full protection against this you should always use
+a salt.
+
+## SEE ALSO
+
+* [rclone cryptdecode](https://rclone.org/commands/rclone_cryptdecode/) - Show forward/reverse mapping of encrypted filenames
+
+# Compress
+
+## Warning
+
+This remote is currently **experimental**. Things may break and data may be lost. Anything you do with this remote is
+at your own risk. Please understand the risks associated with using experimental code and don't use this remote in
+critical applications.
+
+The `Compress` remote adds compression to another remote. It is best used with remotes containing
+many large compressible files.
+
+## Configuration
+
+To use this remote, all you need to do is specify another remote and a compression mode to use:
+
+Current remotes:
+Name Type ==== ==== remote_to_press sometype
+
+- Edit existing remote $ rclone config
+- New remote
+- Delete remote
+- Rename remote
+- Copy remote
+- Set configuration password
+- Quit config e/n/d/r/c/s/q> n name> compress ... 8 / Compress a remote "compress" ... Storage> compress ** See help for compress backend at: https://rclone.org/compress/ **
+
+Remote to compress. Enter a string value. Press Enter for the default (""). remote> remote_to_press:subdir Compression mode. Enter a string value. Press Enter for the default ("gzip"). Choose a number from below, or type in your own value 1 / Gzip compression balanced for speed and compression strength. "gzip" compression_mode> gzip Edit advanced config? (y/n) y) Yes n) No (default) y/n> n Remote config -------------------- [compress] type = compress remote = remote_to_press:subdir compression_mode = gzip -------------------- y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y
+
+### Compression Modes
+
+Currently only gzip compression is supported. It provides a decent balance between speed and size and is well
+supported by other applications. Compression strength can further be configured via an advanced setting where 0 is no
+compression and 9 is strongest compression.
+
+### File types
+
+If you open a remote wrapped by compress, you will see that there are many files with an extension corresponding to
+the compression algorithm you chose. These files are standard files that can be opened by various archive programs,
+but they have some hidden metadata that allows them to be used by rclone.
+While you may download and decompress these files at will, do **not** manually delete or rename files. Files without
+correct metadata files will not be recognized by rclone.
+
+### File names
+
+The compressed files will be named `*.###########.gz` where `*` is the base file and the `#` part is base64 encoded
+size of the uncompressed file. The file names should not be changed by anything other than the rclone compression backend.
+
+
+### Standard options
+
+Here are the Standard options specific to compress (Compress a remote).
+
+#### --compress-remote
+
+Remote to compress.
+
+Properties:
+
+- Config: remote
+- Env Var: RCLONE_COMPRESS_REMOTE
+- Type: string
+- Required: true
+
+#### --compress-mode
+
+Compression mode.
+
+Properties:
+
+- Config: mode
+- Env Var: RCLONE_COMPRESS_MODE
+- Type: string
+- Default: "gzip"
+- Examples:
+ - "gzip"
+ - Standard gzip compression with fastest parameters.
+
+### Advanced options
+
+Here are the Advanced options specific to compress (Compress a remote).
+
+#### --compress-level
+
+GZIP compression level (-2 to 9).
+
+Generally -1 (default, equivalent to 5) is recommended.
+Levels 1 to 9 increase compression at the cost of speed. Going past 6
+generally offers very little return.
+
+Level -2 uses Huffman encoding only. Only use if you know what you
+are doing.
+Level 0 turns off compression.
+
+Properties:
+
+- Config: level
+- Env Var: RCLONE_COMPRESS_LEVEL
+- Type: int
+- Default: -1
+
+#### --compress-ram-cache-limit
+
+Some remotes don't allow the upload of files with unknown size.
+In this case the compressed file will need to be cached to determine
+it's size.
+
+Files smaller than this limit will be cached in RAM, files larger than
+this limit will be cached on disk.
+
+Properties:
+
+- Config: ram_cache_limit
+- Env Var: RCLONE_COMPRESS_RAM_CACHE_LIMIT
+- Type: SizeSuffix
+- Default: 20Mi
+
+### Metadata
+
+Any metadata supported by the underlying remote is read and written.
+
+See the [metadata](https://rclone.org/docs/#metadata) docs for more info.
+
+
+
+# Combine
+
+The `combine` backend joins remotes together into a single directory
+tree.
+
+For example you might have a remote for images on one provider:
+
+$ rclone tree s3:imagesbucket / ├── image1.jpg └── image2.jpg
+
+And a remote for files on another:
+
+$ rclone tree drive:important/files / ├── file1.txt └── file2.txt
+
+The `combine` backend can join these together into a synthetic
+directory structure like this:
+
+$ rclone tree combined: / ├── files │ ├── file1.txt │ └── file2.txt └── images ├── image1.jpg └── image2.jpg
+
+You'd do this by specifying an `upstreams` parameter in the config
+like this
+
+ upstreams = images=s3:imagesbucket files=drive:important/files
+
+During the initial setup with `rclone config` you will specify the
+upstreams remotes as a space separated list. The upstream remotes can
+either be a local paths or other remotes.
+
+## Configuration
+
+Here is an example of how to make a combine called `remote` for the
+example above. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Option Storage. Type of storage to configure. Choose a number from below, or type in your own value. ... XX / Combine several remotes into one (combine) ... Storage> combine Option upstreams. Upstreams for combining These should be in the form dir=remote:path dir2=remote2:path Where before the = is specified the root directory and after is the remote to put there. Embedded spaces can be added using quotes "dir=remote:path with space" "dir2=remote2:path with space" Enter a fs.SpaceSepList value. upstreams> images=s3:imagesbucket files=drive:important/files -------------------- [remote] type = combine upstreams = images=s3:imagesbucket files=drive:important/files -------------------- y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y
+
+### Configuring for Google Drive Shared Drives
+
+Rclone has a convenience feature for making a combine backend for all
+the shared drives you have access to.
+
+Assuming your main (non shared drive) Google drive remote is called
+`drive:` you would run
+
+ rclone backend -o config drives drive:
+
+This would produce something like this:
+
+ [My Drive]
+ type = alias
+ remote = drive,team_drive=0ABCDEF-01234567890,root_folder_id=:
+
+ [Test Drive]
+ type = alias
+ remote = drive,team_drive=0ABCDEFabcdefghijkl,root_folder_id=:
+
+ [AllDrives]
+ type = combine
+ upstreams = "My Drive=My Drive:" "Test Drive=Test Drive:"
+
+If you then add that config to your config file (find it with `rclone
+config file`) then you can access all the shared drives in one place
+with the `AllDrives:` remote.
+
+See [the Google Drive docs](https://rclone.org/drive/#drives) for full info.
+
+
+### Standard options
+
+Here are the Standard options specific to combine (Combine several remotes into one).
+
+#### --combine-upstreams
+
+Upstreams for combining
+
+These should be in the form
+
+ dir=remote:path dir2=remote2:path
+
+Where before the = is specified the root directory and after is the remote to
+put there.
+
+Embedded spaces can be added using quotes
+
+ "dir=remote:path with space" "dir2=remote2:path with space"
+
+
+
+Properties:
+
+- Config: upstreams
+- Env Var: RCLONE_COMBINE_UPSTREAMS
+- Type: SpaceSepList
+- Default:
+
+### Metadata
+
+Any metadata supported by the underlying remote is read and written.
+
+See the [metadata](https://rclone.org/docs/#metadata) docs for more info.
+
+
+
+# Dropbox
+
+Paths are specified as `remote:path`
+
+Dropbox paths may be as deep as required, e.g.
+`remote:directory/subdirectory`.
+
+## Configuration
+
+The initial setup for dropbox involves getting a token from Dropbox
+which you need to do in your browser. `rclone config` walks you
+through it.
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+
+- New remote
+- Delete remote
+- Quit config e/n/d/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / Dropbox "dropbox" [snip] Storage> dropbox Dropbox App Key - leave blank normally. app_key> Dropbox App Secret - leave blank normally. app_secret> Remote config Please visit: https://www.dropbox.com/1/oauth2/authorize?client_id=XXXXXXXXXXXXXXX&response_type=code Enter the code: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX_XXXXXXXXXX -------------------- [remote] app_key = app_secret = token = XXXXXXXXXXXXXXXXXXXXXXXXXXXXX_XXXX_XXXXXXXXXXXXXXXXXXXXXXXXXXXXX --------------------
+- Yes this is OK
+- Edit this remote
+- Delete this remote y/e/d> y
+
+
+See the [remote setup docs](https://rclone.org/remote_setup/) for how to set it up on a
+machine with no Internet browser available.
+
+Note that rclone runs a webserver on your local machine to collect the
+token as returned from Dropbox. This only
+runs from the moment it opens your browser to the moment you get back
+the verification code. This is on `http://127.0.0.1:53682/` and it
+may require you to unblock it temporarily if you are running a host
+firewall, or use manual mode.
+
+You can then use it like this,
+
+List directories in top level of your dropbox
+
+ rclone lsd remote:
+
+List all the files in your dropbox
+
+ rclone ls remote:
+
+To copy a local directory to a dropbox directory called backup
+
+ rclone copy /home/source remote:backup
+
+### Dropbox for business
+
+Rclone supports Dropbox for business and Team Folders.
+
+When using Dropbox for business `remote:` and `remote:path/to/file`
+will refer to your personal folder.
+
+If you wish to see Team Folders you must use a leading `/` in the
+path, so `rclone lsd remote:/` will refer to the root and show you all
+Team Folders and your User Folder.
+
+You can then use team folders like this `remote:/TeamFolder` and
+`remote:/TeamFolder/path/to/file`.
+
+A leading `/` for a Dropbox personal account will do nothing, but it
+will take an extra HTTP transaction so it should be avoided.
+
+### Modification times and hashes
+
+Dropbox supports modified times, but the only way to set a
+modification time is to re-upload the file.
+
+This means that if you uploaded your data with an older version of
+rclone which didn't support the v2 API and modified times, rclone will
+decide to upload all your old data to fix the modification times. If
+you don't want this to happen use `--size-only` or `--checksum` flag
+to stop it.
+
+Dropbox supports [its own hash
+type](https://www.dropbox.com/developers/reference/content-hash) which
+is checked for all transfers.
+
+### Restricted filename characters
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| NUL | 0x00 | ␀ |
+| / | 0x2F | / |
+| DEL | 0x7F | ␡ |
+| \ | 0x5C | \ |
+
+File names can also not end with the following characters.
+These only get replaced if they are the last character in the name:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| SP | 0x20 | ␠ |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+### Batch mode uploads {#batch-mode}
+
+Using batch mode uploads is very important for performance when using
+the Dropbox API. See [the dropbox performance guide](https://developers.dropbox.com/dbx-performance-guide)
+for more info.
+
+There are 3 modes rclone can use for uploads.
+
+#### --dropbox-batch-mode off
+
+In this mode rclone will not use upload batching. This was the default
+before rclone v1.55. It has the disadvantage that it is very likely to
+encounter `too_many_requests` errors like this
+
+ NOTICE: too_many_requests/.: Too many requests or write operations. Trying again in 15 seconds.
+
+When rclone receives these it has to wait for 15s or sometimes 300s
+before continuing which really slows down transfers.
+
+This will happen especially if `--transfers` is large, so this mode
+isn't recommended except for compatibility or investigating problems.
+
+#### --dropbox-batch-mode sync
+
+In this mode rclone will batch up uploads to the size specified by
+`--dropbox-batch-size` and commit them together.
+
+Using this mode means you can use a much higher `--transfers`
+parameter (32 or 64 works fine) without receiving `too_many_requests`
+errors.
+
+This mode ensures full data integrity.
+
+Note that there may be a pause when quitting rclone while rclone
+finishes up the last batch using this mode.
+
+#### --dropbox-batch-mode async
+
+In this mode rclone will batch up uploads to the size specified by
+`--dropbox-batch-size` and commit them together.
+
+However it will not wait for the status of the batch to be returned to
+the caller. This means rclone can use a much bigger batch size (much
+bigger than `--transfers`), at the cost of not being able to check the
+status of the upload.
+
+This provides the maximum possible upload speed especially with lots
+of small files, however rclone can't check the file got uploaded
+properly using this mode.
+
+If you are using this mode then using "rclone check" after the
+transfer completes is recommended. Or you could do an initial transfer
+with `--dropbox-batch-mode async` then do a final transfer with
+`--dropbox-batch-mode sync` (the default).
+
+Note that there may be a pause when quitting rclone while rclone
+finishes up the last batch using this mode.
+
+
+
+### Standard options
+
+Here are the Standard options specific to dropbox (Dropbox).
+
+#### --dropbox-client-id
+
+OAuth Client Id.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_DROPBOX_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --dropbox-client-secret
+
+OAuth Client Secret.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_DROPBOX_CLIENT_SECRET
+- Type: string
+- Required: false
+
+### Advanced options
+
+Here are the Advanced options specific to dropbox (Dropbox).
+
+#### --dropbox-token
+
+OAuth Access Token as a JSON blob.
+
+Properties:
+
+- Config: token
+- Env Var: RCLONE_DROPBOX_TOKEN
+- Type: string
+- Required: false
+
+#### --dropbox-auth-url
+
+Auth server URL.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: auth_url
+- Env Var: RCLONE_DROPBOX_AUTH_URL
+- Type: string
+- Required: false
+
+#### --dropbox-token-url
+
+Token server url.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: token_url
+- Env Var: RCLONE_DROPBOX_TOKEN_URL
+- Type: string
+- Required: false
+
+#### --dropbox-chunk-size
+
+Upload chunk size (< 150Mi).
+
+Any files larger than this will be uploaded in chunks of this size.
+
+Note that chunks are buffered in memory (one at a time) so rclone can
+deal with retries. Setting this larger will increase the speed
+slightly (at most 10% for 128 MiB in tests) at the cost of using more
+memory. It can be set smaller if you are tight on memory.
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_DROPBOX_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 48Mi
+
+#### --dropbox-impersonate
+
+Impersonate this user when using a business account.
+
+Note that if you want to use impersonate, you should make sure this
+flag is set when running "rclone config" as this will cause rclone to
+request the "members.read" scope which it won't normally. This is
+needed to lookup a members email address into the internal ID that
+dropbox uses in the API.
+
+Using the "members.read" scope will require a Dropbox Team Admin
+to approve during the OAuth flow.
+
+You will have to use your own App (setting your own client_id and
+client_secret) to use this option as currently rclone's default set of
+permissions doesn't include "members.read". This can be added once
+v1.55 or later is in use everywhere.
+
+
+Properties:
+
+- Config: impersonate
+- Env Var: RCLONE_DROPBOX_IMPERSONATE
+- Type: string
+- Required: false
+
+#### --dropbox-shared-files
+
+Instructs rclone to work on individual shared files.
+
+In this mode rclone's features are extremely limited - only list (ls, lsl, etc.)
+operations and read operations (e.g. downloading) are supported in this mode.
+All other operations will be disabled.
+
+Properties:
+
+- Config: shared_files
+- Env Var: RCLONE_DROPBOX_SHARED_FILES
+- Type: bool
+- Default: false
+
+#### --dropbox-shared-folders
+
+Instructs rclone to work on shared folders.
+
+When this flag is used with no path only the List operation is supported and
+all available shared folders will be listed. If you specify a path the first part
+will be interpreted as the name of shared folder. Rclone will then try to mount this
+shared to the root namespace. On success shared folder rclone proceeds normally.
+The shared folder is now pretty much a normal folder and all normal operations
+are supported.
+
+Note that we don't unmount the shared folder afterwards so the
+--dropbox-shared-folders can be omitted after the first use of a particular
+shared folder.
+
+Properties:
+
+- Config: shared_folders
+- Env Var: RCLONE_DROPBOX_SHARED_FOLDERS
+- Type: bool
+- Default: false
+
+#### --dropbox-pacer-min-sleep
+
+Minimum time to sleep between API calls.
+
+Properties:
+
+- Config: pacer_min_sleep
+- Env Var: RCLONE_DROPBOX_PACER_MIN_SLEEP
+- Type: Duration
+- Default: 10ms
+
+#### --dropbox-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_DROPBOX_ENCODING
+- Type: Encoding
+- Default: Slash,BackSlash,Del,RightSpace,InvalidUtf8,Dot
+
+#### --dropbox-batch-mode
+
+Upload file batching sync|async|off.
+
+This sets the batch mode used by rclone.
+
+For full info see [the main docs](https://rclone.org/dropbox/#batch-mode)
+
+This has 3 possible values
+
+- off - no batching
+- sync - batch uploads and check completion (default)
+- async - batch upload and don't check completion
+
+Rclone will close any outstanding batches when it exits which may make
+a delay on quit.
+
+
+Properties:
+
+- Config: batch_mode
+- Env Var: RCLONE_DROPBOX_BATCH_MODE
+- Type: string
+- Default: "sync"
+
+#### --dropbox-batch-size
+
+Max number of files in upload batch.
+
+This sets the batch size of files to upload. It has to be less than 1000.
+
+By default this is 0 which means rclone which calculate the batch size
+depending on the setting of batch_mode.
+
+- batch_mode: async - default batch_size is 100
+- batch_mode: sync - default batch_size is the same as --transfers
+- batch_mode: off - not in use
+
+Rclone will close any outstanding batches when it exits which may make
+a delay on quit.
+
+Setting this is a great idea if you are uploading lots of small files
+as it will make them a lot quicker. You can use --transfers 32 to
+maximise throughput.
+
+
+Properties:
+
+- Config: batch_size
+- Env Var: RCLONE_DROPBOX_BATCH_SIZE
+- Type: int
+- Default: 0
+
+#### --dropbox-batch-timeout
+
+Max time to allow an idle upload batch before uploading.
+
+If an upload batch is idle for more than this long then it will be
+uploaded.
+
+The default for this is 0 which means rclone will choose a sensible
+default based on the batch_mode in use.
+
+- batch_mode: async - default batch_timeout is 10s
+- batch_mode: sync - default batch_timeout is 500ms
+- batch_mode: off - not in use
+
+
+Properties:
+
+- Config: batch_timeout
+- Env Var: RCLONE_DROPBOX_BATCH_TIMEOUT
+- Type: Duration
+- Default: 0s
+
+#### --dropbox-batch-commit-timeout
+
+Max time to wait for a batch to finish committing
+
+Properties:
+
+- Config: batch_commit_timeout
+- Env Var: RCLONE_DROPBOX_BATCH_COMMIT_TIMEOUT
+- Type: Duration
+- Default: 10m0s
+
+
+
+## Limitations
+
+Note that Dropbox is case insensitive so you can't have a file called
+"Hello.doc" and one called "hello.doc".
+
+There are some file names such as `thumbs.db` which Dropbox can't
+store. There is a full list of them in the ["Ignored Files" section
+of this document](https://www.dropbox.com/en/help/145). Rclone will
+issue an error message `File name disallowed - not uploading` if it
+attempts to upload one of those file names, but the sync won't fail.
+
+Some errors may occur if you try to sync copyright-protected files
+because Dropbox has its own [copyright detector](https://techcrunch.com/2014/03/30/how-dropbox-knows-when-youre-sharing-copyrighted-stuff-without-actually-looking-at-your-stuff/) that
+prevents this sort of file being downloaded. This will return the error `ERROR :
+/path/to/your/file: Failed to copy: failed to open source object:
+path/restricted_content/.`
+
+If you have more than 10,000 files in a directory then `rclone purge
+dropbox:dir` will return the error `Failed to purge: There are too
+many files involved in this operation`. As a work-around do an
+`rclone delete dropbox:dir` followed by an `rclone rmdir dropbox:dir`.
+
+When using `rclone link` you'll need to set `--expire` if using a
+non-personal account otherwise the visibility may not be correct.
+(Note that `--expire` isn't supported on personal accounts). See the
+[forum discussion](https://forum.rclone.org/t/rclone-link-dropbox-permissions/23211) and the
+[dropbox SDK issue](https://github.com/dropbox/dropbox-sdk-go-unofficial/issues/75).
+
+## Get your own Dropbox App ID
+
+When you use rclone with Dropbox in its default configuration you are using rclone's App ID. This is shared between all the rclone users.
+
+Here is how to create your own Dropbox App ID for rclone:
+
+1. Log into the [Dropbox App console](https://www.dropbox.com/developers/apps/create) with your Dropbox Account (It need not
+to be the same account as the Dropbox you want to access)
+
+2. Choose an API => Usually this should be `Dropbox API`
+
+3. Choose the type of access you want to use => `Full Dropbox` or `App Folder`. If you want to use Team Folders, `Full Dropbox` is required ([see here](https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/How-to-create-team-folder-inside-my-app-s-folder/m-p/601005/highlight/true#M27911)).
+
+4. Name your App. The app name is global, so you can't use `rclone` for example
+
+5. Click the button `Create App`
+
+6. Switch to the `Permissions` tab. Enable at least the following permissions: `account_info.read`, `files.metadata.write`, `files.content.write`, `files.content.read`, `sharing.write`. The `files.metadata.read` and `sharing.read` checkboxes will be marked too. Click `Submit`
+
+7. Switch to the `Settings` tab. Fill `OAuth2 - Redirect URIs` as `http://localhost:53682/` and click on `Add`
+
+8. Find the `App key` and `App secret` values on the `Settings` tab. Use these values in rclone config to add a new remote or edit an existing remote. The `App key` setting corresponds to `client_id` in rclone config, the `App secret` corresponds to `client_secret`
+
+# Enterprise File Fabric
+
+This backend supports [Storage Made Easy's Enterprise File
+Fabric™](https://storagemadeeasy.com/about/) which provides a software
+solution to integrate and unify File and Object Storage accessible
+through a global file system.
+
+## Configuration
+
+The initial setup for the Enterprise File Fabric backend involves
+getting a token from the Enterprise File Fabric which you need to
+do in your browser. `rclone config` walks you through it.
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value [snip] XX / Enterprise File Fabric "filefabric" [snip] Storage> filefabric ** See help for filefabric backend at: https://rclone.org/filefabric/ **
+URL of the Enterprise File Fabric to connect to Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value 1 / Storage Made Easy US "https://storagemadeeasy.com" 2 / Storage Made Easy EU "https://eu.storagemadeeasy.com" 3 / Connect to your Enterprise File Fabric "https://yourfabric.smestorage.com" url> https://yourfabric.smestorage.com/ ID of the root folder Leave blank normally.
+Fill in to make rclone start with directory of a given ID.
+Enter a string value. Press Enter for the default (""). root_folder_id> Permanent Authentication Token
+A Permanent Authentication Token can be created in the Enterprise File Fabric, on the users Dashboard under Security, there is an entry you'll see called "My Authentication Tokens". Click the Manage button to create one.
+These tokens are normally valid for several years.
+For more info see: https://docs.storagemadeeasy.com/organisationcloud/api-tokens
+Enter a string value. Press Enter for the default (""). permanent_token> xxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx Edit advanced config? (y/n) y) Yes n) No (default) y/n> n Remote config -------------------- [remote] type = filefabric url = https://yourfabric.smestorage.com/ permanent_token = xxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx -------------------- y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y
+
+Once configured you can then use `rclone` like this,
+
+List directories in top level of your Enterprise File Fabric
+
+ rclone lsd remote:
+
+List all the files in your Enterprise File Fabric
+
+ rclone ls remote:
+
+To copy a local directory to an Enterprise File Fabric directory called backup
+
+ rclone copy /home/source remote:backup
+
+### Modification times and hashes
+
+The Enterprise File Fabric allows modification times to be set on
+files accurate to 1 second. These will be used to detect whether
+objects need syncing or not.
+
+The Enterprise File Fabric does not support any data hashes at this time.
+
+### Restricted filename characters
+
+The [default restricted characters set](https://rclone.org/overview/#restricted-characters)
+will be replaced.
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+### Empty files
+
+Empty files aren't supported by the Enterprise File Fabric. Rclone will therefore
+upload an empty file as a single space with a mime type of
+`application/vnd.rclone.empty.file` and files with that mime type are
+treated as empty.
+
+### Root folder ID ###
+
+You can set the `root_folder_id` for rclone. This is the directory
+(identified by its `Folder ID`) that rclone considers to be the root
+of your Enterprise File Fabric.
+
+Normally you will leave this blank and rclone will determine the
+correct root to use itself.
+
+However you can set this to restrict rclone to a specific folder
+hierarchy.
+
+In order to do this you will have to find the `Folder ID` of the
+directory you wish rclone to display. These aren't displayed in the
+web interface, but you can use `rclone lsf` to find them, for example
+
+$ rclone lsf --dirs-only -Fip --csv filefabric: 120673758,Burnt PDFs/ 120673759,My Quick Uploads/ 120673755,My Syncs/ 120673756,My backups/ 120673757,My contacts/ 120673761,S3 Storage/
+
+The ID for "S3 Storage" would be `120673761`.
+
+
+### Standard options
+
+Here are the Standard options specific to filefabric (Enterprise File Fabric).
+
+#### --filefabric-url
+
+URL of the Enterprise File Fabric to connect to.
+
+Properties:
+
+- Config: url
+- Env Var: RCLONE_FILEFABRIC_URL
+- Type: string
+- Required: true
+- Examples:
+ - "https://storagemadeeasy.com"
+ - Storage Made Easy US
+ - "https://eu.storagemadeeasy.com"
+ - Storage Made Easy EU
+ - "https://yourfabric.smestorage.com"
+ - Connect to your Enterprise File Fabric
+
+#### --filefabric-root-folder-id
+
+ID of the root folder.
+
+Leave blank normally.
+
+Fill in to make rclone start with directory of a given ID.
+
+
+Properties:
+
+- Config: root_folder_id
+- Env Var: RCLONE_FILEFABRIC_ROOT_FOLDER_ID
+- Type: string
+- Required: false
+
+#### --filefabric-permanent-token
+
+Permanent Authentication Token.
+
+A Permanent Authentication Token can be created in the Enterprise File
+Fabric, on the users Dashboard under Security, there is an entry
+you'll see called "My Authentication Tokens". Click the Manage button
+to create one.
+
+These tokens are normally valid for several years.
+
+For more info see: https://docs.storagemadeeasy.com/organisationcloud/api-tokens
+
+
+Properties:
+
+- Config: permanent_token
+- Env Var: RCLONE_FILEFABRIC_PERMANENT_TOKEN
+- Type: string
+- Required: false
+
+### Advanced options
+
+Here are the Advanced options specific to filefabric (Enterprise File Fabric).
+
+#### --filefabric-token
+
+Session Token.
+
+This is a session token which rclone caches in the config file. It is
+usually valid for 1 hour.
+
+Don't set this value - rclone will set it automatically.
+
+
+Properties:
+
+- Config: token
+- Env Var: RCLONE_FILEFABRIC_TOKEN
+- Type: string
+- Required: false
+
+#### --filefabric-token-expiry
+
+Token expiry time.
+
+Don't set this value - rclone will set it automatically.
+
+
+Properties:
+
+- Config: token_expiry
+- Env Var: RCLONE_FILEFABRIC_TOKEN_EXPIRY
+- Type: string
+- Required: false
+
+#### --filefabric-version
+
+Version read from the file fabric.
+
+Don't set this value - rclone will set it automatically.
+
+
+Properties:
+
+- Config: version
+- Env Var: RCLONE_FILEFABRIC_VERSION
+- Type: string
+- Required: false
+
+#### --filefabric-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_FILEFABRIC_ENCODING
+- Type: Encoding
+- Default: Slash,Del,Ctl,InvalidUtf8,Dot
+
+
+
+# FTP
+
+FTP is the File Transfer Protocol. Rclone FTP support is provided using the
+[github.com/jlaffaye/ftp](https://godoc.org/github.com/jlaffaye/ftp)
+package.
+
+[Limitations of Rclone's FTP backend](#limitations)
+
+Paths are specified as `remote:path`. If the path does not begin with
+a `/` it is relative to the home directory of the user. An empty path
+`remote:` refers to the user's home directory.
+
+## Configuration
+
+To create an FTP configuration named `remote`, run
+
+ rclone config
+
+Rclone config guides you through an interactive setup process. A minimal
+rclone FTP remote definition only requires host, username and password.
+For an anonymous FTP server, see [below](#anonymous-ftp).
+
+No remotes found, make a new one? n) New remote r) Rename remote c) Copy remote s) Set configuration password q) Quit config n/r/c/s/q> n name> remote Type of storage to configure. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value [snip] XX / FTP "ftp" [snip] Storage> ftp ** See help for ftp backend at: https://rclone.org/ftp/ **
+FTP host to connect to Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value 1 / Connect to ftp.example.com "ftp.example.com" host> ftp.example.com FTP username Enter a string value. Press Enter for the default ("$USER"). user> FTP port number Enter a signed integer. Press Enter for the default (21). port> FTP password y) Yes type in my own password g) Generate random password y/g> y Enter the password: password: Confirm the password: password: Use FTP over TLS (Implicit) Enter a boolean value (true or false). Press Enter for the default ("false"). tls> Use FTP over TLS (Explicit) Enter a boolean value (true or false). Press Enter for the default ("false"). explicit_tls> Remote config -------------------- [remote] type = ftp host = ftp.example.com pass = *** ENCRYPTED *** -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y
+
+To see all directories in the home directory of `remote`
+
+ rclone lsd remote:
+
+Make a new directory
+
+ rclone mkdir remote:path/to/directory
+
+List the contents of a directory
+
+ rclone ls remote:path/to/directory
+
+Sync `/home/local/directory` to the remote directory, deleting any
+excess files in the directory.
+
+ rclone sync --interactive /home/local/directory remote:directory
+
+### Anonymous FTP
+
+When connecting to a FTP server that allows anonymous login, you can use the
+special "anonymous" username. Traditionally, this user account accepts any
+string as a password, although it is common to use either the password
+"anonymous" or "guest". Some servers require the use of a valid e-mail
+address as password.
+
+Using [on-the-fly](#backend-path-to-dir) or
+[connection string](https://rclone.org/docs/#connection-strings) remotes makes it easy to access
+such servers, without requiring any configuration in advance. The following
+are examples of that:
+
+ rclone lsf :ftp: --ftp-host=speedtest.tele2.net --ftp-user=anonymous --ftp-pass=$(rclone obscure dummy)
+ rclone lsf :ftp,host=speedtest.tele2.net,user=anonymous,pass=$(rclone obscure dummy):
+
+The above examples work in Linux shells and in PowerShell, but not Windows
+Command Prompt. They execute the [rclone obscure](https://rclone.org/commands/rclone_obscure/)
+command to create a password string in the format required by the
+[pass](#ftp-pass) option. The following examples are exactly the same, except use
+an already obscured string representation of the same password "dummy", and
+therefore works even in Windows Command Prompt:
+
+ rclone lsf :ftp: --ftp-host=speedtest.tele2.net --ftp-user=anonymous --ftp-pass=IXs2wc8OJOz7SYLBk47Ji1rHTmxM
+ rclone lsf :ftp,host=speedtest.tele2.net,user=anonymous,pass=IXs2wc8OJOz7SYLBk47Ji1rHTmxM:
+
+### Implicit TLS
+
+Rlone FTP supports implicit FTP over TLS servers (FTPS). This has to
+be enabled in the FTP backend config for the remote, or with
+[`--ftp-tls`](#ftp-tls). The default FTPS port is `990`, not `21` and
+can be set with [`--ftp-port`](#ftp-port).
+
+### Restricted filename characters
+
+In addition to the [default restricted characters set](https://rclone.org/overview/#restricted-characters)
+the following characters are also replaced:
+
+File names cannot end with the following characters. Replacement is
+limited to the last character in a file name:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| SP | 0x20 | ␠ |
+
+Not all FTP servers can have all characters in file names, for example:
+
+| FTP Server| Forbidden characters |
+| --------- |:--------------------:|
+| proftpd | `*` |
+| pureftpd | `\ [ ]` |
+
+This backend's interactive configuration wizard provides a selection of
+sensible encoding settings for major FTP servers: ProFTPd, PureFTPd, VsFTPd.
+Just hit a selection number when prompted.
+
+
+### Standard options
+
+Here are the Standard options specific to ftp (FTP).
+
+#### --ftp-host
+
+FTP host to connect to.
+
+E.g. "ftp.example.com".
+
+Properties:
+
+- Config: host
+- Env Var: RCLONE_FTP_HOST
+- Type: string
+- Required: true
+
+#### --ftp-user
+
+FTP username.
+
+Properties:
+
+- Config: user
+- Env Var: RCLONE_FTP_USER
+- Type: string
+- Default: "$USER"
+
+#### --ftp-port
+
+FTP port number.
+
+Properties:
+
+- Config: port
+- Env Var: RCLONE_FTP_PORT
+- Type: int
+- Default: 21
+
+#### --ftp-pass
+
+FTP password.
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: pass
+- Env Var: RCLONE_FTP_PASS
+- Type: string
+- Required: false
+
+#### --ftp-tls
+
+Use Implicit FTPS (FTP over TLS).
+
+When using implicit FTP over TLS the client connects using TLS
+right from the start which breaks compatibility with
+non-TLS-aware servers. This is usually served over port 990 rather
+than port 21. Cannot be used in combination with explicit FTPS.
+
+Properties:
+
+- Config: tls
+- Env Var: RCLONE_FTP_TLS
+- Type: bool
+- Default: false
+
+#### --ftp-explicit-tls
+
+Use Explicit FTPS (FTP over TLS).
+
+When using explicit FTP over TLS the client explicitly requests
+security from the server in order to upgrade a plain text connection
+to an encrypted one. Cannot be used in combination with implicit FTPS.
+
+Properties:
+
+- Config: explicit_tls
+- Env Var: RCLONE_FTP_EXPLICIT_TLS
+- Type: bool
+- Default: false
+
+### Advanced options
+
+Here are the Advanced options specific to ftp (FTP).
+
+#### --ftp-concurrency
+
+Maximum number of FTP simultaneous connections, 0 for unlimited.
+
+Note that setting this is very likely to cause deadlocks so it should
+be used with care.
+
+If you are doing a sync or copy then make sure concurrency is one more
+than the sum of `--transfers` and `--checkers`.
+
+If you use `--check-first` then it just needs to be one more than the
+maximum of `--checkers` and `--transfers`.
+
+So for `concurrency 3` you'd use `--checkers 2 --transfers 2
+--check-first` or `--checkers 1 --transfers 1`.
+
+
+
+Properties:
+
+- Config: concurrency
+- Env Var: RCLONE_FTP_CONCURRENCY
+- Type: int
+- Default: 0
+
+#### --ftp-no-check-certificate
+
+Do not verify the TLS certificate of the server.
+
+Properties:
+
+- Config: no_check_certificate
+- Env Var: RCLONE_FTP_NO_CHECK_CERTIFICATE
+- Type: bool
+- Default: false
+
+#### --ftp-disable-epsv
+
+Disable using EPSV even if server advertises support.
+
+Properties:
+
+- Config: disable_epsv
+- Env Var: RCLONE_FTP_DISABLE_EPSV
+- Type: bool
+- Default: false
+
+#### --ftp-disable-mlsd
+
+Disable using MLSD even if server advertises support.
+
+Properties:
+
+- Config: disable_mlsd
+- Env Var: RCLONE_FTP_DISABLE_MLSD
+- Type: bool
+- Default: false
+
+#### --ftp-disable-utf8
+
+Disable using UTF-8 even if server advertises support.
+
+Properties:
+
+- Config: disable_utf8
+- Env Var: RCLONE_FTP_DISABLE_UTF8
+- Type: bool
+- Default: false
+
+#### --ftp-writing-mdtm
+
+Use MDTM to set modification time (VsFtpd quirk)
+
+Properties:
+
+- Config: writing_mdtm
+- Env Var: RCLONE_FTP_WRITING_MDTM
+- Type: bool
+- Default: false
+
+#### --ftp-force-list-hidden
+
+Use LIST -a to force listing of hidden files and folders. This will disable the use of MLSD.
+
+Properties:
+
+- Config: force_list_hidden
+- Env Var: RCLONE_FTP_FORCE_LIST_HIDDEN
+- Type: bool
+- Default: false
+
+#### --ftp-idle-timeout
+
+Max time before closing idle connections.
+
+If no connections have been returned to the connection pool in the time
+given, rclone will empty the connection pool.
+
+Set to 0 to keep connections indefinitely.
+
+
+Properties:
+
+- Config: idle_timeout
+- Env Var: RCLONE_FTP_IDLE_TIMEOUT
+- Type: Duration
+- Default: 1m0s
+
+#### --ftp-close-timeout
+
+Maximum time to wait for a response to close.
+
+Properties:
+
+- Config: close_timeout
+- Env Var: RCLONE_FTP_CLOSE_TIMEOUT
+- Type: Duration
+- Default: 1m0s
+
+#### --ftp-tls-cache-size
+
+Size of TLS session cache for all control and data connections.
+
+TLS cache allows to resume TLS sessions and reuse PSK between connections.
+Increase if default size is not enough resulting in TLS resumption errors.
+Enabled by default. Use 0 to disable.
+
+Properties:
+
+- Config: tls_cache_size
+- Env Var: RCLONE_FTP_TLS_CACHE_SIZE
+- Type: int
+- Default: 32
+
+#### --ftp-disable-tls13
+
+Disable TLS 1.3 (workaround for FTP servers with buggy TLS)
+
+Properties:
+
+- Config: disable_tls13
+- Env Var: RCLONE_FTP_DISABLE_TLS13
+- Type: bool
+- Default: false
+
+#### --ftp-shut-timeout
+
+Maximum time to wait for data connection closing status.
+
+Properties:
+
+- Config: shut_timeout
+- Env Var: RCLONE_FTP_SHUT_TIMEOUT
+- Type: Duration
+- Default: 1m0s
+
+#### --ftp-ask-password
+
+Allow asking for FTP password when needed.
+
+If this is set and no password is supplied then rclone will ask for a password
+
+
+Properties:
+
+- Config: ask_password
+- Env Var: RCLONE_FTP_ASK_PASSWORD
+- Type: bool
+- Default: false
+
+#### --ftp-socks-proxy
+
+Socks 5 proxy host.
+
+ Supports the format user:pass@host:port, user@host:port, host:port.
+
+ Example:
+
+ myUser:myPass@localhost:9005
+
+
+Properties:
+
+- Config: socks_proxy
+- Env Var: RCLONE_FTP_SOCKS_PROXY
+- Type: string
+- Required: false
+
+#### --ftp-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_FTP_ENCODING
+- Type: Encoding
+- Default: Slash,Del,Ctl,RightSpace,Dot
+- Examples:
+ - "Asterisk,Ctl,Dot,Slash"
+ - ProFTPd can't handle '*' in file names
+ - "BackSlash,Ctl,Del,Dot,RightSpace,Slash,SquareBracket"
+ - PureFTPd can't handle '[]' or '*' in file names
+ - "Ctl,LeftPeriod,Slash"
+ - VsFTPd can't handle file names starting with dot
+
+
+
+## Limitations
+
+FTP servers acting as rclone remotes must support `passive` mode.
+The mode cannot be configured as `passive` is the only supported one.
+Rclone's FTP implementation is not compatible with `active` mode
+as [the library it uses doesn't support it](https://github.com/jlaffaye/ftp/issues/29).
+This will likely never be supported due to security concerns.
+
+Rclone's FTP backend does not support any checksums but can compare
+file sizes.
+
+`rclone about` is not supported by the FTP backend. Backends without
+this capability cannot determine free space for an rclone mount or
+use policy `mfs` (most free space) as a member of an rclone union
+remote.
+
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
+
+The implementation of : `--dump headers`,
+`--dump bodies`, `--dump auth` for debugging isn't the same as
+for rclone HTTP based backends - it has less fine grained control.
+
+`--timeout` isn't supported (but `--contimeout` is).
+
+`--bind` isn't supported.
+
+Rclone's FTP backend could support server-side move but does not
+at present.
+
+The `ftp_proxy` environment variable is not currently supported.
+
+### Modification times
+
+File modification time (timestamps) is supported to 1 second resolution
+for major FTP servers: ProFTPd, PureFTPd, VsFTPd, and FileZilla FTP server.
+The `VsFTPd` server has non-standard implementation of time related protocol
+commands and needs a special configuration setting: `writing_mdtm = true`.
+
+Support for precise file time with other FTP servers varies depending on what
+protocol extensions they advertise. If all the `MLSD`, `MDTM` and `MFTM`
+extensions are present, rclone will use them together to provide precise time.
+Otherwise the times you see on the FTP server through rclone are those of the
+last file upload.
+
+You can use the following command to check whether rclone can use precise time
+with your FTP server: `rclone backend features your_ftp_remote:` (the trailing
+colon is important). Look for the number in the line tagged by `Precision`
+designating the remote time precision expressed as nanoseconds. A value of
+`1000000000` means that file time precision of 1 second is available.
+A value of `3153600000000000000` (or another large number) means "unsupported".
+
+# Google Cloud Storage
+
+Paths are specified as `remote:bucket` (or `remote:` for the `lsd`
+command.) You may put subdirectories in too, e.g. `remote:bucket/path/to/dir`.
+
+## Configuration
+
+The initial setup for google cloud storage involves getting a token from Google Cloud Storage
+which you need to do in your browser. `rclone config` walks you
+through it.
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+
+- New remote
+- Delete remote
+- Quit config e/n/d/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / Google Cloud Storage (this is not Google Drive) "google cloud storage" [snip] Storage> google cloud storage Google Application Client Id - leave blank normally. client_id> Google Application Client Secret - leave blank normally. client_secret> Project number optional - needed only for list/create/delete buckets - see your developer console. project_number> 12345678 Service Account Credentials JSON file path - needed only if you want use SA instead of interactive login. service_account_file> Access Control List for new objects. Choose a number from below, or type in your own value 1 / Object owner gets OWNER access, and all Authenticated Users get READER access. "authenticatedRead" 2 / Object owner gets OWNER access, and project team owners get OWNER access. "bucketOwnerFullControl" 3 / Object owner gets OWNER access, and project team owners get READER access. "bucketOwnerRead" 4 / Object owner gets OWNER access [default if left blank]. "private" 5 / Object owner gets OWNER access, and project team members get access according to their roles. "projectPrivate" 6 / Object owner gets OWNER access, and all Users get READER access. "publicRead" object_acl> 4 Access Control List for new buckets. Choose a number from below, or type in your own value 1 / Project team owners get OWNER access, and all Authenticated Users get READER access. "authenticatedRead" 2 / Project team owners get OWNER access [default if left blank]. "private" 3 / Project team members get access according to their roles. "projectPrivate" 4 / Project team owners get OWNER access, and all Users get READER access. "publicRead" 5 / Project team owners get OWNER access, and all Users get WRITER access. "publicReadWrite" bucket_acl> 2 Location for the newly created buckets. Choose a number from below, or type in your own value 1 / Empty for default location (US). "" 2 / Multi-regional location for Asia. "asia" 3 / Multi-regional location for Europe. "eu" 4 / Multi-regional location for United States. "us" 5 / Taiwan. "asia-east1" 6 / Tokyo. "asia-northeast1" 7 / Singapore. "asia-southeast1" 8 / Sydney. "australia-southeast1" 9 / Belgium. "europe-west1" 10 / London. "europe-west2" 11 / Iowa. "us-central1" 12 / South Carolina. "us-east1" 13 / Northern Virginia. "us-east4" 14 / Oregon. "us-west1" location> 12 The storage class to use when storing objects in Google Cloud Storage. Choose a number from below, or type in your own value 1 / Default "" 2 / Multi-regional storage class "MULTI_REGIONAL" 3 / Regional storage class "REGIONAL" 4 / Nearline storage class "NEARLINE" 5 / Coldline storage class "COLDLINE" 6 / Durable reduced availability storage class "DURABLE_REDUCED_AVAILABILITY" storage_class> 5 Remote config Use web browser to automatically authenticate rclone with remote?
+
-- Config: user_agent
-- Env Var: RCLONE_SIA_USER_AGENT
-- Type: string
-- Default: "Sia-Agent"
+- Say Y if the machine running rclone has a web browser you can use
+- Say N if running rclone on a (remote) machine without web browser access If not sure try Y. If Y failed, try N.
---sia-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_SIA_ENCODING
-- Type: MultiEncoder
-- Default: Slash,Question,Hash,Percent,Del,Ctl,InvalidUtf8,Dot
-
-Limitations
-
-- Modification times not supported
-- Checksums not supported
-rclone about
not supported
-- rclone can work only with Siad or Sia-UI at the moment, the SkyNet daemon is not supported yet.
-- Sia does not allow control characters or symbols like question and pound signs in file names. rclone will transparently encode them for you, but you'd better be aware
-
-Swift
-Swift refers to OpenStack Object Storage. Commercial implementations of that being:
-
-- Rackspace Cloud Files
-- Memset Memstore
-- OVH Object Storage
-- Oracle Cloud Storage
-- IBM Bluemix Cloud ObjectStorage Swift
-
-Paths are specified as remote:container
(or remote:
for the lsd
command.) You may put subdirectories in too, e.g. remote:container/path/to/dir
.
-Configuration
-Here is an example of making a swift configuration. First run
-rclone config
-This will guide you through an interactive setup process.
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / OpenStack Swift (Rackspace Cloud Files, Memset Memstore, OVH)
- \ "swift"
-[snip]
-Storage> swift
-Get swift credentials from environment variables in standard OpenStack form.
-Choose a number from below, or type in your own value
- 1 / Enter swift credentials in the next step
- \ "false"
- 2 / Get swift credentials from environment vars. Leave other fields blank if using this.
- \ "true"
-env_auth> true
-User name to log in (OS_USERNAME).
-user>
-API key or password (OS_PASSWORD).
-key>
-Authentication URL for server (OS_AUTH_URL).
-Choose a number from below, or type in your own value
- 1 / Rackspace US
- \ "https://auth.api.rackspacecloud.com/v1.0"
- 2 / Rackspace UK
- \ "https://lon.auth.api.rackspacecloud.com/v1.0"
- 3 / Rackspace v2
- \ "https://identity.api.rackspacecloud.com/v2.0"
- 4 / Memset Memstore UK
- \ "https://auth.storage.memset.com/v1.0"
- 5 / Memset Memstore UK v2
- \ "https://auth.storage.memset.com/v2.0"
- 6 / OVH
- \ "https://auth.cloud.ovh.net/v3"
-auth>
-User ID to log in - optional - most swift systems use user and leave this blank (v3 auth) (OS_USER_ID).
-user_id>
-User domain - optional (v3 auth) (OS_USER_DOMAIN_NAME)
-domain>
-Tenant name - optional for v1 auth, this or tenant_id required otherwise (OS_TENANT_NAME or OS_PROJECT_NAME)
-tenant>
-Tenant ID - optional for v1 auth, this or tenant required otherwise (OS_TENANT_ID)
-tenant_id>
-Tenant domain - optional (v3 auth) (OS_PROJECT_DOMAIN_NAME)
-tenant_domain>
-Region name - optional (OS_REGION_NAME)
-region>
-Storage URL - optional (OS_STORAGE_URL)
-storage_url>
-Auth Token from alternate authentication - optional (OS_AUTH_TOKEN)
-auth_token>
-AuthVersion - optional - set to (1,2,3) if your auth URL has no version (ST_AUTH_VERSION)
-auth_version>
-Endpoint type to choose from the service catalogue (OS_ENDPOINT_TYPE)
-Choose a number from below, or type in your own value
- 1 / Public (default, choose this if not sure)
- \ "public"
- 2 / Internal (use internal service net)
- \ "internal"
- 3 / Admin
- \ "admin"
-endpoint_type>
-Remote config
---------------------
-[test]
-env_auth = true
-user =
-key =
-auth =
-user_id =
-domain =
-tenant =
-tenant_id =
-tenant_domain =
-region =
-storage_url =
-auth_token =
-auth_version =
-endpoint_type =
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-This remote is called remote
and can now be used like this
-See all containers
-rclone lsd remote:
-Make a new container
-rclone mkdir remote:container
-List the contents of a container
-rclone ls remote:container
-Sync /home/local/directory
to the remote container, deleting any excess files in the container.
-rclone sync --interactive /home/local/directory remote:container
-Configuration from an OpenStack credentials file
-An OpenStack credentials file typically looks something something like this (without the comments)
-export OS_AUTH_URL=https://a.provider.net/v2.0
-export OS_TENANT_ID=ffffffffffffffffffffffffffffffff
-export OS_TENANT_NAME="1234567890123456"
-export OS_USERNAME="123abc567xy"
-echo "Please enter your OpenStack Password: "
-read -sr OS_PASSWORD_INPUT
-export OS_PASSWORD=$OS_PASSWORD_INPUT
-export OS_REGION_NAME="SBG1"
-if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi
-The config file needs to look something like this where $OS_USERNAME
represents the value of the OS_USERNAME
variable - 123abc567xy
in the example above.
-[remote]
-type = swift
-user = $OS_USERNAME
-key = $OS_PASSWORD
-auth = $OS_AUTH_URL
-tenant = $OS_TENANT_NAME
-Note that you may (or may not) need to set region
too - try without first.
-Configuration from the environment
-If you prefer you can configure rclone to use swift using a standard set of OpenStack environment variables.
-When you run through the config, make sure you choose true
for env_auth
and leave everything else blank.
-rclone will then set any empty config parameters from the environment using standard OpenStack environment variables. There is a list of the variables in the docs for the swift library.
-Using an alternate authentication method
-If your OpenStack installation uses a non-standard authentication method that might not be yet supported by rclone or the underlying swift library, you can authenticate externally (e.g. calling manually the openstack
commands to get a token). Then, you just need to pass the two configuration variables auth_token
and storage_url
. If they are both provided, the other variables are ignored. rclone will not try to authenticate but instead assume it is already authenticated and use these two variables to access the OpenStack installation.
-Using rclone without a config file
-You can use rclone with swift without a config file, if desired, like this:
-source openstack-credentials-file
-export RCLONE_CONFIG_MYREMOTE_TYPE=swift
-export RCLONE_CONFIG_MYREMOTE_ENV_AUTH=true
-rclone lsd myremote:
---fast-list
-This remote supports --fast-list
which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
---update and --use-server-modtime
-As noted below, the modified time is stored on metadata on the object. It is used by default for all operations that require checking the time a file was last updated. It allows rclone to treat the remote more like a true filesystem, but it is inefficient because it requires an extra API call to retrieve the metadata.
-For many operations, the time the object was last uploaded to the remote is sufficient to determine if it is "dirty". By using --update
along with --use-server-modtime
, you can avoid the extra API call and simply upload files whose local modtime is newer than the time it was last uploaded.
-Modified time
-The modified time is stored as metadata on the object as X-Object-Meta-Mtime
as floating point since the epoch accurate to 1 ns.
-This is a de facto standard (used in the official python-swiftclient amongst others) for storing the modification time for an object.
-Restricted filename characters
+
+- Yes
+- No y/n> y If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth Log in and authorize rclone for access Waiting for code... Got code -------------------- [remote] type = google cloud storage client_id = client_secret = token = {"AccessToken":"xxxx.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","RefreshToken":"x/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx_xxxxxxxxx","Expiry":"2014-07-17T20:49:14.929208288+01:00","Extra":null} project_number = 12345678 object_acl = private bucket_acl = private --------------------
+- Yes this is OK
+- Edit this remote
+- Delete this remote y/e/d> y
+
+
+See the [remote setup docs](https://rclone.org/remote_setup/) for how to set it up on a
+machine with no Internet browser available.
+
+Note that rclone runs a webserver on your local machine to collect the
+token as returned from Google if using web browser to automatically
+authenticate. This only
+runs from the moment it opens your browser to the moment you get back
+the verification code. This is on `http://127.0.0.1:53682/` and this
+it may require you to unblock it temporarily if you are running a host
+firewall, or use manual mode.
+
+This remote is called `remote` and can now be used like this
+
+See all the buckets in your project
+
+ rclone lsd remote:
+
+Make a new bucket
+
+ rclone mkdir remote:bucket
+
+List the contents of a bucket
+
+ rclone ls remote:bucket
+
+Sync `/home/local/directory` to the remote bucket, deleting any excess
+files in the bucket.
+
+ rclone sync --interactive /home/local/directory remote:bucket
+
+### Service Account support
+
+You can set up rclone with Google Cloud Storage in an unattended mode,
+i.e. not tied to a specific end-user Google account. This is useful
+when you want to synchronise files onto machines that don't have
+actively logged-in users, for example build machines.
+
+To get credentials for Google Cloud Platform
+[IAM Service Accounts](https://cloud.google.com/iam/docs/service-accounts),
+please head to the
+[Service Account](https://console.cloud.google.com/permissions/serviceaccounts)
+section of the Google Developer Console. Service Accounts behave just
+like normal `User` permissions in
+[Google Cloud Storage ACLs](https://cloud.google.com/storage/docs/access-control),
+so you can limit their access (e.g. make them read only). After
+creating an account, a JSON file containing the Service Account's
+credentials will be downloaded onto your machines. These credentials
+are what rclone will use for authentication.
+
+To use a Service Account instead of OAuth2 token flow, enter the path
+to your Service Account credentials at the `service_account_file`
+prompt and rclone won't use the browser based authentication
+flow. If you'd rather stuff the contents of the credentials file into
+the rclone config file, you can set `service_account_credentials` with
+the actual contents of the file instead, or set the equivalent
+environment variable.
+
+### Anonymous Access
+
+For downloads of objects that permit public access you can configure rclone
+to use anonymous access by setting `anonymous` to `true`.
+With unauthorized access you can't write or create files but only read or list
+those buckets and objects that have public read access.
+
+### Application Default Credentials
+
+If no other source of credentials is provided, rclone will fall back
+to
+[Application Default Credentials](https://cloud.google.com/video-intelligence/docs/common/auth#authenticating_with_application_default_credentials)
+this is useful both when you already have configured authentication
+for your developer account, or in production when running on a google
+compute host. Note that if running in docker, you may need to run
+additional commands on your google compute machine -
+[see this page](https://cloud.google.com/container-registry/docs/advanced-authentication#gcloud_as_a_docker_credential_helper).
+
+Note that in the case application default credentials are used, there
+is no need to explicitly configure a project number.
+
+### --fast-list
+
+This remote supports `--fast-list` which allows you to use fewer
+transactions in exchange for more memory. See the [rclone
+docs](https://rclone.org/docs/#fast-list) for more details.
+
+### Custom upload headers
+
+You can set custom upload headers with the `--header-upload`
+flag. Google Cloud Storage supports the headers as described in the
+[working with metadata documentation](https://cloud.google.com/storage/docs/gsutil/addlhelp/WorkingWithObjectMetadata)
+
+- Cache-Control
+- Content-Disposition
+- Content-Encoding
+- Content-Language
+- Content-Type
+- X-Goog-Storage-Class
+- X-Goog-Meta-
+
+Eg `--header-upload "Content-Type text/potato"`
+
+Note that the last of these is for setting custom metadata in the form
+`--header-upload "x-goog-meta-key: value"`
+
+### Modification times
+
+Google Cloud Storage stores md5sum natively.
+Google's [gsutil](https://cloud.google.com/storage/docs/gsutil) tool stores modification time
+with one-second precision as `goog-reserved-file-mtime` in file metadata.
+
+To ensure compatibility with gsutil, rclone stores modification time in 2 separate metadata entries.
+`mtime` uses RFC3339 format with one-nanosecond precision.
+`goog-reserved-file-mtime` uses Unix timestamp format with one-second precision.
+To get modification time from object metadata, rclone reads the metadata in the following order: `mtime`, `goog-reserved-file-mtime`, object updated time.
+
+Note that rclone's default modify window is 1ns.
+Files uploaded by gsutil only contain timestamps with one-second precision.
+If you use rclone to sync files previously uploaded by gsutil,
+rclone will attempt to update modification time for all these files.
+To avoid these possibly unnecessary updates, use `--modify-window 1s`.
+
+### Restricted filename characters
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| NUL | 0x00 | ␀ |
+| LF | 0x0A | ␊ |
+| CR | 0x0D | ␍ |
+| / | 0x2F | / |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+
+### Standard options
+
+Here are the Standard options specific to google cloud storage (Google Cloud Storage (this is not Google Drive)).
+
+#### --gcs-client-id
+
+OAuth Client Id.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_GCS_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --gcs-client-secret
+
+OAuth Client Secret.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_GCS_CLIENT_SECRET
+- Type: string
+- Required: false
+
+#### --gcs-project-number
+
+Project number.
+
+Optional - needed only for list/create/delete buckets - see your developer console.
+
+Properties:
+
+- Config: project_number
+- Env Var: RCLONE_GCS_PROJECT_NUMBER
+- Type: string
+- Required: false
+
+#### --gcs-user-project
+
+User project.
+
+Optional - needed only for requester pays.
+
+Properties:
+
+- Config: user_project
+- Env Var: RCLONE_GCS_USER_PROJECT
+- Type: string
+- Required: false
+
+#### --gcs-service-account-file
+
+Service Account Credentials JSON file path.
+
+Leave blank normally.
+Needed only if you want use SA instead of interactive login.
+
+Leading `~` will be expanded in the file name as will environment variables such as `${RCLONE_CONFIG_DIR}`.
+
+Properties:
+
+- Config: service_account_file
+- Env Var: RCLONE_GCS_SERVICE_ACCOUNT_FILE
+- Type: string
+- Required: false
+
+#### --gcs-service-account-credentials
+
+Service Account Credentials JSON blob.
+
+Leave blank normally.
+Needed only if you want use SA instead of interactive login.
+
+Properties:
+
+- Config: service_account_credentials
+- Env Var: RCLONE_GCS_SERVICE_ACCOUNT_CREDENTIALS
+- Type: string
+- Required: false
+
+#### --gcs-anonymous
+
+Access public buckets and objects without credentials.
+
+Set to 'true' if you just want to download files and don't configure credentials.
+
+Properties:
+
+- Config: anonymous
+- Env Var: RCLONE_GCS_ANONYMOUS
+- Type: bool
+- Default: false
+
+#### --gcs-object-acl
+
+Access Control List for new objects.
+
+Properties:
+
+- Config: object_acl
+- Env Var: RCLONE_GCS_OBJECT_ACL
+- Type: string
+- Required: false
+- Examples:
+ - "authenticatedRead"
+ - Object owner gets OWNER access.
+ - All Authenticated Users get READER access.
+ - "bucketOwnerFullControl"
+ - Object owner gets OWNER access.
+ - Project team owners get OWNER access.
+ - "bucketOwnerRead"
+ - Object owner gets OWNER access.
+ - Project team owners get READER access.
+ - "private"
+ - Object owner gets OWNER access.
+ - Default if left blank.
+ - "projectPrivate"
+ - Object owner gets OWNER access.
+ - Project team members get access according to their roles.
+ - "publicRead"
+ - Object owner gets OWNER access.
+ - All Users get READER access.
+
+#### --gcs-bucket-acl
+
+Access Control List for new buckets.
+
+Properties:
+
+- Config: bucket_acl
+- Env Var: RCLONE_GCS_BUCKET_ACL
+- Type: string
+- Required: false
+- Examples:
+ - "authenticatedRead"
+ - Project team owners get OWNER access.
+ - All Authenticated Users get READER access.
+ - "private"
+ - Project team owners get OWNER access.
+ - Default if left blank.
+ - "projectPrivate"
+ - Project team members get access according to their roles.
+ - "publicRead"
+ - Project team owners get OWNER access.
+ - All Users get READER access.
+ - "publicReadWrite"
+ - Project team owners get OWNER access.
+ - All Users get WRITER access.
+
+#### --gcs-bucket-policy-only
+
+Access checks should use bucket-level IAM policies.
+
+If you want to upload objects to a bucket with Bucket Policy Only set
+then you will need to set this.
+
+When it is set, rclone:
+
+- ignores ACLs set on buckets
+- ignores ACLs set on objects
+- creates buckets with Bucket Policy Only set
+
+Docs: https://cloud.google.com/storage/docs/bucket-policy-only
+
+
+Properties:
+
+- Config: bucket_policy_only
+- Env Var: RCLONE_GCS_BUCKET_POLICY_ONLY
+- Type: bool
+- Default: false
+
+#### --gcs-location
+
+Location for the newly created buckets.
+
+Properties:
+
+- Config: location
+- Env Var: RCLONE_GCS_LOCATION
+- Type: string
+- Required: false
+- Examples:
+ - ""
+ - Empty for default location (US)
+ - "asia"
+ - Multi-regional location for Asia
+ - "eu"
+ - Multi-regional location for Europe
+ - "us"
+ - Multi-regional location for United States
+ - "asia-east1"
+ - Taiwan
+ - "asia-east2"
+ - Hong Kong
+ - "asia-northeast1"
+ - Tokyo
+ - "asia-northeast2"
+ - Osaka
+ - "asia-northeast3"
+ - Seoul
+ - "asia-south1"
+ - Mumbai
+ - "asia-south2"
+ - Delhi
+ - "asia-southeast1"
+ - Singapore
+ - "asia-southeast2"
+ - Jakarta
+ - "australia-southeast1"
+ - Sydney
+ - "australia-southeast2"
+ - Melbourne
+ - "europe-north1"
+ - Finland
+ - "europe-west1"
+ - Belgium
+ - "europe-west2"
+ - London
+ - "europe-west3"
+ - Frankfurt
+ - "europe-west4"
+ - Netherlands
+ - "europe-west6"
+ - Zürich
+ - "europe-central2"
+ - Warsaw
+ - "us-central1"
+ - Iowa
+ - "us-east1"
+ - South Carolina
+ - "us-east4"
+ - Northern Virginia
+ - "us-west1"
+ - Oregon
+ - "us-west2"
+ - California
+ - "us-west3"
+ - Salt Lake City
+ - "us-west4"
+ - Las Vegas
+ - "northamerica-northeast1"
+ - Montréal
+ - "northamerica-northeast2"
+ - Toronto
+ - "southamerica-east1"
+ - São Paulo
+ - "southamerica-west1"
+ - Santiago
+ - "asia1"
+ - Dual region: asia-northeast1 and asia-northeast2.
+ - "eur4"
+ - Dual region: europe-north1 and europe-west4.
+ - "nam4"
+ - Dual region: us-central1 and us-east1.
+
+#### --gcs-storage-class
+
+The storage class to use when storing objects in Google Cloud Storage.
+
+Properties:
+
+- Config: storage_class
+- Env Var: RCLONE_GCS_STORAGE_CLASS
+- Type: string
+- Required: false
+- Examples:
+ - ""
+ - Default
+ - "MULTI_REGIONAL"
+ - Multi-regional storage class
+ - "REGIONAL"
+ - Regional storage class
+ - "NEARLINE"
+ - Nearline storage class
+ - "COLDLINE"
+ - Coldline storage class
+ - "ARCHIVE"
+ - Archive storage class
+ - "DURABLE_REDUCED_AVAILABILITY"
+ - Durable reduced availability storage class
+
+#### --gcs-env-auth
+
+Get GCP IAM credentials from runtime (environment variables or instance meta data if no env vars).
+
+Only applies if service_account_file and service_account_credentials is blank.
+
+Properties:
+
+- Config: env_auth
+- Env Var: RCLONE_GCS_ENV_AUTH
+- Type: bool
+- Default: false
+- Examples:
+ - "false"
+ - Enter credentials in the next step.
+ - "true"
+ - Get GCP IAM credentials from the environment (env vars or IAM).
+
+### Advanced options
+
+Here are the Advanced options specific to google cloud storage (Google Cloud Storage (this is not Google Drive)).
+
+#### --gcs-token
+
+OAuth Access Token as a JSON blob.
+
+Properties:
+
+- Config: token
+- Env Var: RCLONE_GCS_TOKEN
+- Type: string
+- Required: false
+
+#### --gcs-auth-url
+
+Auth server URL.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: auth_url
+- Env Var: RCLONE_GCS_AUTH_URL
+- Type: string
+- Required: false
+
+#### --gcs-token-url
+
+Token server url.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: token_url
+- Env Var: RCLONE_GCS_TOKEN_URL
+- Type: string
+- Required: false
+
+#### --gcs-directory-markers
+
+Upload an empty object with a trailing slash when a new directory is created
+
+Empty folders are unsupported for bucket based remotes, this option creates an empty
+object ending with "/", to persist the folder.
+
+
+Properties:
+
+- Config: directory_markers
+- Env Var: RCLONE_GCS_DIRECTORY_MARKERS
+- Type: bool
+- Default: false
+
+#### --gcs-no-check-bucket
+
+If set, don't attempt to check the bucket exists or create it.
+
+This can be useful when trying to minimise the number of transactions
+rclone does if you know the bucket exists already.
+
+
+Properties:
+
+- Config: no_check_bucket
+- Env Var: RCLONE_GCS_NO_CHECK_BUCKET
+- Type: bool
+- Default: false
+
+#### --gcs-decompress
+
+If set this will decompress gzip encoded objects.
+
+It is possible to upload objects to GCS with "Content-Encoding: gzip"
+set. Normally rclone will download these files as compressed objects.
+
+If this flag is set then rclone will decompress these files with
+"Content-Encoding: gzip" as they are received. This means that rclone
+can't check the size and hash but the file contents will be decompressed.
+
+
+Properties:
+
+- Config: decompress
+- Env Var: RCLONE_GCS_DECOMPRESS
+- Type: bool
+- Default: false
+
+#### --gcs-endpoint
+
+Endpoint for the service.
+
+Leave blank normally.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_GCS_ENDPOINT
+- Type: string
+- Required: false
+
+#### --gcs-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_GCS_ENCODING
+- Type: Encoding
+- Default: Slash,CrLf,InvalidUtf8,Dot
+
+
+
+## Limitations
+
+`rclone about` is not supported by the Google Cloud Storage backend. Backends without
+this capability cannot determine free space for an rclone mount or
+use policy `mfs` (most free space) as a member of an rclone union
+remote.
+
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
+
+# Google Drive
+
+Paths are specified as `drive:path`
+
+Drive paths may be as deep as required, e.g. `drive:directory/subdirectory`.
+
+## Configuration
+
+The initial setup for drive involves getting a token from Google drive
+which you need to do in your browser. `rclone config` walks you
+through it.
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote r) Rename remote c) Copy remote s) Set configuration password q) Quit config n/r/c/s/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / Google Drive "drive" [snip] Storage> drive Google Application Client Id - leave blank normally. client_id> Google Application Client Secret - leave blank normally. client_secret> Scope that rclone should use when requesting access from drive. Choose a number from below, or type in your own value 1 / Full access all files, excluding Application Data Folder. "drive" 2 / Read-only access to file metadata and file contents. "drive.readonly" / Access to files created by rclone only. 3 | These are visible in the drive website. | File authorization is revoked when the user deauthorizes the app. "drive.file" / Allows read and write access to the Application Data folder. 4 | This is not visible in the drive website. "drive.appfolder" / Allows read-only access to file metadata but 5 | does not allow any access to read or download file content. "drive.metadata.readonly" scope> 1 Service Account Credentials JSON file path - needed only if you want use SA instead of interactive login. service_account_file> Remote config Use web browser to automatically authenticate rclone with remote? * Say Y if the machine running rclone has a web browser you can use * Say N if running rclone on a (remote) machine without web browser access If not sure try Y. If Y failed, try N. y) Yes n) No y/n> y If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth Log in and authorize rclone for access Waiting for code... Got code Configure this as a Shared Drive (Team Drive)? y) Yes n) No y/n> n -------------------- [remote] client_id = client_secret = scope = drive root_folder_id = service_account_file = token = {"access_token":"XXX","token_type":"Bearer","refresh_token":"XXX","expiry":"2014-03-16T13:57:58.955387075Z"} -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y
+
+See the [remote setup docs](https://rclone.org/remote_setup/) for how to set it up on a
+machine with no Internet browser available.
+
+Note that rclone runs a webserver on your local machine to collect the
+token as returned from Google if using web browser to automatically
+authenticate. This only
+runs from the moment it opens your browser to the moment you get back
+the verification code. This is on `http://127.0.0.1:53682/` and it
+may require you to unblock it temporarily if you are running a host
+firewall, or use manual mode.
+
+You can then use it like this,
+
+List directories in top level of your drive
+
+ rclone lsd remote:
+
+List all the files in your drive
+
+ rclone ls remote:
+
+To copy a local directory to a drive directory called backup
+
+ rclone copy /home/source remote:backup
+
+### Scopes
+
+Rclone allows you to select which scope you would like for rclone to
+use. This changes what type of token is granted to rclone. [The
+scopes are defined
+here](https://developers.google.com/drive/v3/web/about-auth).
+
+A comma-separated list is allowed e.g. `drive.readonly,drive.file`.
+
+The scope are
+
+#### drive
+
+This is the default scope and allows full access to all files, except
+for the Application Data Folder (see below).
+
+Choose this one if you aren't sure.
+
+#### drive.readonly
+
+This allows read only access to all files. Files may be listed and
+downloaded but not uploaded, renamed or deleted.
+
+#### drive.file
+
+With this scope rclone can read/view/modify only those files and
+folders it creates.
+
+So if you uploaded files to drive via the web interface (or any other
+means) they will not be visible to rclone.
+
+This can be useful if you are using rclone to backup data and you want
+to be sure confidential data on your drive is not visible to rclone.
+
+Files created with this scope are visible in the web interface.
+
+#### drive.appfolder
+
+This gives rclone its own private area to store files. Rclone will
+not be able to see any other files on your drive and you won't be able
+to see rclone's files from the web interface either.
+
+#### drive.metadata.readonly
+
+This allows read only access to file names only. It does not allow
+rclone to download or upload data, or rename or delete files or
+directories.
+
+### Root folder ID
+
+This option has been moved to the advanced section. You can set the `root_folder_id` for rclone. This is the directory
+(identified by its `Folder ID`) that rclone considers to be the root
+of your drive.
+
+Normally you will leave this blank and rclone will determine the
+correct root to use itself.
+
+However you can set this to restrict rclone to a specific folder
+hierarchy or to access data within the "Computers" tab on the drive
+web interface (where files from Google's Backup and Sync desktop
+program go).
+
+In order to do this you will have to find the `Folder ID` of the
+directory you wish rclone to display. This will be the last segment
+of the URL when you open the relevant folder in the drive web
+interface.
+
+So if the folder you want rclone to use has a URL which looks like
+`https://drive.google.com/drive/folders/1XyfxxxxxxxxxxxxxxxxxxxxxxxxxKHCh`
+in the browser, then you use `1XyfxxxxxxxxxxxxxxxxxxxxxxxxxKHCh` as
+the `root_folder_id` in the config.
+
+**NB** folders under the "Computers" tab seem to be read only (drive
+gives a 500 error) when using rclone.
+
+There doesn't appear to be an API to discover the folder IDs of the
+"Computers" tab - please contact us if you know otherwise!
+
+Note also that rclone can't access any data under the "Backups" tab on
+the google drive web interface yet.
+
+### Service Account support
+
+You can set up rclone with Google Drive in an unattended mode,
+i.e. not tied to a specific end-user Google account. This is useful
+when you want to synchronise files onto machines that don't have
+actively logged-in users, for example build machines.
+
+To use a Service Account instead of OAuth2 token flow, enter the path
+to your Service Account credentials at the `service_account_file`
+prompt during `rclone config` and rclone won't use the browser based
+authentication flow. If you'd rather stuff the contents of the
+credentials file into the rclone config file, you can set
+`service_account_credentials` with the actual contents of the file
+instead, or set the equivalent environment variable.
+
+#### Use case - Google Apps/G-suite account and individual Drive
+
+Let's say that you are the administrator of a Google Apps (old) or
+G-suite account.
+The goal is to store data on an individual's Drive account, who IS
+a member of the domain.
+We'll call the domain **example.com**, and the user
+**foo@example.com**.
+
+There's a few steps we need to go through to accomplish this:
+
+##### 1. Create a service account for example.com
+ - To create a service account and obtain its credentials, go to the
+[Google Developer Console](https://console.developers.google.com).
+ - You must have a project - create one if you don't.
+ - Then go to "IAM & admin" -> "Service Accounts".
+ - Use the "Create Service Account" button. Fill in "Service account name"
+and "Service account ID" with something that identifies your client.
+ - Select "Create And Continue". Step 2 and 3 are optional.
+ - These credentials are what rclone will use for authentication.
+If you ever need to remove access, press the "Delete service
+account key" button.
+
+##### 2. Allowing API access to example.com Google Drive
+ - Go to example.com's admin console
+ - Go into "Security" (or use the search bar)
+ - Select "Show more" and then "Advanced settings"
+ - Select "Manage API client access" in the "Authentication" section
+ - In the "Client Name" field enter the service account's
+"Client ID" - this can be found in the Developer Console under
+"IAM & Admin" -> "Service Accounts", then "View Client ID" for
+the newly created service account.
+It is a ~21 character numerical string.
+ - In the next field, "One or More API Scopes", enter
+`https://www.googleapis.com/auth/drive`
+to grant access to Google Drive specifically.
+
+##### 3. Configure rclone, assuming a new install
+
+rclone config
+n/s/q> n # New name>gdrive # Gdrive is an example name Storage> # Select the number shown for Google Drive client_id> # Can be left blank client_secret> # Can be left blank scope> # Select your scope, 1 for example root_folder_id> # Can be left blank service_account_file> /home/foo/myJSONfile.json # This is where the JSON file goes! y/n> # Auto config, n
+
+##### 4. Verify that it's working
+ - `rclone -v --drive-impersonate foo@example.com lsf gdrive:backup`
+ - The arguments do:
+ - `-v` - verbose logging
+ - `--drive-impersonate foo@example.com` - this is what does
+the magic, pretending to be user foo.
+ - `lsf` - list files in a parsing friendly way
+ - `gdrive:backup` - use the remote called gdrive, work in
+the folder named backup.
+
+Note: in case you configured a specific root folder on gdrive and rclone is unable to access the contents of that folder when using `--drive-impersonate`, do this instead:
+ - in the gdrive web interface, share your root folder with the user/email of the new Service Account you created/selected at step #1
+ - use rclone without specifying the `--drive-impersonate` option, like this:
+ `rclone -v lsf gdrive:backup`
+
+
+### Shared drives (team drives)
+
+If you want to configure the remote to point to a Google Shared Drive
+(previously known as Team Drives) then answer `y` to the question
+`Configure this as a Shared Drive (Team Drive)?`.
+
+This will fetch the list of Shared Drives from google and allow you to
+configure which one you want to use. You can also type in a Shared
+Drive ID if you prefer.
+
+For example:
+
+Configure this as a Shared Drive (Team Drive)? y) Yes n) No y/n> y Fetching Shared Drive list... Choose a number from below, or type in your own value 1 / Rclone Test "xxxxxxxxxxxxxxxxxxxx" 2 / Rclone Test 2 "yyyyyyyyyyyyyyyyyyyy" 3 / Rclone Test 3 "zzzzzzzzzzzzzzzzzzzz" Enter a Shared Drive ID> 1 -------------------- [remote] client_id = client_secret = token = {"AccessToken":"xxxx.x.xxxxx_xxxxxxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","RefreshToken":"1/xxxxxxxxxxxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxx","Expiry":"2014-03-16T13:57:58.955387075Z","Extra":null} team_drive = xxxxxxxxxxxxxxxxxxxx -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y
+
+### --fast-list
+
+This remote supports `--fast-list` which allows you to use fewer
+transactions in exchange for more memory. See the [rclone
+docs](https://rclone.org/docs/#fast-list) for more details.
+
+It does this by combining multiple `list` calls into a single API request.
+
+This works by combining many `'%s' in parents` filters into one expression.
+To list the contents of directories a, b and c, the following requests will be send by the regular `List` function:
+trashed=false and 'a' in parents trashed=false and 'b' in parents trashed=false and 'c' in parents
+These can now be combined into a single request:
+trashed=false and ('a' in parents or 'b' in parents or 'c' in parents)
+
+The implementation of `ListR` will put up to 50 `parents` filters into one request.
+It will use the `--checkers` value to specify the number of requests to run in parallel.
+
+In tests, these batch requests were up to 20x faster than the regular method.
+Running the following command against different sized folders gives:
+rclone lsjson -vv -R --checkers=6 gdrive:folder
+
+small folder (220 directories, 700 files):
+
+- without `--fast-list`: 38s
+- with `--fast-list`: 10s
+
+large folder (10600 directories, 39000 files):
+
+- without `--fast-list`: 22:05 min
+- with `--fast-list`: 58s
+
+### Modification times and hashes
+
+Google drive stores modification times accurate to 1 ms.
+
+Hash algorithms MD5, SHA1 and SHA256 are supported. Note, however,
+that a small fraction of files uploaded may not have SHA1 or SHA256
+hashes especially if they were uploaded before 2018.
+
+### Restricted filename characters
+
+Only Invalid UTF-8 bytes will be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+In contrast to other backends, `/` can also be used in names and `.`
+or `..` are valid names.
+
+### Revisions
+
+Google drive stores revisions of files. When you upload a change to
+an existing file to google drive using rclone it will create a new
+revision of that file.
+
+Revisions follow the standard google policy which at time of writing
+was
+
+ * They are deleted after 30 days or 100 revisions (whatever comes first).
+ * They do not count towards a user storage quota.
+
+### Deleting files
+
+By default rclone will send all files to the trash when deleting
+files. If deleting them permanently is required then use the
+`--drive-use-trash=false` flag, or set the equivalent environment
+variable.
+
+### Shortcuts
+
+In March 2020 Google introduced a new feature in Google Drive called
+[drive shortcuts](https://support.google.com/drive/answer/9700156)
+([API](https://developers.google.com/drive/api/v3/shortcuts)). These
+will (by September 2020) [replace the ability for files or folders to
+be in multiple folders at once](https://cloud.google.com/blog/products/g-suite/simplifying-google-drives-folder-structure-and-sharing-models).
+
+Shortcuts are files that link to other files on Google Drive somewhat
+like a symlink in unix, except they point to the underlying file data
+(e.g. the inode in unix terms) so they don't break if the source is
+renamed or moved about.
+
+By default rclone treats these as follows.
+
+For shortcuts pointing to files:
+
+- When listing a file shortcut appears as the destination file.
+- When downloading the contents of the destination file is downloaded.
+- When updating shortcut file with a non shortcut file, the shortcut is removed then a new file is uploaded in place of the shortcut.
+- When server-side moving (renaming) the shortcut is renamed, not the destination file.
+- When server-side copying the shortcut is copied, not the contents of the shortcut. (unless `--drive-copy-shortcut-content` is in use in which case the contents of the shortcut gets copied).
+- When deleting the shortcut is deleted not the linked file.
+- When setting the modification time, the modification time of the linked file will be set.
+
+For shortcuts pointing to folders:
+
+- When listing the shortcut appears as a folder and that folder will contain the contents of the linked folder appear (including any sub folders)
+- When downloading the contents of the linked folder and sub contents are downloaded
+- When uploading to a shortcut folder the file will be placed in the linked folder
+- When server-side moving (renaming) the shortcut is renamed, not the destination folder
+- When server-side copying the contents of the linked folder is copied, not the shortcut.
+- When deleting with `rclone rmdir` or `rclone purge` the shortcut is deleted not the linked folder.
+- **NB** When deleting with `rclone remove` or `rclone mount` the contents of the linked folder will be deleted.
+
+The [rclone backend](https://rclone.org/commands/rclone_backend/) command can be used to create shortcuts.
+
+Shortcuts can be completely ignored with the `--drive-skip-shortcuts` flag
+or the corresponding `skip_shortcuts` configuration setting.
+
+### Emptying trash
+
+If you wish to empty your trash you can use the `rclone cleanup remote:`
+command which will permanently delete all your trashed files. This command
+does not take any path arguments.
+
+Note that Google Drive takes some time (minutes to days) to empty the
+trash even though the command returns within a few seconds. No output
+is echoed, so there will be no confirmation even using -v or -vv.
+
+### Quota information
+
+To view your current quota you can use the `rclone about remote:`
+command which will display your usage limit (quota), the usage in Google
+Drive, the size of all files in the Trash and the space used by other
+Google services such as Gmail. This command does not take any path
+arguments.
+
+#### Import/Export of google documents
+
+Google documents can be exported from and uploaded to Google Drive.
+
+When rclone downloads a Google doc it chooses a format to download
+depending upon the `--drive-export-formats` setting.
+By default the export formats are `docx,xlsx,pptx,svg` which are a
+sensible default for an editable document.
+
+When choosing a format, rclone runs down the list provided in order
+and chooses the first file format the doc can be exported as from the
+list. If the file can't be exported to a format on the formats list,
+then rclone will choose a format from the default list.
+
+If you prefer an archive copy then you might use `--drive-export-formats
+pdf`, or if you prefer openoffice/libreoffice formats you might use
+`--drive-export-formats ods,odt,odp`.
+
+Note that rclone adds the extension to the google doc, so if it is
+called `My Spreadsheet` on google docs, it will be exported as `My
+Spreadsheet.xlsx` or `My Spreadsheet.pdf` etc.
+
+When importing files into Google Drive, rclone will convert all
+files with an extension in `--drive-import-formats` to their
+associated document type.
+rclone will not convert any files by default, since the conversion
+is lossy process.
+
+The conversion must result in a file with the same extension when
+the `--drive-export-formats` rules are applied to the uploaded document.
+
+Here are some examples for allowed and prohibited conversions.
+
+| export-formats | import-formats | Upload Ext | Document Ext | Allowed |
+| -------------- | -------------- | ---------- | ------------ | ------- |
+| odt | odt | odt | odt | Yes |
+| odt | docx,odt | odt | odt | Yes |
+| | docx | docx | docx | Yes |
+| | odt | odt | docx | No |
+| odt,docx | docx,odt | docx | odt | No |
+| docx,odt | docx,odt | docx | docx | Yes |
+| docx,odt | docx,odt | odt | docx | No |
+
+This limitation can be disabled by specifying `--drive-allow-import-name-change`.
+When using this flag, rclone can convert multiple files types resulting
+in the same document type at once, e.g. with `--drive-import-formats docx,odt,txt`,
+all files having these extension would result in a document represented as a docx file.
+This brings the additional risk of overwriting a document, if multiple files
+have the same stem. Many rclone operations will not handle this name change
+in any way. They assume an equal name when copying files and might copy the
+file again or delete them when the name changes.
+
+Here are the possible export extensions with their corresponding mime types.
+Most of these can also be used for importing, but there more that are not
+listed here. Some of these additional ones might only be available when
+the operating system provides the correct MIME type entries.
+
+This list can be changed by Google Drive at any time and might not
+represent the currently available conversions.
+
+| Extension | Mime Type | Description |
+| --------- |-----------| ------------|
+| bmp | image/bmp | Windows Bitmap format |
+| csv | text/csv | Standard CSV format for Spreadsheets |
+| doc | application/msword | Classic Word file |
+| docx | application/vnd.openxmlformats-officedocument.wordprocessingml.document | Microsoft Office Document |
+| epub | application/epub+zip | E-book format |
+| html | text/html | An HTML Document |
+| jpg | image/jpeg | A JPEG Image File |
+| json | application/vnd.google-apps.script+json | JSON Text Format for Google Apps scripts |
+| odp | application/vnd.oasis.opendocument.presentation | Openoffice Presentation |
+| ods | application/vnd.oasis.opendocument.spreadsheet | Openoffice Spreadsheet |
+| ods | application/x-vnd.oasis.opendocument.spreadsheet | Openoffice Spreadsheet |
+| odt | application/vnd.oasis.opendocument.text | Openoffice Document |
+| pdf | application/pdf | Adobe PDF Format |
+| pjpeg | image/pjpeg | Progressive JPEG Image |
+| png | image/png | PNG Image Format|
+| pptx | application/vnd.openxmlformats-officedocument.presentationml.presentation | Microsoft Office Powerpoint |
+| rtf | application/rtf | Rich Text Format |
+| svg | image/svg+xml | Scalable Vector Graphics Format |
+| tsv | text/tab-separated-values | Standard TSV format for spreadsheets |
+| txt | text/plain | Plain Text |
+| wmf | application/x-msmetafile | Windows Meta File |
+| xls | application/vnd.ms-excel | Classic Excel file |
+| xlsx | application/vnd.openxmlformats-officedocument.spreadsheetml.sheet | Microsoft Office Spreadsheet |
+| zip | application/zip | A ZIP file of HTML, Images CSS |
+
+Google documents can also be exported as link files. These files will
+open a browser window for the Google Docs website of that document
+when opened. The link file extension has to be specified as a
+`--drive-export-formats` parameter. They will match all available
+Google Documents.
+
+| Extension | Description | OS Support |
+| --------- | ----------- | ---------- |
+| desktop | freedesktop.org specified desktop entry | Linux |
+| link.html | An HTML Document with a redirect | All |
+| url | INI style link file | macOS, Windows |
+| webloc | macOS specific XML format | macOS |
+
+
+### Standard options
+
+Here are the Standard options specific to drive (Google Drive).
+
+#### --drive-client-id
+
+Google Application Client Id
+Setting your own is recommended.
+See https://rclone.org/drive/#making-your-own-client-id for how to create your own.
+If you leave this blank, it will use an internal key which is low performance.
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_DRIVE_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --drive-client-secret
+
+OAuth Client Secret.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_DRIVE_CLIENT_SECRET
+- Type: string
+- Required: false
+
+#### --drive-scope
+
+Comma separated list of scopes that rclone should use when requesting access from drive.
+
+Properties:
+
+- Config: scope
+- Env Var: RCLONE_DRIVE_SCOPE
+- Type: string
+- Required: false
+- Examples:
+ - "drive"
+ - Full access all files, excluding Application Data Folder.
+ - "drive.readonly"
+ - Read-only access to file metadata and file contents.
+ - "drive.file"
+ - Access to files created by rclone only.
+ - These are visible in the drive website.
+ - File authorization is revoked when the user deauthorizes the app.
+ - "drive.appfolder"
+ - Allows read and write access to the Application Data folder.
+ - This is not visible in the drive website.
+ - "drive.metadata.readonly"
+ - Allows read-only access to file metadata but
+ - does not allow any access to read or download file content.
+
+#### --drive-service-account-file
+
+Service Account Credentials JSON file path.
+
+Leave blank normally.
+Needed only if you want use SA instead of interactive login.
+
+Leading `~` will be expanded in the file name as will environment variables such as `${RCLONE_CONFIG_DIR}`.
+
+Properties:
+
+- Config: service_account_file
+- Env Var: RCLONE_DRIVE_SERVICE_ACCOUNT_FILE
+- Type: string
+- Required: false
+
+#### --drive-alternate-export
+
+Deprecated: No longer needed.
+
+Properties:
+
+- Config: alternate_export
+- Env Var: RCLONE_DRIVE_ALTERNATE_EXPORT
+- Type: bool
+- Default: false
+
+### Advanced options
+
+Here are the Advanced options specific to drive (Google Drive).
+
+#### --drive-token
+
+OAuth Access Token as a JSON blob.
+
+Properties:
+
+- Config: token
+- Env Var: RCLONE_DRIVE_TOKEN
+- Type: string
+- Required: false
+
+#### --drive-auth-url
+
+Auth server URL.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: auth_url
+- Env Var: RCLONE_DRIVE_AUTH_URL
+- Type: string
+- Required: false
+
+#### --drive-token-url
+
+Token server url.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: token_url
+- Env Var: RCLONE_DRIVE_TOKEN_URL
+- Type: string
+- Required: false
+
+#### --drive-root-folder-id
+
+ID of the root folder.
+Leave blank normally.
+
+Fill in to access "Computers" folders (see docs), or for rclone to use
+a non root folder as its starting point.
+
+
+Properties:
+
+- Config: root_folder_id
+- Env Var: RCLONE_DRIVE_ROOT_FOLDER_ID
+- Type: string
+- Required: false
+
+#### --drive-service-account-credentials
+
+Service Account Credentials JSON blob.
+
+Leave blank normally.
+Needed only if you want use SA instead of interactive login.
+
+Properties:
+
+- Config: service_account_credentials
+- Env Var: RCLONE_DRIVE_SERVICE_ACCOUNT_CREDENTIALS
+- Type: string
+- Required: false
+
+#### --drive-team-drive
+
+ID of the Shared Drive (Team Drive).
+
+Properties:
+
+- Config: team_drive
+- Env Var: RCLONE_DRIVE_TEAM_DRIVE
+- Type: string
+- Required: false
+
+#### --drive-auth-owner-only
+
+Only consider files owned by the authenticated user.
+
+Properties:
+
+- Config: auth_owner_only
+- Env Var: RCLONE_DRIVE_AUTH_OWNER_ONLY
+- Type: bool
+- Default: false
+
+#### --drive-use-trash
+
+Send files to the trash instead of deleting permanently.
+
+Defaults to true, namely sending files to the trash.
+Use `--drive-use-trash=false` to delete files permanently instead.
+
+Properties:
+
+- Config: use_trash
+- Env Var: RCLONE_DRIVE_USE_TRASH
+- Type: bool
+- Default: true
+
+#### --drive-copy-shortcut-content
+
+Server side copy contents of shortcuts instead of the shortcut.
+
+When doing server side copies, normally rclone will copy shortcuts as
+shortcuts.
+
+If this flag is used then rclone will copy the contents of shortcuts
+rather than shortcuts themselves when doing server side copies.
+
+Properties:
+
+- Config: copy_shortcut_content
+- Env Var: RCLONE_DRIVE_COPY_SHORTCUT_CONTENT
+- Type: bool
+- Default: false
+
+#### --drive-skip-gdocs
+
+Skip google documents in all listings.
+
+If given, gdocs practically become invisible to rclone.
+
+Properties:
+
+- Config: skip_gdocs
+- Env Var: RCLONE_DRIVE_SKIP_GDOCS
+- Type: bool
+- Default: false
+
+#### --drive-show-all-gdocs
+
+Show all Google Docs including non-exportable ones in listings.
+
+If you try a server side copy on a Google Form without this flag, you
+will get this error:
+
+ No export formats found for "application/vnd.google-apps.form"
+
+However adding this flag will allow the form to be server side copied.
+
+Note that rclone doesn't add extensions to the Google Docs file names
+in this mode.
+
+Do **not** use this flag when trying to download Google Docs - rclone
+will fail to download them.
+
+
+Properties:
+
+- Config: show_all_gdocs
+- Env Var: RCLONE_DRIVE_SHOW_ALL_GDOCS
+- Type: bool
+- Default: false
+
+#### --drive-skip-checksum-gphotos
+
+Skip checksums on Google photos and videos only.
+
+Use this if you get checksum errors when transferring Google photos or
+videos.
+
+Setting this flag will cause Google photos and videos to return a
+blank checksums.
+
+Google photos are identified by being in the "photos" space.
+
+Corrupted checksums are caused by Google modifying the image/video but
+not updating the checksum.
+
+Properties:
+
+- Config: skip_checksum_gphotos
+- Env Var: RCLONE_DRIVE_SKIP_CHECKSUM_GPHOTOS
+- Type: bool
+- Default: false
+
+#### --drive-shared-with-me
+
+Only show files that are shared with me.
+
+Instructs rclone to operate on your "Shared with me" folder (where
+Google Drive lets you access the files and folders others have shared
+with you).
+
+This works both with the "list" (lsd, lsl, etc.) and the "copy"
+commands (copy, sync, etc.), and with all other commands too.
+
+Properties:
+
+- Config: shared_with_me
+- Env Var: RCLONE_DRIVE_SHARED_WITH_ME
+- Type: bool
+- Default: false
+
+#### --drive-trashed-only
+
+Only show files that are in the trash.
+
+This will show trashed files in their original directory structure.
+
+Properties:
+
+- Config: trashed_only
+- Env Var: RCLONE_DRIVE_TRASHED_ONLY
+- Type: bool
+- Default: false
+
+#### --drive-starred-only
+
+Only show files that are starred.
+
+Properties:
+
+- Config: starred_only
+- Env Var: RCLONE_DRIVE_STARRED_ONLY
+- Type: bool
+- Default: false
+
+#### --drive-formats
+
+Deprecated: See export_formats.
+
+Properties:
+
+- Config: formats
+- Env Var: RCLONE_DRIVE_FORMATS
+- Type: string
+- Required: false
+
+#### --drive-export-formats
+
+Comma separated list of preferred formats for downloading Google docs.
+
+Properties:
+
+- Config: export_formats
+- Env Var: RCLONE_DRIVE_EXPORT_FORMATS
+- Type: string
+- Default: "docx,xlsx,pptx,svg"
+
+#### --drive-import-formats
+
+Comma separated list of preferred formats for uploading Google docs.
+
+Properties:
+
+- Config: import_formats
+- Env Var: RCLONE_DRIVE_IMPORT_FORMATS
+- Type: string
+- Required: false
+
+#### --drive-allow-import-name-change
+
+Allow the filetype to change when uploading Google docs.
+
+E.g. file.doc to file.docx. This will confuse sync and reupload every time.
+
+Properties:
+
+- Config: allow_import_name_change
+- Env Var: RCLONE_DRIVE_ALLOW_IMPORT_NAME_CHANGE
+- Type: bool
+- Default: false
+
+#### --drive-use-created-date
+
+Use file created date instead of modified date.
+
+Useful when downloading data and you want the creation date used in
+place of the last modified date.
+
+**WARNING**: This flag may have some unexpected consequences.
+
+When uploading to your drive all files will be overwritten unless they
+haven't been modified since their creation. And the inverse will occur
+while downloading. This side effect can be avoided by using the
+"--checksum" flag.
+
+This feature was implemented to retain photos capture date as recorded
+by google photos. You will first need to check the "Create a Google
+Photos folder" option in your google drive settings. You can then copy
+or move the photos locally and use the date the image was taken
+(created) set as the modification date.
+
+Properties:
+
+- Config: use_created_date
+- Env Var: RCLONE_DRIVE_USE_CREATED_DATE
+- Type: bool
+- Default: false
+
+#### --drive-use-shared-date
+
+Use date file was shared instead of modified date.
+
+Note that, as with "--drive-use-created-date", this flag may have
+unexpected consequences when uploading/downloading files.
+
+If both this flag and "--drive-use-created-date" are set, the created
+date is used.
+
+Properties:
+
+- Config: use_shared_date
+- Env Var: RCLONE_DRIVE_USE_SHARED_DATE
+- Type: bool
+- Default: false
+
+#### --drive-list-chunk
+
+Size of listing chunk 100-1000, 0 to disable.
+
+Properties:
+
+- Config: list_chunk
+- Env Var: RCLONE_DRIVE_LIST_CHUNK
+- Type: int
+- Default: 1000
+
+#### --drive-impersonate
+
+Impersonate this user when using a service account.
+
+Properties:
+
+- Config: impersonate
+- Env Var: RCLONE_DRIVE_IMPERSONATE
+- Type: string
+- Required: false
+
+#### --drive-upload-cutoff
+
+Cutoff for switching to chunked upload.
+
+Properties:
+
+- Config: upload_cutoff
+- Env Var: RCLONE_DRIVE_UPLOAD_CUTOFF
+- Type: SizeSuffix
+- Default: 8Mi
+
+#### --drive-chunk-size
+
+Upload chunk size.
+
+Must a power of 2 >= 256k.
+
+Making this larger will improve performance, but note that each chunk
+is buffered in memory one per transfer.
+
+Reducing this will reduce memory usage but decrease performance.
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_DRIVE_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 8Mi
+
+#### --drive-acknowledge-abuse
+
+Set to allow files which return cannotDownloadAbusiveFile to be downloaded.
+
+If downloading a file returns the error "This file has been identified
+as malware or spam and cannot be downloaded" with the error code
+"cannotDownloadAbusiveFile" then supply this flag to rclone to
+indicate you acknowledge the risks of downloading the file and rclone
+will download it anyway.
+
+Note that if you are using service account it will need Manager
+permission (not Content Manager) to for this flag to work. If the SA
+does not have the right permission, Google will just ignore the flag.
+
+Properties:
+
+- Config: acknowledge_abuse
+- Env Var: RCLONE_DRIVE_ACKNOWLEDGE_ABUSE
+- Type: bool
+- Default: false
+
+#### --drive-keep-revision-forever
+
+Keep new head revision of each file forever.
+
+Properties:
+
+- Config: keep_revision_forever
+- Env Var: RCLONE_DRIVE_KEEP_REVISION_FOREVER
+- Type: bool
+- Default: false
+
+#### --drive-size-as-quota
+
+Show sizes as storage quota usage, not actual size.
+
+Show the size of a file as the storage quota used. This is the
+current version plus any older versions that have been set to keep
+forever.
+
+**WARNING**: This flag may have some unexpected consequences.
+
+It is not recommended to set this flag in your config - the
+recommended usage is using the flag form --drive-size-as-quota when
+doing rclone ls/lsl/lsf/lsjson/etc only.
+
+If you do use this flag for syncing (not recommended) then you will
+need to use --ignore size also.
+
+Properties:
+
+- Config: size_as_quota
+- Env Var: RCLONE_DRIVE_SIZE_AS_QUOTA
+- Type: bool
+- Default: false
+
+#### --drive-v2-download-min-size
+
+If Object's are greater, use drive v2 API to download.
+
+Properties:
+
+- Config: v2_download_min_size
+- Env Var: RCLONE_DRIVE_V2_DOWNLOAD_MIN_SIZE
+- Type: SizeSuffix
+- Default: off
+
+#### --drive-pacer-min-sleep
+
+Minimum time to sleep between API calls.
+
+Properties:
+
+- Config: pacer_min_sleep
+- Env Var: RCLONE_DRIVE_PACER_MIN_SLEEP
+- Type: Duration
+- Default: 100ms
+
+#### --drive-pacer-burst
+
+Number of API calls to allow without sleeping.
+
+Properties:
+
+- Config: pacer_burst
+- Env Var: RCLONE_DRIVE_PACER_BURST
+- Type: int
+- Default: 100
+
+#### --drive-server-side-across-configs
+
+Deprecated: use --server-side-across-configs instead.
+
+Allow server-side operations (e.g. copy) to work across different drive configs.
+
+This can be useful if you wish to do a server-side copy between two
+different Google drives. Note that this isn't enabled by default
+because it isn't easy to tell if it will work between any two
+configurations.
+
+Properties:
+
+- Config: server_side_across_configs
+- Env Var: RCLONE_DRIVE_SERVER_SIDE_ACROSS_CONFIGS
+- Type: bool
+- Default: false
+
+#### --drive-disable-http2
+
+Disable drive using http2.
+
+There is currently an unsolved issue with the google drive backend and
+HTTP/2. HTTP/2 is therefore disabled by default for the drive backend
+but can be re-enabled here. When the issue is solved this flag will
+be removed.
+
+See: https://github.com/rclone/rclone/issues/3631
+
+
+
+Properties:
+
+- Config: disable_http2
+- Env Var: RCLONE_DRIVE_DISABLE_HTTP2
+- Type: bool
+- Default: true
+
+#### --drive-stop-on-upload-limit
+
+Make upload limit errors be fatal.
+
+At the time of writing it is only possible to upload 750 GiB of data to
+Google Drive a day (this is an undocumented limit). When this limit is
+reached Google Drive produces a slightly different error message. When
+this flag is set it causes these errors to be fatal. These will stop
+the in-progress sync.
+
+Note that this detection is relying on error message strings which
+Google don't document so it may break in the future.
+
+See: https://github.com/rclone/rclone/issues/3857
+
+
+Properties:
+
+- Config: stop_on_upload_limit
+- Env Var: RCLONE_DRIVE_STOP_ON_UPLOAD_LIMIT
+- Type: bool
+- Default: false
+
+#### --drive-stop-on-download-limit
+
+Make download limit errors be fatal.
+
+At the time of writing it is only possible to download 10 TiB of data from
+Google Drive a day (this is an undocumented limit). When this limit is
+reached Google Drive produces a slightly different error message. When
+this flag is set it causes these errors to be fatal. These will stop
+the in-progress sync.
+
+Note that this detection is relying on error message strings which
+Google don't document so it may break in the future.
+
+
+Properties:
+
+- Config: stop_on_download_limit
+- Env Var: RCLONE_DRIVE_STOP_ON_DOWNLOAD_LIMIT
+- Type: bool
+- Default: false
+
+#### --drive-skip-shortcuts
+
+If set skip shortcut files.
+
+Normally rclone dereferences shortcut files making them appear as if
+they are the original file (see [the shortcuts section](#shortcuts)).
+If this flag is set then rclone will ignore shortcut files completely.
+
+
+Properties:
+
+- Config: skip_shortcuts
+- Env Var: RCLONE_DRIVE_SKIP_SHORTCUTS
+- Type: bool
+- Default: false
+
+#### --drive-skip-dangling-shortcuts
+
+If set skip dangling shortcut files.
+
+If this is set then rclone will not show any dangling shortcuts in listings.
+
+
+Properties:
+
+- Config: skip_dangling_shortcuts
+- Env Var: RCLONE_DRIVE_SKIP_DANGLING_SHORTCUTS
+- Type: bool
+- Default: false
+
+#### --drive-resource-key
+
+Resource key for accessing a link-shared file.
+
+If you need to access files shared with a link like this
+
+ https://drive.google.com/drive/folders/XXX?resourcekey=YYY&usp=sharing
+
+Then you will need to use the first part "XXX" as the "root_folder_id"
+and the second part "YYY" as the "resource_key" otherwise you will get
+404 not found errors when trying to access the directory.
+
+See: https://developers.google.com/drive/api/guides/resource-keys
+
+This resource key requirement only applies to a subset of old files.
+
+Note also that opening the folder once in the web interface (with the
+user you've authenticated rclone with) seems to be enough so that the
+resource key is not needed.
+
+
+Properties:
+
+- Config: resource_key
+- Env Var: RCLONE_DRIVE_RESOURCE_KEY
+- Type: string
+- Required: false
+
+#### --drive-fast-list-bug-fix
+
+Work around a bug in Google Drive listing.
+
+Normally rclone will work around a bug in Google Drive when using
+--fast-list (ListR) where the search "(A in parents) or (B in
+parents)" returns nothing sometimes. See #3114, #4289 and
+https://issuetracker.google.com/issues/149522397
+
+Rclone detects this by finding no items in more than one directory
+when listing and retries them as lists of individual directories.
+
+This means that if you have a lot of empty directories rclone will end
+up listing them all individually and this can take many more API
+calls.
+
+This flag allows the work-around to be disabled. This is **not**
+recommended in normal use - only if you have a particular case you are
+having trouble with like many empty directories.
+
+
+Properties:
+
+- Config: fast_list_bug_fix
+- Env Var: RCLONE_DRIVE_FAST_LIST_BUG_FIX
+- Type: bool
+- Default: true
+
+#### --drive-metadata-owner
+
+Control whether owner should be read or written in metadata.
+
+Owner is a standard part of the file metadata so is easy to read. But it
+isn't always desirable to set the owner from the metadata.
+
+Note that you can't set the owner on Shared Drives, and that setting
+ownership will generate an email to the new owner (this can't be
+disabled), and you can't transfer ownership to someone outside your
+organization.
+
+
+Properties:
+
+- Config: metadata_owner
+- Env Var: RCLONE_DRIVE_METADATA_OWNER
+- Type: Bits
+- Default: read
+- Examples:
+ - "off"
+ - Do not read or write the value
+ - "read"
+ - Read the value only
+ - "write"
+ - Write the value only
+ - "read,write"
+ - Read and Write the value.
+
+#### --drive-metadata-permissions
+
+Control whether permissions should be read or written in metadata.
+
+Reading permissions metadata from files can be done quickly, but it
+isn't always desirable to set the permissions from the metadata.
+
+Note that rclone drops any inherited permissions on Shared Drives and
+any owner permission on My Drives as these are duplicated in the owner
+metadata.
+
+
+Properties:
+
+- Config: metadata_permissions
+- Env Var: RCLONE_DRIVE_METADATA_PERMISSIONS
+- Type: Bits
+- Default: off
+- Examples:
+ - "off"
+ - Do not read or write the value
+ - "read"
+ - Read the value only
+ - "write"
+ - Write the value only
+ - "read,write"
+ - Read and Write the value.
+
+#### --drive-metadata-labels
+
+Control whether labels should be read or written in metadata.
+
+Reading labels metadata from files takes an extra API transaction and
+will slow down listings. It isn't always desirable to set the labels
+from the metadata.
+
+The format of labels is documented in the drive API documentation at
+https://developers.google.com/drive/api/reference/rest/v3/Label -
+rclone just provides a JSON dump of this format.
+
+When setting labels, the label and fields must already exist - rclone
+will not create them. This means that if you are transferring labels
+from two different accounts you will have to create the labels in
+advance and use the metadata mapper to translate the IDs between the
+two accounts.
+
+
+Properties:
+
+- Config: metadata_labels
+- Env Var: RCLONE_DRIVE_METADATA_LABELS
+- Type: Bits
+- Default: off
+- Examples:
+ - "off"
+ - Do not read or write the value
+ - "read"
+ - Read the value only
+ - "write"
+ - Write the value only
+ - "read,write"
+ - Read and Write the value.
+
+#### --drive-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_DRIVE_ENCODING
+- Type: Encoding
+- Default: InvalidUtf8
+
+#### --drive-env-auth
+
+Get IAM credentials from runtime (environment variables or instance meta data if no env vars).
+
+Only applies if service_account_file and service_account_credentials is blank.
+
+Properties:
+
+- Config: env_auth
+- Env Var: RCLONE_DRIVE_ENV_AUTH
+- Type: bool
+- Default: false
+- Examples:
+ - "false"
+ - Enter credentials in the next step.
+ - "true"
+ - Get GCP IAM credentials from the environment (env vars or IAM).
+
+### Metadata
+
+User metadata is stored in the properties field of the drive object.
+
+Here are the possible system metadata items for the drive backend.
+
+| Name | Help | Type | Example | Read Only |
+|------|------|------|---------|-----------|
+| btime | Time of file birth (creation) with mS accuracy. Note that this is only writable on fresh uploads - it can't be written for updates. | RFC 3339 | 2006-01-02T15:04:05.999Z07:00 | N |
+| content-type | The MIME type of the file. | string | text/plain | N |
+| copy-requires-writer-permission | Whether the options to copy, print, or download this file, should be disabled for readers and commenters. | boolean | true | N |
+| description | A short description of the file. | string | Contract for signing | N |
+| folder-color-rgb | The color for a folder or a shortcut to a folder as an RGB hex string. | string | 881133 | N |
+| labels | Labels attached to this file in a JSON dump of Googled drive format. Enable with --drive-metadata-labels. | JSON | [] | N |
+| mtime | Time of last modification with mS accuracy. | RFC 3339 | 2006-01-02T15:04:05.999Z07:00 | N |
+| owner | The owner of the file. Usually an email address. Enable with --drive-metadata-owner. | string | user@example.com | N |
+| permissions | Permissions in a JSON dump of Google drive format. On shared drives these will only be present if they aren't inherited. Enable with --drive-metadata-permissions. | JSON | {} | N |
+| starred | Whether the user has starred the file. | boolean | false | N |
+| viewed-by-me | Whether the file has been viewed by this user. | boolean | true | **Y** |
+| writers-can-share | Whether users with only writer permission can modify the file's permissions. Not populated for items in shared drives. | boolean | false | N |
+
+See the [metadata](https://rclone.org/docs/#metadata) docs for more info.
+
+## Backend commands
+
+Here are the commands specific to the drive backend.
+
+Run them with
+
+ rclone backend COMMAND remote:
+
+The help below will explain what arguments each command takes.
+
+See the [backend](https://rclone.org/commands/rclone_backend/) command for more
+info on how to pass options and arguments.
+
+These can be run on a running backend using the rc command
+[backend/command](https://rclone.org/rc/#backend-command).
+
+### get
+
+Get command for fetching the drive config parameters
+
+ rclone backend get remote: [options] [<arguments>+]
+
+This is a get command which will be used to fetch the various drive config parameters
+
+Usage Examples:
+
+ rclone backend get drive: [-o service_account_file] [-o chunk_size]
+ rclone rc backend/command command=get fs=drive: [-o service_account_file] [-o chunk_size]
+
+
+Options:
+
+- "chunk_size": show the current upload chunk size
+- "service_account_file": show the current service account file
+
+### set
+
+Set command for updating the drive config parameters
+
+ rclone backend set remote: [options] [<arguments>+]
+
+This is a set command which will be used to update the various drive config parameters
+
+Usage Examples:
+
+ rclone backend set drive: [-o service_account_file=sa.json] [-o chunk_size=67108864]
+ rclone rc backend/command command=set fs=drive: [-o service_account_file=sa.json] [-o chunk_size=67108864]
+
+
+Options:
+
+- "chunk_size": update the current upload chunk size
+- "service_account_file": update the current service account file
+
+### shortcut
+
+Create shortcuts from files or directories
+
+ rclone backend shortcut remote: [options] [<arguments>+]
+
+This command creates shortcuts from files or directories.
+
+Usage:
+
+ rclone backend shortcut drive: source_item destination_shortcut
+ rclone backend shortcut drive: source_item -o target=drive2: destination_shortcut
+
+In the first example this creates a shortcut from the "source_item"
+which can be a file or a directory to the "destination_shortcut". The
+"source_item" and the "destination_shortcut" should be relative paths
+from "drive:"
+
+In the second example this creates a shortcut from the "source_item"
+relative to "drive:" to the "destination_shortcut" relative to
+"drive2:". This may fail with a permission error if the user
+authenticated with "drive2:" can't read files from "drive:".
+
+
+Options:
+
+- "target": optional target remote for the shortcut destination
+
+### drives
+
+List the Shared Drives available to this account
+
+ rclone backend drives remote: [options] [<arguments>+]
+
+This command lists the Shared Drives (Team Drives) available to this
+account.
+
+Usage:
+
+ rclone backend [-o config] drives drive:
+
+This will return a JSON list of objects like this
+
+ [
+ {
+ "id": "0ABCDEF-01234567890",
+ "kind": "drive#teamDrive",
+ "name": "My Drive"
+ },
+ {
+ "id": "0ABCDEFabcdefghijkl",
+ "kind": "drive#teamDrive",
+ "name": "Test Drive"
+ }
+ ]
+
+With the -o config parameter it will output the list in a format
+suitable for adding to a config file to make aliases for all the
+drives found and a combined drive.
+
+ [My Drive]
+ type = alias
+ remote = drive,team_drive=0ABCDEF-01234567890,root_folder_id=:
+
+ [Test Drive]
+ type = alias
+ remote = drive,team_drive=0ABCDEFabcdefghijkl,root_folder_id=:
+
+ [AllDrives]
+ type = combine
+ upstreams = "My Drive=My Drive:" "Test Drive=Test Drive:"
+
+Adding this to the rclone config file will cause those team drives to
+be accessible with the aliases shown. Any illegal characters will be
+substituted with "_" and duplicate names will have numbers suffixed.
+It will also add a remote called AllDrives which shows all the shared
+drives combined into one directory tree.
+
+
+### untrash
+
+Untrash files and directories
+
+ rclone backend untrash remote: [options] [<arguments>+]
+
+This command untrashes all the files and directories in the directory
+passed in recursively.
+
+Usage:
+
+This takes an optional directory to trash which make this easier to
+use via the API.
+
+ rclone backend untrash drive:directory
+ rclone backend --interactive untrash drive:directory subdir
+
+Use the --interactive/-i or --dry-run flag to see what would be restored before restoring it.
+
+Result:
+
+ {
+ "Untrashed": 17,
+ "Errors": 0
+ }
+
+
+### copyid
+
+Copy files by ID
+
+ rclone backend copyid remote: [options] [<arguments>+]
+
+This command copies files by ID
+
+Usage:
+
+ rclone backend copyid drive: ID path
+ rclone backend copyid drive: ID1 path1 ID2 path2
+
+It copies the drive file with ID given to the path (an rclone path which
+will be passed internally to rclone copyto). The ID and path pairs can be
+repeated.
+
+The path should end with a / to indicate copy the file as named to
+this directory. If it doesn't end with a / then the last path
+component will be used as the file name.
+
+If the destination is a drive backend then server-side copying will be
+attempted if possible.
+
+Use the --interactive/-i or --dry-run flag to see what would be copied before copying.
+
+
+### exportformats
+
+Dump the export formats for debug purposes
+
+ rclone backend exportformats remote: [options] [<arguments>+]
+
+### importformats
+
+Dump the import formats for debug purposes
+
+ rclone backend importformats remote: [options] [<arguments>+]
+
+
+
+## Limitations
+
+Drive has quite a lot of rate limiting. This causes rclone to be
+limited to transferring about 2 files per second only. Individual
+files may be transferred much faster at 100s of MiB/s but lots of
+small files can take a long time.
+
+Server side copies are also subject to a separate rate limit. If you
+see User rate limit exceeded errors, wait at least 24 hours and retry.
+You can disable server-side copies with `--disable copy` to download
+and upload the files if you prefer.
+
+### Limitations of Google Docs
+
+Google docs will appear as size -1 in `rclone ls`, `rclone ncdu` etc,
+and as size 0 in anything which uses the VFS layer, e.g. `rclone mount`
+and `rclone serve`. When calculating directory totals, e.g. in
+`rclone size` and `rclone ncdu`, they will be counted in as empty
+files.
+
+This is because rclone can't find out the size of the Google docs
+without downloading them.
+
+Google docs will transfer correctly with `rclone sync`, `rclone copy`
+etc as rclone knows to ignore the size when doing the transfer.
+
+However an unfortunate consequence of this is that you may not be able
+to download Google docs using `rclone mount`. If it doesn't work you
+will get a 0 sized file. If you try again the doc may gain its
+correct size and be downloadable. Whether it will work on not depends
+on the application accessing the mount and the OS you are running -
+experiment to find out if it does work for you!
+
+### Duplicated files
+
+Sometimes, for no reason I've been able to track down, drive will
+duplicate a file that rclone uploads. Drive unlike all the other
+remotes can have duplicated files.
+
+Duplicated files cause problems with the syncing and you will see
+messages in the log about duplicates.
+
+Use `rclone dedupe` to fix duplicated files.
+
+Note that this isn't just a problem with rclone, even Google Photos on
+Android duplicates files on drive sometimes.
+
+### Rclone appears to be re-copying files it shouldn't
+
+The most likely cause of this is the duplicated file issue above - run
+`rclone dedupe` and check your logs for duplicate object or directory
+messages.
+
+This can also be caused by a delay/caching on google drive's end when
+comparing directory listings. Specifically with team drives used in
+combination with --fast-list. Files that were uploaded recently may
+not appear on the directory list sent to rclone when using --fast-list.
+
+Waiting a moderate period of time between attempts (estimated to be
+approximately 1 hour) and/or not using --fast-list both seem to be
+effective in preventing the problem.
+
+### SHA1 or SHA256 hashes may be missing
+
+All files have MD5 hashes, but a small fraction of files uploaded may
+not have SHA1 or SHA256 hashes especially if they were uploaded before 2018.
+
+## Making your own client_id
+
+When you use rclone with Google drive in its default configuration you
+are using rclone's client_id. This is shared between all the rclone
+users. There is a global rate limit on the number of queries per
+second that each client_id can do set by Google. rclone already has a
+high quota and I will continue to make sure it is high enough by
+contacting Google.
+
+It is strongly recommended to use your own client ID as the default rclone ID is heavily used. If you have multiple services running, it is recommended to use an API key for each service. The default Google quota is 10 transactions per second so it is recommended to stay under that number as if you use more than that, it will cause rclone to rate limit and make things slower.
+
+Here is how to create your own Google Drive client ID for rclone:
+
+1. Log into the [Google API
+Console](https://console.developers.google.com/) with your Google
+account. It doesn't matter what Google account you use. (It need not
+be the same account as the Google Drive you want to access)
+
+2. Select a project or create a new project.
+
+3. Under "ENABLE APIS AND SERVICES" search for "Drive", and enable the
+"Google Drive API".
+
+4. Click "Credentials" in the left-side panel (not "Create
+credentials", which opens the wizard).
+
+5. If you already configured an "Oauth Consent Screen", then skip
+to the next step; if not, click on "CONFIGURE CONSENT SCREEN" button
+(near the top right corner of the right panel), then select "External"
+and click on "CREATE"; on the next screen, enter an "Application name"
+("rclone" is OK); enter "User Support Email" (your own email is OK);
+enter "Developer Contact Email" (your own email is OK); then click on
+"Save" (all other data is optional). You will also have to add some scopes,
+including `.../auth/docs` and `.../auth/drive` in order to be able to edit,
+create and delete files with RClone. You may also want to include the
+`../auth/drive.metadata.readonly` scope. After adding scopes, click
+"Save and continue" to add test users. Be sure to add your own account to
+the test users. Once you've added yourself as a test user and saved the
+changes, click again on "Credentials" on the left panel to go back to
+the "Credentials" screen.
+
+ (PS: if you are a GSuite user, you could also select "Internal" instead
+of "External" above, but this will restrict API use to Google Workspace
+users in your organisation).
+
+6. Click on the "+ CREATE CREDENTIALS" button at the top of the screen,
+then select "OAuth client ID".
+
+7. Choose an application type of "Desktop app" and click "Create". (the default name is fine)
+
+8. It will show you a client ID and client secret. Make a note of these.
+
+ (If you selected "External" at Step 5 continue to Step 9.
+ If you chose "Internal" you don't need to publish and can skip straight to
+ Step 10 but your destination drive must be part of the same Google Workspace.)
+
+9. Go to "Oauth consent screen" and then click "PUBLISH APP" button and confirm.
+ You will also want to add yourself as a test user.
+
+10. Provide the noted client ID and client secret to rclone.
+
+Be aware that, due to the "enhanced security" recently introduced by
+Google, you are theoretically expected to "submit your app for verification"
+and then wait a few weeks(!) for their response; in practice, you can go right
+ahead and use the client ID and client secret with rclone, the only issue will
+be a very scary confirmation screen shown when you connect via your browser
+for rclone to be able to get its token-id (but as this only happens during
+the remote configuration, it's not such a big deal). Keeping the application in
+"Testing" will work as well, but the limitation is that any grants will expire
+after a week, which can be annoying to refresh constantly. If, for whatever
+reason, a short grant time is not a problem, then keeping the application in
+testing mode would also be sufficient.
+
+(Thanks to @balazer on github for these instructions.)
+
+Sometimes, creation of an OAuth consent in Google API Console fails due to an error message
+“The request failed because changes to one of the field of the resource is not supported”.
+As a convenient workaround, the necessary Google Drive API key can be created on the
+[Python Quickstart](https://developers.google.com/drive/api/v3/quickstart/python) page.
+Just push the Enable the Drive API button to receive the Client ID and Secret.
+Note that it will automatically create a new project in the API Console.
+
+# Google Photos
+
+The rclone backend for [Google Photos](https://www.google.com/photos/about/) is
+a specialized backend for transferring photos and videos to and from
+Google Photos.
+
+**NB** The Google Photos API which rclone uses has quite a few
+limitations, so please read the [limitations section](#limitations)
+carefully to make sure it is suitable for your use.
+
+## Configuration
+
+The initial setup for google cloud storage involves getting a token from Google Photos
+which you need to do in your browser. `rclone config` walks you
+through it.
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value [snip] XX / Google Photos "google photos" [snip] Storage> google photos ** See help for google photos backend at: https://rclone.org/googlephotos/ **
+Google Application Client Id Leave blank normally. Enter a string value. Press Enter for the default (""). client_id> Google Application Client Secret Leave blank normally. Enter a string value. Press Enter for the default (""). client_secret> Set to make the Google Photos backend read only.
+If you choose read only then rclone will only request read only access to your photos, otherwise rclone will request full access. Enter a boolean value (true or false). Press Enter for the default ("false"). read_only> Edit advanced config? (y/n) y) Yes n) No y/n> n Remote config Use web browser to automatically authenticate rclone with remote? * Say Y if the machine running rclone has a web browser you can use * Say N if running rclone on a (remote) machine without web browser access If not sure try Y. If Y failed, try N. y) Yes n) No y/n> y If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth Log in and authorize rclone for access Waiting for code... Got code
+*** IMPORTANT: All media items uploaded to Google Photos with rclone *** are stored in full resolution at original quality. These uploads *** will count towards storage in your Google Account.
+
+
+
+
+
+
+[remote] type = google photos token = {"access_token":"XXX","token_type":"Bearer","refresh_token":"XXX","expiry":"2019-06-28T17:38:04.644930156+01:00"}
+
+
+
+
+y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y ```
+
+
+See the remote setup docs for how to set it up on a machine with no Internet browser available.
+
+
+Note that rclone runs a webserver on your local machine to collect the token as returned from Google if using web browser to automatically authenticate. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/
and this may require you to unblock it temporarily if you are running a host firewall, or use manual mode.
+
+
+This remote is called remote
and can now be used like this
+
+
+See all the albums in your photos
+
+
+rclone lsd remote:album
+
+
+Make a new album
+
+
+rclone mkdir remote:album/newAlbum
+
+
+List the contents of an album
+
+
+rclone ls remote:album/newAlbum
+
+
+Sync /home/local/images
to the Google Photos, removing any excess files in the album.
+
+
+rclone sync --interactive /home/local/image remote:album/newAlbum
+
+
+### Layout
+
+
+As Google Photos is not a general purpose cloud storage system, the backend is laid out to help you navigate it.
+
+
+The directories under media
show different ways of categorizing the media. Each file will appear multiple times. So if you want to make a backup of your google photos you might choose to backup remote:media/by-month
. (NB remote:media/by-day
is rather slow at the moment so avoid for syncing.)
+
+
+Note that all your photos and videos will appear somewhere under media
, but they may not appear under album
unless you've put them into albums.
+
+
+/ - upload - file1.jpg - file2.jpg - ... - media - all - file1.jpg - file2.jpg - ... - by-year - 2000 - file1.jpg - ... - 2001 - file2.jpg - ... - ... - by-month - 2000 - 2000-01 - file1.jpg - ... - 2000-02 - file2.jpg - ... - ... - by-day - 2000 - 2000-01-01 - file1.jpg - ... - 2000-01-02 - file2.jpg - ... - ... - album - album name - album name/sub - shared-album - album name - album name/sub - feature - favorites - file1.jpg - file2.jpg
+
+
+There are two writable parts of the tree, the upload
directory and sub directories of the album
directory.
+
+
+The upload
directory is for uploading files you don't want to put into albums. This will be empty to start with and will contain the files you've uploaded for one rclone session only, becoming empty again when you restart rclone. The use case for this would be if you have a load of files you just want to once off dump into Google Photos. For repeated syncing, uploading to album
will work better.
+
+
+Directories within the album
directory are also writeable and you may create new directories (albums) under album
. If you copy files with a directory hierarchy in there then rclone will create albums with the /
character in them. For example if you do
+
+
+rclone copy /path/to/images remote:album/images
+
+
+and the images directory contains
+
+
+images - file1.jpg dir file2.jpg dir2 dir3 file3.jpg
+
+
+Then rclone will create the following albums with the following files in
+
+
+- images - file1.jpg - images/dir - file2.jpg - images/dir2/dir3 - file3.jpg
+
+
+This means that you can use the album
path pretty much like a normal filesystem and it is a good target for repeated syncing.
+
+
+The shared-album
directory shows albums shared with you or by you. This is similar to the Sharing tab in the Google Photos web interface.
+
+
+### Standard options
+
+
+Here are the Standard options specific to google photos (Google Photos).
+
+
+#### --gphotos-client-id
+
+
+OAuth Client Id.
+
+
+Leave blank normally.
+
+
+Properties:
+
+
+- Config: client_id - Env Var: RCLONE_GPHOTOS_CLIENT_ID - Type: string - Required: false
+
+
+#### --gphotos-client-secret
+
+
+OAuth Client Secret.
+
+
+Leave blank normally.
+
+
+Properties:
+
+
+- Config: client_secret - Env Var: RCLONE_GPHOTOS_CLIENT_SECRET - Type: string - Required: false
+
+
+#### --gphotos-read-only
+
+
+Set to make the Google Photos backend read only.
+
+
+If you choose read only then rclone will only request read only access to your photos, otherwise rclone will request full access.
+
+
+Properties:
+
+
+- Config: read_only - Env Var: RCLONE_GPHOTOS_READ_ONLY - Type: bool - Default: false
+
+
+### Advanced options
+
+
+Here are the Advanced options specific to google photos (Google Photos).
+
+
+#### --gphotos-token
+
+
+OAuth Access Token as a JSON blob.
+
+
+Properties:
+
+
+- Config: token - Env Var: RCLONE_GPHOTOS_TOKEN - Type: string - Required: false
+
+
+#### --gphotos-auth-url
+
+
+Auth server URL.
+
+
+Leave blank to use the provider defaults.
+
+
+Properties:
+
+
+- Config: auth_url - Env Var: RCLONE_GPHOTOS_AUTH_URL - Type: string - Required: false
+
+
+#### --gphotos-token-url
+
+
+Token server url.
+
+
+Leave blank to use the provider defaults.
+
+
+Properties:
+
+
+- Config: token_url - Env Var: RCLONE_GPHOTOS_TOKEN_URL - Type: string - Required: false
+
+
+#### --gphotos-read-size
+
+
+Set to read the size of media items.
+
+
+Normally rclone does not read the size of media items since this takes another transaction. This isn't necessary for syncing. However rclone mount needs to know the size of files in advance of reading them, so setting this flag when using rclone mount is recommended if you want to read the media.
+
+
+Properties:
+
+
+- Config: read_size - Env Var: RCLONE_GPHOTOS_READ_SIZE - Type: bool - Default: false
+
+
+#### --gphotos-start-year
+
+
+Year limits the photos to be downloaded to those which are uploaded after the given year.
+
+
+Properties:
+
+
+- Config: start_year - Env Var: RCLONE_GPHOTOS_START_YEAR - Type: int - Default: 2000
+
+
+#### --gphotos-include-archived
+
+
+Also view and download archived media.
+
+
+By default, rclone does not request archived media. Thus, when syncing, archived media is not visible in directory listings or transferred.
+
+
+Note that media in albums is always visible and synced, no matter their archive status.
+
+
+With this flag, archived media are always visible in directory listings and transferred.
+
+
+Without this flag, archived media will not be visible in directory listings and won't be transferred.
+
+
+Properties:
+
+
+- Config: include_archived - Env Var: RCLONE_GPHOTOS_INCLUDE_ARCHIVED - Type: bool - Default: false
+
+
+#### --gphotos-encoding
+
+
+The encoding for the backend.
+
+
+See the encoding section in the overview for more info.
+
+
+Properties:
+
+
+- Config: encoding - Env Var: RCLONE_GPHOTOS_ENCODING - Type: Encoding - Default: Slash,CrLf,InvalidUtf8,Dot
+
+
+#### --gphotos-batch-mode
+
+
+Upload file batching sync|async|off.
+
+
+This sets the batch mode used by rclone.
+
+
+This has 3 possible values
+
+
+- off - no batching - sync - batch uploads and check completion (default) - async - batch upload and don't check completion
+
+
+Rclone will close any outstanding batches when it exits which may make a delay on quit.
+
+
+Properties:
+
+
+- Config: batch_mode - Env Var: RCLONE_GPHOTOS_BATCH_MODE - Type: string - Default: "sync"
+
+
+#### --gphotos-batch-size
+
+
+Max number of files in upload batch.
+
+
+This sets the batch size of files to upload. It has to be less than 50.
+
+
+By default this is 0 which means rclone which calculate the batch size depending on the setting of batch_mode.
+
+
+- batch_mode: async - default batch_size is 50 - batch_mode: sync - default batch_size is the same as --transfers - batch_mode: off - not in use
+
+
+Rclone will close any outstanding batches when it exits which may make a delay on quit.
+
+
+Setting this is a great idea if you are uploading lots of small files as it will make them a lot quicker. You can use --transfers 32 to maximise throughput.
+
+
+Properties:
+
+
+- Config: batch_size - Env Var: RCLONE_GPHOTOS_BATCH_SIZE - Type: int - Default: 0
+
+
+#### --gphotos-batch-timeout
+
+
+Max time to allow an idle upload batch before uploading.
+
+
+If an upload batch is idle for more than this long then it will be uploaded.
+
+
+The default for this is 0 which means rclone will choose a sensible default based on the batch_mode in use.
+
+
+- batch_mode: async - default batch_timeout is 10s - batch_mode: sync - default batch_timeout is 1s - batch_mode: off - not in use
+
+
+Properties:
+
+
+- Config: batch_timeout - Env Var: RCLONE_GPHOTOS_BATCH_TIMEOUT - Type: Duration - Default: 0s
+
+
+#### --gphotos-batch-commit-timeout
+
+
+Max time to wait for a batch to finish committing
+
+
+Properties:
+
+
+- Config: batch_commit_timeout - Env Var: RCLONE_GPHOTOS_BATCH_COMMIT_TIMEOUT - Type: Duration - Default: 10m0s
+
+
+## Limitations
+
+
+Only images and videos can be uploaded. If you attempt to upload non videos or images or formats that Google Photos doesn't understand, rclone will upload the file, then Google Photos will give an error when it is put turned into a media item.
+
+
+Note that all media items uploaded to Google Photos through the API are stored in full resolution at "original quality" and will count towards your storage quota in your Google Account. The API does not offer a way to upload in "high quality" mode..
+
+
+rclone about
is not supported by the Google Photos backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs
(most free space) as a member of an rclone union remote.
+
+
+See List of backends that do not support rclone about See rclone about
+
+
+### Downloading Images
+
+
+When Images are downloaded this strips EXIF location (according to the docs and my tests). This is a limitation of the Google Photos API and is covered by bug #112096115.
+
+
+The current google API does not allow photos to be downloaded at original resolution. This is very important if you are, for example, relying on "Google Photos" as a backup of your photos. You will not be able to use rclone to redownload original images. You could use 'google takeout' to recover the original photos as a last resort
+
+
+### Downloading Videos
+
+
+When videos are downloaded they are downloaded in a really compressed version of the video compared to downloading it via the Google Photos web interface. This is covered by bug #113672044.
+
+
+### Duplicates
+
+
+If a file name is duplicated in a directory then rclone will add the file ID into its name. So two files called file.jpg
would then appear as file {123456}.jpg
and file {ABCDEF}.jpg
(the actual IDs are a lot longer alas!).
+
+
+If you upload the same image (with the same binary data) twice then Google Photos will deduplicate it. However it will retain the filename from the first upload which may confuse rclone. For example if you uploaded an image to upload
then uploaded the same image to album/my_album
the filename of the image in album/my_album
will be what it was uploaded with initially, not what you uploaded it with to album
. In practise this shouldn't cause too many problems.
+
+
+### Modification times
+
+
+The date shown of media in Google Photos is the creation date as determined by the EXIF information, or the upload date if that is not known.
+
+
+This is not changeable by rclone and is not the modification date of the media on local disk. This means that rclone cannot use the dates from Google Photos for syncing purposes.
+
+
+### Size
+
+
+The Google Photos API does not return the size of media. This means that when syncing to Google Photos, rclone can only do a file existence check.
+
+
+It is possible to read the size of the media, but this needs an extra HTTP HEAD request per media item so is very slow and uses up a lot of transactions. This can be enabled with the --gphotos-read-size
option or the read_size = true
config parameter.
+
+
+If you want to use the backend with rclone mount
you may need to enable this flag (depending on your OS and application using the photos) otherwise you may not be able to read media off the mount. You'll need to experiment to see if it works for you without the flag.
+
+
+### Albums
+
+
+Rclone can only upload files to albums it created. This is a limitation of the Google Photos API.
+
+
+Rclone can remove files it uploaded from albums it created only.
+
+
+### Deleting files
+
+
+Rclone can remove files from albums it created, but note that the Google Photos API does not allow media to be deleted permanently so this media will still remain. See bug #109759781.
+
+
+Rclone cannot delete files anywhere except under album
.
+
+
+### Deleting albums
+
+
+The Google Photos API does not support deleting albums - see bug #135714733.
+
+
+# Hasher
+
+
+Hasher is a special overlay backend to create remotes which handle checksums for other remotes. It's main functions include: - Emulate hash types unimplemented by backends - Cache checksums to help with slow hashing of large local or (S)FTP files - Warm up checksum cache from external SUM files
+
+
+## Getting started
+
+
+To use Hasher, first set up the underlying remote following the configuration instructions for that remote. You can also use a local pathname instead of a remote. Check that your base remote is working.
+
+
+Let's call the base remote myRemote:path
here. Note that anything inside myRemote:path
will be handled by hasher and anything outside won't. This means that if you are using a bucket based remote (S3, B2, Swift) then you should put the bucket in the remote s3:bucket
.
+
+
+Now proceed to interactive or manual configuration.
+
+
+### Interactive configuration
+
+
+Run rclone config
: ``` No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> Hasher1 Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / Handle checksums for other remotes "hasher" [snip] Storage> hasher Remote to cache checksums for, like myremote:mypath. Enter a string value. Press Enter for the default (""). remote> myRemote:path Comma separated list of supported checksum types. Enter a string value. Press Enter for the default ("md5,sha1"). hashsums> md5 Maximum time to keep checksums in cache. 0 = no cache, off = cache forever. max_age> off Edit advanced config? (y/n) y) Yes n) No y/n> n Remote config
+
+
+
+[Hasher1] type = hasher remote = myRemote:path hashsums = md5 max_age = off -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y
+
+### Manual configuration
+
+Run `rclone config path` to see the path of current active config file,
+usually `YOURHOME/.config/rclone/rclone.conf`.
+Open it in your favorite text editor, find section for the base remote
+and create new section for hasher like in the following examples:
+
+[Hasher1] type = hasher remote = myRemote:path hashes = md5 max_age = off
+[Hasher2] type = hasher remote = /local/path hashes = dropbox,sha1 max_age = 24h
+
+Hasher takes basically the following parameters:
+- `remote` is required,
+- `hashes` is a comma separated list of supported checksums
+ (by default `md5,sha1`),
+- `max_age` - maximum time to keep a checksum value in the cache,
+ `0` will disable caching completely,
+ `off` will cache "forever" (that is until the files get changed).
+
+Make sure the `remote` has `:` (colon) in. If you specify the remote without
+a colon then rclone will use a local directory of that name. So if you use
+a remote of `/local/path` then rclone will handle hashes for that directory.
+If you use `remote = name` literally then rclone will put files
+**in a directory called `name` located under current directory**.
+
+## Usage
+
+### Basic operations
+
+Now you can use it as `Hasher2:subdir/file` instead of base remote.
+Hasher will transparently update cache with new checksums when a file
+is fully read or overwritten, like:
+rclone copy External:path/file Hasher:dest/path
+rclone cat Hasher:path/to/file > /dev/null
+
+The way to refresh **all** cached checksums (even unsupported by the base backend)
+for a subtree is to **re-download** all files in the subtree. For example,
+use `hashsum --download` using **any** supported hashsum on the command line
+(we just care to re-read):
+rclone hashsum MD5 --download Hasher:path/to/subtree > /dev/null
+rclone backend dump Hasher:path/to/subtree
+
+You can print or drop hashsum cache using custom backend commands:
+rclone backend dump Hasher:dir/subdir
+rclone backend drop Hasher:
+
+### Pre-Seed from a SUM File
+
+Hasher supports two backend commands: generic SUM file `import` and faster
+but less consistent `stickyimport`.
+
+rclone backend import Hasher:dir/subdir SHA1 /path/to/SHA1SUM [--checkers 4]
+
+Instead of SHA1 it can be any hash supported by the remote. The last argument
+can point to either a local or an `other-remote:path` text file in SUM format.
+The command will parse the SUM file, then walk down the path given by the
+first argument, snapshot current fingerprints and fill in the cache entries
+correspondingly.
+- Paths in the SUM file are treated as relative to `hasher:dir/subdir`.
+- The command will **not** check that supplied values are correct.
+ You **must know** what you are doing.
+- This is a one-time action. The SUM file will not get "attached" to the
+ remote. Cache entries can still be overwritten later, should the object's
+ fingerprint change.
+- The tree walk can take long depending on the tree size. You can increase
+ `--checkers` to make it faster. Or use `stickyimport` if you don't care
+ about fingerprints and consistency.
+
+rclone backend stickyimport hasher:path/to/data sha1 remote:/path/to/sum.sha1
+
+`stickyimport` is similar to `import` but works much faster because it
+does not need to stat existing files and skips initial tree walk.
+Instead of binding cache entries to file fingerprints it creates _sticky_
+entries bound to the file name alone ignoring size, modification time etc.
+Such hash entries can be replaced only by `purge`, `delete`, `backend drop`
+or by full re-read/re-write of the files.
+
+## Configuration reference
+
+
+### Standard options
+
+Here are the Standard options specific to hasher (Better checksums for other remotes).
+
+#### --hasher-remote
+
+Remote to cache checksums for (e.g. myRemote:path).
+
+Properties:
+
+- Config: remote
+- Env Var: RCLONE_HASHER_REMOTE
+- Type: string
+- Required: true
+
+#### --hasher-hashes
+
+Comma separated list of supported checksum types.
+
+Properties:
+
+- Config: hashes
+- Env Var: RCLONE_HASHER_HASHES
+- Type: CommaSepList
+- Default: md5,sha1
+
+#### --hasher-max-age
+
+Maximum time to keep checksums in cache (0 = no cache, off = cache forever).
+
+Properties:
+
+- Config: max_age
+- Env Var: RCLONE_HASHER_MAX_AGE
+- Type: Duration
+- Default: off
+
+### Advanced options
+
+Here are the Advanced options specific to hasher (Better checksums for other remotes).
+
+#### --hasher-auto-size
+
+Auto-update checksum for files smaller than this size (disabled by default).
+
+Properties:
+
+- Config: auto_size
+- Env Var: RCLONE_HASHER_AUTO_SIZE
+- Type: SizeSuffix
+- Default: 0
+
+### Metadata
+
+Any metadata supported by the underlying remote is read and written.
+
+See the [metadata](https://rclone.org/docs/#metadata) docs for more info.
+
+## Backend commands
+
+Here are the commands specific to the hasher backend.
+
+Run them with
+
+ rclone backend COMMAND remote:
+
+The help below will explain what arguments each command takes.
+
+See the [backend](https://rclone.org/commands/rclone_backend/) command for more
+info on how to pass options and arguments.
+
+These can be run on a running backend using the rc command
+[backend/command](https://rclone.org/rc/#backend-command).
+
+### drop
+
+Drop cache
+
+ rclone backend drop remote: [options] [<arguments>+]
+
+Completely drop checksum cache.
+Usage Example:
+ rclone backend drop hasher:
+
+
+### dump
+
+Dump the database
+
+ rclone backend dump remote: [options] [<arguments>+]
+
+Dump cache records covered by the current remote
+
+### fulldump
+
+Full dump of the database
+
+ rclone backend fulldump remote: [options] [<arguments>+]
+
+Dump all cache records in the database
+
+### import
+
+Import a SUM file
+
+ rclone backend import remote: [options] [<arguments>+]
+
+Amend hash cache from a SUM file and bind checksums to files by size/time.
+Usage Example:
+ rclone backend import hasher:subdir md5 /path/to/sum.md5
+
+
+### stickyimport
+
+Perform fast import of a SUM file
+
+ rclone backend stickyimport remote: [options] [<arguments>+]
+
+Fill hash cache from a SUM file without verifying file fingerprints.
+Usage Example:
+ rclone backend stickyimport hasher:subdir md5 remote:path/to/sum.md5
+
+
+
+
+## Implementation details (advanced)
+
+This section explains how various rclone operations work on a hasher remote.
+
+**Disclaimer. This section describes current implementation which can
+change in future rclone versions!.**
+
+### Hashsum command
+
+The `rclone hashsum` (or `md5sum` or `sha1sum`) command will:
+
+1. if requested hash is supported by lower level, just pass it.
+2. if object size is below `auto_size` then download object and calculate
+ _requested_ hashes on the fly.
+3. if unsupported and the size is big enough, build object `fingerprint`
+ (including size, modtime if supported, first-found _other_ hash if any).
+4. if the strict match is found in cache for the requested remote, return
+ the stored hash.
+5. if remote found but fingerprint mismatched, then purge the entry and
+ proceed to step 6.
+6. if remote not found or had no requested hash type or after step 5:
+ download object, calculate all _supported_ hashes on the fly and store
+ in cache; return requested hash.
+
+### Other operations
+
+- whenever a file is uploaded or downloaded **in full**, capture the stream
+ to calculate all supported hashes on the fly and update database
+- server-side `move` will update keys of existing cache entries
+- `deletefile` will remove a single cache entry
+- `purge` will remove all cache entries under the purged path
+
+Note that setting `max_age = 0` will disable checksum caching completely.
+
+If you set `max_age = off`, checksums in cache will never age, unless you
+fully rewrite or delete the file.
+
+### Cache storage
+
+Cached checksums are stored as `bolt` database files under rclone cache
+directory, usually `~/.cache/rclone/kv/`. Databases are maintained
+one per _base_ backend, named like `BaseRemote~hasher.bolt`.
+Checksums for multiple `alias`-es into a single base backend
+will be stored in the single database. All local paths are treated as
+aliases into the `local` backend (unless encrypted or chunked) and stored
+in `~/.cache/rclone/kv/local~hasher.bolt`.
+Databases can be shared between multiple rclone processes.
+
+# HDFS
+
+[HDFS](https://hadoop.apache.org/docs/stable/hadoop-project-dist/hadoop-hdfs/HdfsDesign.html) is a
+distributed file-system, part of the [Apache Hadoop](https://hadoop.apache.org/) framework.
+
+Paths are specified as `remote:` or `remote:path/to/dir`.
+
+## Configuration
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value [skip] XX / Hadoop distributed file system "hdfs" [skip] Storage> hdfs ** See help for hdfs backend at: https://rclone.org/hdfs/ **
+hadoop name node and port Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value 1 / Connect to host namenode at port 8020 "namenode:8020" namenode> namenode.hadoop:8020 hadoop user name Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value 1 / Connect to hdfs as root "root" username> root Edit advanced config? (y/n) y) Yes n) No (default) y/n> n Remote config -------------------- [remote] type = hdfs namenode = namenode.hadoop:8020 username = root -------------------- y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y Current remotes:
+Name Type ==== ==== hadoop hdfs
+
+- Edit existing remote
+- New remote
+- Delete remote
+- Rename remote
+- Copy remote
+- Set configuration password
+- Quit config e/n/d/r/c/s/q> q
+
+
+This remote is called `remote` and can now be used like this
+
+See all the top level directories
+
+ rclone lsd remote:
+
+List the contents of a directory
+
+ rclone ls remote:directory
+
+Sync the remote `directory` to `/home/local/directory`, deleting any excess files.
+
+ rclone sync --interactive remote:directory /home/local/directory
+
+### Setting up your own HDFS instance for testing
+
+You may start with a [manual setup](https://hadoop.apache.org/docs/stable/hadoop-project-dist/hadoop-common/SingleCluster.html)
+or use the docker image from the tests:
+
+If you want to build the docker image
+
+git clone https://github.com/rclone/rclone.git cd rclone/fstest/testserver/images/test-hdfs docker build --rm -t rclone/test-hdfs .
+
+Or you can just use the latest one pushed
+
+docker run --rm --name "rclone-hdfs" -p 127.0.0.1:9866:9866 -p 127.0.0.1:8020:8020 --hostname "rclone-hdfs" rclone/test-hdfs
+
+**NB** it need few seconds to startup.
+
+For this docker image the remote needs to be configured like this:
+
+[remote] type = hdfs namenode = 127.0.0.1:8020 username = root
+
+You can stop this image with `docker kill rclone-hdfs` (**NB** it does not use volumes, so all data
+uploaded will be lost.)
+
+### Modification times
+
+Time accurate to 1 second is stored.
+
+### Checksum
+
+No checksums are implemented.
+
+### Usage information
+
+You can use the `rclone about remote:` command which will display filesystem size and current usage.
+
+### Restricted filename characters
+
+In addition to the [default restricted characters set](https://rclone.org/overview/#restricted-characters)
+the following characters are also replaced:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| : | 0x3A | : |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8).
+
+
+### Standard options
+
+Here are the Standard options specific to hdfs (Hadoop distributed file system).
+
+#### --hdfs-namenode
+
+Hadoop name nodes and ports.
+
+E.g. "namenode-1:8020,namenode-2:8020,..." to connect to host namenodes at port 8020.
+
+Properties:
+
+- Config: namenode
+- Env Var: RCLONE_HDFS_NAMENODE
+- Type: CommaSepList
+- Default:
+
+#### --hdfs-username
+
+Hadoop user name.
+
+Properties:
+
+- Config: username
+- Env Var: RCLONE_HDFS_USERNAME
+- Type: string
+- Required: false
+- Examples:
+ - "root"
+ - Connect to hdfs as root.
+
+### Advanced options
+
+Here are the Advanced options specific to hdfs (Hadoop distributed file system).
+
+#### --hdfs-service-principal-name
+
+Kerberos service principal name for the namenode.
+
+Enables KERBEROS authentication. Specifies the Service Principal Name
+(SERVICE/FQDN) for the namenode. E.g. \"hdfs/namenode.hadoop.docker\"
+for namenode running as service 'hdfs' with FQDN 'namenode.hadoop.docker'.
+
+Properties:
+
+- Config: service_principal_name
+- Env Var: RCLONE_HDFS_SERVICE_PRINCIPAL_NAME
+- Type: string
+- Required: false
+
+#### --hdfs-data-transfer-protection
+
+Kerberos data transfer protection: authentication|integrity|privacy.
+
+Specifies whether or not authentication, data signature integrity
+checks, and wire encryption are required when communicating with
+the datanodes. Possible values are 'authentication', 'integrity'
+and 'privacy'. Used only with KERBEROS enabled.
+
+Properties:
+
+- Config: data_transfer_protection
+- Env Var: RCLONE_HDFS_DATA_TRANSFER_PROTECTION
+- Type: string
+- Required: false
+- Examples:
+ - "privacy"
+ - Ensure authentication, integrity and encryption enabled.
+
+#### --hdfs-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_HDFS_ENCODING
+- Type: Encoding
+- Default: Slash,Colon,Del,Ctl,InvalidUtf8,Dot
+
+
+
+## Limitations
+
+- No server-side `Move` or `DirMove`.
+- Checksums not implemented.
+
+# HiDrive
+
+Paths are specified as `remote:path`
+
+Paths may be as deep as required, e.g. `remote:directory/subdirectory`.
+
+The initial setup for hidrive involves getting a token from HiDrive
+which you need to do in your browser.
+`rclone config` walks you through it.
+
+## Configuration
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found - make a new one n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / HiDrive "hidrive" [snip] Storage> hidrive OAuth Client Id - Leave blank normally. client_id> OAuth Client Secret - Leave blank normally. client_secret> Access permissions that rclone should use when requesting access from HiDrive. Leave blank normally. scope_access> Edit advanced config? y/n> n Use web browser to automatically authenticate rclone with remote? * Say Y if the machine running rclone has a web browser you can use * Say N if running rclone on a (remote) machine without web browser access If not sure try Y. If Y failed, try N. y/n> y If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth?state=xxxxxxxxxxxxxxxxxxxxxx Log in and authorize rclone for access Waiting for code... Got code -------------------- [remote] type = hidrive token = {"access_token":"xxxxxxxxxxxxxxxxxxxx","token_type":"Bearer","refresh_token":"xxxxxxxxxxxxxxxxxxxxxxx","expiry":"xxxxxxxxxxxxxxxxxxxxxxx"} -------------------- y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y
+
+**You should be aware that OAuth-tokens can be used to access your account
+and hence should not be shared with other persons.**
+See the [below section](#keeping-your-tokens-safe) for more information.
+
+See the [remote setup docs](https://rclone.org/remote_setup/) for how to set it up on a
+machine with no Internet browser available.
+
+Note that rclone runs a webserver on your local machine to collect the
+token as returned from HiDrive. This only runs from the moment it opens
+your browser to the moment you get back the verification code.
+The webserver runs on `http://127.0.0.1:53682/`.
+If local port `53682` is protected by a firewall you may need to temporarily
+unblock the firewall to complete authorization.
+
+Once configured you can then use `rclone` like this,
+
+List directories in top level of your HiDrive root folder
+
+ rclone lsd remote:
+
+List all the files in your HiDrive filesystem
+
+ rclone ls remote:
+
+To copy a local directory to a HiDrive directory called backup
+
+ rclone copy /home/source remote:backup
+
+### Keeping your tokens safe
+
+Any OAuth-tokens will be stored by rclone in the remote's configuration file as unencrypted text.
+Anyone can use a valid refresh-token to access your HiDrive filesystem without knowing your password.
+Therefore you should make sure no one else can access your configuration.
+
+It is possible to encrypt rclone's configuration file.
+You can find information on securing your configuration file by viewing the [configuration encryption docs](https://rclone.org/docs/#configuration-encryption).
+
+### Invalid refresh token
+
+As can be verified [here](https://developer.hidrive.com/basics-flows/),
+each `refresh_token` (for Native Applications) is valid for 60 days.
+If used to access HiDrivei, its validity will be automatically extended.
+
+This means that if you
+
+ * Don't use the HiDrive remote for 60 days
+
+then rclone will return an error which includes a text
+that implies the refresh token is *invalid* or *expired*.
+
+To fix this you will need to authorize rclone to access your HiDrive account again.
+
+Using
+
+ rclone config reconnect remote:
+
+the process is very similar to the process of initial setup exemplified before.
+
+### Modification times and hashes
+
+HiDrive allows modification times to be set on objects accurate to 1 second.
+
+HiDrive supports [its own hash type](https://static.hidrive.com/dev/0001)
+which is used to verify the integrity of file contents after successful transfers.
+
+### Restricted filename characters
+
+HiDrive cannot store files or folders that include
+`/` (0x2F) or null-bytes (0x00) in their name.
+Any other characters can be used in the names of files or folders.
+Additionally, files or folders cannot be named either of the following: `.` or `..`
+
+Therefore rclone will automatically replace these characters,
+if files or folders are stored or accessed with such names.
+
+You can read about how this filename encoding works in general
+[here](overview/#restricted-filenames).
+
+Keep in mind that HiDrive only supports file or folder names
+with a length of 255 characters or less.
+
+### Transfers
+
+HiDrive limits file sizes per single request to a maximum of 2 GiB.
+To allow storage of larger files and allow for better upload performance,
+the hidrive backend will use a chunked transfer for files larger than 96 MiB.
+Rclone will upload multiple parts/chunks of the file at the same time.
+Chunks in the process of being uploaded are buffered in memory,
+so you may want to restrict this behaviour on systems with limited resources.
+
+You can customize this behaviour using the following options:
+
+* `chunk_size`: size of file parts
+* `upload_cutoff`: files larger or equal to this in size will use a chunked transfer
+* `upload_concurrency`: number of file-parts to upload at the same time
+
+See the below section about configuration options for more details.
+
+### Root folder
+
+You can set the root folder for rclone.
+This is the directory that rclone considers to be the root of your HiDrive.
+
+Usually, you will leave this blank, and rclone will use the root of the account.
+
+However, you can set this to restrict rclone to a specific folder hierarchy.
+
+This works by prepending the contents of the `root_prefix` option
+to any paths accessed by rclone.
+For example, the following two ways to access the home directory are equivalent:
+
+ rclone lsd --hidrive-root-prefix="/users/test/" remote:path
+
+ rclone lsd remote:/users/test/path
+
+See the below section about configuration options for more details.
+
+### Directory member count
+
+By default, rclone will know the number of directory members contained in a directory.
+For example, `rclone lsd` uses this information.
+
+The acquisition of this information will result in additional time costs for HiDrive's API.
+When dealing with large directory structures, it may be desirable to circumvent this time cost,
+especially when this information is not explicitly needed.
+For this, the `disable_fetching_member_count` option can be used.
+
+See the below section about configuration options for more details.
+
+
+### Standard options
+
+Here are the Standard options specific to hidrive (HiDrive).
+
+#### --hidrive-client-id
+
+OAuth Client Id.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_HIDRIVE_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --hidrive-client-secret
+
+OAuth Client Secret.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_HIDRIVE_CLIENT_SECRET
+- Type: string
+- Required: false
+
+#### --hidrive-scope-access
+
+Access permissions that rclone should use when requesting access from HiDrive.
+
+Properties:
+
+- Config: scope_access
+- Env Var: RCLONE_HIDRIVE_SCOPE_ACCESS
+- Type: string
+- Default: "rw"
+- Examples:
+ - "rw"
+ - Read and write access to resources.
+ - "ro"
+ - Read-only access to resources.
+
+### Advanced options
+
+Here are the Advanced options specific to hidrive (HiDrive).
+
+#### --hidrive-token
+
+OAuth Access Token as a JSON blob.
+
+Properties:
+
+- Config: token
+- Env Var: RCLONE_HIDRIVE_TOKEN
+- Type: string
+- Required: false
+
+#### --hidrive-auth-url
+
+Auth server URL.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: auth_url
+- Env Var: RCLONE_HIDRIVE_AUTH_URL
+- Type: string
+- Required: false
+
+#### --hidrive-token-url
+
+Token server url.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: token_url
+- Env Var: RCLONE_HIDRIVE_TOKEN_URL
+- Type: string
+- Required: false
+
+#### --hidrive-scope-role
+
+User-level that rclone should use when requesting access from HiDrive.
+
+Properties:
+
+- Config: scope_role
+- Env Var: RCLONE_HIDRIVE_SCOPE_ROLE
+- Type: string
+- Default: "user"
+- Examples:
+ - "user"
+ - User-level access to management permissions.
+ - This will be sufficient in most cases.
+ - "admin"
+ - Extensive access to management permissions.
+ - "owner"
+ - Full access to management permissions.
+
+#### --hidrive-root-prefix
+
+The root/parent folder for all paths.
+
+Fill in to use the specified folder as the parent for all paths given to the remote.
+This way rclone can use any folder as its starting point.
+
+Properties:
+
+- Config: root_prefix
+- Env Var: RCLONE_HIDRIVE_ROOT_PREFIX
+- Type: string
+- Default: "/"
+- Examples:
+ - "/"
+ - The topmost directory accessible by rclone.
+ - This will be equivalent with "root" if rclone uses a regular HiDrive user account.
+ - "root"
+ - The topmost directory of the HiDrive user account
+ - ""
+ - This specifies that there is no root-prefix for your paths.
+ - When using this you will always need to specify paths to this remote with a valid parent e.g. "remote:/path/to/dir" or "remote:root/path/to/dir".
+
+#### --hidrive-endpoint
+
+Endpoint for the service.
+
+This is the URL that API-calls will be made to.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_HIDRIVE_ENDPOINT
+- Type: string
+- Default: "https://api.hidrive.strato.com/2.1"
+
+#### --hidrive-disable-fetching-member-count
+
+Do not fetch number of objects in directories unless it is absolutely necessary.
+
+Requests may be faster if the number of objects in subdirectories is not fetched.
+
+Properties:
+
+- Config: disable_fetching_member_count
+- Env Var: RCLONE_HIDRIVE_DISABLE_FETCHING_MEMBER_COUNT
+- Type: bool
+- Default: false
+
+#### --hidrive-chunk-size
+
+Chunksize for chunked uploads.
+
+Any files larger than the configured cutoff (or files of unknown size) will be uploaded in chunks of this size.
+
+The upper limit for this is 2147483647 bytes (about 2.000Gi).
+That is the maximum amount of bytes a single upload-operation will support.
+Setting this above the upper limit or to a negative value will cause uploads to fail.
+
+Setting this to larger values may increase the upload speed at the cost of using more memory.
+It can be set to smaller values smaller to save on memory.
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_HIDRIVE_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 48Mi
+
+#### --hidrive-upload-cutoff
+
+Cutoff/Threshold for chunked uploads.
+
+Any files larger than this will be uploaded in chunks of the configured chunksize.
+
+The upper limit for this is 2147483647 bytes (about 2.000Gi).
+That is the maximum amount of bytes a single upload-operation will support.
+Setting this above the upper limit will cause uploads to fail.
+
+Properties:
+
+- Config: upload_cutoff
+- Env Var: RCLONE_HIDRIVE_UPLOAD_CUTOFF
+- Type: SizeSuffix
+- Default: 96Mi
+
+#### --hidrive-upload-concurrency
+
+Concurrency for chunked uploads.
+
+This is the upper limit for how many transfers for the same file are running concurrently.
+Setting this above to a value smaller than 1 will cause uploads to deadlock.
+
+If you are uploading small numbers of large files over high-speed links
+and these uploads do not fully utilize your bandwidth, then increasing
+this may help to speed up the transfers.
+
+Properties:
+
+- Config: upload_concurrency
+- Env Var: RCLONE_HIDRIVE_UPLOAD_CONCURRENCY
+- Type: int
+- Default: 4
+
+#### --hidrive-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_HIDRIVE_ENCODING
+- Type: Encoding
+- Default: Slash,Dot
+
+
+
+## Limitations
+
+### Symbolic links
+
+HiDrive is able to store symbolic links (*symlinks*) by design,
+for example, when unpacked from a zip archive.
+
+There exists no direct mechanism to manage native symlinks in remotes.
+As such this implementation has chosen to ignore any native symlinks present in the remote.
+rclone will not be able to access or show any symlinks stored in the hidrive-remote.
+This means symlinks cannot be individually removed, copied, or moved,
+except when removing, copying, or moving the parent folder.
+
+*This does not affect the `.rclonelink`-files
+that rclone uses to encode and store symbolic links.*
+
+### Sparse files
+
+It is possible to store sparse files in HiDrive.
+
+Note that copying a sparse file will expand the holes
+into null-byte (0x00) regions that will then consume disk space.
+Likewise, when downloading a sparse file,
+the resulting file will have null-byte regions in the place of file holes.
+
+# HTTP
+
+The HTTP remote is a read only remote for reading files of a
+webserver. The webserver should provide file listings which rclone
+will read and turn into a remote. This has been tested with common
+webservers such as Apache/Nginx/Caddy and will likely work with file
+listings from most web servers. (If it doesn't then please file an
+issue, or send a pull request!)
+
+Paths are specified as `remote:` or `remote:path`.
+
+The `remote:` represents the configured [url](#http-url), and any path following
+it will be resolved relative to this url, according to the URL standard. This
+means with remote url `https://beta.rclone.org/branch` and path `fix`, the
+resolved URL will be `https://beta.rclone.org/branch/fix`, while with path
+`/fix` the resolved URL will be `https://beta.rclone.org/fix` as the absolute
+path is resolved from the root of the domain.
+
+If the path following the `remote:` ends with `/` it will be assumed to point
+to a directory. If the path does not end with `/`, then a HEAD request is sent
+and the response used to decide if it it is treated as a file or a directory
+(run with `-vv` to see details). When [--http-no-head](#http-no-head) is
+specified, a path without ending `/` is always assumed to be a file. If rclone
+incorrectly assumes the path is a file, the solution is to specify the path with
+ending `/`. When you know the path is a directory, ending it with `/` is always
+better as it avoids the initial HEAD request.
+
+To just download a single file it is easier to use
+[copyurl](https://rclone.org/commands/rclone_copyurl/).
+
+## Configuration
+
+Here is an example of how to make a remote called `remote`. First
+run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / HTTP "http" [snip] Storage> http URL of http host to connect to Choose a number from below, or type in your own value 1 / Connect to example.com "https://example.com" url> https://beta.rclone.org Remote config -------------------- [remote] url = https://beta.rclone.org -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y Current remotes:
+Name Type ==== ==== remote http
+
+- Edit existing remote
+- New remote
+- Delete remote
+- Rename remote
+- Copy remote
+- Set configuration password
+- Quit config e/n/d/r/c/s/q> q
+
+
+This remote is called `remote` and can now be used like this
+
+See all the top level directories
+
+ rclone lsd remote:
+
+List the contents of a directory
+
+ rclone ls remote:directory
+
+Sync the remote `directory` to `/home/local/directory`, deleting any excess files.
+
+ rclone sync --interactive remote:directory /home/local/directory
+
+### Read only
+
+This remote is read only - you can't upload files to an HTTP server.
+
+### Modification times
+
+Most HTTP servers store time accurate to 1 second.
+
+### Checksum
+
+No checksums are stored.
+
+### Usage without a config file
+
+Since the http remote only has one config parameter it is easy to use
+without a config file:
+
+ rclone lsd --http-url https://beta.rclone.org :http:
+
+or:
+
+ rclone lsd :http,url='https://beta.rclone.org':
+
+
+### Standard options
+
+Here are the Standard options specific to http (HTTP).
+
+#### --http-url
+
+URL of HTTP host to connect to.
+
+E.g. "https://example.com", or "https://user:pass@example.com" to use a username and password.
+
+Properties:
+
+- Config: url
+- Env Var: RCLONE_HTTP_URL
+- Type: string
+- Required: true
+
+### Advanced options
+
+Here are the Advanced options specific to http (HTTP).
+
+#### --http-headers
+
+Set HTTP headers for all transactions.
+
+Use this to set additional HTTP headers for all transactions.
+
+The input format is comma separated list of key,value pairs. Standard
+[CSV encoding](https://godoc.org/encoding/csv) may be used.
+
+For example, to set a Cookie use 'Cookie,name=value', or '"Cookie","name=value"'.
+
+You can set multiple headers, e.g. '"Cookie","name=value","Authorization","xxx"'.
+
+Properties:
+
+- Config: headers
+- Env Var: RCLONE_HTTP_HEADERS
+- Type: CommaSepList
+- Default:
+
+#### --http-no-slash
+
+Set this if the site doesn't end directories with /.
+
+Use this if your target website does not use / on the end of
+directories.
+
+A / on the end of a path is how rclone normally tells the difference
+between files and directories. If this flag is set, then rclone will
+treat all files with Content-Type: text/html as directories and read
+URLs from them rather than downloading them.
+
+Note that this may cause rclone to confuse genuine HTML files with
+directories.
+
+Properties:
+
+- Config: no_slash
+- Env Var: RCLONE_HTTP_NO_SLASH
+- Type: bool
+- Default: false
+
+#### --http-no-head
+
+Don't use HEAD requests.
+
+HEAD requests are mainly used to find file sizes in dir listing.
+If your site is being very slow to load then you can try this option.
+Normally rclone does a HEAD request for each potential file in a
+directory listing to:
+
+- find its size
+- check it really exists
+- check to see if it is a directory
+
+If you set this option, rclone will not do the HEAD request. This will mean
+that directory listings are much quicker, but rclone won't have the times or
+sizes of any files, and some files that don't exist may be in the listing.
+
+Properties:
+
+- Config: no_head
+- Env Var: RCLONE_HTTP_NO_HEAD
+- Type: bool
+- Default: false
+
+## Backend commands
+
+Here are the commands specific to the http backend.
+
+Run them with
+
+ rclone backend COMMAND remote:
+
+The help below will explain what arguments each command takes.
+
+See the [backend](https://rclone.org/commands/rclone_backend/) command for more
+info on how to pass options and arguments.
+
+These can be run on a running backend using the rc command
+[backend/command](https://rclone.org/rc/#backend-command).
+
+### set
+
+Set command for updating the config parameters.
+
+ rclone backend set remote: [options] [<arguments>+]
+
+This set command can be used to update the config parameters
+for a running http backend.
+
+Usage Examples:
+
+ rclone backend set remote: [-o opt_name=opt_value] [-o opt_name2=opt_value2]
+ rclone rc backend/command command=set fs=remote: [-o opt_name=opt_value] [-o opt_name2=opt_value2]
+ rclone rc backend/command command=set fs=remote: -o url=https://example.com
+
+The option keys are named as they are in the config file.
+
+This rebuilds the connection to the http backend when it is called with
+the new parameters. Only new parameters need be passed as the values
+will default to those currently in use.
+
+It doesn't return anything.
+
+
+
+
+## Limitations
+
+`rclone about` is not supported by the HTTP backend. Backends without
+this capability cannot determine free space for an rclone mount or
+use policy `mfs` (most free space) as a member of an rclone union
+remote.
+
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
+
+# ImageKit
+This is a backend for the [ImageKit.io](https://imagekit.io/) storage service.
+
+#### About ImageKit
+[ImageKit.io](https://imagekit.io/) provides real-time image and video optimizations, transformations, and CDN delivery. Over 1,000 businesses and 70,000 developers trust ImageKit with their images and videos on the web.
+
+
+#### Accounts & Pricing
+
+To use this backend, you need to [create an account](https://imagekit.io/registration/) on ImageKit. Start with a free plan with generous usage limits. Then, as your requirements grow, upgrade to a plan that best fits your needs. See [the pricing details](https://imagekit.io/plans).
+
+## Configuration
+
+Here is an example of making an imagekit configuration.
+
+Firstly create a [ImageKit.io](https://imagekit.io/) account and choose a plan.
+
+You will need to log in and get the `publicKey` and `privateKey` for your account from the developer section.
+
+Now run
+rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n
+Enter the name for the new remote. name> imagekit-media-library
+Option Storage. Type of storage to configure. Choose a number from below, or type in your own value. [snip] XX / ImageKit.io (imagekit) [snip] Storage> imagekit
+Option endpoint. You can find your ImageKit.io URL endpoint in your dashboard Enter a value. endpoint> https://ik.imagekit.io/imagekit_id
+Option public_key. You can find your ImageKit.io public key in your dashboard Enter a value. public_key> public_****************************
+Option private_key. You can find your ImageKit.io private key in your dashboard Enter a value. private_key> private_****************************
+Edit advanced config? y) Yes n) No (default) y/n> n
+Configuration complete. Options: - type: imagekit - endpoint: https://ik.imagekit.io/imagekit_id - public_key: public_**************************** - private_key: private_****************************
+Keep this "imagekit-media-library" remote? y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y
+List directories in the top level of your Media Library
+rclone lsd imagekit-media-library:
+Make a new directory.
+rclone mkdir imagekit-media-library:directory
+List the contents of a directory.
+rclone ls imagekit-media-library:directory
+
+### Modified time and hashes
+
+ImageKit does not support modification times or hashes yet.
+
+### Checksums
+
+No checksums are supported.
+
+
+### Standard options
+
+Here are the Standard options specific to imagekit (ImageKit.io).
+
+#### --imagekit-endpoint
+
+You can find your ImageKit.io URL endpoint in your [dashboard](https://imagekit.io/dashboard/developer/api-keys)
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_IMAGEKIT_ENDPOINT
+- Type: string
+- Required: true
+
+#### --imagekit-public-key
+
+You can find your ImageKit.io public key in your [dashboard](https://imagekit.io/dashboard/developer/api-keys)
+
+Properties:
+
+- Config: public_key
+- Env Var: RCLONE_IMAGEKIT_PUBLIC_KEY
+- Type: string
+- Required: true
+
+#### --imagekit-private-key
+
+You can find your ImageKit.io private key in your [dashboard](https://imagekit.io/dashboard/developer/api-keys)
+
+Properties:
+
+- Config: private_key
+- Env Var: RCLONE_IMAGEKIT_PRIVATE_KEY
+- Type: string
+- Required: true
+
+### Advanced options
+
+Here are the Advanced options specific to imagekit (ImageKit.io).
+
+#### --imagekit-only-signed
+
+If you have configured `Restrict unsigned image URLs` in your dashboard settings, set this to true.
+
+Properties:
+
+- Config: only_signed
+- Env Var: RCLONE_IMAGEKIT_ONLY_SIGNED
+- Type: bool
+- Default: false
+
+#### --imagekit-versions
+
+Include old versions in directory listings.
+
+Properties:
+
+- Config: versions
+- Env Var: RCLONE_IMAGEKIT_VERSIONS
+- Type: bool
+- Default: false
+
+#### --imagekit-upload-tags
+
+Tags to add to the uploaded files, e.g. "tag1,tag2".
+
+Properties:
+
+- Config: upload_tags
+- Env Var: RCLONE_IMAGEKIT_UPLOAD_TAGS
+- Type: string
+- Required: false
+
+#### --imagekit-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_IMAGEKIT_ENCODING
+- Type: Encoding
+- Default: Slash,LtGt,DoubleQuote,Dollar,Question,Hash,Percent,BackSlash,Del,Ctl,InvalidUtf8,Dot,SquareBracket
+
+### Metadata
+
+Any metadata supported by the underlying remote is read and written.
+
+Here are the possible system metadata items for the imagekit backend.
+
+| Name | Help | Type | Example | Read Only |
+|------|------|------|---------|-----------|
+| aws-tags | AI generated tags by AWS Rekognition associated with the image | string | tag1,tag2 | **Y** |
+| btime | Time of file birth (creation) read from Last-Modified header | RFC 3339 | 2006-01-02T15:04:05.999999999Z07:00 | **Y** |
+| custom-coordinates | Custom coordinates of the file | string | 0,0,100,100 | **Y** |
+| file-type | Type of the file | string | image | **Y** |
+| google-tags | AI generated tags by Google Cloud Vision associated with the image | string | tag1,tag2 | **Y** |
+| has-alpha | Whether the image has alpha channel or not | bool | | **Y** |
+| height | Height of the image or video in pixels | int | | **Y** |
+| is-private-file | Whether the file is private or not | bool | | **Y** |
+| size | Size of the object in bytes | int64 | | **Y** |
+| tags | Tags associated with the file | string | tag1,tag2 | **Y** |
+| width | Width of the image or video in pixels | int | | **Y** |
+
+See the [metadata](https://rclone.org/docs/#metadata) docs for more info.
+
+
+
+# Internet Archive
+
+The Internet Archive backend utilizes Items on [archive.org](https://archive.org/)
+
+Refer to [IAS3 API documentation](https://archive.org/services/docs/api/ias3.html) for the API this backend uses.
+
+Paths are specified as `remote:bucket` (or `remote:` for the `lsd`
+command.) You may put subdirectories in too, e.g. `remote:item/path/to/dir`.
+
+Unlike S3, listing up all items uploaded by you isn't supported.
+
+Once you have made a remote, you can use it like this:
+
+Make a new item
+
+ rclone mkdir remote:item
+
+List the contents of a item
+
+ rclone ls remote:item
+
+Sync `/home/local/directory` to the remote item, deleting any excess
+files in the item.
+
+ rclone sync --interactive /home/local/directory remote:item
+
+## Notes
+Because of Internet Archive's architecture, it enqueues write operations (and extra post-processings) in a per-item queue. You can check item's queue at https://catalogd.archive.org/history/item-name-here . Because of that, all uploads/deletes will not show up immediately and takes some time to be available.
+The per-item queue is enqueued to an another queue, Item Deriver Queue. [You can check the status of Item Deriver Queue here.](https://catalogd.archive.org/catalog.php?whereami=1) This queue has a limit, and it may block you from uploading, or even deleting. You should avoid uploading a lot of small files for better behavior.
+
+You can optionally wait for the server's processing to finish, by setting non-zero value to `wait_archive` key.
+By making it wait, rclone can do normal file comparison.
+Make sure to set a large enough value (e.g. `30m0s` for smaller files) as it can take a long time depending on server's queue.
+
+## About metadata
+This backend supports setting, updating and reading metadata of each file.
+The metadata will appear as file metadata on Internet Archive.
+However, some fields are reserved by both Internet Archive and rclone.
+
+The following are reserved by Internet Archive:
+- `name`
+- `source`
+- `size`
+- `md5`
+- `crc32`
+- `sha1`
+- `format`
+- `old_version`
+- `viruscheck`
+- `summation`
+
+Trying to set values to these keys is ignored with a warning.
+Only setting `mtime` is an exception. Doing so make it the identical behavior as setting ModTime.
+
+rclone reserves all the keys starting with `rclone-`. Setting value for these keys will give you warnings, but values are set according to request.
+
+If there are multiple values for a key, only the first one is returned.
+This is a limitation of rclone, that supports one value per one key.
+It can be triggered when you did a server-side copy.
+
+Reading metadata will also provide custom (non-standard nor reserved) ones.
+
+## Filtering auto generated files
+
+The Internet Archive automatically creates metadata files after
+upload. These can cause problems when doing an `rclone sync` as rclone
+will try, and fail, to delete them. These metadata files are not
+changeable, as they are created by the Internet Archive automatically.
+
+These auto-created files can be excluded from the sync using [metadata
+filtering](https://rclone.org/filtering/#metadata).
+
+ rclone sync ... --metadata-exclude "source=metadata" --metadata-exclude "format=Metadata"
+
+Which excludes from the sync any files which have the
+`source=metadata` or `format=Metadata` flags which are added to
+Internet Archive auto-created files.
+
+## Configuration
+
+Here is an example of making an internetarchive configuration.
+Most applies to the other providers as well, any differences are described [below](#providers).
+
+First run
+
+ rclone config
+
+This will guide you through an interactive setup process.
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Option Storage. Type of storage to configure. Choose a number from below, or type in your own value. XX / InternetArchive Items (internetarchive) Storage> internetarchive Option access_key_id. IAS3 Access Key. Leave blank for anonymous access. You can find one here: https://archive.org/account/s3.php Enter a value. Press Enter to leave empty. access_key_id> XXXX Option secret_access_key. IAS3 Secret Key (password). Leave blank for anonymous access. Enter a value. Press Enter to leave empty. secret_access_key> XXXX Edit advanced config? y) Yes n) No (default) y/n> y Option endpoint. IAS3 Endpoint. Leave blank for default value. Enter a string value. Press Enter for the default (https://s3.us.archive.org). endpoint> Option front_endpoint. Host of InternetArchive Frontend. Leave blank for default value. Enter a string value. Press Enter for the default (https://archive.org). front_endpoint> Option disable_checksum. Don't store MD5 checksum with object metadata. Normally rclone will calculate the MD5 checksum of the input before uploading it so it can ask the server to check the object against checksum. This is great for data integrity checking but can cause long delays for large files to start uploading. Enter a boolean value (true or false). Press Enter for the default (true). disable_checksum> true Option encoding. The encoding for the backend. See the encoding section in the overview for more info. Enter a encoder.MultiEncoder value. Press Enter for the default (Slash,Question,Hash,Percent,Del,Ctl,InvalidUtf8,Dot). encoding> Edit advanced config? y) Yes n) No (default) y/n> n -------------------- [remote] type = internetarchive access_key_id = XXXX secret_access_key = XXXX -------------------- y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y
+
+
+### Standard options
+
+Here are the Standard options specific to internetarchive (Internet Archive).
+
+#### --internetarchive-access-key-id
+
+IAS3 Access Key.
+
+Leave blank for anonymous access.
+You can find one here: https://archive.org/account/s3.php
+
+Properties:
+
+- Config: access_key_id
+- Env Var: RCLONE_INTERNETARCHIVE_ACCESS_KEY_ID
+- Type: string
+- Required: false
+
+#### --internetarchive-secret-access-key
+
+IAS3 Secret Key (password).
+
+Leave blank for anonymous access.
+
+Properties:
+
+- Config: secret_access_key
+- Env Var: RCLONE_INTERNETARCHIVE_SECRET_ACCESS_KEY
+- Type: string
+- Required: false
+
+### Advanced options
+
+Here are the Advanced options specific to internetarchive (Internet Archive).
+
+#### --internetarchive-endpoint
+
+IAS3 Endpoint.
+
+Leave blank for default value.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_INTERNETARCHIVE_ENDPOINT
+- Type: string
+- Default: "https://s3.us.archive.org"
+
+#### --internetarchive-front-endpoint
+
+Host of InternetArchive Frontend.
+
+Leave blank for default value.
+
+Properties:
+
+- Config: front_endpoint
+- Env Var: RCLONE_INTERNETARCHIVE_FRONT_ENDPOINT
+- Type: string
+- Default: "https://archive.org"
+
+#### --internetarchive-disable-checksum
+
+Don't ask the server to test against MD5 checksum calculated by rclone.
+Normally rclone will calculate the MD5 checksum of the input before
+uploading it so it can ask the server to check the object against checksum.
+This is great for data integrity checking but can cause long delays for
+large files to start uploading.
+
+Properties:
+
+- Config: disable_checksum
+- Env Var: RCLONE_INTERNETARCHIVE_DISABLE_CHECKSUM
+- Type: bool
+- Default: true
+
+#### --internetarchive-wait-archive
+
+Timeout for waiting the server's processing tasks (specifically archive and book_op) to finish.
+Only enable if you need to be guaranteed to be reflected after write operations.
+0 to disable waiting. No errors to be thrown in case of timeout.
+
+Properties:
+
+- Config: wait_archive
+- Env Var: RCLONE_INTERNETARCHIVE_WAIT_ARCHIVE
+- Type: Duration
+- Default: 0s
+
+#### --internetarchive-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_INTERNETARCHIVE_ENCODING
+- Type: Encoding
+- Default: Slash,LtGt,CrLf,Del,Ctl,InvalidUtf8,Dot
+
+### Metadata
+
+Metadata fields provided by Internet Archive.
+If there are multiple values for a key, only the first one is returned.
+This is a limitation of Rclone, that supports one value per one key.
+
+Owner is able to add custom keys. Metadata feature grabs all the keys including them.
+
+Here are the possible system metadata items for the internetarchive backend.
+
+| Name | Help | Type | Example | Read Only |
+|------|------|------|---------|-----------|
+| crc32 | CRC32 calculated by Internet Archive | string | 01234567 | **Y** |
+| format | Name of format identified by Internet Archive | string | Comma-Separated Values | **Y** |
+| md5 | MD5 hash calculated by Internet Archive | string | 01234567012345670123456701234567 | **Y** |
+| mtime | Time of last modification, managed by Rclone | RFC 3339 | 2006-01-02T15:04:05.999999999Z | **Y** |
+| name | Full file path, without the bucket part | filename | backend/internetarchive/internetarchive.go | **Y** |
+| old_version | Whether the file was replaced and moved by keep-old-version flag | boolean | true | **Y** |
+| rclone-ia-mtime | Time of last modification, managed by Internet Archive | RFC 3339 | 2006-01-02T15:04:05.999999999Z | N |
+| rclone-mtime | Time of last modification, managed by Rclone | RFC 3339 | 2006-01-02T15:04:05.999999999Z | N |
+| rclone-update-track | Random value used by Rclone for tracking changes inside Internet Archive | string | aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa | N |
+| sha1 | SHA1 hash calculated by Internet Archive | string | 0123456701234567012345670123456701234567 | **Y** |
+| size | File size in bytes | decimal number | 123456 | **Y** |
+| source | The source of the file | string | original | **Y** |
+| summation | Check https://forum.rclone.org/t/31922 for how it is used | string | md5 | **Y** |
+| viruscheck | The last time viruscheck process was run for the file (?) | unixtime | 1654191352 | **Y** |
+
+See the [metadata](https://rclone.org/docs/#metadata) docs for more info.
+
+
+
+# Jottacloud
+
+Jottacloud is a cloud storage service provider from a Norwegian company, using its own datacenters
+in Norway. In addition to the official service at [jottacloud.com](https://www.jottacloud.com/),
+it also provides white-label solutions to different companies, such as:
+* Telia
+ * Telia Cloud (cloud.telia.se)
+ * Telia Sky (sky.telia.no)
+* Tele2
+ * Tele2 Cloud (mittcloud.tele2.se)
+* Onlime
+ * Onlime Cloud Storage (onlime.dk)
+* Elkjøp (with subsidiaries):
+ * Elkjøp Cloud (cloud.elkjop.no)
+ * Elgiganten Sweden (cloud.elgiganten.se)
+ * Elgiganten Denmark (cloud.elgiganten.dk)
+ * Giganti Cloud (cloud.gigantti.fi)
+ * ELKO Cloud (cloud.elko.is)
+
+Most of the white-label versions are supported by this backend, although may require different
+authentication setup - described below.
+
+Paths are specified as `remote:path`
+
+Paths may be as deep as required, e.g. `remote:directory/subdirectory`.
+
+## Authentication types
+
+Some of the whitelabel versions uses a different authentication method than the official service,
+and you have to choose the correct one when setting up the remote.
+
+### Standard authentication
+
+The standard authentication method used by the official service (jottacloud.com), as well as
+some of the whitelabel services, requires you to generate a single-use personal login token
+from the account security settings in the service's web interface. Log in to your account,
+go to "Settings" and then "Security", or use the direct link presented to you by rclone when
+configuring the remote: <https://www.jottacloud.com/web/secure>. Scroll down to the section
+"Personal login token", and click the "Generate" button. Note that if you are using a
+whitelabel service you probably can't use the direct link, you need to find the same page in
+their dedicated web interface, and also it may be in a different location than described above.
+
+To access your account from multiple instances of rclone, you need to configure each of them
+with a separate personal login token. E.g. you create a Jottacloud remote with rclone in one
+location, and copy the configuration file to a second location where you also want to run
+rclone and access the same remote. Then you need to replace the token for one of them, using
+the [config reconnect](https://rclone.org/commands/rclone_config_reconnect/) command, which
+requires you to generate a new personal login token and supply as input. If you do not
+do this, the token may easily end up being invalidated, resulting in both instances failing
+with an error message something along the lines of:
+
+ oauth2: cannot fetch token: 400 Bad Request
+ Response: {"error":"invalid_grant","error_description":"Stale token"}
+
+When this happens, you need to replace the token as described above to be able to use your
+remote again.
+
+All personal login tokens you have taken into use will be listed in the web interface under
+"My logged in devices", and from the right side of that list you can click the "X" button to
+revoke individual tokens.
+
+### Legacy authentication
+
+If you are using one of the whitelabel versions (e.g. from Elkjøp) you may not have the option
+to generate a CLI token. In this case you'll have to use the legacy authentication. To do this select
+yes when the setup asks for legacy authentication and enter your username and password.
+The rest of the setup is identical to the default setup.
+
+### Telia Cloud authentication
+
+Similar to other whitelabel versions Telia Cloud doesn't offer the option of creating a CLI token, and
+additionally uses a separate authentication flow where the username is generated internally. To setup
+rclone to use Telia Cloud, choose Telia Cloud authentication in the setup. The rest of the setup is
+identical to the default setup.
+
+### Tele2 Cloud authentication
+
+As Tele2-Com Hem merger was completed this authentication can be used for former Com Hem Cloud and
+Tele2 Cloud customers as no support for creating a CLI token exists, and additionally uses a separate
+authentication flow where the username is generated internally. To setup rclone to use Tele2 Cloud,
+choose Tele2 Cloud authentication in the setup. The rest of the setup is identical to the default setup.
+
+### Onlime Cloud Storage authentication
+
+Onlime has sold access to Jottacloud proper, while providing localized support to Danish Customers, but
+have recently set up their own hosting, transferring their customers from Jottacloud servers to their
+own ones.
+
+This, of course, necessitates using their servers for authentication, but otherwise functionality and
+architecture seems equivalent to Jottacloud.
+
+To setup rclone to use Onlime Cloud Storage, choose Onlime Cloud authentication in the setup. The rest
+of the setup is identical to the default setup.
+
+## Configuration
+
+Here is an example of how to make a remote called `remote` with the default setup. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Option Storage. Type of storage to configure. Choose a number from below, or type in your own value. [snip] XX / Jottacloud (jottacloud) [snip] Storage> jottacloud Edit advanced config? y) Yes n) No (default) y/n> n Option config_type. Select authentication type. Choose a number from below, or type in an existing string value. Press Enter for the default (standard). / Standard authentication. 1 | Use this if you're a normal Jottacloud user. (standard) / Legacy authentication. 2 | This is only required for certain whitelabel versions of Jottacloud and not recommended for normal users. (legacy) / Telia Cloud authentication. 3 | Use this if you are using Telia Cloud. (telia) / Tele2 Cloud authentication. 4 | Use this if you are using Tele2 Cloud. (tele2) / Onlime Cloud authentication. 5 | Use this if you are using Onlime Cloud. (onlime) config_type> 1 Personal login token. Generate here: https://www.jottacloud.com/web/secure Login Token> Use a non-standard device/mountpoint? Choosing no, the default, will let you access the storage used for the archive section of the official Jottacloud client. If you instead want to access the sync or the backup section, for example, you must choose yes. y) Yes n) No (default) y/n> y Option config_device. The device to use. In standard setup the built-in Jotta device is used, which contains predefined mountpoints for archive, sync etc. All other devices are treated as backup devices by the official Jottacloud client. You may create a new by entering a unique name. Choose a number from below, or type in your own string value. Press Enter for the default (DESKTOP-3H31129). 1 > DESKTOP-3H31129 2 > Jotta config_device> 2 Option config_mountpoint. The mountpoint to use for the built-in device Jotta. The standard setup is to use the Archive mountpoint. Most other mountpoints have very limited support in rclone and should generally be avoided. Choose a number from below, or type in an existing string value. Press Enter for the default (Archive). 1 > Archive 2 > Shared 3 > Sync config_mountpoint> 1 -------------------- [remote] type = jottacloud configVersion = 1 client_id = jottacli client_secret = tokenURL = https://id.jottacloud.com/auth/realms/jottacloud/protocol/openid-connect/token token = {........} username = 2940e57271a93d987d6f8a21 device = Jotta mountpoint = Archive -------------------- y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y
+
+Once configured you can then use `rclone` like this,
+
+List directories in top level of your Jottacloud
+
+ rclone lsd remote:
+
+List all the files in your Jottacloud
+
+ rclone ls remote:
+
+To copy a local directory to an Jottacloud directory called backup
+
+ rclone copy /home/source remote:backup
+
+### Devices and Mountpoints
+
+The official Jottacloud client registers a device for each computer you install
+it on, and shows them in the backup section of the user interface. For each
+folder you select for backup it will create a mountpoint within this device.
+A built-in device called Jotta is special, and contains mountpoints Archive,
+Sync and some others, used for corresponding features in official clients.
+
+With rclone you'll want to use the standard Jotta/Archive device/mountpoint in
+most cases. However, you may for example want to access files from the sync or
+backup functionality provided by the official clients, and rclone therefore
+provides the option to select other devices and mountpoints during config.
+
+You are allowed to create new devices and mountpoints. All devices except the
+built-in Jotta device are treated as backup devices by official Jottacloud
+clients, and the mountpoints on them are individual backup sets.
+
+With the built-in Jotta device, only existing, built-in, mountpoints can be
+selected. In addition to the mentioned Archive and Sync, it may contain
+several other mountpoints such as: Latest, Links, Shared and Trash. All of
+these are special mountpoints with a different internal representation than
+the "regular" mountpoints. Rclone will only to a very limited degree support
+them. Generally you should avoid these, unless you know what you are doing.
+
+### --fast-list
+
+This backend supports `--fast-list` which allows you to use fewer
+transactions in exchange for more memory. See the [rclone
+docs](https://rclone.org/docs/#fast-list) for more details.
+
+Note that the implementation in Jottacloud always uses only a single
+API request to get the entire list, so for large folders this could
+lead to long wait time before the first results are shown.
+
+Note also that with rclone version 1.58 and newer, information about
+[MIME types](https://rclone.org/overview/#mime-type) and metadata item [utime](#metadata)
+are not available when using `--fast-list`.
+
+### Modification times and hashes
+
+Jottacloud allows modification times to be set on objects accurate to 1
+second. These will be used to detect whether objects need syncing or
+not.
+
+Jottacloud supports MD5 type hashes, so you can use the `--checksum`
+flag.
+
+Note that Jottacloud requires the MD5 hash before upload so if the
+source does not have an MD5 checksum then the file will be cached
+temporarily on disk (in location given by
+[--temp-dir](https://rclone.org/docs/#temp-dir-dir)) before it is uploaded.
+Small files will be cached in memory - see the
+[--jottacloud-md5-memory-limit](#jottacloud-md5-memory-limit) flag.
+When uploading from local disk the source checksum is always available,
+so this does not apply. Starting with rclone version 1.52 the same is
+true for encrypted remotes (in older versions the crypt backend would not
+calculate hashes for uploads from local disk, so the Jottacloud
+backend had to do it as described above).
+
+### Restricted filename characters
+
+In addition to the [default restricted characters set](https://rclone.org/overview/#restricted-characters)
+the following characters are also replaced:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| " | 0x22 | " |
+| * | 0x2A | * |
+| : | 0x3A | : |
+| < | 0x3C | < |
+| > | 0x3E | > |
+| ? | 0x3F | ? |
+| \| | 0x7C | | |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in XML strings.
+
+### Deleting files
+
+By default, rclone will send all files to the trash when deleting files. They will be permanently
+deleted automatically after 30 days. You may bypass the trash and permanently delete files immediately
+by using the [--jottacloud-hard-delete](#jottacloud-hard-delete) flag, or set the equivalent environment variable.
+Emptying the trash is supported by the [cleanup](https://rclone.org/commands/rclone_cleanup/) command.
+
+### Versions
+
+Jottacloud supports file versioning. When rclone uploads a new version of a file it creates a new version of it.
+Currently rclone only supports retrieving the current version but older versions can be accessed via the Jottacloud Website.
+
+Versioning can be disabled by `--jottacloud-no-versions` option. This is achieved by deleting the remote file prior to uploading
+a new version. If the upload the fails no version of the file will be available in the remote.
+
+### Quota information
+
+To view your current quota you can use the `rclone about remote:`
+command which will display your usage limit (unless it is unlimited)
+and the current usage.
+
+
+### Standard options
+
+Here are the Standard options specific to jottacloud (Jottacloud).
+
+#### --jottacloud-client-id
+
+OAuth Client Id.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_JOTTACLOUD_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --jottacloud-client-secret
+
+OAuth Client Secret.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_JOTTACLOUD_CLIENT_SECRET
+- Type: string
+- Required: false
+
+### Advanced options
+
+Here are the Advanced options specific to jottacloud (Jottacloud).
+
+#### --jottacloud-token
+
+OAuth Access Token as a JSON blob.
+
+Properties:
+
+- Config: token
+- Env Var: RCLONE_JOTTACLOUD_TOKEN
+- Type: string
+- Required: false
+
+#### --jottacloud-auth-url
+
+Auth server URL.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: auth_url
+- Env Var: RCLONE_JOTTACLOUD_AUTH_URL
+- Type: string
+- Required: false
+
+#### --jottacloud-token-url
+
+Token server url.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: token_url
+- Env Var: RCLONE_JOTTACLOUD_TOKEN_URL
+- Type: string
+- Required: false
+
+#### --jottacloud-md5-memory-limit
+
+Files bigger than this will be cached on disk to calculate the MD5 if required.
+
+Properties:
+
+- Config: md5_memory_limit
+- Env Var: RCLONE_JOTTACLOUD_MD5_MEMORY_LIMIT
+- Type: SizeSuffix
+- Default: 10Mi
+
+#### --jottacloud-trashed-only
+
+Only show files that are in the trash.
+
+This will show trashed files in their original directory structure.
+
+Properties:
+
+- Config: trashed_only
+- Env Var: RCLONE_JOTTACLOUD_TRASHED_ONLY
+- Type: bool
+- Default: false
+
+#### --jottacloud-hard-delete
+
+Delete files permanently rather than putting them into the trash.
+
+Properties:
+
+- Config: hard_delete
+- Env Var: RCLONE_JOTTACLOUD_HARD_DELETE
+- Type: bool
+- Default: false
+
+#### --jottacloud-upload-resume-limit
+
+Files bigger than this can be resumed if the upload fail's.
+
+Properties:
+
+- Config: upload_resume_limit
+- Env Var: RCLONE_JOTTACLOUD_UPLOAD_RESUME_LIMIT
+- Type: SizeSuffix
+- Default: 10Mi
+
+#### --jottacloud-no-versions
+
+Avoid server side versioning by deleting files and recreating files instead of overwriting them.
+
+Properties:
+
+- Config: no_versions
+- Env Var: RCLONE_JOTTACLOUD_NO_VERSIONS
+- Type: bool
+- Default: false
+
+#### --jottacloud-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_JOTTACLOUD_ENCODING
+- Type: Encoding
+- Default: Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,Del,Ctl,InvalidUtf8,Dot
+
+### Metadata
+
+Jottacloud has limited support for metadata, currently an extended set of timestamps.
+
+Here are the possible system metadata items for the jottacloud backend.
+
+| Name | Help | Type | Example | Read Only |
+|------|------|------|---------|-----------|
+| btime | Time of file birth (creation), read from rclone metadata | RFC 3339 | 2006-01-02T15:04:05.999999999Z07:00 | N |
+| content-type | MIME type, also known as media type | string | text/plain | **Y** |
+| mtime | Time of last modification, read from rclone metadata | RFC 3339 | 2006-01-02T15:04:05.999999999Z07:00 | N |
+| utime | Time of last upload, when current revision was created, generated by backend | RFC 3339 | 2006-01-02T15:04:05.999999999Z07:00 | **Y** |
+
+See the [metadata](https://rclone.org/docs/#metadata) docs for more info.
+
+
+
+## Limitations
+
+Note that Jottacloud is case insensitive so you can't have a file called
+"Hello.doc" and one called "hello.doc".
+
+There are quite a few characters that can't be in Jottacloud file names. Rclone will map these names to and from an identical
+looking unicode equivalent. For example if a file has a ? in it will be mapped to ? instead.
+
+Jottacloud only supports filenames up to 255 characters in length.
+
+## Troubleshooting
+
+Jottacloud exhibits some inconsistent behaviours regarding deleted files and folders which may cause Copy, Move and DirMove
+operations to previously deleted paths to fail. Emptying the trash should help in such cases.
+
+# Koofr
+
+Paths are specified as `remote:path`
+
+Paths may be as deep as required, e.g. `remote:directory/subdirectory`.
+
+## Configuration
+
+The initial setup for Koofr involves creating an application password for
+rclone. You can do that by opening the Koofr
+[web application](https://app.koofr.net/app/admin/preferences/password),
+giving the password a nice name like `rclone` and clicking on generate.
+
+Here is an example of how to make a remote called `koofr`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> koofr Option Storage. Type of storage to configure. Choose a number from below, or type in your own value. [snip] 22 / Koofr, Digi Storage and other Koofr-compatible storage providers (koofr) [snip] Storage> koofr Option provider. Choose your storage provider. Choose a number from below, or type in your own value. Press Enter to leave empty. 1 / Koofr, https://app.koofr.net/ (koofr) 2 / Digi Storage, https://storage.rcs-rds.ro/ (digistorage) 3 / Any other Koofr API compatible storage service (other) provider> 1
+Option user. Your user name. Enter a value. user> USERNAME Option password. Your password for rclone (generate one at https://app.koofr.net/app/admin/preferences/password). Choose an alternative below. y) Yes, type in my own password g) Generate random password y/g> y Enter the password: password: Confirm the password: password: Edit advanced config? y) Yes n) No (default) y/n> n Remote config -------------------- [koofr] type = koofr provider = koofr user = USERNAME password = *** ENCRYPTED *** -------------------- y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y
+
+You can choose to edit advanced config in order to enter your own service URL
+if you use an on-premise or white label Koofr instance, or choose an alternative
+mount instead of your primary storage.
+
+Once configured you can then use `rclone` like this,
+
+List directories in top level of your Koofr
+
+ rclone lsd koofr:
+
+List all the files in your Koofr
+
+ rclone ls koofr:
+
+To copy a local directory to an Koofr directory called backup
+
+ rclone copy /home/source koofr:backup
+
+### Restricted filename characters
+
+In addition to the [default restricted characters set](https://rclone.org/overview/#restricted-characters)
+the following characters are also replaced:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| \ | 0x5C | \ |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in XML strings.
+
+
+### Standard options
+
+Here are the Standard options specific to koofr (Koofr, Digi Storage and other Koofr-compatible storage providers).
+
+#### --koofr-provider
+
+Choose your storage provider.
+
+Properties:
+
+- Config: provider
+- Env Var: RCLONE_KOOFR_PROVIDER
+- Type: string
+- Required: false
+- Examples:
+ - "koofr"
+ - Koofr, https://app.koofr.net/
+ - "digistorage"
+ - Digi Storage, https://storage.rcs-rds.ro/
+ - "other"
+ - Any other Koofr API compatible storage service
+
+#### --koofr-endpoint
+
+The Koofr API endpoint to use.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_KOOFR_ENDPOINT
+- Provider: other
+- Type: string
+- Required: true
+
+#### --koofr-user
+
+Your user name.
+
+Properties:
+
+- Config: user
+- Env Var: RCLONE_KOOFR_USER
+- Type: string
+- Required: true
+
+#### --koofr-password
+
+Your password for rclone (generate one at https://app.koofr.net/app/admin/preferences/password).
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: password
+- Env Var: RCLONE_KOOFR_PASSWORD
+- Provider: koofr
+- Type: string
+- Required: true
+
+### Advanced options
+
+Here are the Advanced options specific to koofr (Koofr, Digi Storage and other Koofr-compatible storage providers).
+
+#### --koofr-mountid
+
+Mount ID of the mount to use.
+
+If omitted, the primary mount is used.
+
+Properties:
+
+- Config: mountid
+- Env Var: RCLONE_KOOFR_MOUNTID
+- Type: string
+- Required: false
+
+#### --koofr-setmtime
+
+Does the backend support setting modification time.
+
+Set this to false if you use a mount ID that points to a Dropbox or Amazon Drive backend.
+
+Properties:
+
+- Config: setmtime
+- Env Var: RCLONE_KOOFR_SETMTIME
+- Type: bool
+- Default: true
+
+#### --koofr-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_KOOFR_ENCODING
+- Type: Encoding
+- Default: Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot
+
+
+
+## Limitations
+
+Note that Koofr is case insensitive so you can't have a file called
+"Hello.doc" and one called "hello.doc".
+
+## Providers
+
+### Koofr
+
+This is the original [Koofr](https://koofr.eu) storage provider used as main example and described in the [configuration](#configuration) section above.
+
+### Digi Storage
+
+[Digi Storage](https://www.digi.ro/servicii/online/digi-storage) is a cloud storage service run by [Digi.ro](https://www.digi.ro/) that
+provides a Koofr API.
+
+Here is an example of how to make a remote called `ds`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> ds Option Storage. Type of storage to configure. Choose a number from below, or type in your own value. [snip] 22 / Koofr, Digi Storage and other Koofr-compatible storage providers (koofr) [snip] Storage> koofr Option provider. Choose your storage provider. Choose a number from below, or type in your own value. Press Enter to leave empty. 1 / Koofr, https://app.koofr.net/ (koofr) 2 / Digi Storage, https://storage.rcs-rds.ro/ (digistorage) 3 / Any other Koofr API compatible storage service (other) provider> 2 Option user. Your user name. Enter a value. user> USERNAME Option password. Your password for rclone (generate one at https://storage.rcs-rds.ro/app/admin/preferences/password). Choose an alternative below. y) Yes, type in my own password g) Generate random password y/g> y Enter the password: password: Confirm the password: password: Edit advanced config? y) Yes n) No (default) y/n> n -------------------- [ds] type = koofr provider = digistorage user = USERNAME password = *** ENCRYPTED *** -------------------- y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y
+
+### Other
+
+You may also want to use another, public or private storage provider that runs a Koofr API compatible service, by simply providing the base URL to connect to.
+
+Here is an example of how to make a remote called `other`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> other Option Storage. Type of storage to configure. Choose a number from below, or type in your own value. [snip] 22 / Koofr, Digi Storage and other Koofr-compatible storage providers (koofr) [snip] Storage> koofr Option provider. Choose your storage provider. Choose a number from below, or type in your own value. Press Enter to leave empty. 1 / Koofr, https://app.koofr.net/ (koofr) 2 / Digi Storage, https://storage.rcs-rds.ro/ (digistorage) 3 / Any other Koofr API compatible storage service (other) provider> 3 Option endpoint. The Koofr API endpoint to use. Enter a value. endpoint> https://koofr.other.org Option user. Your user name. Enter a value. user> USERNAME Option password. Your password for rclone (generate one at your service's settings page). Choose an alternative below. y) Yes, type in my own password g) Generate random password y/g> y Enter the password: password: Confirm the password: password: Edit advanced config? y) Yes n) No (default) y/n> n -------------------- [other] type = koofr provider = other endpoint = https://koofr.other.org user = USERNAME password = *** ENCRYPTED *** -------------------- y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y
+
+# Linkbox
+
+Linkbox is [a private cloud drive](https://linkbox.to/).
+
+## Configuration
+
+Here is an example of making a remote for Linkbox.
+
+First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n
+Enter name for new remote. name> remote
+Option Storage. Type of storage to configure. Choose a number from below, or type in your own value. XX / Linkbox (linkbox) Storage> XX
+Option token. Token from https://www.linkbox.to/admin/account Enter a value. token> testFromCLToken
+Configuration complete. Options: - type: linkbox - token: XXXXXXXXXXX Keep this "linkbox" remote? y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y
+
+
+### Standard options
+
+Here are the Standard options specific to linkbox (Linkbox).
+
+#### --linkbox-token
+
+Token from https://www.linkbox.to/admin/account
+
+Properties:
+
+- Config: token
+- Env Var: RCLONE_LINKBOX_TOKEN
+- Type: string
+- Required: true
+
+
+
+## Limitations
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+# Mail.ru Cloud
+
+[Mail.ru Cloud](https://cloud.mail.ru/) is a cloud storage provided by a Russian internet company [Mail.Ru Group](https://mail.ru). The official desktop client is [Disk-O:](https://disk-o.cloud/en), available on Windows and Mac OS.
+
+## Features highlights
+
+- Paths may be as deep as required, e.g. `remote:directory/subdirectory`
+- Files have a `last modified time` property, directories don't
+- Deleted files are by default moved to the trash
+- Files and directories can be shared via public links
+- Partial uploads or streaming are not supported, file size must be known before upload
+- Maximum file size is limited to 2G for a free account, unlimited for paid accounts
+- Storage keeps hash for all files and performs transparent deduplication,
+ the hash algorithm is a modified SHA1
+- If a particular file is already present in storage, one can quickly submit file hash
+ instead of long file upload (this optimization is supported by rclone)
+
+## Configuration
+
+Here is an example of making a mailru configuration.
+
+First create a Mail.ru Cloud account and choose a tariff.
+
+You will need to log in and create an app password for rclone. Rclone
+**will not work** with your normal username and password - it will
+give an error like `oauth2: server response missing access_token`.
+
+- Click on your user icon in the top right
+- Go to Security / "Пароль и безопасность"
+- Click password for apps / "Пароли для внешних приложений"
+- Add the password - give it a name - eg "rclone"
+- Copy the password and use this password below - your normal login password won't work.
+
+Now run
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Type of storage to configure. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value [snip] XX / Mail.ru Cloud "mailru" [snip] Storage> mailru User name (usually email) Enter a string value. Press Enter for the default (""). user> username@mail.ru Password
+This must be an app password - rclone will not work with your normal password. See the Configuration section in the docs for how to make an app password. y) Yes type in my own password g) Generate random password y/g> y Enter the password: password: Confirm the password: password: Skip full upload if there is another file with same data hash. This feature is called "speedup" or "put by hash". It is especially efficient in case of generally available files like popular books, video or audio clips [snip] Enter a boolean value (true or false). Press Enter for the default ("true"). Choose a number from below, or type in your own value 1 / Enable "true" 2 / Disable "false" speedup_enable> 1 Edit advanced config? (y/n) y) Yes n) No y/n> n Remote config -------------------- [remote] type = mailru user = username@mail.ru pass = *** ENCRYPTED *** speedup_enable = true -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y
+
+Configuration of this backend does not require a local web browser.
+You can use the configured backend as shown below:
+
+See top level directories
+
+ rclone lsd remote:
+
+Make a new directory
+
+ rclone mkdir remote:directory
+
+List the contents of a directory
+
+ rclone ls remote:directory
+
+Sync `/home/local/directory` to the remote path, deleting any
+excess files in the path.
+
+ rclone sync --interactive /home/local/directory remote:directory
+
+### Modification times and hashes
+
+Files support a modification time attribute with up to 1 second precision.
+Directories do not have a modification time, which is shown as "Jan 1 1970".
+
+File hashes are supported, with a custom Mail.ru algorithm based on SHA1.
+If file size is less than or equal to the SHA1 block size (20 bytes),
+its hash is simply its data right-padded with zero bytes.
+Hashes of a larger file is computed as a SHA1 of the file data
+bytes concatenated with a decimal representation of the data length.
+
+### Emptying Trash
+
+Removing a file or directory actually moves it to the trash, which is not
+visible to rclone but can be seen in a web browser. The trashed file
+still occupies part of total quota. If you wish to empty your trash
+and free some quota, you can use the `rclone cleanup remote:` command,
+which will permanently delete all your trashed files.
+This command does not take any path arguments.
+
+### Quota information
+
+To view your current quota you can use the `rclone about remote:`
+command which will display your usage limit (quota) and the current usage.
+
+### Restricted filename characters
+
+In addition to the [default restricted characters set](https://rclone.org/overview/#restricted-characters)
+the following characters are also replaced:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| " | 0x22 | " |
+| * | 0x2A | * |
+| : | 0x3A | : |
+| < | 0x3C | < |
+| > | 0x3E | > |
+| ? | 0x3F | ? |
+| \ | 0x5C | \ |
+| \| | 0x7C | | |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+
+### Standard options
+
+Here are the Standard options specific to mailru (Mail.ru Cloud).
+
+#### --mailru-client-id
+
+OAuth Client Id.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_MAILRU_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --mailru-client-secret
+
+OAuth Client Secret.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_MAILRU_CLIENT_SECRET
+- Type: string
+- Required: false
+
+#### --mailru-user
+
+User name (usually email).
+
+Properties:
+
+- Config: user
+- Env Var: RCLONE_MAILRU_USER
+- Type: string
+- Required: true
+
+#### --mailru-pass
+
+Password.
+
+This must be an app password - rclone will not work with your normal
+password. See the Configuration section in the docs for how to make an
+app password.
+
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: pass
+- Env Var: RCLONE_MAILRU_PASS
+- Type: string
+- Required: true
+
+#### --mailru-speedup-enable
+
+Skip full upload if there is another file with same data hash.
+
+This feature is called "speedup" or "put by hash". It is especially efficient
+in case of generally available files like popular books, video or audio clips,
+because files are searched by hash in all accounts of all mailru users.
+It is meaningless and ineffective if source file is unique or encrypted.
+Please note that rclone may need local memory and disk space to calculate
+content hash in advance and decide whether full upload is required.
+Also, if rclone does not know file size in advance (e.g. in case of
+streaming or partial uploads), it will not even try this optimization.
+
+Properties:
+
+- Config: speedup_enable
+- Env Var: RCLONE_MAILRU_SPEEDUP_ENABLE
+- Type: bool
+- Default: true
+- Examples:
+ - "true"
+ - Enable
+ - "false"
+ - Disable
+
+### Advanced options
+
+Here are the Advanced options specific to mailru (Mail.ru Cloud).
+
+#### --mailru-token
+
+OAuth Access Token as a JSON blob.
+
+Properties:
+
+- Config: token
+- Env Var: RCLONE_MAILRU_TOKEN
+- Type: string
+- Required: false
+
+#### --mailru-auth-url
+
+Auth server URL.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: auth_url
+- Env Var: RCLONE_MAILRU_AUTH_URL
+- Type: string
+- Required: false
+
+#### --mailru-token-url
+
+Token server url.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: token_url
+- Env Var: RCLONE_MAILRU_TOKEN_URL
+- Type: string
+- Required: false
+
+#### --mailru-speedup-file-patterns
+
+Comma separated list of file name patterns eligible for speedup (put by hash).
+
+Patterns are case insensitive and can contain '*' or '?' meta characters.
+
+Properties:
+
+- Config: speedup_file_patterns
+- Env Var: RCLONE_MAILRU_SPEEDUP_FILE_PATTERNS
+- Type: string
+- Default: "*.mkv,*.avi,*.mp4,*.mp3,*.zip,*.gz,*.rar,*.pdf"
+- Examples:
+ - ""
+ - Empty list completely disables speedup (put by hash).
+ - "*"
+ - All files will be attempted for speedup.
+ - "*.mkv,*.avi,*.mp4,*.mp3"
+ - Only common audio/video files will be tried for put by hash.
+ - "*.zip,*.gz,*.rar,*.pdf"
+ - Only common archives or PDF books will be tried for speedup.
+
+#### --mailru-speedup-max-disk
+
+This option allows you to disable speedup (put by hash) for large files.
+
+Reason is that preliminary hashing can exhaust your RAM or disk space.
+
+Properties:
+
+- Config: speedup_max_disk
+- Env Var: RCLONE_MAILRU_SPEEDUP_MAX_DISK
+- Type: SizeSuffix
+- Default: 3Gi
+- Examples:
+ - "0"
+ - Completely disable speedup (put by hash).
+ - "1G"
+ - Files larger than 1Gb will be uploaded directly.
+ - "3G"
+ - Choose this option if you have less than 3Gb free on local disk.
+
+#### --mailru-speedup-max-memory
+
+Files larger than the size given below will always be hashed on disk.
+
+Properties:
+
+- Config: speedup_max_memory
+- Env Var: RCLONE_MAILRU_SPEEDUP_MAX_MEMORY
+- Type: SizeSuffix
+- Default: 32Mi
+- Examples:
+ - "0"
+ - Preliminary hashing will always be done in a temporary disk location.
+ - "32M"
+ - Do not dedicate more than 32Mb RAM for preliminary hashing.
+ - "256M"
+ - You have at most 256Mb RAM free for hash calculations.
+
+#### --mailru-check-hash
+
+What should copy do if file checksum is mismatched or invalid.
+
+Properties:
+
+- Config: check_hash
+- Env Var: RCLONE_MAILRU_CHECK_HASH
+- Type: bool
+- Default: true
+- Examples:
+ - "true"
+ - Fail with error.
+ - "false"
+ - Ignore and continue.
+
+#### --mailru-user-agent
+
+HTTP user agent used internally by client.
+
+Defaults to "rclone/VERSION" or "--user-agent" provided on command line.
+
+Properties:
+
+- Config: user_agent
+- Env Var: RCLONE_MAILRU_USER_AGENT
+- Type: string
+- Required: false
+
+#### --mailru-quirks
+
+Comma separated list of internal maintenance flags.
+
+This option must not be used by an ordinary user. It is intended only to
+facilitate remote troubleshooting of backend issues. Strict meaning of
+flags is not documented and not guaranteed to persist between releases.
+Quirks will be removed when the backend grows stable.
+Supported quirks: atomicmkdir binlist unknowndirs
+
+Properties:
+
+- Config: quirks
+- Env Var: RCLONE_MAILRU_QUIRKS
+- Type: string
+- Required: false
+
+#### --mailru-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_MAILRU_ENCODING
+- Type: Encoding
+- Default: Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,InvalidUtf8,Dot
+
+
+
+## Limitations
+
+File size limits depend on your account. A single file size is limited by 2G
+for a free account and unlimited for paid tariffs. Please refer to the Mail.ru
+site for the total uploaded size limits.
+
+Note that Mailru is case insensitive so you can't have a file called
+"Hello.doc" and one called "hello.doc".
+
+# Mega
+
+[Mega](https://mega.nz/) is a cloud storage and file hosting service
+known for its security feature where all files are encrypted locally
+before they are uploaded. This prevents anyone (including employees of
+Mega) from accessing the files without knowledge of the key used for
+encryption.
+
+This is an rclone backend for Mega which supports the file transfer
+features of Mega using the same client side encryption.
+
+Paths are specified as `remote:path`
+
+Paths may be as deep as required, e.g. `remote:directory/subdirectory`.
+
+## Configuration
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / Mega "mega" [snip] Storage> mega User name user> you@example.com Password. y) Yes type in my own password g) Generate random password n) No leave this optional password blank y/g/n> y Enter the password: password: Confirm the password: password: Remote config -------------------- [remote] type = mega user = you@example.com pass = *** ENCRYPTED *** -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y
+
+**NOTE:** The encryption keys need to have been already generated after a regular login
+via the browser, otherwise attempting to use the credentials in `rclone` will fail.
+
+Once configured you can then use `rclone` like this,
+
+List directories in top level of your Mega
+
+ rclone lsd remote:
+
+List all the files in your Mega
+
+ rclone ls remote:
+
+To copy a local directory to an Mega directory called backup
+
+ rclone copy /home/source remote:backup
+
+### Modification times and hashes
+
+Mega does not support modification times or hashes yet.
+
+### Restricted filename characters
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| NUL | 0x00 | ␀ |
+| / | 0x2F | / |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+### Duplicated files
+
+Mega can have two files with exactly the same name and path (unlike a
+normal file system).
+
+Duplicated files cause problems with the syncing and you will see
+messages in the log about duplicates.
+
+Use `rclone dedupe` to fix duplicated files.
+
+### Failure to log-in
+
+#### Object not found
+
+If you are connecting to your Mega remote for the first time,
+to test access and synchronization, you may receive an error such as
+
+Failed to create file system for "my-mega-remote:": couldn't login: Object (typically, node or user) not found
+
+The diagnostic steps often recommended in the [rclone forum](https://forum.rclone.org/search?q=mega)
+start with the **MEGAcmd** utility. Note that this refers to
+the official C++ command from https://github.com/meganz/MEGAcmd
+and not the go language built command from t3rm1n4l/megacmd
+that is no longer maintained.
+
+Follow the instructions for installing MEGAcmd and try accessing
+your remote as they recommend. You can establish whether or not
+you can log in using MEGAcmd, and obtain diagnostic information
+to help you, and search or work with others in the forum.
+
+MEGA CMD> login me@example.com Password: Fetching nodes ... Loading transfers from local cache Login complete as me@example.com me@example.com:/$
+
+Note that some have found issues with passwords containing special
+characters. If you can not log on with rclone, but MEGAcmd logs on
+just fine, then consider changing your password temporarily to
+pure alphanumeric characters, in case that helps.
+
+
+#### Repeated commands blocks access
+
+Mega remotes seem to get blocked (reject logins) under "heavy use".
+We haven't worked out the exact blocking rules but it seems to be
+related to fast paced, successive rclone commands.
+
+For example, executing this command 90 times in a row `rclone link
+remote:file` will cause the remote to become "blocked". This is not an
+abnormal situation, for example if you wish to get the public links of
+a directory with hundred of files... After more or less a week, the
+remote will remote accept rclone logins normally again.
+
+You can mitigate this issue by mounting the remote it with `rclone
+mount`. This will log-in when mounting and a log-out when unmounting
+only. You can also run `rclone rcd` and then use `rclone rc` to run
+the commands over the API to avoid logging in each time.
+
+Rclone does not currently close mega sessions (you can see them in the
+web interface), however closing the sessions does not solve the issue.
+
+If you space rclone commands by 3 seconds it will avoid blocking the
+remote. We haven't identified the exact blocking rules, so perhaps one
+could execute the command 80 times without waiting and avoid blocking
+by waiting 3 seconds, then continuing...
+
+Note that this has been observed by trial and error and might not be
+set in stone.
+
+Other tools seem not to produce this blocking effect, as they use a
+different working approach (state-based, using sessionIDs instead of
+log-in) which isn't compatible with the current stateless rclone
+approach.
+
+Note that once blocked, the use of other tools (such as megacmd) is
+not a sure workaround: following megacmd login times have been
+observed in succession for blocked remote: 7 minutes, 20 min, 30min, 30
+min, 30min. Web access looks unaffected though.
+
+Investigation is continuing in relation to workarounds based on
+timeouts, pacers, retrials and tpslimits - if you discover something
+relevant, please post on the forum.
+
+So, if rclone was working nicely and suddenly you are unable to log-in
+and you are sure the user and the password are correct, likely you
+have got the remote blocked for a while.
+
+
+### Standard options
+
+Here are the Standard options specific to mega (Mega).
+
+#### --mega-user
+
+User name.
+
+Properties:
+
+- Config: user
+- Env Var: RCLONE_MEGA_USER
+- Type: string
+- Required: true
+
+#### --mega-pass
+
+Password.
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: pass
+- Env Var: RCLONE_MEGA_PASS
+- Type: string
+- Required: true
+
+### Advanced options
+
+Here are the Advanced options specific to mega (Mega).
+
+#### --mega-debug
+
+Output more debug from Mega.
+
+If this flag is set (along with -vv) it will print further debugging
+information from the mega backend.
+
+Properties:
+
+- Config: debug
+- Env Var: RCLONE_MEGA_DEBUG
+- Type: bool
+- Default: false
+
+#### --mega-hard-delete
+
+Delete files permanently rather than putting them into the trash.
+
+Normally the mega backend will put all deletions into the trash rather
+than permanently deleting them. If you specify this then rclone will
+permanently delete objects instead.
+
+Properties:
+
+- Config: hard_delete
+- Env Var: RCLONE_MEGA_HARD_DELETE
+- Type: bool
+- Default: false
+
+#### --mega-use-https
+
+Use HTTPS for transfers.
+
+MEGA uses plain text HTTP connections by default.
+Some ISPs throttle HTTP connections, this causes transfers to become very slow.
+Enabling this will force MEGA to use HTTPS for all transfers.
+HTTPS is normally not necessary since all data is already encrypted anyway.
+Enabling it will increase CPU usage and add network overhead.
+
+Properties:
+
+- Config: use_https
+- Env Var: RCLONE_MEGA_USE_HTTPS
+- Type: bool
+- Default: false
+
+#### --mega-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_MEGA_ENCODING
+- Type: Encoding
+- Default: Slash,InvalidUtf8,Dot
+
+
+
+### Process `killed`
+
+On accounts with large files or something else, memory usage can significantly increase when executing list/sync instructions. When running on cloud providers (like AWS with EC2), check if the instance type has sufficient memory/CPU to execute the commands. Use the resource monitoring tools to inspect after sending the commands. Look [at this issue](https://forum.rclone.org/t/rclone-with-mega-appears-to-work-only-in-some-accounts/40233/4).
+
+## Limitations
+
+This backend uses the [go-mega go library](https://github.com/t3rm1n4l/go-mega) which is an opensource
+go library implementing the Mega API. There doesn't appear to be any
+documentation for the mega protocol beyond the [mega C++ SDK](https://github.com/meganz/sdk) source code
+so there are likely quite a few errors still remaining in this library.
+
+Mega allows duplicate files which may confuse rclone.
+
+# Memory
+
+The memory backend is an in RAM backend. It does not persist its
+data - use the local backend for that.
+
+The memory backend behaves like a bucket-based remote (e.g. like
+s3). Because it has no parameters you can just use it with the
+`:memory:` remote name.
+
+## Configuration
+
+You can configure it as a remote like this with `rclone config` too if
+you want to:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value [snip] XX / Memory "memory" [snip] Storage> memory ** See help for memory backend at: https://rclone.org/memory/ **
+Remote config
-
-
-Character
-Value
-Replacement
-
-
-NUL
-0x00
-␀
+[remote]
-/
-0x2F
-/
+type = memory
-Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Standard options
-Here are the Standard options specific to swift (OpenStack Swift (Rackspace Cloud Files, Memset Memstore, OVH)).
---swift-env-auth
-Get swift credentials from environment variables in standard OpenStack form.
-Properties:
-
-- Config: env_auth
-- Env Var: RCLONE_SWIFT_ENV_AUTH
-- Type: bool
-- Default: false
-- Examples:
-
-- "false"
-
-- Enter swift credentials in the next step.
-
-- "true"
-
-- Get swift credentials from environment vars.
-- Leave other fields blank if using this.
-
-
-
---swift-user
-User name to log in (OS_USERNAME).
-Properties:
-
-- Config: user
-- Env Var: RCLONE_SWIFT_USER
-- Type: string
-- Required: false
-
---swift-key
-API key or password (OS_PASSWORD).
-Properties:
-
-- Config: key
-- Env Var: RCLONE_SWIFT_KEY
-- Type: string
-- Required: false
-
---swift-auth
-Authentication URL for server (OS_AUTH_URL).
-Properties:
-
-- Config: auth
-- Env Var: RCLONE_SWIFT_AUTH
-- Type: string
-- Required: false
-- Examples:
-
-- "https://auth.api.rackspacecloud.com/v1.0"
-
-- Rackspace US
-
-- "https://lon.auth.api.rackspacecloud.com/v1.0"
-
-- Rackspace UK
-
-- "https://identity.api.rackspacecloud.com/v2.0"
-
-- Rackspace v2
-
-- "https://auth.storage.memset.com/v1.0"
-
-- Memset Memstore UK
-
-- "https://auth.storage.memset.com/v2.0"
-
-- Memset Memstore UK v2
-
-- "https://auth.cloud.ovh.net/v3"
-
-- OVH
-
-
-
---swift-user-id
-User ID to log in - optional - most swift systems use user and leave this blank (v3 auth) (OS_USER_ID).
-Properties:
-
-- Config: user_id
-- Env Var: RCLONE_SWIFT_USER_ID
-- Type: string
-- Required: false
-
---swift-domain
-User domain - optional (v3 auth) (OS_USER_DOMAIN_NAME)
-Properties:
-
-- Config: domain
-- Env Var: RCLONE_SWIFT_DOMAIN
-- Type: string
-- Required: false
-
---swift-tenant
-Tenant name - optional for v1 auth, this or tenant_id required otherwise (OS_TENANT_NAME or OS_PROJECT_NAME).
-Properties:
-
-- Config: tenant
-- Env Var: RCLONE_SWIFT_TENANT
-- Type: string
-- Required: false
-
---swift-tenant-id
-Tenant ID - optional for v1 auth, this or tenant required otherwise (OS_TENANT_ID).
-Properties:
-
-- Config: tenant_id
-- Env Var: RCLONE_SWIFT_TENANT_ID
-- Type: string
-- Required: false
-
---swift-tenant-domain
-Tenant domain - optional (v3 auth) (OS_PROJECT_DOMAIN_NAME).
-Properties:
-
-- Config: tenant_domain
-- Env Var: RCLONE_SWIFT_TENANT_DOMAIN
-- Type: string
-- Required: false
-
---swift-region
-Region name - optional (OS_REGION_NAME).
-Properties:
-
-- Config: region
-- Env Var: RCLONE_SWIFT_REGION
-- Type: string
-- Required: false
-
---swift-storage-url
-Storage URL - optional (OS_STORAGE_URL).
-Properties:
-
-- Config: storage_url
-- Env Var: RCLONE_SWIFT_STORAGE_URL
-- Type: string
-- Required: false
-
---swift-auth-token
-Auth Token from alternate authentication - optional (OS_AUTH_TOKEN).
-Properties:
-
-- Config: auth_token
-- Env Var: RCLONE_SWIFT_AUTH_TOKEN
-- Type: string
-- Required: false
-
---swift-application-credential-id
-Application Credential ID (OS_APPLICATION_CREDENTIAL_ID).
-Properties:
-
-- Config: application_credential_id
-- Env Var: RCLONE_SWIFT_APPLICATION_CREDENTIAL_ID
-- Type: string
-- Required: false
-
---swift-application-credential-name
-Application Credential Name (OS_APPLICATION_CREDENTIAL_NAME).
-Properties:
-
-- Config: application_credential_name
-- Env Var: RCLONE_SWIFT_APPLICATION_CREDENTIAL_NAME
-- Type: string
-- Required: false
-
---swift-application-credential-secret
-Application Credential Secret (OS_APPLICATION_CREDENTIAL_SECRET).
-Properties:
-
-- Config: application_credential_secret
-- Env Var: RCLONE_SWIFT_APPLICATION_CREDENTIAL_SECRET
-- Type: string
-- Required: false
-
---swift-auth-version
-AuthVersion - optional - set to (1,2,3) if your auth URL has no version (ST_AUTH_VERSION).
-Properties:
-
-- Config: auth_version
-- Env Var: RCLONE_SWIFT_AUTH_VERSION
-- Type: int
-- Default: 0
-
---swift-endpoint-type
-Endpoint type to choose from the service catalogue (OS_ENDPOINT_TYPE).
-Properties:
-
-- Config: endpoint_type
-- Env Var: RCLONE_SWIFT_ENDPOINT_TYPE
-- Type: string
-- Default: "public"
-- Examples:
-
-- "public"
-
-- Public (default, choose this if not sure)
-
-- "internal"
-
-- Internal (use internal service net)
-
-- "admin"
-
-- Admin
-
-
-
---swift-storage-policy
-The storage policy to use when creating a new container.
-This applies the specified storage policy when creating a new container. The policy cannot be changed afterwards. The allowed configuration values and their meaning depend on your Swift storage provider.
-Properties:
-
-- Config: storage_policy
-- Env Var: RCLONE_SWIFT_STORAGE_POLICY
-- Type: string
-- Required: false
-- Examples:
-
-- ""
-
-- Default
-
-- "pcs"
-
-- OVH Public Cloud Storage
-
-- "pca"
-
-- OVH Public Cloud Archive
-
-
-
-Advanced options
-Here are the Advanced options specific to swift (OpenStack Swift (Rackspace Cloud Files, Memset Memstore, OVH)).
---swift-leave-parts-on-error
-If true avoid calling abort upload on a failure.
-It should be set to true for resuming uploads across different sessions.
-Properties:
-
-- Config: leave_parts_on_error
-- Env Var: RCLONE_SWIFT_LEAVE_PARTS_ON_ERROR
-- Type: bool
-- Default: false
-
---swift-chunk-size
-Above this size files will be chunked into a _segments container.
-Above this size files will be chunked into a _segments container. The default for this is 5 GiB which is its maximum value.
-Properties:
-
-- Config: chunk_size
-- Env Var: RCLONE_SWIFT_CHUNK_SIZE
-- Type: SizeSuffix
-- Default: 5Gi
-
---swift-no-chunk
-Don't chunk files during streaming upload.
-When doing streaming uploads (e.g. using rcat or mount) setting this flag will cause the swift backend to not upload chunked files.
-This will limit the maximum upload size to 5 GiB. However non chunked files are easier to deal with and have an MD5SUM.
-Rclone will still chunk files bigger than chunk_size when doing normal copy operations.
-Properties:
-
-- Config: no_chunk
-- Env Var: RCLONE_SWIFT_NO_CHUNK
-- Type: bool
-- Default: false
-
---swift-no-large-objects
-Disable support for static and dynamic large objects
-Swift cannot transparently store files bigger than 5 GiB. There are two schemes for doing that, static or dynamic large objects, and the API does not allow rclone to determine whether a file is a static or dynamic large object without doing a HEAD on the object. Since these need to be treated differently, this means rclone has to issue HEAD requests for objects for example when reading checksums.
-When no_large_objects
is set, rclone will assume that there are no static or dynamic large objects stored. This means it can stop doing the extra HEAD calls which in turn increases performance greatly especially when doing a swift to swift transfer with --checksum
set.
-Setting this option implies no_chunk
and also that no files will be uploaded in chunks, so files bigger than 5 GiB will just fail on upload.
-If you set this option and there are static or dynamic large objects, then this will give incorrect hashes for them. Downloads will succeed, but other operations such as Remove and Copy will fail.
-Properties:
-
-- Config: no_large_objects
-- Env Var: RCLONE_SWIFT_NO_LARGE_OBJECTS
-- Type: bool
-- Default: false
-
---swift-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
+
+- Yes this is OK (default)
+- Edit this remote
+- Delete this remote y/e/d> y
+
+
+Because the memory backend isn't persistent it is most useful for
+testing or with an rclone server or rclone mount, e.g.
+
+ rclone mount :memory: /mnt/tmp
+ rclone serve webdav :memory:
+ rclone serve sftp :memory:
+
+### Modification times and hashes
+
+The memory backend supports MD5 hashes and modification times accurate to 1 nS.
+
+### Restricted filename characters
+
+The memory backend replaces the [default restricted characters
+set](https://rclone.org/overview/#restricted-characters).
+
+
+
+
+# Akamai NetStorage
+
+Paths are specified as `remote:`
+You may put subdirectories in too, e.g. `remote:/path/to/dir`.
+If you have a CP code you can use that as the folder after the domain such as \<domain>\/\<cpcode>\/\<internal directories within cpcode>.
+
+For example, this is commonly configured with or without a CP code:
+* **With a CP code**. `[your-domain-prefix]-nsu.akamaihd.net/123456/subdirectory/`
+* **Without a CP code**. `[your-domain-prefix]-nsu.akamaihd.net`
+
+
+See all buckets
+ rclone lsd remote:
+The initial setup for Netstorage involves getting an account and secret. Use `rclone config` to walk you through the setup process.
+
+## Configuration
+
+Here's an example of how to make a remote called `ns1`.
+
+1. To begin the interactive configuration process, enter this command:
+
+rclone config
+
+2. Type `n` to create a new remote.
+
+
+- New remote
+- Delete remote
+- Quit config e/n/d/q> n
+
+
+3. For this example, enter `ns1` when you reach the name> prompt.
+
+name> ns1
+
+4. Enter `netstorage` as the type of storage to configure.
+
+Type of storage to configure. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value XX / NetStorage "netstorage" Storage> netstorage
+
+5. Select between the HTTP or HTTPS protocol. Most users should choose HTTPS, which is the default. HTTP is provided primarily for debugging purposes.
+
+
+Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value 1 / HTTP protocol "http" 2 / HTTPS protocol "https" protocol> 1
+
+6. Specify your NetStorage host, CP code, and any necessary content paths using this format: `<domain>/<cpcode>/<content>/`
+
+Enter a string value. Press Enter for the default (""). host> baseball-nsu.akamaihd.net/123456/content/
+
+7. Set the netstorage account name
+Enter a string value. Press Enter for the default (""). account> username
+
+8. Set the Netstorage account secret/G2O key which will be used for authentication purposes. Select the `y` option to set your own password then enter your secret.
+Note: The secret is stored in the `rclone.conf` file with hex-encoded encryption.
+
+
+- Yes type in my own password
+- Generate random password y/g> y Enter the password: password: Confirm the password: password:
+
+
+9. View the summary and confirm your remote configuration.
+
+[ns1] type = netstorage protocol = http host = baseball-nsu.akamaihd.net/123456/content/ account = username secret = *** ENCRYPTED *** -------------------- y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y
+
+This remote is called `ns1` and can now be used.
+
+## Example operations
+
+Get started with rclone and NetStorage with these examples. For additional rclone commands, visit https://rclone.org/commands/.
+
+### See contents of a directory in your project
+
+ rclone lsd ns1:/974012/testing/
+
+### Sync the contents local with remote
+
+ rclone sync . ns1:/974012/testing/
+
+### Upload local content to remote
+ rclone copy notes.txt ns1:/974012/testing/
+
+### Delete content on remote
+ rclone delete ns1:/974012/testing/notes.txt
+
+### Move or copy content between CP codes.
+
+Your credentials must have access to two CP codes on the same remote. You can't perform operations between different remotes.
+
+ rclone move ns1:/974012/testing/notes.txt ns1:/974450/testing2/
+
+## Features
+
+### Symlink Support
+
+The Netstorage backend changes the rclone `--links, -l` behavior. When uploading, instead of creating the .rclonelink file, use the "symlink" API in order to create the corresponding symlink on the remote. The .rclonelink file will not be created, the upload will be intercepted and only the symlink file that matches the source file name with no suffix will be created on the remote.
+
+This will effectively allow commands like copy/copyto, move/moveto and sync to upload from local to remote and download from remote to local directories with symlinks. Due to internal rclone limitations, it is not possible to upload an individual symlink file to any remote backend. You can always use the "backend symlink" command to create a symlink on the NetStorage server, refer to "symlink" section below.
+
+Individual symlink files on the remote can be used with the commands like "cat" to print the destination name, or "delete" to delete symlink, or copy, copy/to and move/moveto to download from the remote to local. Note: individual symlink files on the remote should be specified including the suffix .rclonelink.
+
+**Note**: No file with the suffix .rclonelink should ever exist on the server since it is not possible to actually upload/create a file with .rclonelink suffix with rclone, it can only exist if it is manually created through a non-rclone method on the remote.
+
+### Implicit vs. Explicit Directories
+
+With NetStorage, directories can exist in one of two forms:
+
+1. **Explicit Directory**. This is an actual, physical directory that you have created in a storage group.
+2. **Implicit Directory**. This refers to a directory within a path that has not been physically created. For example, during upload of a file, nonexistent subdirectories can be specified in the target path. NetStorage creates these as "implicit." While the directories aren't physically created, they exist implicitly and the noted path is connected with the uploaded file.
+
+Rclone will intercept all file uploads and mkdir commands for the NetStorage remote and will explicitly issue the mkdir command for each directory in the uploading path. This will help with the interoperability with the other Akamai services such as SFTP and the Content Management Shell (CMShell). Rclone will not guarantee correctness of operations with implicit directories which might have been created as a result of using an upload API directly.
+
+### `--fast-list` / ListR support
+
+NetStorage remote supports the ListR feature by using the "list" NetStorage API action to return a lexicographical list of all objects within the specified CP code, recursing into subdirectories as they're encountered.
+
+* **Rclone will use the ListR method for some commands by default**. Commands such as `lsf -R` will use ListR by default. To disable this, include the `--disable listR` option to use the non-recursive method of listing objects.
+
+* **Rclone will not use the ListR method for some commands**. Commands such as `sync` don't use ListR by default. To force using the ListR method, include the `--fast-list` option.
+
+There are pros and cons of using the ListR method, refer to [rclone documentation](https://rclone.org/docs/#fast-list). In general, the sync command over an existing deep tree on the remote will run faster with the "--fast-list" flag but with extra memory usage as a side effect. It might also result in higher CPU utilization but the whole task can be completed faster.
+
+**Note**: There is a known limitation that "lsf -R" will display number of files in the directory and directory size as -1 when ListR method is used. The workaround is to pass "--disable listR" flag if these numbers are important in the output.
+
+### Purge
+
+NetStorage remote supports the purge feature by using the "quick-delete" NetStorage API action. The quick-delete action is disabled by default for security reasons and can be enabled for the account through the Akamai portal. Rclone will first try to use quick-delete action for the purge command and if this functionality is disabled then will fall back to a standard delete method.
+
+**Note**: Read the [NetStorage Usage API](https://learn.akamai.com/en-us/webhelp/netstorage/netstorage-http-api-developer-guide/GUID-15836617-9F50-405A-833C-EA2556756A30.html) for considerations when using "quick-delete". In general, using quick-delete method will not delete the tree immediately and objects targeted for quick-delete may still be accessible.
+
+
+### Standard options
+
+Here are the Standard options specific to netstorage (Akamai NetStorage).
+
+#### --netstorage-host
+
+Domain+path of NetStorage host to connect to.
+
+Format should be `<domain>/<internal folders>`
+
+Properties:
+
+- Config: host
+- Env Var: RCLONE_NETSTORAGE_HOST
+- Type: string
+- Required: true
+
+#### --netstorage-account
+
+Set the NetStorage account name
+
+Properties:
+
+- Config: account
+- Env Var: RCLONE_NETSTORAGE_ACCOUNT
+- Type: string
+- Required: true
+
+#### --netstorage-secret
+
+Set the NetStorage account secret/G2O key for authentication.
+
+Please choose the 'y' option to set your own password then enter your secret.
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: secret
+- Env Var: RCLONE_NETSTORAGE_SECRET
+- Type: string
+- Required: true
+
+### Advanced options
+
+Here are the Advanced options specific to netstorage (Akamai NetStorage).
+
+#### --netstorage-protocol
+
+Select between HTTP or HTTPS protocol.
+
+Most users should choose HTTPS, which is the default.
+HTTP is provided primarily for debugging purposes.
+
+Properties:
+
+- Config: protocol
+- Env Var: RCLONE_NETSTORAGE_PROTOCOL
+- Type: string
+- Default: "https"
+- Examples:
+ - "http"
+ - HTTP protocol
+ - "https"
+ - HTTPS protocol
+
+## Backend commands
+
+Here are the commands specific to the netstorage backend.
+
+Run them with
+
+ rclone backend COMMAND remote:
+
+The help below will explain what arguments each command takes.
+
+See the [backend](https://rclone.org/commands/rclone_backend/) command for more
+info on how to pass options and arguments.
+
+These can be run on a running backend using the rc command
+[backend/command](https://rclone.org/rc/#backend-command).
+
+### du
+
+Return disk usage information for a specified directory
+
+ rclone backend du remote: [options] [<arguments>+]
+
+The usage information returned, includes the targeted directory as well as all
+files stored in any sub-directories that may exist.
+
+### symlink
+
+You can create a symbolic link in ObjectStore with the symlink action.
+
+ rclone backend symlink remote: [options] [<arguments>+]
+
+The desired path location (including applicable sub-directories) ending in
+the object that will be the target of the symlink (for example, /links/mylink).
+Include the file extension for the object, if applicable.
+`rclone backend symlink <src> <path>`
+
+
+
+# Microsoft Azure Blob Storage
+
+Paths are specified as `remote:container` (or `remote:` for the `lsd`
+command.) You may put subdirectories in too, e.g.
+`remote:container/path/to/dir`.
+
+## Configuration
+
+Here is an example of making a Microsoft Azure Blob Storage
+configuration. For a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / Microsoft Azure Blob Storage "azureblob" [snip] Storage> azureblob Storage Account Name account> account_name Storage Account Key key> base64encodedkey== Endpoint for the service - leave blank normally. endpoint> Remote config -------------------- [remote] account = account_name key = base64encodedkey== endpoint = -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y
+
+See all containers
+
+ rclone lsd remote:
+
+Make a new container
+
+ rclone mkdir remote:container
+
+List the contents of a container
+
+ rclone ls remote:container
+
+Sync `/home/local/directory` to the remote container, deleting any excess
+files in the container.
+
+ rclone sync --interactive /home/local/directory remote:container
+
+### --fast-list
+
+This remote supports `--fast-list` which allows you to use fewer
+transactions in exchange for more memory. See the [rclone
+docs](https://rclone.org/docs/#fast-list) for more details.
+
+### Modification times and hashes
+
+The modification time is stored as metadata on the object with the
+`mtime` key. It is stored using RFC3339 Format time with nanosecond
+precision. The metadata is supplied during directory listings so
+there is no performance overhead to using it.
+
+If you wish to use the Azure standard `LastModified` time stored on
+the object as the modified time, then use the `--use-server-modtime`
+flag. Note that rclone can't set `LastModified`, so using the
+`--update` flag when syncing is recommended if using
+`--use-server-modtime`.
+
+MD5 hashes are stored with blobs. However blobs that were uploaded in
+chunks only have an MD5 if the source remote was capable of MD5
+hashes, e.g. the local disk.
+
+### Performance
+
+When uploading large files, increasing the value of
+`--azureblob-upload-concurrency` will increase performance at the cost
+of using more memory. The default of 16 is set quite conservatively to
+use less memory. It maybe be necessary raise it to 64 or higher to
+fully utilize a 1 GBit/s link with a single file transfer.
+
+### Restricted filename characters
+
+In addition to the [default restricted characters set](https://rclone.org/overview/#restricted-characters)
+the following characters are also replaced:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| / | 0x2F | / |
+| \ | 0x5C | \ |
+
+File names can also not end with the following characters.
+These only get replaced if they are the last character in the name:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| . | 0x2E | . |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+### Authentication {#authentication}
+
+There are a number of ways of supplying credentials for Azure Blob
+Storage. Rclone tries them in the order of the sections below.
+
+#### Env Auth
+
+If the `env_auth` config parameter is `true` then rclone will pull
+credentials from the environment or runtime.
+
+It tries these authentication methods in this order:
+
+1. Environment Variables
+2. Managed Service Identity Credentials
+3. Azure CLI credentials (as used by the az tool)
+
+These are described in the following sections
+
+##### Env Auth: 1. Environment Variables
+
+If `env_auth` is set and environment variables are present rclone
+authenticates a service principal with a secret or certificate, or a
+user with a password, depending on which environment variable are set.
+It reads configuration from these variables, in the following order:
+
+1. Service principal with client secret
+ - `AZURE_TENANT_ID`: ID of the service principal's tenant. Also called its "directory" ID.
+ - `AZURE_CLIENT_ID`: the service principal's client ID
+ - `AZURE_CLIENT_SECRET`: one of the service principal's client secrets
+2. Service principal with certificate
+ - `AZURE_TENANT_ID`: ID of the service principal's tenant. Also called its "directory" ID.
+ - `AZURE_CLIENT_ID`: the service principal's client ID
+ - `AZURE_CLIENT_CERTIFICATE_PATH`: path to a PEM or PKCS12 certificate file including the private key.
+ - `AZURE_CLIENT_CERTIFICATE_PASSWORD`: (optional) password for the certificate file.
+ - `AZURE_CLIENT_SEND_CERTIFICATE_CHAIN`: (optional) Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to "true" or "1", authentication requests include the x5c header.
+3. User with username and password
+ - `AZURE_TENANT_ID`: (optional) tenant to authenticate in. Defaults to "organizations".
+ - `AZURE_CLIENT_ID`: client ID of the application the user will authenticate to
+ - `AZURE_USERNAME`: a username (usually an email address)
+ - `AZURE_PASSWORD`: the user's password
+4. Workload Identity
+ - `AZURE_TENANT_ID`: Tenant to authenticate in.
+ - `AZURE_CLIENT_ID`: Client ID of the application the user will authenticate to.
+ - `AZURE_FEDERATED_TOKEN_FILE`: Path to projected service account token file.
+ - `AZURE_AUTHORITY_HOST`: Authority of an Azure Active Directory endpoint (default: login.microsoftonline.com).
+
+
+##### Env Auth: 2. Managed Service Identity Credentials
+
+When using Managed Service Identity if the VM(SS) on which this
+program is running has a system-assigned identity, it will be used by
+default. If the resource has no system-assigned but exactly one
+user-assigned identity, the user-assigned identity will be used by
+default.
+
+If the resource has multiple user-assigned identities you will need to
+unset `env_auth` and set `use_msi` instead. See the [`use_msi`
+section](#use_msi).
+
+##### Env Auth: 3. Azure CLI credentials (as used by the az tool)
+
+Credentials created with the `az` tool can be picked up using `env_auth`.
+
+For example if you were to login with a service principal like this:
+
+ az login --service-principal -u XXX -p XXX --tenant XXX
+
+Then you could access rclone resources like this:
+
+ rclone lsf :azureblob,env_auth,account=ACCOUNT:CONTAINER
+
+Or
+
+ rclone lsf --azureblob-env-auth --azureblob-account=ACCOUNT :azureblob:CONTAINER
+
+Which is analogous to using the `az` tool:
+
+ az storage blob list --container-name CONTAINER --account-name ACCOUNT --auth-mode login
+
+#### Account and Shared Key
+
+This is the most straight forward and least flexible way. Just fill
+in the `account` and `key` lines and leave the rest blank.
+
+#### SAS URL
+
+This can be an account level SAS URL or container level SAS URL.
+
+To use it leave `account` and `key` blank and fill in `sas_url`.
+
+An account level SAS URL or container level SAS URL can be obtained
+from the Azure portal or the Azure Storage Explorer. To get a
+container level SAS URL right click on a container in the Azure Blob
+explorer in the Azure portal.
+
+If you use a container level SAS URL, rclone operations are permitted
+only on a particular container, e.g.
+
+ rclone ls azureblob:container
+
+You can also list the single container from the root. This will only
+show the container specified by the SAS URL.
+
+ $ rclone lsd azureblob:
+ container/
+
+Note that you can't see or access any other containers - this will
+fail
+
+ rclone ls azureblob:othercontainer
+
+Container level SAS URLs are useful for temporarily allowing third
+parties access to a single container or putting credentials into an
+untrusted environment such as a CI build server.
+
+#### Service principal with client secret
+
+If these variables are set, rclone will authenticate with a service principal with a client secret.
+
+- `tenant`: ID of the service principal's tenant. Also called its "directory" ID.
+- `client_id`: the service principal's client ID
+- `client_secret`: one of the service principal's client secrets
+
+The credentials can also be placed in a file using the
+`service_principal_file` configuration option.
+
+#### Service principal with certificate
+
+If these variables are set, rclone will authenticate with a service principal with certificate.
+
+- `tenant`: ID of the service principal's tenant. Also called its "directory" ID.
+- `client_id`: the service principal's client ID
+- `client_certificate_path`: path to a PEM or PKCS12 certificate file including the private key.
+- `client_certificate_password`: (optional) password for the certificate file.
+- `client_send_certificate_chain`: (optional) Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to "true" or "1", authentication requests include the x5c header.
+
+**NB** `client_certificate_password` must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+#### User with username and password
+
+If these variables are set, rclone will authenticate with username and password.
+
+- `tenant`: (optional) tenant to authenticate in. Defaults to "organizations".
+- `client_id`: client ID of the application the user will authenticate to
+- `username`: a username (usually an email address)
+- `password`: the user's password
+
+Microsoft doesn't recommend this kind of authentication, because it's
+less secure than other authentication flows. This method is not
+interactive, so it isn't compatible with any form of multi-factor
+authentication, and the application must already have user or admin
+consent. This credential can only authenticate work and school
+accounts; it can't authenticate Microsoft accounts.
+
+**NB** `password` must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+#### Managed Service Identity Credentials {#use_msi}
+
+If `use_msi` is set then managed service identity credentials are
+used. This authentication only works when running in an Azure service.
+`env_auth` needs to be unset to use this.
+
+However if you have multiple user identities to choose from these must
+be explicitly specified using exactly one of the `msi_object_id`,
+`msi_client_id`, or `msi_mi_res_id` parameters.
+
+If none of `msi_object_id`, `msi_client_id`, or `msi_mi_res_id` is
+set, this is is equivalent to using `env_auth`.
+
+
+### Standard options
+
+Here are the Standard options specific to azureblob (Microsoft Azure Blob Storage).
+
+#### --azureblob-account
+
+Azure Storage Account Name.
+
+Set this to the Azure Storage Account Name in use.
+
+Leave blank to use SAS URL or Emulator, otherwise it needs to be set.
+
+If this is blank and if env_auth is set it will be read from the
+environment variable `AZURE_STORAGE_ACCOUNT_NAME` if possible.
+
+
+Properties:
+
+- Config: account
+- Env Var: RCLONE_AZUREBLOB_ACCOUNT
+- Type: string
+- Required: false
+
+#### --azureblob-env-auth
+
+Read credentials from runtime (environment variables, CLI or MSI).
+
+See the [authentication docs](/azureblob#authentication) for full info.
+
+Properties:
+
+- Config: env_auth
+- Env Var: RCLONE_AZUREBLOB_ENV_AUTH
+- Type: bool
+- Default: false
+
+#### --azureblob-key
+
+Storage Account Shared Key.
+
+Leave blank to use SAS URL or Emulator.
+
+Properties:
+
+- Config: key
+- Env Var: RCLONE_AZUREBLOB_KEY
+- Type: string
+- Required: false
+
+#### --azureblob-sas-url
+
+SAS URL for container level access only.
+
+Leave blank if using account/key or Emulator.
+
+Properties:
+
+- Config: sas_url
+- Env Var: RCLONE_AZUREBLOB_SAS_URL
+- Type: string
+- Required: false
+
+#### --azureblob-tenant
+
+ID of the service principal's tenant. Also called its directory ID.
+
+Set this if using
+- Service principal with client secret
+- Service principal with certificate
+- User with username and password
+
+
+Properties:
+
+- Config: tenant
+- Env Var: RCLONE_AZUREBLOB_TENANT
+- Type: string
+- Required: false
+
+#### --azureblob-client-id
+
+The ID of the client in use.
+
+Set this if using
+- Service principal with client secret
+- Service principal with certificate
+- User with username and password
+
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_AZUREBLOB_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --azureblob-client-secret
+
+One of the service principal's client secrets
+
+Set this if using
+- Service principal with client secret
+
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_AZUREBLOB_CLIENT_SECRET
+- Type: string
+- Required: false
+
+#### --azureblob-client-certificate-path
+
+Path to a PEM or PKCS12 certificate file including the private key.
+
+Set this if using
+- Service principal with certificate
+
+
+Properties:
+
+- Config: client_certificate_path
+- Env Var: RCLONE_AZUREBLOB_CLIENT_CERTIFICATE_PATH
+- Type: string
+- Required: false
+
+#### --azureblob-client-certificate-password
+
+Password for the certificate file (optional).
+
+Optionally set this if using
+- Service principal with certificate
+
+And the certificate has a password.
+
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: client_certificate_password
+- Env Var: RCLONE_AZUREBLOB_CLIENT_CERTIFICATE_PASSWORD
+- Type: string
+- Required: false
+
+### Advanced options
+
+Here are the Advanced options specific to azureblob (Microsoft Azure Blob Storage).
+
+#### --azureblob-client-send-certificate-chain
+
+Send the certificate chain when using certificate auth.
+
+Specifies whether an authentication request will include an x5c header
+to support subject name / issuer based authentication. When set to
+true, authentication requests include the x5c header.
+
+Optionally set this if using
+- Service principal with certificate
+
+
+Properties:
+
+- Config: client_send_certificate_chain
+- Env Var: RCLONE_AZUREBLOB_CLIENT_SEND_CERTIFICATE_CHAIN
+- Type: bool
+- Default: false
+
+#### --azureblob-username
+
+User name (usually an email address)
+
+Set this if using
+- User with username and password
+
+
+Properties:
+
+- Config: username
+- Env Var: RCLONE_AZUREBLOB_USERNAME
+- Type: string
+- Required: false
+
+#### --azureblob-password
+
+The user's password
+
+Set this if using
+- User with username and password
+
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: password
+- Env Var: RCLONE_AZUREBLOB_PASSWORD
+- Type: string
+- Required: false
+
+#### --azureblob-service-principal-file
+
+Path to file containing credentials for use with a service principal.
+
+Leave blank normally. Needed only if you want to use a service principal instead of interactive login.
+
+ $ az ad sp create-for-rbac --name "<name>" \
+ --role "Storage Blob Data Owner" \
+ --scopes "/subscriptions/<subscription>/resourceGroups/<resource-group>/providers/Microsoft.Storage/storageAccounts/<storage-account>/blobServices/default/containers/<container>" \
+ > azure-principal.json
+
+See ["Create an Azure service principal"](https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli) and ["Assign an Azure role for access to blob data"](https://docs.microsoft.com/en-us/azure/storage/common/storage-auth-aad-rbac-cli) pages for more details.
+
+It may be more convenient to put the credentials directly into the
+rclone config file under the `client_id`, `tenant` and `client_secret`
+keys instead of setting `service_principal_file`.
+
+
+Properties:
+
+- Config: service_principal_file
+- Env Var: RCLONE_AZUREBLOB_SERVICE_PRINCIPAL_FILE
+- Type: string
+- Required: false
+
+#### --azureblob-use-msi
+
+Use a managed service identity to authenticate (only works in Azure).
+
+When true, use a [managed service identity](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/)
+to authenticate to Azure Storage instead of a SAS token or account key.
+
+If the VM(SS) on which this program is running has a system-assigned identity, it will
+be used by default. If the resource has no system-assigned but exactly one user-assigned identity,
+the user-assigned identity will be used by default. If the resource has multiple user-assigned
+identities, the identity to use must be explicitly specified using exactly one of the msi_object_id,
+msi_client_id, or msi_mi_res_id parameters.
+
+Properties:
+
+- Config: use_msi
+- Env Var: RCLONE_AZUREBLOB_USE_MSI
+- Type: bool
+- Default: false
+
+#### --azureblob-msi-object-id
+
+Object ID of the user-assigned MSI to use, if any.
+
+Leave blank if msi_client_id or msi_mi_res_id specified.
+
+Properties:
+
+- Config: msi_object_id
+- Env Var: RCLONE_AZUREBLOB_MSI_OBJECT_ID
+- Type: string
+- Required: false
+
+#### --azureblob-msi-client-id
+
+Object ID of the user-assigned MSI to use, if any.
+
+Leave blank if msi_object_id or msi_mi_res_id specified.
+
+Properties:
+
+- Config: msi_client_id
+- Env Var: RCLONE_AZUREBLOB_MSI_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --azureblob-msi-mi-res-id
+
+Azure resource ID of the user-assigned MSI to use, if any.
+
+Leave blank if msi_client_id or msi_object_id specified.
+
+Properties:
+
+- Config: msi_mi_res_id
+- Env Var: RCLONE_AZUREBLOB_MSI_MI_RES_ID
+- Type: string
+- Required: false
+
+#### --azureblob-use-emulator
+
+Uses local storage emulator if provided as 'true'.
+
+Leave blank if using real azure storage endpoint.
+
+Properties:
+
+- Config: use_emulator
+- Env Var: RCLONE_AZUREBLOB_USE_EMULATOR
+- Type: bool
+- Default: false
+
+#### --azureblob-endpoint
+
+Endpoint for the service.
+
+Leave blank normally.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_AZUREBLOB_ENDPOINT
+- Type: string
+- Required: false
+
+#### --azureblob-upload-cutoff
+
+Cutoff for switching to chunked upload (<= 256 MiB) (deprecated).
+
+Properties:
+
+- Config: upload_cutoff
+- Env Var: RCLONE_AZUREBLOB_UPLOAD_CUTOFF
+- Type: string
+- Required: false
+
+#### --azureblob-chunk-size
+
+Upload chunk size.
+
+Note that this is stored in memory and there may be up to
+"--transfers" * "--azureblob-upload-concurrency" chunks stored at once
+in memory.
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_AZUREBLOB_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 4Mi
+
+#### --azureblob-upload-concurrency
+
+Concurrency for multipart uploads.
+
+This is the number of chunks of the same file that are uploaded
+concurrently.
+
+If you are uploading small numbers of large files over high-speed
+links and these uploads do not fully utilize your bandwidth, then
+increasing this may help to speed up the transfers.
+
+In tests, upload speed increases almost linearly with upload
+concurrency. For example to fill a gigabit pipe it may be necessary to
+raise this to 64. Note that this will use more memory.
+
+Note that chunks are stored in memory and there may be up to
+"--transfers" * "--azureblob-upload-concurrency" chunks stored at once
+in memory.
+
+Properties:
+
+- Config: upload_concurrency
+- Env Var: RCLONE_AZUREBLOB_UPLOAD_CONCURRENCY
+- Type: int
+- Default: 16
+
+#### --azureblob-list-chunk
+
+Size of blob list.
+
+This sets the number of blobs requested in each listing chunk. Default
+is the maximum, 5000. "List blobs" requests are permitted 2 minutes
+per megabyte to complete. If an operation is taking longer than 2
+minutes per megabyte on average, it will time out (
+[source](https://docs.microsoft.com/en-us/rest/api/storageservices/setting-timeouts-for-blob-service-operations#exceptions-to-default-timeout-interval)
+). This can be used to limit the number of blobs items to return, to
+avoid the time out.
+
+Properties:
+
+- Config: list_chunk
+- Env Var: RCLONE_AZUREBLOB_LIST_CHUNK
+- Type: int
+- Default: 5000
+
+#### --azureblob-access-tier
+
+Access tier of blob: hot, cool, cold or archive.
+
+Archived blobs can be restored by setting access tier to hot, cool or
+cold. Leave blank if you intend to use default access tier, which is
+set at account level
+
+If there is no "access tier" specified, rclone doesn't apply any tier.
+rclone performs "Set Tier" operation on blobs while uploading, if objects
+are not modified, specifying "access tier" to new one will have no effect.
+If blobs are in "archive tier" at remote, trying to perform data transfer
+operations from remote will not be allowed. User should first restore by
+tiering blob to "Hot", "Cool" or "Cold".
+
+Properties:
+
+- Config: access_tier
+- Env Var: RCLONE_AZUREBLOB_ACCESS_TIER
+- Type: string
+- Required: false
+
+#### --azureblob-archive-tier-delete
+
+Delete archive tier blobs before overwriting.
+
+Archive tier blobs cannot be updated. So without this flag, if you
+attempt to update an archive tier blob, then rclone will produce the
+error:
+
+ can't update archive tier blob without --azureblob-archive-tier-delete
+
+With this flag set then before rclone attempts to overwrite an archive
+tier blob, it will delete the existing blob before uploading its
+replacement. This has the potential for data loss if the upload fails
+(unlike updating a normal blob) and also may cost more since deleting
+archive tier blobs early may be chargable.
+
+
+Properties:
+
+- Config: archive_tier_delete
+- Env Var: RCLONE_AZUREBLOB_ARCHIVE_TIER_DELETE
+- Type: bool
+- Default: false
+
+#### --azureblob-disable-checksum
+
+Don't store MD5 checksum with object metadata.
+
+Normally rclone will calculate the MD5 checksum of the input before
+uploading it so it can add it to metadata on the object. This is great
+for data integrity checking but can cause long delays for large files
+to start uploading.
+
+Properties:
+
+- Config: disable_checksum
+- Env Var: RCLONE_AZUREBLOB_DISABLE_CHECKSUM
+- Type: bool
+- Default: false
+
+#### --azureblob-memory-pool-flush-time
+
+How often internal memory buffer pools will be flushed. (no longer used)
+
+Properties:
+
+- Config: memory_pool_flush_time
+- Env Var: RCLONE_AZUREBLOB_MEMORY_POOL_FLUSH_TIME
+- Type: Duration
+- Default: 1m0s
+
+#### --azureblob-memory-pool-use-mmap
+
+Whether to use mmap buffers in internal memory pool. (no longer used)
+
+Properties:
+
+- Config: memory_pool_use_mmap
+- Env Var: RCLONE_AZUREBLOB_MEMORY_POOL_USE_MMAP
+- Type: bool
+- Default: false
+
+#### --azureblob-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_AZUREBLOB_ENCODING
+- Type: Encoding
+- Default: Slash,BackSlash,Del,Ctl,RightPeriod,InvalidUtf8
+
+#### --azureblob-public-access
+
+Public access level of a container: blob or container.
+
+Properties:
+
+- Config: public_access
+- Env Var: RCLONE_AZUREBLOB_PUBLIC_ACCESS
+- Type: string
+- Required: false
+- Examples:
+ - ""
+ - The container and its blobs can be accessed only with an authorized request.
+ - It's a default value.
+ - "blob"
+ - Blob data within this container can be read via anonymous request.
+ - "container"
+ - Allow full public read access for container and blob data.
+
+#### --azureblob-directory-markers
+
+Upload an empty object with a trailing slash when a new directory is created
+
+Empty folders are unsupported for bucket based remotes, this option
+creates an empty object ending with "/", to persist the folder.
+
+This object also has the metadata "hdi_isfolder = true" to conform to
+the Microsoft standard.
+
+
+Properties:
+
+- Config: directory_markers
+- Env Var: RCLONE_AZUREBLOB_DIRECTORY_MARKERS
+- Type: bool
+- Default: false
+
+#### --azureblob-no-check-container
+
+If set, don't attempt to check the container exists or create it.
+
+This can be useful when trying to minimise the number of transactions
+rclone does if you know the container exists already.
+
+
+Properties:
+
+- Config: no_check_container
+- Env Var: RCLONE_AZUREBLOB_NO_CHECK_CONTAINER
+- Type: bool
+- Default: false
+
+#### --azureblob-no-head-object
+
+If set, do not do HEAD before GET when getting objects.
+
+Properties:
+
+- Config: no_head_object
+- Env Var: RCLONE_AZUREBLOB_NO_HEAD_OBJECT
+- Type: bool
+- Default: false
+
+
+
+### Custom upload headers
+
+You can set custom upload headers with the `--header-upload` flag.
+
+- Cache-Control
+- Content-Disposition
+- Content-Encoding
+- Content-Language
+- Content-Type
+
+Eg `--header-upload "Content-Type: text/potato"`
+
+## Limitations
+
+MD5 sums are only uploaded with chunked files if the source has an MD5
+sum. This will always be the case for a local to azure copy.
+
+`rclone about` is not supported by the Microsoft Azure Blob storage backend. Backends without
+this capability cannot determine free space for an rclone mount or
+use policy `mfs` (most free space) as a member of an rclone union
+remote.
+
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
+
+## Azure Storage Emulator Support
+
+You can run rclone with the storage emulator (usually _azurite_).
+
+To do this, just set up a new remote with `rclone config` following
+the instructions in the introduction and set `use_emulator` in the
+advanced settings as `true`. You do not need to provide a default
+account name nor an account key. But you can override them in the
+`account` and `key` options. (Prior to v1.61 they were hard coded to
+_azurite_'s `devstoreaccount1`.)
+
+Also, if you want to access a storage emulator instance running on a
+different machine, you can override the `endpoint` parameter in the
+advanced settings, setting it to
+`http(s)://<host>:<port>/devstoreaccount1`
+(e.g. `http://10.254.2.5:10000/devstoreaccount1`).
+
+# Microsoft Azure Files Storage
+
+Paths are specified as `remote:` You may put subdirectories in too,
+e.g. `remote:path/to/dir`.
+
+## Configuration
+
+Here is an example of making a Microsoft Azure Files Storage
+configuration. For a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / Microsoft Azure Files Storage "azurefiles" [snip]
+Option account. Azure Storage Account Name. Set this to the Azure Storage Account Name in use. Leave blank to use SAS URL or connection string, otherwise it needs to be set. If this is blank and if env_auth is set it will be read from the environment variable AZURE_STORAGE_ACCOUNT_NAME
if possible. Enter a value. Press Enter to leave empty. account> account_name
+Option share_name. Azure Files Share Name. This is required and is the name of the share to access. Enter a value. Press Enter to leave empty. share_name> share_name
+Option env_auth. Read credentials from runtime (environment variables, CLI or MSI). See the authentication docs for full info. Enter a boolean value (true or false). Press Enter for the default (false). env_auth>
+Option key. Storage Account Shared Key. Leave blank to use SAS URL or connection string. Enter a value. Press Enter to leave empty. key> base64encodedkey==
+Option sas_url. SAS URL. Leave blank if using account/key or connection string. Enter a value. Press Enter to leave empty. sas_url>
+Option connection_string. Azure Files Connection String. Enter a value. Press Enter to leave empty. connection_string> [snip]
+Configuration complete. Options: - type: azurefiles - account: account_name - share_name: share_name - key: base64encodedkey== Keep this "remote" remote? y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d>
+
+Once configured you can use rclone.
+
+See all files in the top level:
+
+ rclone lsf remote:
+
+Make a new directory in the root:
+
+ rclone mkdir remote:dir
+
+Recursively List the contents:
+
+ rclone ls remote:
+
+Sync `/home/local/directory` to the remote directory, deleting any
+excess files in the directory.
+
+ rclone sync --interactive /home/local/directory remote:dir
+
+### Modified time
+
+The modified time is stored as Azure standard `LastModified` time on
+files
+
+### Performance
+
+When uploading large files, increasing the value of
+`--azurefiles-upload-concurrency` will increase performance at the cost
+of using more memory. The default of 16 is set quite conservatively to
+use less memory. It maybe be necessary raise it to 64 or higher to
+fully utilize a 1 GBit/s link with a single file transfer.
+
+### Restricted filename characters
+
+In addition to the [default restricted characters set](https://rclone.org/overview/#restricted-characters)
+the following characters are also replaced:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| " | 0x22 | " |
+| * | 0x2A | * |
+| : | 0x3A | : |
+| < | 0x3C | < |
+| > | 0x3E | > |
+| ? | 0x3F | ? |
+| \ | 0x5C | \ |
+| \| | 0x7C | | |
+
+File names can also not end with the following characters.
+These only get replaced if they are the last character in the name:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| . | 0x2E | . |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+### Hashes
+
+MD5 hashes are stored with files. Not all files will have MD5 hashes
+as these have to be uploaded with the file.
+
+### Authentication {#authentication}
+
+There are a number of ways of supplying credentials for Azure Files
+Storage. Rclone tries them in the order of the sections below.
+
+#### Env Auth
+
+If the `env_auth` config parameter is `true` then rclone will pull
+credentials from the environment or runtime.
+
+It tries these authentication methods in this order:
+
+1. Environment Variables
+2. Managed Service Identity Credentials
+3. Azure CLI credentials (as used by the az tool)
+
+These are described in the following sections
+
+##### Env Auth: 1. Environment Variables
+
+If `env_auth` is set and environment variables are present rclone
+authenticates a service principal with a secret or certificate, or a
+user with a password, depending on which environment variable are set.
+It reads configuration from these variables, in the following order:
+
+1. Service principal with client secret
+ - `AZURE_TENANT_ID`: ID of the service principal's tenant. Also called its "directory" ID.
+ - `AZURE_CLIENT_ID`: the service principal's client ID
+ - `AZURE_CLIENT_SECRET`: one of the service principal's client secrets
+2. Service principal with certificate
+ - `AZURE_TENANT_ID`: ID of the service principal's tenant. Also called its "directory" ID.
+ - `AZURE_CLIENT_ID`: the service principal's client ID
+ - `AZURE_CLIENT_CERTIFICATE_PATH`: path to a PEM or PKCS12 certificate file including the private key.
+ - `AZURE_CLIENT_CERTIFICATE_PASSWORD`: (optional) password for the certificate file.
+ - `AZURE_CLIENT_SEND_CERTIFICATE_CHAIN`: (optional) Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to "true" or "1", authentication requests include the x5c header.
+3. User with username and password
+ - `AZURE_TENANT_ID`: (optional) tenant to authenticate in. Defaults to "organizations".
+ - `AZURE_CLIENT_ID`: client ID of the application the user will authenticate to
+ - `AZURE_USERNAME`: a username (usually an email address)
+ - `AZURE_PASSWORD`: the user's password
+4. Workload Identity
+ - `AZURE_TENANT_ID`: Tenant to authenticate in.
+ - `AZURE_CLIENT_ID`: Client ID of the application the user will authenticate to.
+ - `AZURE_FEDERATED_TOKEN_FILE`: Path to projected service account token file.
+ - `AZURE_AUTHORITY_HOST`: Authority of an Azure Active Directory endpoint (default: login.microsoftonline.com).
+
+
+##### Env Auth: 2. Managed Service Identity Credentials
+
+When using Managed Service Identity if the VM(SS) on which this
+program is running has a system-assigned identity, it will be used by
+default. If the resource has no system-assigned but exactly one
+user-assigned identity, the user-assigned identity will be used by
+default.
+
+If the resource has multiple user-assigned identities you will need to
+unset `env_auth` and set `use_msi` instead. See the [`use_msi`
+section](#use_msi).
+
+##### Env Auth: 3. Azure CLI credentials (as used by the az tool)
+
+Credentials created with the `az` tool can be picked up using `env_auth`.
+
+For example if you were to login with a service principal like this:
+
+ az login --service-principal -u XXX -p XXX --tenant XXX
+
+Then you could access rclone resources like this:
+
+ rclone lsf :azurefiles,env_auth,account=ACCOUNT:
+
+Or
+
+ rclone lsf --azurefiles-env-auth --azurefiles-account=ACCOUNT :azurefiles:
+
+#### Account and Shared Key
+
+This is the most straight forward and least flexible way. Just fill
+in the `account` and `key` lines and leave the rest blank.
+
+#### SAS URL
+
+To use it leave `account`, `key` and `connection_string` blank and fill in `sas_url`.
+
+#### Connection String
+
+To use it leave `account`, `key` and "sas_url" blank and fill in `connection_string`.
+
+#### Service principal with client secret
+
+If these variables are set, rclone will authenticate with a service principal with a client secret.
+
+- `tenant`: ID of the service principal's tenant. Also called its "directory" ID.
+- `client_id`: the service principal's client ID
+- `client_secret`: one of the service principal's client secrets
+
+The credentials can also be placed in a file using the
+`service_principal_file` configuration option.
+
+#### Service principal with certificate
+
+If these variables are set, rclone will authenticate with a service principal with certificate.
+
+- `tenant`: ID of the service principal's tenant. Also called its "directory" ID.
+- `client_id`: the service principal's client ID
+- `client_certificate_path`: path to a PEM or PKCS12 certificate file including the private key.
+- `client_certificate_password`: (optional) password for the certificate file.
+- `client_send_certificate_chain`: (optional) Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to "true" or "1", authentication requests include the x5c header.
+
+**NB** `client_certificate_password` must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+#### User with username and password
+
+If these variables are set, rclone will authenticate with username and password.
+
+- `tenant`: (optional) tenant to authenticate in. Defaults to "organizations".
+- `client_id`: client ID of the application the user will authenticate to
+- `username`: a username (usually an email address)
+- `password`: the user's password
+
+Microsoft doesn't recommend this kind of authentication, because it's
+less secure than other authentication flows. This method is not
+interactive, so it isn't compatible with any form of multi-factor
+authentication, and the application must already have user or admin
+consent. This credential can only authenticate work and school
+accounts; it can't authenticate Microsoft accounts.
+
+**NB** `password` must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+#### Managed Service Identity Credentials {#use_msi}
+
+If `use_msi` is set then managed service identity credentials are
+used. This authentication only works when running in an Azure service.
+`env_auth` needs to be unset to use this.
+
+However if you have multiple user identities to choose from these must
+be explicitly specified using exactly one of the `msi_object_id`,
+`msi_client_id`, or `msi_mi_res_id` parameters.
+
+If none of `msi_object_id`, `msi_client_id`, or `msi_mi_res_id` is
+set, this is is equivalent to using `env_auth`.
+
+
+### Standard options
+
+Here are the Standard options specific to azurefiles (Microsoft Azure Files).
+
+#### --azurefiles-account
+
+Azure Storage Account Name.
+
+Set this to the Azure Storage Account Name in use.
+
+Leave blank to use SAS URL or connection string, otherwise it needs to be set.
+
+If this is blank and if env_auth is set it will be read from the
+environment variable `AZURE_STORAGE_ACCOUNT_NAME` if possible.
+
+
+Properties:
+
+- Config: account
+- Env Var: RCLONE_AZUREFILES_ACCOUNT
+- Type: string
+- Required: false
+
+#### --azurefiles-share-name
+
+Azure Files Share Name.
+
+This is required and is the name of the share to access.
+
+
+Properties:
+
+- Config: share_name
+- Env Var: RCLONE_AZUREFILES_SHARE_NAME
+- Type: string
+- Required: false
+
+#### --azurefiles-env-auth
+
+Read credentials from runtime (environment variables, CLI or MSI).
+
+See the [authentication docs](/azurefiles#authentication) for full info.
+
+Properties:
+
+- Config: env_auth
+- Env Var: RCLONE_AZUREFILES_ENV_AUTH
+- Type: bool
+- Default: false
+
+#### --azurefiles-key
+
+Storage Account Shared Key.
+
+Leave blank to use SAS URL or connection string.
+
+Properties:
+
+- Config: key
+- Env Var: RCLONE_AZUREFILES_KEY
+- Type: string
+- Required: false
+
+#### --azurefiles-sas-url
+
+SAS URL.
+
+Leave blank if using account/key or connection string.
+
+Properties:
+
+- Config: sas_url
+- Env Var: RCLONE_AZUREFILES_SAS_URL
+- Type: string
+- Required: false
+
+#### --azurefiles-connection-string
+
+Azure Files Connection String.
+
+Properties:
+
+- Config: connection_string
+- Env Var: RCLONE_AZUREFILES_CONNECTION_STRING
+- Type: string
+- Required: false
+
+#### --azurefiles-tenant
+
+ID of the service principal's tenant. Also called its directory ID.
+
+Set this if using
+- Service principal with client secret
+- Service principal with certificate
+- User with username and password
+
+
+Properties:
+
+- Config: tenant
+- Env Var: RCLONE_AZUREFILES_TENANT
+- Type: string
+- Required: false
+
+#### --azurefiles-client-id
+
+The ID of the client in use.
+
+Set this if using
+- Service principal with client secret
+- Service principal with certificate
+- User with username and password
+
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_AZUREFILES_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --azurefiles-client-secret
+
+One of the service principal's client secrets
+
+Set this if using
+- Service principal with client secret
+
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_AZUREFILES_CLIENT_SECRET
+- Type: string
+- Required: false
+
+#### --azurefiles-client-certificate-path
+
+Path to a PEM or PKCS12 certificate file including the private key.
+
+Set this if using
+- Service principal with certificate
+
+
+Properties:
+
+- Config: client_certificate_path
+- Env Var: RCLONE_AZUREFILES_CLIENT_CERTIFICATE_PATH
+- Type: string
+- Required: false
+
+#### --azurefiles-client-certificate-password
+
+Password for the certificate file (optional).
+
+Optionally set this if using
+- Service principal with certificate
+
+And the certificate has a password.
+
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: client_certificate_password
+- Env Var: RCLONE_AZUREFILES_CLIENT_CERTIFICATE_PASSWORD
+- Type: string
+- Required: false
+
+### Advanced options
+
+Here are the Advanced options specific to azurefiles (Microsoft Azure Files).
+
+#### --azurefiles-client-send-certificate-chain
+
+Send the certificate chain when using certificate auth.
+
+Specifies whether an authentication request will include an x5c header
+to support subject name / issuer based authentication. When set to
+true, authentication requests include the x5c header.
+
+Optionally set this if using
+- Service principal with certificate
+
+
+Properties:
+
+- Config: client_send_certificate_chain
+- Env Var: RCLONE_AZUREFILES_CLIENT_SEND_CERTIFICATE_CHAIN
+- Type: bool
+- Default: false
+
+#### --azurefiles-username
+
+User name (usually an email address)
+
+Set this if using
+- User with username and password
+
+
+Properties:
+
+- Config: username
+- Env Var: RCLONE_AZUREFILES_USERNAME
+- Type: string
+- Required: false
+
+#### --azurefiles-password
+
+The user's password
+
+Set this if using
+- User with username and password
+
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: password
+- Env Var: RCLONE_AZUREFILES_PASSWORD
+- Type: string
+- Required: false
+
+#### --azurefiles-service-principal-file
+
+Path to file containing credentials for use with a service principal.
+
+Leave blank normally. Needed only if you want to use a service principal instead of interactive login.
+
+ $ az ad sp create-for-rbac --name "<name>" \
+ --role "Storage Files Data Owner" \
+ --scopes "/subscriptions/<subscription>/resourceGroups/<resource-group>/providers/Microsoft.Storage/storageAccounts/<storage-account>/blobServices/default/containers/<container>" \
+ > azure-principal.json
+
+See ["Create an Azure service principal"](https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli) and ["Assign an Azure role for access to files data"](https://docs.microsoft.com/en-us/azure/storage/common/storage-auth-aad-rbac-cli) pages for more details.
+
+**NB** this section needs updating for Azure Files - pull requests appreciated!
+
+It may be more convenient to put the credentials directly into the
+rclone config file under the `client_id`, `tenant` and `client_secret`
+keys instead of setting `service_principal_file`.
+
+
+Properties:
+
+- Config: service_principal_file
+- Env Var: RCLONE_AZUREFILES_SERVICE_PRINCIPAL_FILE
+- Type: string
+- Required: false
+
+#### --azurefiles-use-msi
+
+Use a managed service identity to authenticate (only works in Azure).
+
+When true, use a [managed service identity](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/)
+to authenticate to Azure Storage instead of a SAS token or account key.
+
+If the VM(SS) on which this program is running has a system-assigned identity, it will
+be used by default. If the resource has no system-assigned but exactly one user-assigned identity,
+the user-assigned identity will be used by default. If the resource has multiple user-assigned
+identities, the identity to use must be explicitly specified using exactly one of the msi_object_id,
+msi_client_id, or msi_mi_res_id parameters.
+
+Properties:
+
+- Config: use_msi
+- Env Var: RCLONE_AZUREFILES_USE_MSI
+- Type: bool
+- Default: false
+
+#### --azurefiles-msi-object-id
+
+Object ID of the user-assigned MSI to use, if any.
+
+Leave blank if msi_client_id or msi_mi_res_id specified.
+
+Properties:
+
+- Config: msi_object_id
+- Env Var: RCLONE_AZUREFILES_MSI_OBJECT_ID
+- Type: string
+- Required: false
+
+#### --azurefiles-msi-client-id
+
+Object ID of the user-assigned MSI to use, if any.
+
+Leave blank if msi_object_id or msi_mi_res_id specified.
+
+Properties:
+
+- Config: msi_client_id
+- Env Var: RCLONE_AZUREFILES_MSI_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --azurefiles-msi-mi-res-id
+
+Azure resource ID of the user-assigned MSI to use, if any.
+
+Leave blank if msi_client_id or msi_object_id specified.
+
+Properties:
+
+- Config: msi_mi_res_id
+- Env Var: RCLONE_AZUREFILES_MSI_MI_RES_ID
+- Type: string
+- Required: false
+
+#### --azurefiles-endpoint
+
+Endpoint for the service.
+
+Leave blank normally.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_AZUREFILES_ENDPOINT
+- Type: string
+- Required: false
+
+#### --azurefiles-chunk-size
+
+Upload chunk size.
+
+Note that this is stored in memory and there may be up to
+"--transfers" * "--azurefile-upload-concurrency" chunks stored at once
+in memory.
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_AZUREFILES_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 4Mi
+
+#### --azurefiles-upload-concurrency
+
+Concurrency for multipart uploads.
+
+This is the number of chunks of the same file that are uploaded
+concurrently.
+
+If you are uploading small numbers of large files over high-speed
+links and these uploads do not fully utilize your bandwidth, then
+increasing this may help to speed up the transfers.
+
+Note that chunks are stored in memory and there may be up to
+"--transfers" * "--azurefile-upload-concurrency" chunks stored at once
+in memory.
+
+Properties:
+
+- Config: upload_concurrency
+- Env Var: RCLONE_AZUREFILES_UPLOAD_CONCURRENCY
+- Type: int
+- Default: 16
+
+#### --azurefiles-max-stream-size
+
+Max size for streamed files.
+
+Azure files needs to know in advance how big the file will be. When
+rclone doesn't know it uses this value instead.
+
+This will be used when rclone is streaming data, the most common uses are:
+
+- Uploading files with `--vfs-cache-mode off` with `rclone mount`
+- Using `rclone rcat`
+- Copying files with unknown length
+
+You will need this much free space in the share as the file will be this size temporarily.
+
+
+Properties:
+
+- Config: max_stream_size
+- Env Var: RCLONE_AZUREFILES_MAX_STREAM_SIZE
+- Type: SizeSuffix
+- Default: 10Gi
+
+#### --azurefiles-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_AZUREFILES_ENCODING
+- Type: Encoding
+- Default: Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,RightPeriod,InvalidUtf8,Dot
+
+
+
+### Custom upload headers
+
+You can set custom upload headers with the `--header-upload` flag.
+
+- Cache-Control
+- Content-Disposition
+- Content-Encoding
+- Content-Language
+- Content-Type
+
+Eg `--header-upload "Content-Type: text/potato"`
+
+## Limitations
+
+MD5 sums are only uploaded with chunked files if the source has an MD5
+sum. This will always be the case for a local to azure copy.
+
+# Microsoft OneDrive
+
+Paths are specified as `remote:path`
+
+Paths may be as deep as required, e.g. `remote:directory/subdirectory`.
+
+## Configuration
+
+The initial setup for OneDrive involves getting a token from
+Microsoft which you need to do in your browser. `rclone config` walks
+you through it.
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+
+- Edit existing remote
+- New remote
+- Delete remote
+- Rename remote
+- Copy remote
+- Set configuration password
+- Quit config e/n/d/r/c/s/q> n name> remote Type of storage to configure. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value [snip] XX / Microsoft OneDrive "onedrive" [snip] Storage> onedrive Microsoft App Client Id Leave blank normally. Enter a string value. Press Enter for the default (""). client_id> Microsoft App Client Secret Leave blank normally. Enter a string value. Press Enter for the default (""). client_secret> Edit advanced config? (y/n)
+- Yes
+- No y/n> n Remote config Use web browser to automatically authenticate rclone with remote?
+
-- Config: encoding
-- Env Var: RCLONE_SWIFT_ENCODING
-- Type: MultiEncoder
-- Default: Slash,InvalidUtf8
-
-Limitations
-The Swift API doesn't return a correct MD5SUM for segmented files (Dynamic or Static Large Objects) so rclone won't check or use the MD5SUM for these.
-Troubleshooting
-Rclone gives Failed to create file system for "remote:": Bad Request
-Due to an oddity of the underlying swift library, it gives a "Bad Request" error rather than a more sensible error when the authentication fails for Swift.
-So this most likely means your username / password is wrong. You can investigate further with the --dump-bodies
flag.
-This may also be caused by specifying the region when you shouldn't have (e.g. OVH).
-Rclone gives Failed to create file system: Response didn't have storage url and auth token
-This is most likely caused by forgetting to specify your tenant when setting up a swift remote.
-OVH Cloud Archive
-To use rclone with OVH cloud archive, first use rclone config
to set up a swift
backend with OVH, choosing pca
as the storage_policy
.
-Uploading Objects
-Uploading objects to OVH cloud archive is no different to object storage, you just simply run the command you like (move, copy or sync) to upload the objects. Once uploaded the objects will show in a "Frozen" state within the OVH control panel.
-Retrieving Objects
-To retrieve objects use rclone copy
as normal. If the objects are in a frozen state then rclone will ask for them all to be unfrozen and it will wait at the end of the output with a message like the following:
-2019/03/23 13:06:33 NOTICE: Received retry after error - sleeping until 2019-03-23T13:16:33.481657164+01:00 (9m59.99985121s)
-Rclone will wait for the time specified then retry the copy.
-pCloud
-Paths are specified as remote:path
-Paths may be as deep as required, e.g. remote:directory/subdirectory
.
-Configuration
-The initial setup for pCloud involves getting a token from pCloud which you need to do in your browser. rclone config
walks you through it.
-Here is an example of how to make a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Pcloud
- \ "pcloud"
-[snip]
-Storage> pcloud
-Pcloud App Client Id - leave blank normally.
-client_id>
-Pcloud App Client Secret - leave blank normally.
-client_secret>
-Remote config
-Use web browser to automatically authenticate rclone with remote?
- * Say Y if the machine running rclone has a web browser you can use
- * Say N if running rclone on a (remote) machine without web browser access
-If not sure try Y. If Y failed, try N.
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
---------------------
-[remote]
-client_id =
-client_secret =
-token = {"access_token":"XXX","token_type":"bearer","expiry":"0001-01-01T00:00:00Z"}
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-See the remote setup docs for how to set it up on a machine with no Internet browser available.
-Note that rclone runs a webserver on your local machine to collect the token as returned from pCloud. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/
and this it may require you to unblock it temporarily if you are running a host firewall.
-Once configured you can then use rclone
like this,
-List directories in top level of your pCloud
-rclone lsd remote:
-List all the files in your pCloud
-rclone ls remote:
-To copy a local directory to a pCloud directory called backup
-rclone copy /home/source remote:backup
-Modified time and hashes
-pCloud allows modification times to be set on objects accurate to 1 second. These will be used to detect whether objects need syncing or not. In order to set a Modification time pCloud requires the object be re-uploaded.
-pCloud supports MD5 and SHA1 hashes in the US region, and SHA1 and SHA256 hashes in the EU region, so you can use the --checksum
flag.
-Restricted filename characters
-In addition to the default restricted characters set the following characters are also replaced:
-
+- Say Y if the machine running rclone has a web browser you can use
+- Say N if running rclone on a (remote) machine without web browser access If not sure try Y. If Y failed, try N.
+
+
+- Yes
+- No y/n> y If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth Log in and authorize rclone for access Waiting for code... Got code Choose a number from below, or type in an existing value 1 / OneDrive Personal or Business "onedrive" 2 / Sharepoint site "sharepoint" 3 / Type in driveID "driveid" 4 / Type in SiteID "siteid" 5 / Search a Sharepoint site "search" Your choice> 1 Found 1 drives, please select the one you want to use: 0: OneDrive (business) id=b!Eqwertyuiopasdfghjklzxcvbnm-7mnbvcxzlkjhgfdsapoiuytrewqk Chose drive to use:> 0 Found drive 'root' of type 'business', URL: https://org-my.sharepoint.com/personal/you/Documents Is that okay?
+- Yes
+- No y/n> y -------------------- [remote] type = onedrive token = {"access_token":"youraccesstoken","token_type":"Bearer","refresh_token":"yourrefreshtoken","expiry":"2018-08-26T22:39:52.486512262+08:00"} drive_id = b!Eqwertyuiopasdfghjklzxcvbnm-7mnbvcxzlkjhgfdsapoiuytrewqk drive_type = business --------------------
+- Yes this is OK
+- Edit this remote
+- Delete this remote y/e/d> y
+
+
+See the [remote setup docs](https://rclone.org/remote_setup/) for how to set it up on a
+machine with no Internet browser available.
+
+Note that rclone runs a webserver on your local machine to collect the
+token as returned from Microsoft. This only runs from the moment it
+opens your browser to the moment you get back the verification
+code. This is on `http://127.0.0.1:53682/` and this it may require
+you to unblock it temporarily if you are running a host firewall.
+
+Once configured you can then use `rclone` like this,
+
+List directories in top level of your OneDrive
+
+ rclone lsd remote:
+
+List all the files in your OneDrive
+
+ rclone ls remote:
+
+To copy a local directory to an OneDrive directory called backup
+
+ rclone copy /home/source remote:backup
+
+### Getting your own Client ID and Key
+
+rclone uses a default Client ID when talking to OneDrive, unless a custom `client_id` is specified in the config.
+The default Client ID and Key are shared by all rclone users when performing requests.
+
+You may choose to create and use your own Client ID, in case the default one does not work well for you.
+For example, you might see throttling.
+
+#### Creating Client ID for OneDrive Personal
+
+To create your own Client ID, please follow these steps:
+
+1. Open https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade and then click `New registration`.
+2. Enter a name for your app, choose account type `Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)`, select `Web` in `Redirect URI`, then type (do not copy and paste) `http://localhost:53682/` and click Register. Copy and keep the `Application (client) ID` under the app name for later use.
+3. Under `manage` select `Certificates & secrets`, click `New client secret`. Enter a description (can be anything) and set `Expires` to 24 months. Copy and keep that secret _Value_ for later use (you _won't_ be able to see this value afterwards).
+4. Under `manage` select `API permissions`, click `Add a permission` and select `Microsoft Graph` then select `delegated permissions`.
+5. Search and select the following permissions: `Files.Read`, `Files.ReadWrite`, `Files.Read.All`, `Files.ReadWrite.All`, `offline_access`, `User.Read` and `Sites.Read.All` (if custom access scopes are configured, select the permissions accordingly). Once selected click `Add permissions` at the bottom.
+
+Now the application is complete. Run `rclone config` to create or edit a OneDrive remote.
+Supply the app ID and password as Client ID and Secret, respectively. rclone will walk you through the remaining steps.
+
+The access_scopes option allows you to configure the permissions requested by rclone.
+See [Microsoft Docs](https://docs.microsoft.com/en-us/graph/permissions-reference#files-permissions) for more information about the different scopes.
+
+The `Sites.Read.All` permission is required if you need to [search SharePoint sites when configuring the remote](https://github.com/rclone/rclone/pull/5883). However, if that permission is not assigned, you need to exclude `Sites.Read.All` from your access scopes or set `disable_site_permission` option to true in the advanced options.
+
+#### Creating Client ID for OneDrive Business
+
+The steps for OneDrive Personal may or may not work for OneDrive Business, depending on the security settings of the organization.
+A common error is that the publisher of the App is not verified.
+
+You may try to [verify you account](https://docs.microsoft.com/en-us/azure/active-directory/develop/publisher-verification-overview), or try to limit the App to your organization only, as shown below.
+
+1. Make sure to create the App with your business account.
+2. Follow the steps above to create an App. However, we need a different account type here: `Accounts in this organizational directory only (*** - Single tenant)`. Note that you can also change the account type after creating the App.
+3. Find the [tenant ID](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-how-to-find-tenant) of your organization.
+4. In the rclone config, set `auth_url` to `https://login.microsoftonline.com/YOUR_TENANT_ID/oauth2/v2.0/authorize`.
+5. In the rclone config, set `token_url` to `https://login.microsoftonline.com/YOUR_TENANT_ID/oauth2/v2.0/token`.
+
+Note: If you have a special region, you may need a different host in step 4 and 5. Here are [some hints](https://github.com/rclone/rclone/blob/bc23bf11db1c78c6ebbf8ea538fbebf7058b4176/backend/onedrive/onedrive.go#L86).
+
+
+### Modification times and hashes
+
+OneDrive allows modification times to be set on objects accurate to 1
+second. These will be used to detect whether objects need syncing or
+not.
+
+OneDrive Personal, OneDrive for Business and Sharepoint Server support
+[QuickXorHash](https://docs.microsoft.com/en-us/onedrive/developer/code-snippets/quickxorhash).
+
+Before rclone 1.62 the default hash for Onedrive Personal was `SHA1`.
+For rclone 1.62 and above the default for all Onedrive backends is
+`QuickXorHash`.
+
+Starting from July 2023 `SHA1` support is being phased out in Onedrive
+Personal in favour of `QuickXorHash`. If necessary the
+`--onedrive-hash-type` flag (or `hash_type` config option) can be used
+to select `SHA1` during the transition period if this is important
+your workflow.
+
+For all types of OneDrive you can use the `--checksum` flag.
+
+### --fast-list
+
+This remote supports `--fast-list` which allows you to use fewer
+transactions in exchange for more memory. See the [rclone
+docs](https://rclone.org/docs/#fast-list) for more details.
+
+This must be enabled with the `--onedrive-delta` flag (or `delta =
+true` in the config file) as it can cause performance degradation.
+
+It does this by using the delta listing facilities of OneDrive which
+returns all the files in the remote very efficiently. This is much
+more efficient than listing directories recursively and is Microsoft's
+recommended way of reading all the file information from a drive.
+
+This can be useful with `rclone mount` and [rclone rc vfs/refresh
+recursive=true](https://rclone.org/rc/#vfs-refresh)) to very quickly fill the mount with
+information about all the files.
+
+The API used for the recursive listing (`ListR`) only supports listing
+from the root of the drive. This will become increasingly inefficient
+the further away you get from the root as rclone will have to discard
+files outside of the directory you are using.
+
+Some commands (like `rclone lsf -R`) will use `ListR` by default - you
+can turn this off with `--disable ListR` if you need to.
+
+### Restricted filename characters
+
+In addition to the [default restricted characters set](https://rclone.org/overview/#restricted-characters)
+the following characters are also replaced:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| " | 0x22 | " |
+| * | 0x2A | * |
+| : | 0x3A | : |
+| < | 0x3C | < |
+| > | 0x3E | > |
+| ? | 0x3F | ? |
+| \ | 0x5C | \ |
+| \| | 0x7C | | |
+
+File names can also not end with the following characters.
+These only get replaced if they are the last character in the name:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| SP | 0x20 | ␠ |
+| . | 0x2E | . |
+
+File names can also not begin with the following characters.
+These only get replaced if they are the first character in the name:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| SP | 0x20 | ␠ |
+| ~ | 0x7E | ~ |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+### Deleting files
+
+Any files you delete with rclone will end up in the trash. Microsoft
+doesn't provide an API to permanently delete files, nor to empty the
+trash, so you will have to do that with one of Microsoft's apps or via
+the OneDrive website.
+
+
+### Standard options
+
+Here are the Standard options specific to onedrive (Microsoft OneDrive).
+
+#### --onedrive-client-id
+
+OAuth Client Id.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_ONEDRIVE_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --onedrive-client-secret
+
+OAuth Client Secret.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_ONEDRIVE_CLIENT_SECRET
+- Type: string
+- Required: false
+
+#### --onedrive-region
+
+Choose national cloud region for OneDrive.
+
+Properties:
+
+- Config: region
+- Env Var: RCLONE_ONEDRIVE_REGION
+- Type: string
+- Default: "global"
+- Examples:
+ - "global"
+ - Microsoft Cloud Global
+ - "us"
+ - Microsoft Cloud for US Government
+ - "de"
+ - Microsoft Cloud Germany
+ - "cn"
+ - Azure and Office 365 operated by Vnet Group in China
+
+### Advanced options
+
+Here are the Advanced options specific to onedrive (Microsoft OneDrive).
+
+#### --onedrive-token
+
+OAuth Access Token as a JSON blob.
+
+Properties:
+
+- Config: token
+- Env Var: RCLONE_ONEDRIVE_TOKEN
+- Type: string
+- Required: false
+
+#### --onedrive-auth-url
+
+Auth server URL.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: auth_url
+- Env Var: RCLONE_ONEDRIVE_AUTH_URL
+- Type: string
+- Required: false
+
+#### --onedrive-token-url
+
+Token server url.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: token_url
+- Env Var: RCLONE_ONEDRIVE_TOKEN_URL
+- Type: string
+- Required: false
+
+#### --onedrive-chunk-size
+
+Chunk size to upload files with - must be multiple of 320k (327,680 bytes).
+
+Above this size files will be chunked - must be multiple of 320k (327,680 bytes) and
+should not exceed 250M (262,144,000 bytes) else you may encounter \"Microsoft.SharePoint.Client.InvalidClientQueryException: The request message is too big.\"
+Note that the chunks will be buffered into memory.
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_ONEDRIVE_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 10Mi
+
+#### --onedrive-drive-id
+
+The ID of the drive to use.
+
+Properties:
+
+- Config: drive_id
+- Env Var: RCLONE_ONEDRIVE_DRIVE_ID
+- Type: string
+- Required: false
+
+#### --onedrive-drive-type
+
+The type of the drive (personal | business | documentLibrary).
+
+Properties:
+
+- Config: drive_type
+- Env Var: RCLONE_ONEDRIVE_DRIVE_TYPE
+- Type: string
+- Required: false
+
+#### --onedrive-root-folder-id
+
+ID of the root folder.
+
+This isn't normally needed, but in special circumstances you might
+know the folder ID that you wish to access but not be able to get
+there through a path traversal.
+
+
+Properties:
+
+- Config: root_folder_id
+- Env Var: RCLONE_ONEDRIVE_ROOT_FOLDER_ID
+- Type: string
+- Required: false
+
+#### --onedrive-access-scopes
+
+Set scopes to be requested by rclone.
+
+Choose or manually enter a custom space separated list with all scopes, that rclone should request.
+
+
+Properties:
+
+- Config: access_scopes
+- Env Var: RCLONE_ONEDRIVE_ACCESS_SCOPES
+- Type: SpaceSepList
+- Default: Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All Sites.Read.All offline_access
+- Examples:
+ - "Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All Sites.Read.All offline_access"
+ - Read and write access to all resources
+ - "Files.Read Files.Read.All Sites.Read.All offline_access"
+ - Read only access to all resources
+ - "Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All offline_access"
+ - Read and write access to all resources, without the ability to browse SharePoint sites.
+ - Same as if disable_site_permission was set to true
+
+#### --onedrive-disable-site-permission
+
+Disable the request for Sites.Read.All permission.
+
+If set to true, you will no longer be able to search for a SharePoint site when
+configuring drive ID, because rclone will not request Sites.Read.All permission.
+Set it to true if your organization didn't assign Sites.Read.All permission to the
+application, and your organization disallows users to consent app permission
+request on their own.
+
+Properties:
+
+- Config: disable_site_permission
+- Env Var: RCLONE_ONEDRIVE_DISABLE_SITE_PERMISSION
+- Type: bool
+- Default: false
+
+#### --onedrive-expose-onenote-files
+
+Set to make OneNote files show up in directory listings.
+
+By default, rclone will hide OneNote files in directory listings because
+operations like "Open" and "Update" won't work on them. But this
+behaviour may also prevent you from deleting them. If you want to
+delete OneNote files or otherwise want them to show up in directory
+listing, set this option.
+
+Properties:
+
+- Config: expose_onenote_files
+- Env Var: RCLONE_ONEDRIVE_EXPOSE_ONENOTE_FILES
+- Type: bool
+- Default: false
+
+#### --onedrive-server-side-across-configs
+
+Deprecated: use --server-side-across-configs instead.
+
+Allow server-side operations (e.g. copy) to work across different onedrive configs.
+
+This will only work if you are copying between two OneDrive *Personal* drives AND
+the files to copy are already shared between them. In other cases, rclone will
+fall back to normal copy (which will be slightly slower).
+
+Properties:
+
+- Config: server_side_across_configs
+- Env Var: RCLONE_ONEDRIVE_SERVER_SIDE_ACROSS_CONFIGS
+- Type: bool
+- Default: false
+
+#### --onedrive-list-chunk
+
+Size of listing chunk.
+
+Properties:
+
+- Config: list_chunk
+- Env Var: RCLONE_ONEDRIVE_LIST_CHUNK
+- Type: int
+- Default: 1000
+
+#### --onedrive-no-versions
+
+Remove all versions on modifying operations.
+
+Onedrive for business creates versions when rclone uploads new files
+overwriting an existing one and when it sets the modification time.
+
+These versions take up space out of the quota.
+
+This flag checks for versions after file upload and setting
+modification time and removes all but the last version.
+
+**NB** Onedrive personal can't currently delete versions so don't use
+this flag there.
+
+
+Properties:
+
+- Config: no_versions
+- Env Var: RCLONE_ONEDRIVE_NO_VERSIONS
+- Type: bool
+- Default: false
+
+#### --onedrive-link-scope
+
+Set the scope of the links created by the link command.
+
+Properties:
+
+- Config: link_scope
+- Env Var: RCLONE_ONEDRIVE_LINK_SCOPE
+- Type: string
+- Default: "anonymous"
+- Examples:
+ - "anonymous"
+ - Anyone with the link has access, without needing to sign in.
+ - This may include people outside of your organization.
+ - Anonymous link support may be disabled by an administrator.
+ - "organization"
+ - Anyone signed into your organization (tenant) can use the link to get access.
+ - Only available in OneDrive for Business and SharePoint.
+
+#### --onedrive-link-type
+
+Set the type of the links created by the link command.
+
+Properties:
+
+- Config: link_type
+- Env Var: RCLONE_ONEDRIVE_LINK_TYPE
+- Type: string
+- Default: "view"
+- Examples:
+ - "view"
+ - Creates a read-only link to the item.
+ - "edit"
+ - Creates a read-write link to the item.
+ - "embed"
+ - Creates an embeddable link to the item.
+
+#### --onedrive-link-password
+
+Set the password for links created by the link command.
+
+At the time of writing this only works with OneDrive personal paid accounts.
+
+
+Properties:
+
+- Config: link_password
+- Env Var: RCLONE_ONEDRIVE_LINK_PASSWORD
+- Type: string
+- Required: false
+
+#### --onedrive-hash-type
+
+Specify the hash in use for the backend.
+
+This specifies the hash type in use. If set to "auto" it will use the
+default hash which is QuickXorHash.
+
+Before rclone 1.62 an SHA1 hash was used by default for Onedrive
+Personal. For 1.62 and later the default is to use a QuickXorHash for
+all onedrive types. If an SHA1 hash is desired then set this option
+accordingly.
+
+From July 2023 QuickXorHash will be the only available hash for
+both OneDrive for Business and OneDriver Personal.
+
+This can be set to "none" to not use any hashes.
+
+If the hash requested does not exist on the object, it will be
+returned as an empty string which is treated as a missing hash by
+rclone.
+
+
+Properties:
+
+- Config: hash_type
+- Env Var: RCLONE_ONEDRIVE_HASH_TYPE
+- Type: string
+- Default: "auto"
+- Examples:
+ - "auto"
+ - Rclone chooses the best hash
+ - "quickxor"
+ - QuickXor
+ - "sha1"
+ - SHA1
+ - "sha256"
+ - SHA256
+ - "crc32"
+ - CRC32
+ - "none"
+ - None - don't use any hashes
+
+#### --onedrive-av-override
+
+Allows download of files the server thinks has a virus.
+
+The onedrive/sharepoint server may check files uploaded with an Anti
+Virus checker. If it detects any potential viruses or malware it will
+block download of the file.
+
+In this case you will see a message like this
+
+ server reports this file is infected with a virus - use --onedrive-av-override to download anyway: Infected (name of virus): 403 Forbidden:
+
+If you are 100% sure you want to download this file anyway then use
+the --onedrive-av-override flag, or av_override = true in the config
+file.
+
+
+Properties:
+
+- Config: av_override
+- Env Var: RCLONE_ONEDRIVE_AV_OVERRIDE
+- Type: bool
+- Default: false
+
+#### --onedrive-delta
+
+If set rclone will use delta listing to implement recursive listings.
+
+If this flag is set the the onedrive backend will advertise `ListR`
+support for recursive listings.
+
+Setting this flag speeds up these things greatly:
+
+ rclone lsf -R onedrive:
+ rclone size onedrive:
+ rclone rc vfs/refresh recursive=true
+
+**However** the delta listing API **only** works at the root of the
+drive. If you use it not at the root then it recurses from the root
+and discards all the data that is not under the directory you asked
+for. So it will be correct but may not be very efficient.
+
+This is why this flag is not set as the default.
+
+As a rule of thumb if nearly all of your data is under rclone's root
+directory (the `root/directory` in `onedrive:root/directory`) then
+using this flag will be be a big performance win. If your data is
+mostly not under the root then using this flag will be a big
+performance loss.
+
+It is recommended if you are mounting your onedrive at the root
+(or near the root when using crypt) and using rclone `rc vfs/refresh`.
+
+
+Properties:
+
+- Config: delta
+- Env Var: RCLONE_ONEDRIVE_DELTA
+- Type: bool
+- Default: false
+
+#### --onedrive-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_ONEDRIVE_ENCODING
+- Type: Encoding
+- Default: Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,LeftSpace,LeftTilde,RightSpace,RightPeriod,InvalidUtf8,Dot
+
+
+
+## Limitations
+
+If you don't use rclone for 90 days the refresh token will
+expire. This will result in authorization problems. This is easy to
+fix by running the `rclone config reconnect remote:` command to get a
+new token and refresh token.
+
+### Naming
+
+Note that OneDrive is case insensitive so you can't have a
+file called "Hello.doc" and one called "hello.doc".
+
+There are quite a few characters that can't be in OneDrive file
+names. These can't occur on Windows platforms, but on non-Windows
+platforms they are common. Rclone will map these names to and from an
+identical looking unicode equivalent. For example if a file has a `?`
+in it will be mapped to `?` instead.
+
+### File sizes
+
+The largest allowed file size is 250 GiB for both OneDrive Personal and OneDrive for Business [(Updated 13 Jan 2021)](https://support.microsoft.com/en-us/office/invalid-file-names-and-file-types-in-onedrive-and-sharepoint-64883a5d-228e-48f5-b3d2-eb39e07630fa?ui=en-us&rs=en-us&ad=us#individualfilesize).
+
+### Path length
+
+The entire path, including the file name, must contain fewer than 400 characters for OneDrive, OneDrive for Business and SharePoint Online. If you are encrypting file and folder names with rclone, you may want to pay attention to this limitation because the encrypted names are typically longer than the original ones.
+
+### Number of files
+
+OneDrive seems to be OK with at least 50,000 files in a folder, but at
+100,000 rclone will get errors listing the directory like `couldn’t
+list files: UnknownError:`. See
+[#2707](https://github.com/rclone/rclone/issues/2707) for more info.
+
+An official document about the limitations for different types of OneDrive can be found [here](https://support.office.com/en-us/article/invalid-file-names-and-file-types-in-onedrive-onedrive-for-business-and-sharepoint-64883a5d-228e-48f5-b3d2-eb39e07630fa).
+
+## Versions
+
+Every change in a file OneDrive causes the service to create a new
+version of the file. This counts against a users quota. For
+example changing the modification time of a file creates a second
+version, so the file apparently uses twice the space.
+
+For example the `copy` command is affected by this as rclone copies
+the file and then afterwards sets the modification time to match the
+source file which uses another version.
+
+You can use the `rclone cleanup` command (see below) to remove all old
+versions.
+
+Or you can set the `no_versions` parameter to `true` and rclone will
+remove versions after operations which create new versions. This takes
+extra transactions so only enable it if you need it.
+
+**Note** At the time of writing Onedrive Personal creates versions
+(but not for setting the modification time) but the API for removing
+them returns "API not found" so cleanup and `no_versions` should not
+be used on Onedrive Personal.
+
+### Disabling versioning
+
+Starting October 2018, users will no longer be able to
+disable versioning by default. This is because Microsoft has brought
+an
+[update](https://techcommunity.microsoft.com/t5/Microsoft-OneDrive-Blog/New-Updates-to-OneDrive-and-SharePoint-Team-Site-Versioning/ba-p/204390)
+to the mechanism. To change this new default setting, a PowerShell
+command is required to be run by a SharePoint admin. If you are an
+admin, you can run these commands in PowerShell to change that
+setting:
+
+1. `Install-Module -Name Microsoft.Online.SharePoint.PowerShell` (in case you haven't installed this already)
+2. `Import-Module Microsoft.Online.SharePoint.PowerShell -DisableNameChecking`
+3. `Connect-SPOService -Url https://YOURSITE-admin.sharepoint.com -Credential YOU@YOURSITE.COM` (replacing `YOURSITE`, `YOU`, `YOURSITE.COM` with the actual values; this will prompt for your credentials)
+4. `Set-SPOTenant -EnableMinimumVersionRequirement $False`
+5. `Disconnect-SPOService` (to disconnect from the server)
+
+*Below are the steps for normal users to disable versioning. If you don't see the "No Versioning" option, make sure the above requirements are met.*
+
+User [Weropol](https://github.com/Weropol) has found a method to disable
+versioning on OneDrive
+
+1. Open the settings menu by clicking on the gear symbol at the top of the OneDrive Business page.
+2. Click Site settings.
+3. Once on the Site settings page, navigate to Site Administration > Site libraries and lists.
+4. Click Customize "Documents".
+5. Click General Settings > Versioning Settings.
+6. Under Document Version History select the option No versioning.
+Note: This will disable the creation of new file versions, but will not remove any previous versions. Your documents are safe.
+7. Apply the changes by clicking OK.
+8. Use rclone to upload or modify files. (I also use the --no-update-modtime flag)
+9. Restore the versioning settings after using rclone. (Optional)
+
+## Cleanup
+
+OneDrive supports `rclone cleanup` which causes rclone to look through
+every file under the path supplied and delete all version but the
+current version. Because this involves traversing all the files, then
+querying each file for versions it can be quite slow. Rclone does
+`--checkers` tests in parallel. The command also supports `--interactive`/`i`
+or `--dry-run` which is a great way to see what it would do.
+
+ rclone cleanup --interactive remote:path/subdir # interactively remove all old version for path/subdir
+ rclone cleanup remote:path/subdir # unconditionally remove all old version for path/subdir
+
+**NB** Onedrive personal can't currently delete versions
+
+## Troubleshooting ##
+
+### Excessive throttling or blocked on SharePoint
+
+If you experience excessive throttling or is being blocked on SharePoint then it may help to set the user agent explicitly with a flag like this: `--user-agent "ISV|rclone.org|rclone/v1.55.1"`
+
+The specific details can be found in the Microsoft document: [Avoid getting throttled or blocked in SharePoint Online](https://docs.microsoft.com/en-us/sharepoint/dev/general-development/how-to-avoid-getting-throttled-or-blocked-in-sharepoint-online#how-to-decorate-your-http-traffic-to-avoid-throttling)
+
+### Unexpected file size/hash differences on Sharepoint ####
+
+It is a
+[known](https://github.com/OneDrive/onedrive-api-docs/issues/935#issuecomment-441741631)
+issue that Sharepoint (not OneDrive or OneDrive for Business) silently modifies
+uploaded files, mainly Office files (.docx, .xlsx, etc.), causing file size and
+hash checks to fail. There are also other situations that will cause OneDrive to
+report inconsistent file sizes. To use rclone with such
+affected files on Sharepoint, you
+may disable these checks with the following command line arguments:
+
+--ignore-checksum --ignore-size
+
+Alternatively, if you have write access to the OneDrive files, it may be possible
+to fix this problem for certain files, by attempting the steps below.
+Open the web interface for [OneDrive](https://onedrive.live.com) and find the
+affected files (which will be in the error messages/log for rclone). Simply click on
+each of these files, causing OneDrive to open them on the web. This will cause each
+file to be converted in place to a format that is functionally equivalent
+but which will no longer trigger the size discrepancy. Once all problematic files
+are converted you will no longer need the ignore options above.
+
+### Replacing/deleting existing files on Sharepoint gets "item not found" ####
+
+It is a [known](https://github.com/OneDrive/onedrive-api-docs/issues/1068) issue
+that Sharepoint (not OneDrive or OneDrive for Business) may return "item not
+found" errors when users try to replace or delete uploaded files; this seems to
+mainly affect Office files (.docx, .xlsx, etc.) and web files (.html, .aspx, etc.). As a workaround, you may use
+the `--backup-dir <BACKUP_DIR>` command line argument so rclone moves the
+files to be replaced/deleted into a given backup directory (instead of directly
+replacing/deleting them). For example, to instruct rclone to move the files into
+the directory `rclone-backup-dir` on backend `mysharepoint`, you may use:
+
+--backup-dir mysharepoint:rclone-backup-dir
+
+### access\_denied (AADSTS65005) ####
+
+Error: access_denied Code: AADSTS65005 Description: Using application 'rclone' is currently not supported for your organization [YOUR_ORGANIZATION] because it is in an unmanaged state. An administrator needs to claim ownership of the company by DNS validation of [YOUR_ORGANIZATION] before the application rclone can be provisioned.
+
+This means that rclone can't use the OneDrive for Business API with your account. You can't do much about it, maybe write an email to your admins.
+
+However, there are other ways to interact with your OneDrive account. Have a look at the WebDAV backend: https://rclone.org/webdav/#sharepoint
+
+### invalid\_grant (AADSTS50076) ####
+
+Error: invalid_grant Code: AADSTS50076 Description: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '...'.
+
+If you see the error above after enabling multi-factor authentication for your account, you can fix it by refreshing your OAuth refresh token. To do that, run `rclone config`, and choose to edit your OneDrive backend. Then, you don't need to actually make any changes until you reach this question: `Already have a token - refresh?`. For this question, answer `y` and go through the process to refresh your token, just like the first time the backend is configured. After this, rclone should work again for this backend.
+
+### Invalid request when making public links ####
+
+On Sharepoint and OneDrive for Business, `rclone link` may return an "Invalid
+request" error. A possible cause is that the organisation admin didn't allow
+public links to be made for the organisation/sharepoint library. To fix the
+permissions as an admin, take a look at the docs:
+[1](https://docs.microsoft.com/en-us/sharepoint/turn-external-sharing-on-or-off),
+[2](https://support.microsoft.com/en-us/office/set-up-and-manage-access-requests-94b26e0b-2822-49d4-929a-8455698654b3).
+
+### Can not access `Shared` with me files
+
+Shared with me files is not supported by rclone [currently](https://github.com/rclone/rclone/issues/4062), but there is a workaround:
+
+1. Visit [https://onedrive.live.com](https://onedrive.live.com/)
+2. Right click a item in `Shared`, then click `Add shortcut to My files` in the context
+ ![make_shortcut](https://user-images.githubusercontent.com/60313789/206118040-7e762b3b-aa61-41a1-8649-cc18889f3572.png "Screenshot (Shared with me)")
+3. The shortcut will appear in `My files`, you can access it with rclone, it behaves like a normal folder/file.
+ ![in_my_files](https://i.imgur.com/0S8H3li.png "Screenshot (My Files)")
+ ![rclone_mount](https://i.imgur.com/2Iq66sW.png "Screenshot (rclone mount)")
+
+### Live Photos uploaded from iOS (small video clips in .heic files)
+
+The iOS OneDrive app introduced [upload and storage](https://techcommunity.microsoft.com/t5/microsoft-onedrive-blog/live-photos-come-to-onedrive/ba-p/1953452)
+of [Live Photos](https://support.apple.com/en-gb/HT207310) in 2020.
+The usage and download of these uploaded Live Photos is unfortunately still work-in-progress
+and this introduces several issues when copying, synchronising and mounting – both in rclone and in the native OneDrive client on Windows.
+
+The root cause can easily be seen if you locate one of your Live Photos in the OneDrive web interface.
+Then download the photo from the web interface. You will then see that the size of downloaded .heic file is smaller than the size displayed in the web interface.
+The downloaded file is smaller because it only contains a single frame (still photo) extracted from the Live Photo (movie) stored in OneDrive.
+
+The different sizes will cause `rclone copy/sync` to repeatedly recopy unmodified photos something like this:
+
+ DEBUG : 20230203_123826234_iOS.heic: Sizes differ (src 4470314 vs dst 1298667)
+ DEBUG : 20230203_123826234_iOS.heic: sha1 = fc2edde7863b7a7c93ca6771498ac797f8460750 OK
+ INFO : 20230203_123826234_iOS.heic: Copied (replaced existing)
+
+These recopies can be worked around by adding `--ignore-size`. Please note that this workaround only syncs the still-picture not the movie clip,
+and relies on modification dates being correctly updated on all files in all situations.
+
+The different sizes will also cause `rclone check` to report size errors something like this:
+
+ ERROR : 20230203_123826234_iOS.heic: sizes differ
+
+These check errors can be suppressed by adding `--ignore-size`.
+
+The different sizes will also cause `rclone mount` to fail downloading with an error something like this:
+
+ ERROR : 20230203_123826234_iOS.heic: ReadFileHandle.Read error: low level retry 1/10: unexpected EOF
+
+or like this when using `--cache-mode=full`:
+
+ INFO : 20230203_123826234_iOS.heic: vfs cache: downloader: error count now 1: vfs reader: failed to write to cache file: 416 Requested Range Not Satisfiable:
+ ERROR : 20230203_123826234_iOS.heic: vfs cache: failed to download: vfs reader: failed to write to cache file: 416 Requested Range Not Satisfiable:
+
+# OpenDrive
+
+Paths are specified as `remote:path`
+
+Paths may be as deep as required, e.g. `remote:directory/subdirectory`.
+
+## Configuration
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+
+- New remote
+- Delete remote
+- Quit config e/n/d/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / OpenDrive "opendrive" [snip] Storage> opendrive Username username> Password
+- Yes type in my own password
+- Generate random password y/g> y Enter the password: password: Confirm the password: password: -------------------- [remote] username = password = *** ENCRYPTED *** --------------------
+- Yes this is OK
+- Edit this remote
+- Delete this remote y/e/d> y
+
+
+List directories in top level of your OpenDrive
+
+ rclone lsd remote:
+
+List all the files in your OpenDrive
+
+ rclone ls remote:
+
+To copy a local directory to an OpenDrive directory called backup
+
+ rclone copy /home/source remote:backup
+
+### Modification times and hashes
+
+OpenDrive allows modification times to be set on objects accurate to 1
+second. These will be used to detect whether objects need syncing or
+not.
+
+The MD5 hash algorithm is supported.
+
+### Restricted filename characters
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| NUL | 0x00 | ␀ |
+| / | 0x2F | / |
+| " | 0x22 | " |
+| * | 0x2A | * |
+| : | 0x3A | : |
+| < | 0x3C | < |
+| > | 0x3E | > |
+| ? | 0x3F | ? |
+| \ | 0x5C | \ |
+| \| | 0x7C | | |
+
+File names can also not begin or end with the following characters.
+These only get replaced if they are the first or last character in the name:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| SP | 0x20 | ␠ |
+| HT | 0x09 | ␉ |
+| LF | 0x0A | ␊ |
+| VT | 0x0B | ␋ |
+| CR | 0x0D | ␍ |
+
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+
+### Standard options
+
+Here are the Standard options specific to opendrive (OpenDrive).
+
+#### --opendrive-username
+
+Username.
+
+Properties:
+
+- Config: username
+- Env Var: RCLONE_OPENDRIVE_USERNAME
+- Type: string
+- Required: true
+
+#### --opendrive-password
+
+Password.
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: password
+- Env Var: RCLONE_OPENDRIVE_PASSWORD
+- Type: string
+- Required: true
+
+### Advanced options
+
+Here are the Advanced options specific to opendrive (OpenDrive).
+
+#### --opendrive-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_OPENDRIVE_ENCODING
+- Type: Encoding
+- Default: Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,LeftSpace,LeftCrLfHtVt,RightSpace,RightCrLfHtVt,InvalidUtf8,Dot
+
+#### --opendrive-chunk-size
+
+Files will be uploaded in chunks this size.
+
+Note that these chunks are buffered in memory so increasing them will
+increase memory use.
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_OPENDRIVE_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 10Mi
+
+
+
+## Limitations
+
+Note that OpenDrive is case insensitive so you can't have a
+file called "Hello.doc" and one called "hello.doc".
+
+There are quite a few characters that can't be in OpenDrive file
+names. These can't occur on Windows platforms, but on non-Windows
+platforms they are common. Rclone will map these names to and from an
+identical looking unicode equivalent. For example if a file has a `?`
+in it will be mapped to `?` instead.
+
+`rclone about` is not supported by the OpenDrive backend. Backends without
+this capability cannot determine free space for an rclone mount or
+use policy `mfs` (most free space) as a member of an rclone union
+remote.
+
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
+
+# Oracle Object Storage
+- [Oracle Object Storage Overview](https://docs.oracle.com/en-us/iaas/Content/Object/Concepts/objectstorageoverview.htm)
+- [Oracle Object Storage FAQ](https://www.oracle.com/cloud/storage/object-storage/faq/)
+- [Oracle Object Storage Limits](https://docs.oracle.com/en-us/iaas/Content/Resources/Assets/whitepapers/oci-object-storage-best-practices.pdf)
+
+Paths are specified as `remote:bucket` (or `remote:` for the `lsd` command.) You may put subdirectories in
+too, e.g. `remote:bucket/path/to/dir`.
+
+Sample command to transfer local artifacts to remote:bucket in oracle object storage:
+
+`rclone -vvv --progress --stats-one-line --max-stats-groups 10 --log-format date,time,UTC,longfile --fast-list --buffer-size 256Mi --oos-no-check-bucket --oos-upload-cutoff 10Mi --multi-thread-cutoff 16Mi --multi-thread-streams 3000 --transfers 3000 --checkers 64 --retries 2 --oos-chunk-size 10Mi --oos-upload-concurrency 10000 --oos-attempt-resume-upload --oos-leave-parts-on-error sync ./artifacts remote:bucket -vv`
+
+## Configuration
+
+Here is an example of making an oracle object storage configuration. `rclone config` walks you
+through it.
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+
+
+- New remote
+- Delete remote
+- Rename remote
+- Copy remote
+- Set configuration password
+- Quit config e/n/d/r/c/s/q> n
+
+Enter name for new remote. name> remote
+Option Storage. Type of storage to configure. Choose a number from below, or type in your own value. [snip] XX / Oracle Cloud Infrastructure Object Storage (oracleobjectstorage) Storage> oracleobjectstorage
+Option provider. Choose your Auth Provider Choose a number from below, or type in your own string value. Press Enter for the default (env_auth). 1 / automatically pickup the credentials from runtime(env), first one to provide auth wins (env_auth) / use an OCI user and an API key for authentication. 2 | you’ll need to put in a config file your tenancy OCID, user OCID, region, the path, fingerprint to an API key. | https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm (user_principal_auth) / use instance principals to authorize an instance to make API calls. 3 | each instance has its own identity, and authenticates using the certificates that are read from instance metadata. | https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm (instance_principal_auth) 4 / use resource principals to make API calls (resource_principal_auth) 5 / no credentials needed, this is typically for reading public buckets (no_auth) provider> 2
+Option namespace. Object storage namespace Enter a value. namespace> idbamagbg734
+Option compartment. Object storage compartment OCID Enter a value. compartment> ocid1.compartment.oc1..aaaaaaaapufkxc7ame3sthry5i7ujrwfc7ejnthhu6bhanm5oqfjpyasjkba
+Option region. Object storage Region Enter a value. region> us-ashburn-1
+Option endpoint. Endpoint for Object storage API. Leave blank to use the default endpoint for the region. Enter a value. Press Enter to leave empty. endpoint>
+Option config_file. Full Path to OCI config file Choose a number from below, or type in your own string value. Press Enter for the default (~/.oci/config). 1 / oci configuration file location (~/.oci/config) config_file> /etc/oci/dev.conf
+Option config_profile. Profile name inside OCI config file Choose a number from below, or type in your own string value. Press Enter for the default (Default). 1 / Use the default profile (Default) config_profile> Test
+Edit advanced config? y) Yes n) No (default) y/n> n
+Configuration complete. Options: - type: oracleobjectstorage - namespace: idbamagbg734 - compartment: ocid1.compartment.oc1..aaaaaaaapufkxc7ame3sthry5i7ujrwfc7ejnthhu6bhanm5oqfjpyasjkba - region: us-ashburn-1 - provider: user_principal_auth - config_file: /etc/oci/dev.conf - config_profile: Test Keep this "remote" remote? y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y
+
+See all buckets
+
+ rclone lsd remote:
+
+Create a new bucket
+
+ rclone mkdir remote:bucket
+
+List the contents of a bucket
+
+ rclone ls remote:bucket
+ rclone ls remote:bucket --max-depth 1
+
+## Authentication Providers
+
+OCI has various authentication methods. To learn more about authentication methods please refer [oci authentication
+methods](https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdk_authentication_methods.htm)
+These choices can be specified in the rclone config file.
+
+Rclone supports the following OCI authentication provider.
+
+ User Principal
+ Instance Principal
+ Resource Principal
+ No authentication
+
+### User Principal
+
+Sample rclone config file for Authentication Provider User Principal:
+
+ [oos]
+ type = oracleobjectstorage
+ namespace = id<redacted>34
+ compartment = ocid1.compartment.oc1..aa<redacted>ba
+ region = us-ashburn-1
+ provider = user_principal_auth
+ config_file = /home/opc/.oci/config
+ config_profile = Default
+
+Advantages:
+- One can use this method from any server within OCI or on-premises or from other cloud provider.
+
+Considerations:
+- you need to configure user’s privileges / policy to allow access to object storage
+- Overhead of managing users and keys.
+- If the user is deleted, the config file will no longer work and may cause automation regressions that use the user's credentials.
+
+### Instance Principal
+
+An OCI compute instance can be authorized to use rclone by using it's identity and certificates as an instance principal.
+With this approach no credentials have to be stored and managed.
+
+Sample rclone configuration file for Authentication Provider Instance Principal:
+
+ [opc@rclone ~]$ cat ~/.config/rclone/rclone.conf
+ [oos]
+ type = oracleobjectstorage
+ namespace = id<redacted>fn
+ compartment = ocid1.compartment.oc1..aa<redacted>k7a
+ region = us-ashburn-1
+ provider = instance_principal_auth
+
+Advantages:
+
+- With instance principals, you don't need to configure user credentials and transfer/ save it to disk in your compute
+ instances or rotate the credentials.
+- You don’t need to deal with users and keys.
+- Greatly helps in automation as you don't have to manage access keys, user private keys, storing them in vault,
+ using kms etc.
+
+Considerations:
+
+- You need to configure a dynamic group having this instance as member and add policy to read object storage to that
+ dynamic group.
+- Everyone who has access to this machine can execute the CLI commands.
+- It is applicable for oci compute instances only. It cannot be used on external instance or resources.
+
+### Resource Principal
+
+Resource principal auth is very similar to instance principal auth but used for resources that are not
+compute instances such as [serverless functions](https://docs.oracle.com/en-us/iaas/Content/Functions/Concepts/functionsoverview.htm).
+To use resource principal ensure Rclone process is started with these environment variables set in its process.
+
+ export OCI_RESOURCE_PRINCIPAL_VERSION=2.2
+ export OCI_RESOURCE_PRINCIPAL_REGION=us-ashburn-1
+ export OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM=/usr/share/model-server/key.pem
+ export OCI_RESOURCE_PRINCIPAL_RPST=/usr/share/model-server/security_token
+
+Sample rclone configuration file for Authentication Provider Resource Principal:
+
+ [oos]
+ type = oracleobjectstorage
+ namespace = id<redacted>34
+ compartment = ocid1.compartment.oc1..aa<redacted>ba
+ region = us-ashburn-1
+ provider = resource_principal_auth
+
+### No authentication
+
+Public buckets do not require any authentication mechanism to read objects.
+Sample rclone configuration file for No authentication:
+
+ [oos]
+ type = oracleobjectstorage
+ namespace = id<redacted>34
+ compartment = ocid1.compartment.oc1..aa<redacted>ba
+ region = us-ashburn-1
+ provider = no_auth
+
+### Modification times and hashes
+
+The modification time is stored as metadata on the object as
+`opc-meta-mtime` as floating point since the epoch, accurate to 1 ns.
+
+If the modification time needs to be updated rclone will attempt to perform a server
+side copy to update the modification if the object can be copied in a single part.
+In the case the object is larger than 5Gb, the object will be uploaded rather than copied.
+
+Note that reading this from the object takes an additional `HEAD` request as the metadata
+isn't returned in object listings.
+
+The MD5 hash algorithm is supported.
+
+### Multipart uploads
+
+rclone supports multipart uploads with OOS which means that it can
+upload files bigger than 5 GiB.
+
+Note that files uploaded *both* with multipart upload *and* through
+crypt remotes do not have MD5 sums.
+
+rclone switches from single part uploads to multipart uploads at the
+point specified by `--oos-upload-cutoff`. This can be a maximum of 5 GiB
+and a minimum of 0 (ie always upload multipart files).
+
+The chunk sizes used in the multipart upload are specified by
+`--oos-chunk-size` and the number of chunks uploaded concurrently is
+specified by `--oos-upload-concurrency`.
+
+Multipart uploads will use `--transfers` * `--oos-upload-concurrency` *
+`--oos-chunk-size` extra memory. Single part uploads to not use extra
+memory.
+
+Single part transfers can be faster than multipart transfers or slower
+depending on your latency from oos - the more latency, the more likely
+single part transfers will be faster.
+
+Increasing `--oos-upload-concurrency` will increase throughput (8 would
+be a sensible value) and increasing `--oos-chunk-size` also increases
+throughput (16M would be sensible). Increasing either of these will
+use more memory. The default values are high enough to gain most of
+the possible performance without using too much memory.
+
+
+### Standard options
+
+Here are the Standard options specific to oracleobjectstorage (Oracle Cloud Infrastructure Object Storage).
+
+#### --oos-provider
+
+Choose your Auth Provider
+
+Properties:
+
+- Config: provider
+- Env Var: RCLONE_OOS_PROVIDER
+- Type: string
+- Default: "env_auth"
+- Examples:
+ - "env_auth"
+ - automatically pickup the credentials from runtime(env), first one to provide auth wins
+ - "user_principal_auth"
+ - use an OCI user and an API key for authentication.
+ - you’ll need to put in a config file your tenancy OCID, user OCID, region, the path, fingerprint to an API key.
+ - https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm
+ - "instance_principal_auth"
+ - use instance principals to authorize an instance to make API calls.
+ - each instance has its own identity, and authenticates using the certificates that are read from instance metadata.
+ - https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm
+ - "resource_principal_auth"
+ - use resource principals to make API calls
+ - "no_auth"
+ - no credentials needed, this is typically for reading public buckets
+
+#### --oos-namespace
+
+Object storage namespace
+
+Properties:
+
+- Config: namespace
+- Env Var: RCLONE_OOS_NAMESPACE
+- Type: string
+- Required: true
+
+#### --oos-compartment
+
+Object storage compartment OCID
+
+Properties:
+
+- Config: compartment
+- Env Var: RCLONE_OOS_COMPARTMENT
+- Provider: !no_auth
+- Type: string
+- Required: true
+
+#### --oos-region
+
+Object storage Region
+
+Properties:
+
+- Config: region
+- Env Var: RCLONE_OOS_REGION
+- Type: string
+- Required: true
+
+#### --oos-endpoint
+
+Endpoint for Object storage API.
+
+Leave blank to use the default endpoint for the region.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_OOS_ENDPOINT
+- Type: string
+- Required: false
+
+#### --oos-config-file
+
+Path to OCI config file
+
+Properties:
+
+- Config: config_file
+- Env Var: RCLONE_OOS_CONFIG_FILE
+- Provider: user_principal_auth
+- Type: string
+- Default: "~/.oci/config"
+- Examples:
+ - "~/.oci/config"
+ - oci configuration file location
+
+#### --oos-config-profile
+
+Profile name inside the oci config file
+
+Properties:
+
+- Config: config_profile
+- Env Var: RCLONE_OOS_CONFIG_PROFILE
+- Provider: user_principal_auth
+- Type: string
+- Default: "Default"
+- Examples:
+ - "Default"
+ - Use the default profile
+
+### Advanced options
+
+Here are the Advanced options specific to oracleobjectstorage (Oracle Cloud Infrastructure Object Storage).
+
+#### --oos-storage-tier
+
+The storage class to use when storing new objects in storage. https://docs.oracle.com/en-us/iaas/Content/Object/Concepts/understandingstoragetiers.htm
+
+Properties:
+
+- Config: storage_tier
+- Env Var: RCLONE_OOS_STORAGE_TIER
+- Type: string
+- Default: "Standard"
+- Examples:
+ - "Standard"
+ - Standard storage tier, this is the default tier
+ - "InfrequentAccess"
+ - InfrequentAccess storage tier
+ - "Archive"
+ - Archive storage tier
+
+#### --oos-upload-cutoff
+
+Cutoff for switching to chunked upload.
+
+Any files larger than this will be uploaded in chunks of chunk_size.
+The minimum is 0 and the maximum is 5 GiB.
+
+Properties:
+
+- Config: upload_cutoff
+- Env Var: RCLONE_OOS_UPLOAD_CUTOFF
+- Type: SizeSuffix
+- Default: 200Mi
+
+#### --oos-chunk-size
+
+Chunk size to use for uploading.
+
+When uploading files larger than upload_cutoff or files with unknown
+size (e.g. from "rclone rcat" or uploaded with "rclone mount" they will be uploaded
+as multipart uploads using this chunk size.
+
+Note that "upload_concurrency" chunks of this size are buffered
+in memory per transfer.
+
+If you are transferring large files over high-speed links and you have
+enough memory, then increasing this will speed up the transfers.
+
+Rclone will automatically increase the chunk size when uploading a
+large file of known size to stay below the 10,000 chunks limit.
+
+Files of unknown size are uploaded with the configured
+chunk_size. Since the default chunk size is 5 MiB and there can be at
+most 10,000 chunks, this means that by default the maximum size of
+a file you can stream upload is 48 GiB. If you wish to stream upload
+larger files then you will need to increase chunk_size.
+
+Increasing the chunk size decreases the accuracy of the progress
+statistics displayed with "-P" flag.
+
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_OOS_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 5Mi
+
+#### --oos-max-upload-parts
+
+Maximum number of parts in a multipart upload.
+
+This option defines the maximum number of multipart chunks to use
+when doing a multipart upload.
+
+OCI has max parts limit of 10,000 chunks.
+
+Rclone will automatically increase the chunk size when uploading a
+large file of a known size to stay below this number of chunks limit.
+
+
+Properties:
+
+- Config: max_upload_parts
+- Env Var: RCLONE_OOS_MAX_UPLOAD_PARTS
+- Type: int
+- Default: 10000
+
+#### --oos-upload-concurrency
+
+Concurrency for multipart uploads.
+
+This is the number of chunks of the same file that are uploaded
+concurrently.
+
+If you are uploading small numbers of large files over high-speed links
+and these uploads do not fully utilize your bandwidth, then increasing
+this may help to speed up the transfers.
+
+Properties:
+
+- Config: upload_concurrency
+- Env Var: RCLONE_OOS_UPLOAD_CONCURRENCY
+- Type: int
+- Default: 10
+
+#### --oos-copy-cutoff
+
+Cutoff for switching to multipart copy.
+
+Any files larger than this that need to be server-side copied will be
+copied in chunks of this size.
+
+The minimum is 0 and the maximum is 5 GiB.
+
+Properties:
+
+- Config: copy_cutoff
+- Env Var: RCLONE_OOS_COPY_CUTOFF
+- Type: SizeSuffix
+- Default: 4.656Gi
+
+#### --oos-copy-timeout
+
+Timeout for copy.
+
+Copy is an asynchronous operation, specify timeout to wait for copy to succeed
+
+
+Properties:
+
+- Config: copy_timeout
+- Env Var: RCLONE_OOS_COPY_TIMEOUT
+- Type: Duration
+- Default: 1m0s
+
+#### --oos-disable-checksum
+
+Don't store MD5 checksum with object metadata.
+
+Normally rclone will calculate the MD5 checksum of the input before
+uploading it so it can add it to metadata on the object. This is great
+for data integrity checking but can cause long delays for large files
+to start uploading.
+
+Properties:
+
+- Config: disable_checksum
+- Env Var: RCLONE_OOS_DISABLE_CHECKSUM
+- Type: bool
+- Default: false
+
+#### --oos-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_OOS_ENCODING
+- Type: Encoding
+- Default: Slash,InvalidUtf8,Dot
+
+#### --oos-leave-parts-on-error
+
+If true avoid calling abort upload on a failure, leaving all successfully uploaded parts for manual recovery.
+
+It should be set to true for resuming uploads across different sessions.
+
+WARNING: Storing parts of an incomplete multipart upload counts towards space usage on object storage and will add
+additional costs if not cleaned up.
+
+
+Properties:
+
+- Config: leave_parts_on_error
+- Env Var: RCLONE_OOS_LEAVE_PARTS_ON_ERROR
+- Type: bool
+- Default: false
+
+#### --oos-attempt-resume-upload
+
+If true attempt to resume previously started multipart upload for the object.
+This will be helpful to speed up multipart transfers by resuming uploads from past session.
+
+WARNING: If chunk size differs in resumed session from past incomplete session, then the resumed multipart upload is
+aborted and a new multipart upload is started with the new chunk size.
+
+The flag leave_parts_on_error must be true to resume and optimize to skip parts that were already uploaded successfully.
+
+
+Properties:
+
+- Config: attempt_resume_upload
+- Env Var: RCLONE_OOS_ATTEMPT_RESUME_UPLOAD
+- Type: bool
+- Default: false
+
+#### --oos-no-check-bucket
+
+If set, don't attempt to check the bucket exists or create it.
+
+This can be useful when trying to minimise the number of transactions
+rclone does if you know the bucket exists already.
+
+It can also be needed if the user you are using does not have bucket
+creation permissions.
+
+
+Properties:
+
+- Config: no_check_bucket
+- Env Var: RCLONE_OOS_NO_CHECK_BUCKET
+- Type: bool
+- Default: false
+
+#### --oos-sse-customer-key-file
+
+To use SSE-C, a file containing the base64-encoded string of the AES-256 encryption key associated
+with the object. Please note only one of sse_customer_key_file|sse_customer_key|sse_kms_key_id is needed.'
+
+Properties:
+
+- Config: sse_customer_key_file
+- Env Var: RCLONE_OOS_SSE_CUSTOMER_KEY_FILE
+- Type: string
+- Required: false
+- Examples:
+ - ""
+ - None
+
+#### --oos-sse-customer-key
+
+To use SSE-C, the optional header that specifies the base64-encoded 256-bit encryption key to use to
+encrypt or decrypt the data. Please note only one of sse_customer_key_file|sse_customer_key|sse_kms_key_id is
+needed. For more information, see Using Your Own Keys for Server-Side Encryption
+(https://docs.cloud.oracle.com/Content/Object/Tasks/usingyourencryptionkeys.htm)
+
+Properties:
+
+- Config: sse_customer_key
+- Env Var: RCLONE_OOS_SSE_CUSTOMER_KEY
+- Type: string
+- Required: false
+- Examples:
+ - ""
+ - None
+
+#### --oos-sse-customer-key-sha256
+
+If using SSE-C, The optional header that specifies the base64-encoded SHA256 hash of the encryption
+key. This value is used to check the integrity of the encryption key. see Using Your Own Keys for
+Server-Side Encryption (https://docs.cloud.oracle.com/Content/Object/Tasks/usingyourencryptionkeys.htm).
+
+Properties:
+
+- Config: sse_customer_key_sha256
+- Env Var: RCLONE_OOS_SSE_CUSTOMER_KEY_SHA256
+- Type: string
+- Required: false
+- Examples:
+ - ""
+ - None
+
+#### --oos-sse-kms-key-id
+
+if using your own master key in vault, this header specifies the
+OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of a master encryption key used to call
+the Key Management service to generate a data encryption key or to encrypt or decrypt a data encryption key.
+Please note only one of sse_customer_key_file|sse_customer_key|sse_kms_key_id is needed.
+
+Properties:
+
+- Config: sse_kms_key_id
+- Env Var: RCLONE_OOS_SSE_KMS_KEY_ID
+- Type: string
+- Required: false
+- Examples:
+ - ""
+ - None
+
+#### --oos-sse-customer-algorithm
+
+If using SSE-C, the optional header that specifies "AES256" as the encryption algorithm.
+Object Storage supports "AES256" as the encryption algorithm. For more information, see
+Using Your Own Keys for Server-Side Encryption (https://docs.cloud.oracle.com/Content/Object/Tasks/usingyourencryptionkeys.htm).
+
+Properties:
+
+- Config: sse_customer_algorithm
+- Env Var: RCLONE_OOS_SSE_CUSTOMER_ALGORITHM
+- Type: string
+- Required: false
+- Examples:
+ - ""
+ - None
+ - "AES256"
+ - AES256
+
+## Backend commands
+
+Here are the commands specific to the oracleobjectstorage backend.
+
+Run them with
+
+ rclone backend COMMAND remote:
+
+The help below will explain what arguments each command takes.
+
+See the [backend](https://rclone.org/commands/rclone_backend/) command for more
+info on how to pass options and arguments.
+
+These can be run on a running backend using the rc command
+[backend/command](https://rclone.org/rc/#backend-command).
+
+### rename
+
+change the name of an object
+
+ rclone backend rename remote: [options] [<arguments>+]
+
+This command can be used to rename a object.
+
+Usage Examples:
+
+ rclone backend rename oos:bucket relative-object-path-under-bucket object-new-name
+
+
+### list-multipart-uploads
+
+List the unfinished multipart uploads
+
+ rclone backend list-multipart-uploads remote: [options] [<arguments>+]
+
+This command lists the unfinished multipart uploads in JSON format.
+
+ rclone backend list-multipart-uploads oos:bucket/path/to/object
+
+It returns a dictionary of buckets with values as lists of unfinished
+multipart uploads.
+
+You can call it with no bucket in which case it lists all bucket, with
+a bucket or with a bucket and path.
+
+ {
+ "test-bucket": [
+ {
+ "namespace": "test-namespace",
+ "bucket": "test-bucket",
+ "object": "600m.bin",
+ "uploadId": "51dd8114-52a4-b2f2-c42f-5291f05eb3c8",
+ "timeCreated": "2022-07-29T06:21:16.595Z",
+ "storageTier": "Standard"
+ }
+ ]
+
+
+### cleanup
+
+Remove unfinished multipart uploads.
+
+ rclone backend cleanup remote: [options] [<arguments>+]
+
+This command removes unfinished multipart uploads of age greater than
+max-age which defaults to 24 hours.
+
+Note that you can use --interactive/-i or --dry-run with this command to see what
+it would do.
+
+ rclone backend cleanup oos:bucket/path/to/object
+ rclone backend cleanup -o max-age=7w oos:bucket/path/to/object
+
+Durations are parsed as per the rest of rclone, 2h, 7d, 7w etc.
+
+
+Options:
+
+- "max-age": Max age of upload to delete
+
+
+
+## Tutorials
+### [Mounting Buckets](https://rclone.org/oracleobjectstorage/tutorial_mount/)
+
+# QingStor
+
+Paths are specified as `remote:bucket` (or `remote:` for the `lsd`
+command.) You may put subdirectories in too, e.g. `remote:bucket/path/to/dir`.
+
+## Configuration
+
+Here is an example of making an QingStor configuration. First run
+
+ rclone config
+
+This will guide you through an interactive setup process.
+
+No remotes found, make a new one? n) New remote r) Rename remote c) Copy remote s) Set configuration password q) Quit config n/r/c/s/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / QingStor Object Storage "qingstor" [snip] Storage> qingstor Get QingStor credentials from runtime. Only applies if access_key_id and secret_access_key is blank. Choose a number from below, or type in your own value 1 / Enter QingStor credentials in the next step "false" 2 / Get QingStor credentials from the environment (env vars or IAM) "true" env_auth> 1 QingStor Access Key ID - leave blank for anonymous access or runtime credentials. access_key_id> access_key QingStor Secret Access Key (password) - leave blank for anonymous access or runtime credentials. secret_access_key> secret_key Enter an endpoint URL to connection QingStor API. Leave blank will use the default value "https://qingstor.com:443" endpoint> Zone connect to. Default is "pek3a". Choose a number from below, or type in your own value / The Beijing (China) Three Zone 1 | Needs location constraint pek3a. "pek3a" / The Shanghai (China) First Zone 2 | Needs location constraint sh1a. "sh1a" zone> 1 Number of connection retry. Leave blank will use the default value "3". connection_retries> Remote config -------------------- [remote] env_auth = false access_key_id = access_key secret_access_key = secret_key endpoint = zone = pek3a connection_retries = -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y
+
+This remote is called `remote` and can now be used like this
+
+See all buckets
+
+ rclone lsd remote:
+
+Make a new bucket
+
+ rclone mkdir remote:bucket
+
+List the contents of a bucket
+
+ rclone ls remote:bucket
+
+Sync `/home/local/directory` to the remote bucket, deleting any excess
+files in the bucket.
+
+ rclone sync --interactive /home/local/directory remote:bucket
+
+### --fast-list
+
+This remote supports `--fast-list` which allows you to use fewer
+transactions in exchange for more memory. See the [rclone
+docs](https://rclone.org/docs/#fast-list) for more details.
+
+### Multipart uploads
+
+rclone supports multipart uploads with QingStor which means that it can
+upload files bigger than 5 GiB. Note that files uploaded with multipart
+upload don't have an MD5SUM.
+
+Note that incomplete multipart uploads older than 24 hours can be
+removed with `rclone cleanup remote:bucket` just for one bucket
+`rclone cleanup remote:` for all buckets. QingStor does not ever
+remove incomplete multipart uploads so it may be necessary to run this
+from time to time.
+
+### Buckets and Zone
+
+With QingStor you can list buckets (`rclone lsd`) using any zone,
+but you can only access the content of a bucket from the zone it was
+created in. If you attempt to access a bucket from the wrong zone,
+you will get an error, `incorrect zone, the bucket is not in 'XXX'
+zone`.
+
+### Authentication
+
+There are two ways to supply `rclone` with a set of QingStor
+credentials. In order of precedence:
+
+ - Directly in the rclone configuration file (as configured by `rclone config`)
+ - set `access_key_id` and `secret_access_key`
+ - Runtime configuration:
+ - set `env_auth` to `true` in the config file
+ - Exporting the following environment variables before running `rclone`
+ - Access Key ID: `QS_ACCESS_KEY_ID` or `QS_ACCESS_KEY`
+ - Secret Access Key: `QS_SECRET_ACCESS_KEY` or `QS_SECRET_KEY`
+
+### Restricted filename characters
+
+The control characters 0x00-0x1F and / are replaced as in the [default
+restricted characters set](https://rclone.org/overview/#restricted-characters). Note
+that 0x7F is not replaced.
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+
+### Standard options
+
+Here are the Standard options specific to qingstor (QingCloud Object Storage).
+
+#### --qingstor-env-auth
+
+Get QingStor credentials from runtime.
+
+Only applies if access_key_id and secret_access_key is blank.
+
+Properties:
+
+- Config: env_auth
+- Env Var: RCLONE_QINGSTOR_ENV_AUTH
+- Type: bool
+- Default: false
+- Examples:
+ - "false"
+ - Enter QingStor credentials in the next step.
+ - "true"
+ - Get QingStor credentials from the environment (env vars or IAM).
+
+#### --qingstor-access-key-id
+
+QingStor Access Key ID.
+
+Leave blank for anonymous access or runtime credentials.
+
+Properties:
+
+- Config: access_key_id
+- Env Var: RCLONE_QINGSTOR_ACCESS_KEY_ID
+- Type: string
+- Required: false
+
+#### --qingstor-secret-access-key
+
+QingStor Secret Access Key (password).
+
+Leave blank for anonymous access or runtime credentials.
+
+Properties:
+
+- Config: secret_access_key
+- Env Var: RCLONE_QINGSTOR_SECRET_ACCESS_KEY
+- Type: string
+- Required: false
+
+#### --qingstor-endpoint
+
+Enter an endpoint URL to connection QingStor API.
+
+Leave blank will use the default value "https://qingstor.com:443".
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_QINGSTOR_ENDPOINT
+- Type: string
+- Required: false
+
+#### --qingstor-zone
+
+Zone to connect to.
+
+Default is "pek3a".
+
+Properties:
+
+- Config: zone
+- Env Var: RCLONE_QINGSTOR_ZONE
+- Type: string
+- Required: false
+- Examples:
+ - "pek3a"
+ - The Beijing (China) Three Zone.
+ - Needs location constraint pek3a.
+ - "sh1a"
+ - The Shanghai (China) First Zone.
+ - Needs location constraint sh1a.
+ - "gd2a"
+ - The Guangdong (China) Second Zone.
+ - Needs location constraint gd2a.
+
+### Advanced options
+
+Here are the Advanced options specific to qingstor (QingCloud Object Storage).
+
+#### --qingstor-connection-retries
+
+Number of connection retries.
+
+Properties:
+
+- Config: connection_retries
+- Env Var: RCLONE_QINGSTOR_CONNECTION_RETRIES
+- Type: int
+- Default: 3
+
+#### --qingstor-upload-cutoff
+
+Cutoff for switching to chunked upload.
+
+Any files larger than this will be uploaded in chunks of chunk_size.
+The minimum is 0 and the maximum is 5 GiB.
+
+Properties:
+
+- Config: upload_cutoff
+- Env Var: RCLONE_QINGSTOR_UPLOAD_CUTOFF
+- Type: SizeSuffix
+- Default: 200Mi
+
+#### --qingstor-chunk-size
+
+Chunk size to use for uploading.
+
+When uploading files larger than upload_cutoff they will be uploaded
+as multipart uploads using this chunk size.
+
+Note that "--qingstor-upload-concurrency" chunks of this size are buffered
+in memory per transfer.
+
+If you are transferring large files over high-speed links and you have
+enough memory, then increasing this will speed up the transfers.
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_QINGSTOR_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 4Mi
+
+#### --qingstor-upload-concurrency
+
+Concurrency for multipart uploads.
+
+This is the number of chunks of the same file that are uploaded
+concurrently.
+
+NB if you set this to > 1 then the checksums of multipart uploads
+become corrupted (the uploads themselves are not corrupted though).
+
+If you are uploading small numbers of large files over high-speed links
+and these uploads do not fully utilize your bandwidth, then increasing
+this may help to speed up the transfers.
+
+Properties:
+
+- Config: upload_concurrency
+- Env Var: RCLONE_QINGSTOR_UPLOAD_CONCURRENCY
+- Type: int
+- Default: 1
+
+#### --qingstor-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_QINGSTOR_ENCODING
+- Type: Encoding
+- Default: Slash,Ctl,InvalidUtf8
+
+
+
+## Limitations
+
+`rclone about` is not supported by the qingstor backend. Backends without
+this capability cannot determine free space for an rclone mount or
+use policy `mfs` (most free space) as a member of an rclone union
+remote.
+
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
+
+# Quatrix
+
+Quatrix by Maytech is [Quatrix Secure Compliant File Sharing | Maytech](https://www.maytech.net/products/quatrix-business).
+
+Paths are specified as `remote:path`
+
+Paths may be as deep as required, e.g., `remote:directory/subdirectory`.
+
+The initial setup for Quatrix involves getting an API Key from Quatrix. You can get the API key in the user's profile at `https://<account>/profile/api-keys`
+or with the help of the API - https://docs.maytech.net/quatrix/quatrix-api/api-explorer#/API-Key/post_api_key_create.
+
+See complete Swagger documentation for Quatrix - https://docs.maytech.net/quatrix/quatrix-api/api-explorer
+
+## Configuration
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / Quatrix by Maytech "quatrix" [snip] Storage> quatrix API key for accessing Quatrix account. api_key> your_api_key Host name of Quatrix account. host> example.quatrix.it
+
+
+
+
-Character
-Value
-Replacement
+[remote] api_key = your_api_key host = example.quatrix.it
-\
-0x5C
-\
+y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y ```
+
+
+Once configured you can then use rclone
like this,
+
+
+List directories in top level of your Quatrix
+
+
+rclone lsd remote:
+
+
+List all the files in your Quatrix
+
+
+rclone ls remote:
+
+
+To copy a local directory to an Quatrix directory called backup
+
+
+rclone copy /home/source remote:backup
+
+
+### API key validity
+
+
+API Key is created with no expiration date. It will be valid until you delete or deactivate it in your account. After disabling, the API Key can be enabled back. If the API Key was deleted and a new key was created, you can update it in rclone config. The same happens if the hostname was changed.
+
+
+``` $ rclone config Current remotes:
+
+
+Name Type ==== ==== remote quatrix
+
+
+e) Edit existing remote n) New remote d) Delete remote r) Rename remote c) Copy remote s) Set configuration password q) Quit config e/n/d/r/c/s/q> e Choose a number from below, or type in an existing value 1 > remote remote> remote
-Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Deleting files
-Deleted files will be moved to the trash. Your subscription level will determine how long items stay in the trash. rclone cleanup
can be used to empty the trash.
-Emptying the trash
-Due to an API limitation, the rclone cleanup
command will only work if you set your username and password in the advanced options for this backend. Since we generally want to avoid storing user passwords in the rclone config file, we advise you to only set this up if you need the rclone cleanup
command to work.
-Root folder ID
-You can set the root_folder_id
for rclone. This is the directory (identified by its Folder ID
) that rclone considers to be the root of your pCloud drive.
-Normally you will leave this blank and rclone will determine the correct root to use itself.
-However you can set this to restrict rclone to a specific folder hierarchy.
-In order to do this you will have to find the Folder ID
of the directory you wish rclone to display. This will be the folder
field of the URL when you open the relevant folder in the pCloud web interface.
-So if the folder you want rclone to use has a URL which looks like https://my.pcloud.com/#page=filemanager&folder=5xxxxxxxx8&tpl=foldergrid
in the browser, then you use 5xxxxxxxx8
as the root_folder_id
in the config.
-Standard options
-Here are the Standard options specific to pcloud (Pcloud).
---pcloud-client-id
-OAuth Client Id.
-Leave blank normally.
-Properties:
-
-- Config: client_id
-- Env Var: RCLONE_PCLOUD_CLIENT_ID
-- Type: string
-- Required: false
-
---pcloud-client-secret
-OAuth Client Secret.
-Leave blank normally.
-Properties:
-
-- Config: client_secret
-- Env Var: RCLONE_PCLOUD_CLIENT_SECRET
-- Type: string
-- Required: false
-
-Advanced options
-Here are the Advanced options specific to pcloud (Pcloud).
---pcloud-token
-OAuth Access Token as a JSON blob.
-Properties:
-
-- Config: token
-- Env Var: RCLONE_PCLOUD_TOKEN
-- Type: string
-- Required: false
-
---pcloud-auth-url
-Auth server URL.
-Leave blank to use the provider defaults.
-Properties:
-
-- Config: auth_url
-- Env Var: RCLONE_PCLOUD_AUTH_URL
-- Type: string
-- Required: false
-
---pcloud-token-url
-Token server url.
-Leave blank to use the provider defaults.
-Properties:
-
-- Config: token_url
-- Env Var: RCLONE_PCLOUD_TOKEN_URL
-- Type: string
-- Required: false
-
---pcloud-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_PCLOUD_ENCODING
-- Type: MultiEncoder
-- Default: Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot
-
---pcloud-root-folder-id
-Fill in for rclone to use a non root folder as its starting point.
-Properties:
-
-- Config: root_folder_id
-- Env Var: RCLONE_PCLOUD_ROOT_FOLDER_ID
-- Type: string
-- Default: "d0"
-
---pcloud-hostname
-Hostname to connect to.
-This is normally set when rclone initially does the oauth connection, however you will need to set it by hand if you are using remote config with rclone authorize.
-Properties:
-
-- Config: hostname
-- Env Var: RCLONE_PCLOUD_HOSTNAME
-- Type: string
-- Default: "api.pcloud.com"
-- Examples:
-
-- "api.pcloud.com"
-
-- Original/US region
-
-- "eapi.pcloud.com"
-
-- EU region
-
-
-
---pcloud-username
-Your pcloud username.
-This is only required when you want to use the cleanup command. Due to a bug in the pcloud API the required API does not support OAuth authentication so we have to rely on user password authentication for it.
-Properties:
-
-- Config: username
-- Env Var: RCLONE_PCLOUD_USERNAME
-- Type: string
-- Required: false
-
---pcloud-password
-Your pcloud password.
-NB Input to this must be obscured - see rclone obscure.
-Properties:
-
-- Config: password
-- Env Var: RCLONE_PCLOUD_PASSWORD
-- Type: string
-- Required: false
-
-premiumize.me
-Paths are specified as remote:path
-Paths may be as deep as required, e.g. remote:directory/subdirectory
.
-Configuration
-The initial setup for premiumize.me involves getting a token from premiumize.me which you need to do in your browser. rclone config
walks you through it.
-Here is an example of how to make a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / premiumize.me
- \ "premiumizeme"
-[snip]
-Storage> premiumizeme
-** See help for premiumizeme backend at: https://rclone.org/premiumizeme/ **
+[remote] type = quatrix host = some_host.quatrix.it api_key = your_api_key -------------------- Edit remote Option api_key. API key for accessing Quatrix account Enter a string value. Press Enter for the default (your_api_key) api_key> Option host. Host name of Quatrix account Enter a string value. Press Enter for the default (some_host.quatrix.it).
+
+
+
+
+
+
+[remote] type = quatrix host = some_host.quatrix.it api_key = your_api_key
+
+
+
+
+y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y ```
+
+
+### Modification times and hashes
+
+
+Quatrix allows modification times to be set on objects accurate to 1 microsecond. These will be used to detect whether objects need syncing or not.
+
+
+Quatrix does not support hashes, so you cannot use the --checksum
flag.
+
+
+### Restricted filename characters
+
+
+File names in Quatrix are case sensitive and have limitations like the maximum length of a filename is 255, and the minimum length is 1. A file name cannot be equal to .
or ..
nor contain /
, \
or non-printable ascii.
+
+
+### Transfers
+
+
+For files above 50 MiB rclone will use a chunked transfer. Rclone will upload up to --transfers
chunks at the same time (shared among all multipart uploads). Chunks are buffered in memory, and the minimal chunk size is 10_000_000 bytes by default, and it can be changed in the advanced configuration, so increasing --transfers
will increase the memory use. The chunk size has a maximum size limit, which is set to 100_000_000 bytes by default and can be changed in the advanced configuration. The size of the uploaded chunk will dynamically change depending on the upload speed. The total memory use equals the number of transfers multiplied by the minimal chunk size. In case there's free memory allocated for the upload (which equals the difference of maximal_summary_chunk_size
and minimal_chunk_size
* transfers
), the chunk size may increase in case of high upload speed. As well as it can decrease in case of upload speed problems. If no free memory is available, all chunks will equal minimal_chunk_size
.
+
+
+### Deleting files
+
+
+Files you delete with rclone will end up in Trash and be stored there for 30 days. Quatrix also provides an API to permanently delete files and an API to empty the Trash so that you can remove files permanently from your account.
+
+
+### Standard options
+
+
+Here are the Standard options specific to quatrix (Quatrix by Maytech).
+
+
+#### --quatrix-api-key
+
+
+API key for accessing Quatrix account
+
+
+Properties:
+
+
+- Config: api_key - Env Var: RCLONE_QUATRIX_API_KEY - Type: string - Required: true
+
+
+#### --quatrix-host
+
+
+Host name of Quatrix account
+
+
+Properties:
+
+
+- Config: host - Env Var: RCLONE_QUATRIX_HOST - Type: string - Required: true
+
+
+### Advanced options
+
+
+Here are the Advanced options specific to quatrix (Quatrix by Maytech).
+
+
+#### --quatrix-encoding
+
+
+The encoding for the backend.
+
+
+See the encoding section in the overview for more info.
+
+
+Properties:
+
+
+- Config: encoding - Env Var: RCLONE_QUATRIX_ENCODING - Type: Encoding - Default: Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot
+
+
+#### --quatrix-effective-upload-time
+
+
+Wanted upload time for one chunk
+
+
+Properties:
+
+
+- Config: effective_upload_time - Env Var: RCLONE_QUATRIX_EFFECTIVE_UPLOAD_TIME - Type: string - Default: "4s"
+
+
+#### --quatrix-minimal-chunk-size
+
+
+The minimal size for one chunk
+
+
+Properties:
+
+
+- Config: minimal_chunk_size - Env Var: RCLONE_QUATRIX_MINIMAL_CHUNK_SIZE - Type: SizeSuffix - Default: 9.537Mi
+
+
+#### --quatrix-maximal-summary-chunk-size
+
+
+The maximal summary for all chunks. It should not be less than 'transfers'*'minimal_chunk_size'
+
+
+Properties:
+
+
+- Config: maximal_summary_chunk_size - Env Var: RCLONE_QUATRIX_MAXIMAL_SUMMARY_CHUNK_SIZE - Type: SizeSuffix - Default: 95.367Mi
+
+
+#### --quatrix-hard-delete
+
+
+Delete files permanently rather than putting them into the trash.
+
+
+Properties:
+
+
+- Config: hard_delete - Env Var: RCLONE_QUATRIX_HARD_DELETE - Type: bool - Default: false
+
+
+## Storage usage
+
+
+The storage usage in Quatrix is restricted to the account during the purchase. You can restrict any user with a smaller storage limit. The account limit is applied if the user has no custom storage limit. Once you've reached the limit, the upload of files will fail. This can be fixed by freeing up the space or increasing the quota.
+
+
+## Server-side operations
+
+
+Quatrix supports server-side operations (copy and move). In case of conflict, files are overwritten during server-side operation.
+
+
+# Sia
+
+
+Sia (sia.tech) is a decentralized cloud storage platform based on the blockchain technology. With rclone you can use it like any other remote filesystem or mount Sia folders locally. The technology behind it involves a number of new concepts such as Siacoins and Wallet, Blockchain and Consensus, Renting and Hosting, and so on. If you are new to it, you'd better first familiarize yourself using their excellent support documentation.
+
+
+## Introduction
+
+
+Before you can use rclone with Sia, you will need to have a running copy of Sia-UI
or siad
(the Sia daemon) locally on your computer or on local network (e.g. a NAS). Please follow the Get started guide and install one.
+
+
+rclone interacts with Sia network by talking to the Sia daemon via HTTP API which is usually available on port 9980. By default you will run the daemon locally on the same computer so it's safe to leave the API password blank (the API URL will be http://127.0.0.1:9980
making external access impossible).
+
+
+However, if you want to access Sia daemon running on another node, for example due to memory constraints or because you want to share single daemon between several rclone and Sia-UI instances, you'll need to make a few more provisions: - Ensure you have Sia daemon installed directly or in a docker container because Sia-UI does not support this mode natively. - Run it on externally accessible port, for example provide --api-addr :9980
and --disable-api-security
arguments on the daemon command line. - Enforce API password for the siad
daemon via environment variable SIA_API_PASSWORD
or text file named apipassword
in the daemon directory. - Set rclone backend option api_password
taking it from above locations.
+
+
+Notes: 1. If your wallet is locked, rclone cannot unlock it automatically. You should either unlock it in advance by using Sia-UI or via command line siac wallet unlock
. Alternatively you can make siad
unlock your wallet automatically upon startup by running it with environment variable SIA_WALLET_PASSWORD
. 2. If siad
cannot find the SIA_API_PASSWORD
variable or the apipassword
file in the SIA_DIR
directory, it will generate a random password and store in the text file named apipassword
under YOUR_HOME/.sia/
directory on Unix or C:\Users\YOUR_HOME\AppData\Local\Sia\apipassword
on Windows. Remember this when you configure password in rclone. 3. The only way to use siad
without API password is to run it on localhost with command line argument --authorize-api=false
, but this is insecure and strongly discouraged.
+
+
+## Configuration
+
+
+Here is an example of how to make a sia
remote called mySia
. First, run:
+
+
+rclone config
+
+
+This will guide you through an interactive setup process:
+
+
+``` No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> mySia Type of storage to configure. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value ... 29 / Sia Decentralized Cloud "sia" ... Storage> sia Sia daemon API URL, like http://sia.daemon.host:9980. Note that siad must run with --disable-api-security to open API port for other hosts (not recommended). Keep default if Sia daemon runs on localhost. Enter a string value. Press Enter for the default ("http://127.0.0.1:9980"). api_url> http://127.0.0.1:9980 Sia Daemon API Password. Can be found in the apipassword file located in HOME/.sia/ or in the daemon directory. y) Yes type in my own password g) Generate random password n) No leave this optional password blank (default) y/g/n> y Enter the password: password: Confirm the password: password: Edit advanced config? y) Yes n) No (default) y/n> n
+
+
+
+[mySia] type = sia api_url = http://127.0.0.1:9980 api_password = *** ENCRYPTED *** -------------------- y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y
+
+Once configured, you can then use `rclone` like this:
+
+- List directories in top level of your Sia storage
+
+rclone lsd mySia:
+
+- List all the files in your Sia storage
+
+rclone ls mySia:
+
+- Upload a local directory to the Sia directory called _backup_
+
+rclone copy /home/source mySia:backup
+
+
+### Standard options
+
+Here are the Standard options specific to sia (Sia Decentralized Cloud).
+
+#### --sia-api-url
+
+Sia daemon API URL, like http://sia.daemon.host:9980.
+
+Note that siad must run with --disable-api-security to open API port for other hosts (not recommended).
+Keep default if Sia daemon runs on localhost.
+
+Properties:
+
+- Config: api_url
+- Env Var: RCLONE_SIA_API_URL
+- Type: string
+- Default: "http://127.0.0.1:9980"
+
+#### --sia-api-password
+
+Sia Daemon API Password.
+
+Can be found in the apipassword file located in HOME/.sia/ or in the daemon directory.
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: api_password
+- Env Var: RCLONE_SIA_API_PASSWORD
+- Type: string
+- Required: false
+
+### Advanced options
+
+Here are the Advanced options specific to sia (Sia Decentralized Cloud).
+
+#### --sia-user-agent
+
+Siad User Agent
+
+Sia daemon requires the 'Sia-Agent' user agent by default for security
+
+Properties:
+
+- Config: user_agent
+- Env Var: RCLONE_SIA_USER_AGENT
+- Type: string
+- Default: "Sia-Agent"
+
+#### --sia-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_SIA_ENCODING
+- Type: Encoding
+- Default: Slash,Question,Hash,Percent,Del,Ctl,InvalidUtf8,Dot
+
+
+
+## Limitations
+
+- Modification times not supported
+- Checksums not supported
+- `rclone about` not supported
+- rclone can work only with _Siad_ or _Sia-UI_ at the moment,
+ the **SkyNet daemon is not supported yet.**
+- Sia does not allow control characters or symbols like question and pound
+ signs in file names. rclone will transparently [encode](https://rclone.org/overview/#encoding)
+ them for you, but you'd better be aware
+
+# Swift
+
+Swift refers to [OpenStack Object Storage](https://docs.openstack.org/swift/latest/).
+Commercial implementations of that being:
+
+ * [Rackspace Cloud Files](https://www.rackspace.com/cloud/files/)
+ * [Memset Memstore](https://www.memset.com/cloud/storage/)
+ * [OVH Object Storage](https://www.ovh.co.uk/public-cloud/storage/object-storage/)
+ * [Oracle Cloud Storage](https://docs.oracle.com/en-us/iaas/integration/doc/configure-object-storage.html)
+ * [Blomp Cloud Storage](https://www.blomp.com/cloud-storage/)
+ * [IBM Bluemix Cloud ObjectStorage Swift](https://console.bluemix.net/docs/infrastructure/objectstorage-swift/index.html)
+
+Paths are specified as `remote:container` (or `remote:` for the `lsd`
+command.) You may put subdirectories in too, e.g. `remote:container/path/to/dir`.
+
+## Configuration
+
+Here is an example of making a swift configuration. First run
+
+ rclone config
+
+This will guide you through an interactive setup process.
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / OpenStack Swift (Rackspace Cloud Files, Blomp Cloud Storage, Memset Memstore, OVH) "swift" [snip] Storage> swift Get swift credentials from environment variables in standard OpenStack form. Choose a number from below, or type in your own value 1 / Enter swift credentials in the next step "false" 2 / Get swift credentials from environment vars. Leave other fields blank if using this. "true" env_auth> true User name to log in (OS_USERNAME). user> API key or password (OS_PASSWORD). key> Authentication URL for server (OS_AUTH_URL). Choose a number from below, or type in your own value 1 / Rackspace US "https://auth.api.rackspacecloud.com/v1.0" 2 / Rackspace UK "https://lon.auth.api.rackspacecloud.com/v1.0" 3 / Rackspace v2 "https://identity.api.rackspacecloud.com/v2.0" 4 / Memset Memstore UK "https://auth.storage.memset.com/v1.0" 5 / Memset Memstore UK v2 "https://auth.storage.memset.com/v2.0" 6 / OVH "https://auth.cloud.ovh.net/v3" 7 / Blomp Cloud Storage "https://authenticate.ain.net" auth> User ID to log in - optional - most swift systems use user and leave this blank (v3 auth) (OS_USER_ID). user_id> User domain - optional (v3 auth) (OS_USER_DOMAIN_NAME) domain> Tenant name - optional for v1 auth, this or tenant_id required otherwise (OS_TENANT_NAME or OS_PROJECT_NAME) tenant> Tenant ID - optional for v1 auth, this or tenant required otherwise (OS_TENANT_ID) tenant_id> Tenant domain - optional (v3 auth) (OS_PROJECT_DOMAIN_NAME) tenant_domain> Region name - optional (OS_REGION_NAME) region> Storage URL - optional (OS_STORAGE_URL) storage_url> Auth Token from alternate authentication - optional (OS_AUTH_TOKEN) auth_token> AuthVersion - optional - set to (1,2,3) if your auth URL has no version (ST_AUTH_VERSION) auth_version> Endpoint type to choose from the service catalogue (OS_ENDPOINT_TYPE) Choose a number from below, or type in your own value 1 / Public (default, choose this if not sure) "public" 2 / Internal (use internal service net) "internal" 3 / Admin "admin" endpoint_type> Remote config -------------------- [test] env_auth = true user = key = auth = user_id = domain = tenant = tenant_id = tenant_domain = region = storage_url = auth_token = auth_version = endpoint_type = -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y
+
+This remote is called `remote` and can now be used like this
+
+See all containers
+
+ rclone lsd remote:
+
+Make a new container
+
+ rclone mkdir remote:container
+
+List the contents of a container
+
+ rclone ls remote:container
+
+Sync `/home/local/directory` to the remote container, deleting any
+excess files in the container.
+
+ rclone sync --interactive /home/local/directory remote:container
+
+### Configuration from an OpenStack credentials file
+
+An OpenStack credentials file typically looks something something
+like this (without the comments)
+
+export OS_AUTH_URL=https://a.provider.net/v2.0 export OS_TENANT_ID=ffffffffffffffffffffffffffffffff export OS_TENANT_NAME="1234567890123456" export OS_USERNAME="123abc567xy" echo "Please enter your OpenStack Password: " read -sr OS_PASSWORD_INPUT export OS_PASSWORD=$OS_PASSWORD_INPUT export OS_REGION_NAME="SBG1" if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi
+
+The config file needs to look something like this where `$OS_USERNAME`
+represents the value of the `OS_USERNAME` variable - `123abc567xy` in
+the example above.
+
+[remote] type = swift user = $OS_USERNAME key = $OS_PASSWORD auth = $OS_AUTH_URL tenant = $OS_TENANT_NAME
+
+Note that you may (or may not) need to set `region` too - try without first.
+
+### Configuration from the environment
+
+If you prefer you can configure rclone to use swift using a standard
+set of OpenStack environment variables.
+
+When you run through the config, make sure you choose `true` for
+`env_auth` and leave everything else blank.
+
+rclone will then set any empty config parameters from the environment
+using standard OpenStack environment variables. There is [a list of
+the
+variables](https://godoc.org/github.com/ncw/swift#Connection.ApplyEnvironment)
+in the docs for the swift library.
+
+### Using an alternate authentication method
+
+If your OpenStack installation uses a non-standard authentication method
+that might not be yet supported by rclone or the underlying swift library,
+you can authenticate externally (e.g. calling manually the `openstack`
+commands to get a token). Then, you just need to pass the two
+configuration variables ``auth_token`` and ``storage_url``.
+If they are both provided, the other variables are ignored. rclone will
+not try to authenticate but instead assume it is already authenticated
+and use these two variables to access the OpenStack installation.
+
+#### Using rclone without a config file
+
+You can use rclone with swift without a config file, if desired, like
+this:
+
+source openstack-credentials-file export RCLONE_CONFIG_MYREMOTE_TYPE=swift export RCLONE_CONFIG_MYREMOTE_ENV_AUTH=true rclone lsd myremote:
+
+### --fast-list
+
+This remote supports `--fast-list` which allows you to use fewer
+transactions in exchange for more memory. See the [rclone
+docs](https://rclone.org/docs/#fast-list) for more details.
+
+### --update and --use-server-modtime
+
+As noted below, the modified time is stored on metadata on the object. It is
+used by default for all operations that require checking the time a file was
+last updated. It allows rclone to treat the remote more like a true filesystem,
+but it is inefficient because it requires an extra API call to retrieve the
+metadata.
+
+For many operations, the time the object was last uploaded to the remote is
+sufficient to determine if it is "dirty". By using `--update` along with
+`--use-server-modtime`, you can avoid the extra API call and simply upload
+files whose local modtime is newer than the time it was last uploaded.
+
+### Modification times and hashes
+
+The modified time is stored as metadata on the object as
+`X-Object-Meta-Mtime` as floating point since the epoch accurate to 1
+ns.
+
+This is a de facto standard (used in the official python-swiftclient
+amongst others) for storing the modification time for an object.
+
+The MD5 hash algorithm is supported.
+
+### Restricted filename characters
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| NUL | 0x00 | ␀ |
+| / | 0x2F | / |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+
+### Standard options
+
+Here are the Standard options specific to swift (OpenStack Swift (Rackspace Cloud Files, Blomp Cloud Storage, Memset Memstore, OVH)).
+
+#### --swift-env-auth
+
+Get swift credentials from environment variables in standard OpenStack form.
+
+Properties:
+
+- Config: env_auth
+- Env Var: RCLONE_SWIFT_ENV_AUTH
+- Type: bool
+- Default: false
+- Examples:
+ - "false"
+ - Enter swift credentials in the next step.
+ - "true"
+ - Get swift credentials from environment vars.
+ - Leave other fields blank if using this.
+
+#### --swift-user
+
+User name to log in (OS_USERNAME).
+
+Properties:
+
+- Config: user
+- Env Var: RCLONE_SWIFT_USER
+- Type: string
+- Required: false
+
+#### --swift-key
+
+API key or password (OS_PASSWORD).
+
+Properties:
+
+- Config: key
+- Env Var: RCLONE_SWIFT_KEY
+- Type: string
+- Required: false
+
+#### --swift-auth
+
+Authentication URL for server (OS_AUTH_URL).
+
+Properties:
+
+- Config: auth
+- Env Var: RCLONE_SWIFT_AUTH
+- Type: string
+- Required: false
+- Examples:
+ - "https://auth.api.rackspacecloud.com/v1.0"
+ - Rackspace US
+ - "https://lon.auth.api.rackspacecloud.com/v1.0"
+ - Rackspace UK
+ - "https://identity.api.rackspacecloud.com/v2.0"
+ - Rackspace v2
+ - "https://auth.storage.memset.com/v1.0"
+ - Memset Memstore UK
+ - "https://auth.storage.memset.com/v2.0"
+ - Memset Memstore UK v2
+ - "https://auth.cloud.ovh.net/v3"
+ - OVH
+ - "https://authenticate.ain.net"
+ - Blomp Cloud Storage
+
+#### --swift-user-id
+
+User ID to log in - optional - most swift systems use user and leave this blank (v3 auth) (OS_USER_ID).
+
+Properties:
+
+- Config: user_id
+- Env Var: RCLONE_SWIFT_USER_ID
+- Type: string
+- Required: false
+
+#### --swift-domain
+
+User domain - optional (v3 auth) (OS_USER_DOMAIN_NAME)
+
+Properties:
+
+- Config: domain
+- Env Var: RCLONE_SWIFT_DOMAIN
+- Type: string
+- Required: false
+
+#### --swift-tenant
+
+Tenant name - optional for v1 auth, this or tenant_id required otherwise (OS_TENANT_NAME or OS_PROJECT_NAME).
+
+Properties:
+
+- Config: tenant
+- Env Var: RCLONE_SWIFT_TENANT
+- Type: string
+- Required: false
+
+#### --swift-tenant-id
+
+Tenant ID - optional for v1 auth, this or tenant required otherwise (OS_TENANT_ID).
+
+Properties:
+
+- Config: tenant_id
+- Env Var: RCLONE_SWIFT_TENANT_ID
+- Type: string
+- Required: false
+
+#### --swift-tenant-domain
+
+Tenant domain - optional (v3 auth) (OS_PROJECT_DOMAIN_NAME).
+
+Properties:
+
+- Config: tenant_domain
+- Env Var: RCLONE_SWIFT_TENANT_DOMAIN
+- Type: string
+- Required: false
+
+#### --swift-region
+
+Region name - optional (OS_REGION_NAME).
+
+Properties:
+
+- Config: region
+- Env Var: RCLONE_SWIFT_REGION
+- Type: string
+- Required: false
+
+#### --swift-storage-url
+
+Storage URL - optional (OS_STORAGE_URL).
+
+Properties:
+
+- Config: storage_url
+- Env Var: RCLONE_SWIFT_STORAGE_URL
+- Type: string
+- Required: false
+
+#### --swift-auth-token
+
+Auth Token from alternate authentication - optional (OS_AUTH_TOKEN).
+
+Properties:
+
+- Config: auth_token
+- Env Var: RCLONE_SWIFT_AUTH_TOKEN
+- Type: string
+- Required: false
+
+#### --swift-application-credential-id
+
+Application Credential ID (OS_APPLICATION_CREDENTIAL_ID).
+
+Properties:
+
+- Config: application_credential_id
+- Env Var: RCLONE_SWIFT_APPLICATION_CREDENTIAL_ID
+- Type: string
+- Required: false
+
+#### --swift-application-credential-name
+
+Application Credential Name (OS_APPLICATION_CREDENTIAL_NAME).
+
+Properties:
+
+- Config: application_credential_name
+- Env Var: RCLONE_SWIFT_APPLICATION_CREDENTIAL_NAME
+- Type: string
+- Required: false
+
+#### --swift-application-credential-secret
+
+Application Credential Secret (OS_APPLICATION_CREDENTIAL_SECRET).
+
+Properties:
+
+- Config: application_credential_secret
+- Env Var: RCLONE_SWIFT_APPLICATION_CREDENTIAL_SECRET
+- Type: string
+- Required: false
+
+#### --swift-auth-version
+
+AuthVersion - optional - set to (1,2,3) if your auth URL has no version (ST_AUTH_VERSION).
+
+Properties:
+
+- Config: auth_version
+- Env Var: RCLONE_SWIFT_AUTH_VERSION
+- Type: int
+- Default: 0
+
+#### --swift-endpoint-type
+
+Endpoint type to choose from the service catalogue (OS_ENDPOINT_TYPE).
+
+Properties:
+
+- Config: endpoint_type
+- Env Var: RCLONE_SWIFT_ENDPOINT_TYPE
+- Type: string
+- Default: "public"
+- Examples:
+ - "public"
+ - Public (default, choose this if not sure)
+ - "internal"
+ - Internal (use internal service net)
+ - "admin"
+ - Admin
+
+#### --swift-storage-policy
+
+The storage policy to use when creating a new container.
+
+This applies the specified storage policy when creating a new
+container. The policy cannot be changed afterwards. The allowed
+configuration values and their meaning depend on your Swift storage
+provider.
+
+Properties:
+
+- Config: storage_policy
+- Env Var: RCLONE_SWIFT_STORAGE_POLICY
+- Type: string
+- Required: false
+- Examples:
+ - ""
+ - Default
+ - "pcs"
+ - OVH Public Cloud Storage
+ - "pca"
+ - OVH Public Cloud Archive
+
+### Advanced options
+
+Here are the Advanced options specific to swift (OpenStack Swift (Rackspace Cloud Files, Blomp Cloud Storage, Memset Memstore, OVH)).
+
+#### --swift-leave-parts-on-error
+
+If true avoid calling abort upload on a failure.
+
+It should be set to true for resuming uploads across different sessions.
+
+Properties:
+
+- Config: leave_parts_on_error
+- Env Var: RCLONE_SWIFT_LEAVE_PARTS_ON_ERROR
+- Type: bool
+- Default: false
+
+#### --swift-chunk-size
+
+Above this size files will be chunked into a _segments container.
+
+Above this size files will be chunked into a _segments container. The
+default for this is 5 GiB which is its maximum value.
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_SWIFT_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 5Gi
+
+#### --swift-no-chunk
+
+Don't chunk files during streaming upload.
+
+When doing streaming uploads (e.g. using rcat or mount) setting this
+flag will cause the swift backend to not upload chunked files.
+
+This will limit the maximum upload size to 5 GiB. However non chunked
+files are easier to deal with and have an MD5SUM.
+
+Rclone will still chunk files bigger than chunk_size when doing normal
+copy operations.
+
+Properties:
+
+- Config: no_chunk
+- Env Var: RCLONE_SWIFT_NO_CHUNK
+- Type: bool
+- Default: false
+
+#### --swift-no-large-objects
+
+Disable support for static and dynamic large objects
+
+Swift cannot transparently store files bigger than 5 GiB. There are
+two schemes for doing that, static or dynamic large objects, and the
+API does not allow rclone to determine whether a file is a static or
+dynamic large object without doing a HEAD on the object. Since these
+need to be treated differently, this means rclone has to issue HEAD
+requests for objects for example when reading checksums.
+
+When `no_large_objects` is set, rclone will assume that there are no
+static or dynamic large objects stored. This means it can stop doing
+the extra HEAD calls which in turn increases performance greatly
+especially when doing a swift to swift transfer with `--checksum` set.
+
+Setting this option implies `no_chunk` and also that no files will be
+uploaded in chunks, so files bigger than 5 GiB will just fail on
+upload.
+
+If you set this option and there *are* static or dynamic large objects,
+then this will give incorrect hashes for them. Downloads will succeed,
+but other operations such as Remove and Copy will fail.
+
+
+Properties:
+
+- Config: no_large_objects
+- Env Var: RCLONE_SWIFT_NO_LARGE_OBJECTS
+- Type: bool
+- Default: false
+
+#### --swift-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_SWIFT_ENCODING
+- Type: Encoding
+- Default: Slash,InvalidUtf8
+
+
+
+## Limitations
+
+The Swift API doesn't return a correct MD5SUM for segmented files
+(Dynamic or Static Large Objects) so rclone won't check or use the
+MD5SUM for these.
+
+## Troubleshooting
+
+### Rclone gives Failed to create file system for "remote:": Bad Request
+
+Due to an oddity of the underlying swift library, it gives a "Bad
+Request" error rather than a more sensible error when the
+authentication fails for Swift.
+
+So this most likely means your username / password is wrong. You can
+investigate further with the `--dump-bodies` flag.
+
+This may also be caused by specifying the region when you shouldn't
+have (e.g. OVH).
+
+### Rclone gives Failed to create file system: Response didn't have storage url and auth token
+
+This is most likely caused by forgetting to specify your tenant when
+setting up a swift remote.
+
+## OVH Cloud Archive
+
+To use rclone with OVH cloud archive, first use `rclone config` to set up a `swift` backend with OVH, choosing `pca` as the `storage_policy`.
+
+### Uploading Objects
+
+Uploading objects to OVH cloud archive is no different to object storage, you just simply run the command you like (move, copy or sync) to upload the objects. Once uploaded the objects will show in a "Frozen" state within the OVH control panel.
+
+### Retrieving Objects
+
+To retrieve objects use `rclone copy` as normal. If the objects are in a frozen state then rclone will ask for them all to be unfrozen and it will wait at the end of the output with a message like the following:
+
+`2019/03/23 13:06:33 NOTICE: Received retry after error - sleeping until 2019-03-23T13:16:33.481657164+01:00 (9m59.99985121s)`
+
+Rclone will wait for the time specified then retry the copy.
+
+# pCloud
+
+Paths are specified as `remote:path`
+
+Paths may be as deep as required, e.g. `remote:directory/subdirectory`.
+
+## Configuration
+
+The initial setup for pCloud involves getting a token from pCloud which you
+need to do in your browser. `rclone config` walks you through it.
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / Pcloud "pcloud" [snip] Storage> pcloud Pcloud App Client Id - leave blank normally. client_id> Pcloud App Client Secret - leave blank normally. client_secret> Remote config Use web browser to automatically authenticate rclone with remote? * Say Y if the machine running rclone has a web browser you can use * Say N if running rclone on a (remote) machine without web browser access If not sure try Y. If Y failed, try N. y) Yes n) No y/n> y If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth Log in and authorize rclone for access Waiting for code... Got code -------------------- [remote] client_id = client_secret = token = {"access_token":"XXX","token_type":"bearer","expiry":"0001-01-01T00:00:00Z"} -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y
+
+See the [remote setup docs](https://rclone.org/remote_setup/) for how to set it up on a
+machine with no Internet browser available.
+
+Note that rclone runs a webserver on your local machine to collect the
+token as returned from pCloud. This only runs from the moment it opens
+your browser to the moment you get back the verification code. This
+is on `http://127.0.0.1:53682/` and this it may require you to unblock
+it temporarily if you are running a host firewall.
+
+Once configured you can then use `rclone` like this,
+
+List directories in top level of your pCloud
+
+ rclone lsd remote:
+
+List all the files in your pCloud
+
+ rclone ls remote:
+
+To copy a local directory to a pCloud directory called backup
+
+ rclone copy /home/source remote:backup
+
+### Modification times and hashes
+
+pCloud allows modification times to be set on objects accurate to 1
+second. These will be used to detect whether objects need syncing or
+not. In order to set a Modification time pCloud requires the object
+be re-uploaded.
+
+pCloud supports MD5 and SHA1 hashes in the US region, and SHA1 and SHA256
+hashes in the EU region, so you can use the `--checksum` flag.
+
+### Restricted filename characters
+
+In addition to the [default restricted characters set](https://rclone.org/overview/#restricted-characters)
+the following characters are also replaced:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| \ | 0x5C | \ |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+### Deleting files
+
+Deleted files will be moved to the trash. Your subscription level
+will determine how long items stay in the trash. `rclone cleanup` can
+be used to empty the trash.
+
+### Emptying the trash
+
+Due to an API limitation, the `rclone cleanup` command will only work if you
+set your username and password in the advanced options for this backend.
+Since we generally want to avoid storing user passwords in the rclone config
+file, we advise you to only set this up if you need the `rclone cleanup` command to work.
+
+### Root folder ID
+
+You can set the `root_folder_id` for rclone. This is the directory
+(identified by its `Folder ID`) that rclone considers to be the root
+of your pCloud drive.
+
+Normally you will leave this blank and rclone will determine the
+correct root to use itself.
+
+However you can set this to restrict rclone to a specific folder
+hierarchy.
+
+In order to do this you will have to find the `Folder ID` of the
+directory you wish rclone to display. This will be the `folder` field
+of the URL when you open the relevant folder in the pCloud web
+interface.
+
+So if the folder you want rclone to use has a URL which looks like
+`https://my.pcloud.com/#page=filemanager&folder=5xxxxxxxx8&tpl=foldergrid`
+in the browser, then you use `5xxxxxxxx8` as
+the `root_folder_id` in the config.
+
+
+### Standard options
+
+Here are the Standard options specific to pcloud (Pcloud).
+
+#### --pcloud-client-id
+
+OAuth Client Id.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_PCLOUD_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --pcloud-client-secret
+
+OAuth Client Secret.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_PCLOUD_CLIENT_SECRET
+- Type: string
+- Required: false
+
+### Advanced options
+
+Here are the Advanced options specific to pcloud (Pcloud).
+
+#### --pcloud-token
+
+OAuth Access Token as a JSON blob.
+
+Properties:
+
+- Config: token
+- Env Var: RCLONE_PCLOUD_TOKEN
+- Type: string
+- Required: false
+
+#### --pcloud-auth-url
+
+Auth server URL.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: auth_url
+- Env Var: RCLONE_PCLOUD_AUTH_URL
+- Type: string
+- Required: false
+
+#### --pcloud-token-url
+
+Token server url.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: token_url
+- Env Var: RCLONE_PCLOUD_TOKEN_URL
+- Type: string
+- Required: false
+
+#### --pcloud-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_PCLOUD_ENCODING
+- Type: Encoding
+- Default: Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot
+
+#### --pcloud-root-folder-id
+
+Fill in for rclone to use a non root folder as its starting point.
+
+Properties:
+
+- Config: root_folder_id
+- Env Var: RCLONE_PCLOUD_ROOT_FOLDER_ID
+- Type: string
+- Default: "d0"
+
+#### --pcloud-hostname
+
+Hostname to connect to.
+
+This is normally set when rclone initially does the oauth connection,
+however you will need to set it by hand if you are using remote config
+with rclone authorize.
+
+
+Properties:
+
+- Config: hostname
+- Env Var: RCLONE_PCLOUD_HOSTNAME
+- Type: string
+- Default: "api.pcloud.com"
+- Examples:
+ - "api.pcloud.com"
+ - Original/US region
+ - "eapi.pcloud.com"
+ - EU region
+
+#### --pcloud-username
+
+Your pcloud username.
+
+This is only required when you want to use the cleanup command. Due to a bug
+in the pcloud API the required API does not support OAuth authentication so
+we have to rely on user password authentication for it.
+
+Properties:
+
+- Config: username
+- Env Var: RCLONE_PCLOUD_USERNAME
+- Type: string
+- Required: false
+
+#### --pcloud-password
+
+Your pcloud password.
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: password
+- Env Var: RCLONE_PCLOUD_PASSWORD
+- Type: string
+- Required: false
+
+
+
+# PikPak
+
+PikPak is [a private cloud drive](https://mypikpak.com/).
+
+Paths are specified as `remote:path`, and may be as deep as required, e.g. `remote:directory/subdirectory`.
+
+## Configuration
+
+Here is an example of making a remote for PikPak.
+
+First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n
+Enter name for new remote. name> remote
+Option Storage. Type of storage to configure. Choose a number from below, or type in your own value. XX / PikPak (pikpak) Storage> XX
+Option user. Pikpak username. Enter a value. user> USERNAME
+Option pass. Pikpak password. Choose an alternative below. y) Yes, type in my own password g) Generate random password y/g> y Enter the password: password: Confirm the password: password:
+Edit advanced config? y) Yes n) No (default) y/n>
+Configuration complete. Options: - type: pikpak - user: USERNAME - pass: *** ENCRYPTED *** - token: {"access_token":"eyJ...","token_type":"Bearer","refresh_token":"os...","expiry":"2023-01-26T18:54:32.170582647+09:00"} Keep this "remote" remote? y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y
+
+### Modification times and hashes
+
+PikPak keeps modification times on objects, and updates them when uploading objects,
+but it does not support changing only the modification time
+
+The MD5 hash algorithm is supported.
+
+
+### Standard options
+
+Here are the Standard options specific to pikpak (PikPak).
+
+#### --pikpak-user
+
+Pikpak username.
+
+Properties:
+
+- Config: user
+- Env Var: RCLONE_PIKPAK_USER
+- Type: string
+- Required: true
+
+#### --pikpak-pass
+
+Pikpak password.
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: pass
+- Env Var: RCLONE_PIKPAK_PASS
+- Type: string
+- Required: true
+
+### Advanced options
+
+Here are the Advanced options specific to pikpak (PikPak).
+
+#### --pikpak-client-id
+
+OAuth Client Id.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_PIKPAK_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --pikpak-client-secret
+
+OAuth Client Secret.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_PIKPAK_CLIENT_SECRET
+- Type: string
+- Required: false
+
+#### --pikpak-token
+
+OAuth Access Token as a JSON blob.
+
+Properties:
+
+- Config: token
+- Env Var: RCLONE_PIKPAK_TOKEN
+- Type: string
+- Required: false
+
+#### --pikpak-auth-url
+
+Auth server URL.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: auth_url
+- Env Var: RCLONE_PIKPAK_AUTH_URL
+- Type: string
+- Required: false
+
+#### --pikpak-token-url
+
+Token server url.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: token_url
+- Env Var: RCLONE_PIKPAK_TOKEN_URL
+- Type: string
+- Required: false
+
+#### --pikpak-root-folder-id
+
+ID of the root folder.
+Leave blank normally.
+
+Fill in for rclone to use a non root folder as its starting point.
+
+
+Properties:
+
+- Config: root_folder_id
+- Env Var: RCLONE_PIKPAK_ROOT_FOLDER_ID
+- Type: string
+- Required: false
+
+#### --pikpak-use-trash
+
+Send files to the trash instead of deleting permanently.
+
+Defaults to true, namely sending files to the trash.
+Use `--pikpak-use-trash=false` to delete files permanently instead.
+
+Properties:
+
+- Config: use_trash
+- Env Var: RCLONE_PIKPAK_USE_TRASH
+- Type: bool
+- Default: true
+
+#### --pikpak-trashed-only
+
+Only show files that are in the trash.
+
+This will show trashed files in their original directory structure.
+
+Properties:
+
+- Config: trashed_only
+- Env Var: RCLONE_PIKPAK_TRASHED_ONLY
+- Type: bool
+- Default: false
+
+#### --pikpak-hash-memory-limit
+
+Files bigger than this will be cached on disk to calculate hash if required.
+
+Properties:
+
+- Config: hash_memory_limit
+- Env Var: RCLONE_PIKPAK_HASH_MEMORY_LIMIT
+- Type: SizeSuffix
+- Default: 10Mi
+
+#### --pikpak-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_PIKPAK_ENCODING
+- Type: Encoding
+- Default: Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,LeftSpace,RightSpace,RightPeriod,InvalidUtf8,Dot
+
+## Backend commands
+
+Here are the commands specific to the pikpak backend.
+
+Run them with
+
+ rclone backend COMMAND remote:
+
+The help below will explain what arguments each command takes.
+
+See the [backend](https://rclone.org/commands/rclone_backend/) command for more
+info on how to pass options and arguments.
+
+These can be run on a running backend using the rc command
+[backend/command](https://rclone.org/rc/#backend-command).
+
+### addurl
+
+Add offline download task for url
+
+ rclone backend addurl remote: [options] [<arguments>+]
+
+This command adds offline download task for url.
+
+Usage:
+
+ rclone backend addurl pikpak:dirpath url
+
+Downloads will be stored in 'dirpath'. If 'dirpath' is invalid,
+download will fallback to default 'My Pack' folder.
+
+
+### decompress
+
+Request decompress of a file/files in a folder
+
+ rclone backend decompress remote: [options] [<arguments>+]
+
+This command requests decompress of file/files in a folder.
+
+Usage:
+
+ rclone backend decompress pikpak:dirpath {filename} -o password=password
+ rclone backend decompress pikpak:dirpath {filename} -o delete-src-file
+
+An optional argument 'filename' can be specified for a file located in
+'pikpak:dirpath'. You may want to pass '-o password=password' for a
+password-protected files. Also, pass '-o delete-src-file' to delete
+source files after decompression finished.
+
+Result:
+
+ {
+ "Decompressed": 17,
+ "SourceDeleted": 0,
+ "Errors": 0
+ }
+
+
+
+
+## Limitations
+
+### Hashes may be empty
+
+PikPak supports MD5 hash, but sometimes given empty especially for user-uploaded files.
+
+### Deleted files still visible with trashed-only
+
+Deleted files will still be visible with `--pikpak-trashed-only` even after the
+trash emptied. This goes away after few days.
+
+# premiumize.me
+
+Paths are specified as `remote:path`
+
+Paths may be as deep as required, e.g. `remote:directory/subdirectory`.
+
+## Configuration
+
+The initial setup for [premiumize.me](https://premiumize.me/) involves getting a token from premiumize.me which you
+need to do in your browser. `rclone config` walks you through it.
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value [snip] XX / premiumize.me "premiumizeme" [snip] Storage> premiumizeme ** See help for premiumizeme backend at: https://rclone.org/premiumizeme/ **
+Remote config Use web browser to automatically authenticate rclone with remote? * Say Y if the machine running rclone has a web browser you can use * Say N if running rclone on a (remote) machine without web browser access If not sure try Y. If Y failed, try N. y) Yes n) No y/n> y If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth Log in and authorize rclone for access Waiting for code... Got code -------------------- [remote] type = premiumizeme token = {"access_token":"XXX","token_type":"Bearer","refresh_token":"XXX","expiry":"2029-08-07T18:44:15.548915378+01:00"} -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d>
+
+See the [remote setup docs](https://rclone.org/remote_setup/) for how to set it up on a
+machine with no Internet browser available.
+
+Note that rclone runs a webserver on your local machine to collect the
+token as returned from premiumize.me. This only runs from the moment it opens
+your browser to the moment you get back the verification code. This
+is on `http://127.0.0.1:53682/` and this it may require you to unblock
+it temporarily if you are running a host firewall.
+
+Once configured you can then use `rclone` like this,
+
+List directories in top level of your premiumize.me
+
+ rclone lsd remote:
+
+List all the files in your premiumize.me
+
+ rclone ls remote:
+
+To copy a local directory to an premiumize.me directory called backup
+
+ rclone copy /home/source remote:backup
+
+### Modification times and hashes
+
+premiumize.me does not support modification times or hashes, therefore
+syncing will default to `--size-only` checking. Note that using
+`--update` will work.
+
+### Restricted filename characters
+
+In addition to the [default restricted characters set](https://rclone.org/overview/#restricted-characters)
+the following characters are also replaced:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| \ | 0x5C | \ |
+| " | 0x22 | " |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+
+### Standard options
+
+Here are the Standard options specific to premiumizeme (premiumize.me).
+
+#### --premiumizeme-client-id
+
+OAuth Client Id.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_PREMIUMIZEME_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --premiumizeme-client-secret
+
+OAuth Client Secret.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_PREMIUMIZEME_CLIENT_SECRET
+- Type: string
+- Required: false
+
+#### --premiumizeme-api-key
+
+API Key.
+
+This is not normally used - use oauth instead.
+
+
+Properties:
+
+- Config: api_key
+- Env Var: RCLONE_PREMIUMIZEME_API_KEY
+- Type: string
+- Required: false
+
+### Advanced options
+
+Here are the Advanced options specific to premiumizeme (premiumize.me).
+
+#### --premiumizeme-token
+
+OAuth Access Token as a JSON blob.
+
+Properties:
+
+- Config: token
+- Env Var: RCLONE_PREMIUMIZEME_TOKEN
+- Type: string
+- Required: false
+
+#### --premiumizeme-auth-url
+
+Auth server URL.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: auth_url
+- Env Var: RCLONE_PREMIUMIZEME_AUTH_URL
+- Type: string
+- Required: false
+
+#### --premiumizeme-token-url
+
+Token server url.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: token_url
+- Env Var: RCLONE_PREMIUMIZEME_TOKEN_URL
+- Type: string
+- Required: false
+
+#### --premiumizeme-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_PREMIUMIZEME_ENCODING
+- Type: Encoding
+- Default: Slash,DoubleQuote,BackSlash,Del,Ctl,InvalidUtf8,Dot
+
+
+
+## Limitations
+
+Note that premiumize.me is case insensitive so you can't have a file called
+"Hello.doc" and one called "hello.doc".
+
+premiumize.me file names can't have the `\` or `"` characters in.
+rclone maps these to and from an identical looking unicode equivalents
+`\` and `"`
+
+premiumize.me only supports filenames up to 255 characters in length.
+
+# Proton Drive
+
+[Proton Drive](https://proton.me/drive) is an end-to-end encrypted Swiss vault
+ for your files that protects your data.
+
+This is an rclone backend for Proton Drive which supports the file transfer
+features of Proton Drive using the same client-side encryption.
+
+Due to the fact that Proton Drive doesn't publish its API documentation, this
+backend is implemented with best efforts by reading the open-sourced client
+source code and observing the Proton Drive traffic in the browser.
+
+**NB** This backend is currently in Beta. It is believed to be correct
+and all the integration tests pass. However the Proton Drive protocol
+has evolved over time there may be accounts it is not compatible
+with. Please [post on the rclone forum](https://forum.rclone.org/) if
+you find an incompatibility.
+
+Paths are specified as `remote:path`
+
+Paths may be as deep as required, e.g. `remote:directory/subdirectory`.
+
+## Configurations
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / Proton Drive "Proton Drive" [snip] Storage> protondrive User name user> you@protonmail.com Password. y) Yes type in my own password g) Generate random password n) No leave this optional password blank y/g/n> y Enter the password: password: Confirm the password: password: Option 2fa. 2FA code (if the account requires one) Enter a value. Press Enter to leave empty. 2fa> 123456 Remote config -------------------- [remote] type = protondrive user = you@protonmail.com pass = *** ENCRYPTED *** -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y
+
+**NOTE:** The Proton Drive encryption keys need to have been already generated
+after a regular login via the browser, otherwise attempting to use the
+credentials in `rclone` will fail.
+
+Once configured you can then use `rclone` like this,
+
+List directories in top level of your Proton Drive
+
+ rclone lsd remote:
+
+List all the files in your Proton Drive
+
+ rclone ls remote:
+
+To copy a local directory to an Proton Drive directory called backup
+
+ rclone copy /home/source remote:backup
+
+### Modification times and hashes
+
+Proton Drive Bridge does not support updating modification times yet.
+
+The SHA1 hash algorithm is supported.
+
+### Restricted filename characters
+
+Invalid UTF-8 bytes will be [replaced](https://rclone.org/overview/#invalid-utf8), also left and
+right spaces will be removed ([code reference](https://github.com/ProtonMail/WebClients/blob/b4eba99d241af4fdae06ff7138bd651a40ef5d3c/applications/drive/src/app/store/_links/validation.ts#L51))
+
+### Duplicated files
+
+Proton Drive can not have two files with exactly the same name and path. If the
+conflict occurs, depending on the advanced config, the file might or might not
+be overwritten.
+
+### [Mailbox password](https://proton.me/support/the-difference-between-the-mailbox-password-and-login-password)
+
+Please set your mailbox password in the advanced config section.
+
+### Caching
+
+The cache is currently built for the case when the rclone is the only instance
+performing operations to the mount point. The event system, which is the proton
+API system that provides visibility of what has changed on the drive, is yet
+to be implemented, so updates from other clients won’t be reflected in the
+cache. Thus, if there are concurrent clients accessing the same mount point,
+then we might have a problem with caching the stale data.
+
+
+### Standard options
+
+Here are the Standard options specific to protondrive (Proton Drive).
+
+#### --protondrive-username
+
+The username of your proton account
+
+Properties:
+
+- Config: username
+- Env Var: RCLONE_PROTONDRIVE_USERNAME
+- Type: string
+- Required: true
+
+#### --protondrive-password
+
+The password of your proton account.
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: password
+- Env Var: RCLONE_PROTONDRIVE_PASSWORD
+- Type: string
+- Required: true
+
+#### --protondrive-2fa
+
+The 2FA code
+
+The value can also be provided with --protondrive-2fa=000000
+
+The 2FA code of your proton drive account if the account is set up with
+two-factor authentication
+
+Properties:
+
+- Config: 2fa
+- Env Var: RCLONE_PROTONDRIVE_2FA
+- Type: string
+- Required: false
+
+### Advanced options
+
+Here are the Advanced options specific to protondrive (Proton Drive).
+
+#### --protondrive-mailbox-password
+
+The mailbox password of your two-password proton account.
+
+For more information regarding the mailbox password, please check the
+following official knowledge base article:
+https://proton.me/support/the-difference-between-the-mailbox-password-and-login-password
+
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: mailbox_password
+- Env Var: RCLONE_PROTONDRIVE_MAILBOX_PASSWORD
+- Type: string
+- Required: false
+
+#### --protondrive-client-uid
+
+Client uid key (internal use only)
+
+Properties:
+
+- Config: client_uid
+- Env Var: RCLONE_PROTONDRIVE_CLIENT_UID
+- Type: string
+- Required: false
+
+#### --protondrive-client-access-token
+
+Client access token key (internal use only)
+
+Properties:
+
+- Config: client_access_token
+- Env Var: RCLONE_PROTONDRIVE_CLIENT_ACCESS_TOKEN
+- Type: string
+- Required: false
+
+#### --protondrive-client-refresh-token
+
+Client refresh token key (internal use only)
+
+Properties:
+
+- Config: client_refresh_token
+- Env Var: RCLONE_PROTONDRIVE_CLIENT_REFRESH_TOKEN
+- Type: string
+- Required: false
+
+#### --protondrive-client-salted-key-pass
+
+Client salted key pass key (internal use only)
+
+Properties:
+
+- Config: client_salted_key_pass
+- Env Var: RCLONE_PROTONDRIVE_CLIENT_SALTED_KEY_PASS
+- Type: string
+- Required: false
+
+#### --protondrive-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_PROTONDRIVE_ENCODING
+- Type: Encoding
+- Default: Slash,LeftSpace,RightSpace,InvalidUtf8,Dot
+
+#### --protondrive-original-file-size
+
+Return the file size before encryption
+
+The size of the encrypted file will be different from (bigger than) the
+original file size. Unless there is a reason to return the file size
+after encryption is performed, otherwise, set this option to true, as
+features like Open() which will need to be supplied with original content
+size, will fail to operate properly
+
+Properties:
+
+- Config: original_file_size
+- Env Var: RCLONE_PROTONDRIVE_ORIGINAL_FILE_SIZE
+- Type: bool
+- Default: true
+
+#### --protondrive-app-version
+
+The app version string
+
+The app version string indicates the client that is currently performing
+the API request. This information is required and will be sent with every
+API request.
+
+Properties:
+
+- Config: app_version
+- Env Var: RCLONE_PROTONDRIVE_APP_VERSION
+- Type: string
+- Default: "macos-drive@1.0.0-alpha.1+rclone"
+
+#### --protondrive-replace-existing-draft
+
+Create a new revision when filename conflict is detected
+
+When a file upload is cancelled or failed before completion, a draft will be
+created and the subsequent upload of the same file to the same location will be
+reported as a conflict.
+
+The value can also be set by --protondrive-replace-existing-draft=true
+
+If the option is set to true, the draft will be replaced and then the upload
+operation will restart. If there are other clients also uploading at the same
+file location at the same time, the behavior is currently unknown. Need to set
+to true for integration tests.
+If the option is set to false, an error "a draft exist - usually this means a
+file is being uploaded at another client, or, there was a failed upload attempt"
+will be returned, and no upload will happen.
+
+Properties:
+
+- Config: replace_existing_draft
+- Env Var: RCLONE_PROTONDRIVE_REPLACE_EXISTING_DRAFT
+- Type: bool
+- Default: false
+
+#### --protondrive-enable-caching
+
+Caches the files and folders metadata to reduce API calls
+
+Notice: If you are mounting ProtonDrive as a VFS, please disable this feature,
+as the current implementation doesn't update or clear the cache when there are
+external changes.
+
+The files and folders on ProtonDrive are represented as links with keyrings,
+which can be cached to improve performance and be friendly to the API server.
+
+The cache is currently built for the case when the rclone is the only instance
+performing operations to the mount point. The event system, which is the proton
+API system that provides visibility of what has changed on the drive, is yet
+to be implemented, so updates from other clients won’t be reflected in the
+cache. Thus, if there are concurrent clients accessing the same mount point,
+then we might have a problem with caching the stale data.
+
+Properties:
+
+- Config: enable_caching
+- Env Var: RCLONE_PROTONDRIVE_ENABLE_CACHING
+- Type: bool
+- Default: true
+
+
+
+## Limitations
+
+This backend uses the
+[Proton-API-Bridge](https://github.com/henrybear327/Proton-API-Bridge), which
+is based on [go-proton-api](https://github.com/henrybear327/go-proton-api), a
+fork of the [official repo](https://github.com/ProtonMail/go-proton-api).
+
+There is no official API documentation available from Proton Drive. But, thanks
+to Proton open sourcing [proton-go-api](https://github.com/ProtonMail/go-proton-api)
+and the web, iOS, and Android client codebases, we don't need to completely
+reverse engineer the APIs by observing the web client traffic!
+
+[proton-go-api](https://github.com/ProtonMail/go-proton-api) provides the basic
+building blocks of API calls and error handling, such as 429 exponential
+back-off, but it is pretty much just a barebone interface to the Proton API.
+For example, the encryption and decryption of the Proton Drive file are not
+provided in this library.
+
+The Proton-API-Bridge, attempts to bridge the gap, so rclone can be built on
+top of this quickly. This codebase handles the intricate tasks before and after
+calling Proton APIs, particularly the complex encryption scheme, allowing
+developers to implement features for other software on top of this codebase.
+There are likely quite a few errors in this library, as there isn't official
+documentation available.
+
+# put.io
+
+Paths are specified as `remote:path`
+
+put.io paths may be as deep as required, e.g.
+`remote:directory/subdirectory`.
+
+## Configuration
+
+The initial setup for put.io involves getting a token from put.io
+which you need to do in your browser. `rclone config` walks you
+through it.
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> putio Type of storage to configure. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value [snip] XX / Put.io "putio" [snip] Storage> putio ** See help for putio backend at: https://rclone.org/putio/ **
+Remote config Use web browser to automatically authenticate rclone with remote? * Say Y if the machine running rclone has a web browser you can use * Say N if running rclone on a (remote) machine without web browser access If not sure try Y. If Y failed, try N. y) Yes n) No y/n> y If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth Log in and authorize rclone for access Waiting for code... Got code -------------------- [putio] type = putio token = {"access_token":"XXXXXXXX","expiry":"0001-01-01T00:00:00Z"} -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y Current remotes:
+Name Type ==== ==== putio putio
+
+- Edit existing remote
+- New remote
+- Delete remote
+- Rename remote
+- Copy remote
+- Set configuration password
+- Quit config e/n/d/r/c/s/q> q
+
+
+See the [remote setup docs](https://rclone.org/remote_setup/) for how to set it up on a
+machine with no Internet browser available.
+
+Note that rclone runs a webserver on your local machine to collect the
+token as returned from put.io if using web browser to automatically
+authenticate. This only
+runs from the moment it opens your browser to the moment you get back
+the verification code. This is on `http://127.0.0.1:53682/` and this
+it may require you to unblock it temporarily if you are running a host
+firewall, or use manual mode.
+
+You can then use it like this,
+
+List directories in top level of your put.io
+
+ rclone lsd remote:
+
+List all the files in your put.io
+
+ rclone ls remote:
+
+To copy a local directory to a put.io directory called backup
+
+ rclone copy /home/source remote:backup
+
+### Restricted filename characters
+
+In addition to the [default restricted characters set](https://rclone.org/overview/#restricted-characters)
+the following characters are also replaced:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| \ | 0x5C | \ |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+
+### Standard options
+
+Here are the Standard options specific to putio (Put.io).
+
+#### --putio-client-id
+
+OAuth Client Id.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_PUTIO_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --putio-client-secret
+
+OAuth Client Secret.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_PUTIO_CLIENT_SECRET
+- Type: string
+- Required: false
+
+### Advanced options
+
+Here are the Advanced options specific to putio (Put.io).
+
+#### --putio-token
+
+OAuth Access Token as a JSON blob.
+
+Properties:
+
+- Config: token
+- Env Var: RCLONE_PUTIO_TOKEN
+- Type: string
+- Required: false
+
+#### --putio-auth-url
+
+Auth server URL.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: auth_url
+- Env Var: RCLONE_PUTIO_AUTH_URL
+- Type: string
+- Required: false
+
+#### --putio-token-url
+
+Token server url.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: token_url
+- Env Var: RCLONE_PUTIO_TOKEN_URL
+- Type: string
+- Required: false
+
+#### --putio-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_PUTIO_ENCODING
+- Type: Encoding
+- Default: Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot
+
+
+
+## Limitations
+
+put.io has rate limiting. When you hit a limit, rclone automatically
+retries after waiting the amount of time requested by the server.
+
+If you want to avoid ever hitting these limits, you may use the
+`--tpslimit` flag with a low number. Note that the imposed limits
+may be different for different operations, and may change over time.
+
+# Proton Drive
+
+[Proton Drive](https://proton.me/drive) is an end-to-end encrypted Swiss vault
+ for your files that protects your data.
+
+This is an rclone backend for Proton Drive which supports the file transfer
+features of Proton Drive using the same client-side encryption.
+
+Due to the fact that Proton Drive doesn't publish its API documentation, this
+backend is implemented with best efforts by reading the open-sourced client
+source code and observing the Proton Drive traffic in the browser.
+
+**NB** This backend is currently in Beta. It is believed to be correct
+and all the integration tests pass. However the Proton Drive protocol
+has evolved over time there may be accounts it is not compatible
+with. Please [post on the rclone forum](https://forum.rclone.org/) if
+you find an incompatibility.
+
+Paths are specified as `remote:path`
+
+Paths may be as deep as required, e.g. `remote:directory/subdirectory`.
+
+## Configurations
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / Proton Drive "Proton Drive" [snip] Storage> protondrive User name user> you@protonmail.com Password. y) Yes type in my own password g) Generate random password n) No leave this optional password blank y/g/n> y Enter the password: password: Confirm the password: password: Option 2fa. 2FA code (if the account requires one) Enter a value. Press Enter to leave empty. 2fa> 123456 Remote config -------------------- [remote] type = protondrive user = you@protonmail.com pass = *** ENCRYPTED *** -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y
+
+**NOTE:** The Proton Drive encryption keys need to have been already generated
+after a regular login via the browser, otherwise attempting to use the
+credentials in `rclone` will fail.
+
+Once configured you can then use `rclone` like this,
+
+List directories in top level of your Proton Drive
+
+ rclone lsd remote:
+
+List all the files in your Proton Drive
+
+ rclone ls remote:
+
+To copy a local directory to an Proton Drive directory called backup
+
+ rclone copy /home/source remote:backup
+
+### Modification times and hashes
+
+Proton Drive Bridge does not support updating modification times yet.
+
+The SHA1 hash algorithm is supported.
+
+### Restricted filename characters
+
+Invalid UTF-8 bytes will be [replaced](https://rclone.org/overview/#invalid-utf8), also left and
+right spaces will be removed ([code reference](https://github.com/ProtonMail/WebClients/blob/b4eba99d241af4fdae06ff7138bd651a40ef5d3c/applications/drive/src/app/store/_links/validation.ts#L51))
+
+### Duplicated files
+
+Proton Drive can not have two files with exactly the same name and path. If the
+conflict occurs, depending on the advanced config, the file might or might not
+be overwritten.
+
+### [Mailbox password](https://proton.me/support/the-difference-between-the-mailbox-password-and-login-password)
+
+Please set your mailbox password in the advanced config section.
+
+### Caching
+
+The cache is currently built for the case when the rclone is the only instance
+performing operations to the mount point. The event system, which is the proton
+API system that provides visibility of what has changed on the drive, is yet
+to be implemented, so updates from other clients won’t be reflected in the
+cache. Thus, if there are concurrent clients accessing the same mount point,
+then we might have a problem with caching the stale data.
+
+
+### Standard options
+
+Here are the Standard options specific to protondrive (Proton Drive).
+
+#### --protondrive-username
+
+The username of your proton account
+
+Properties:
+
+- Config: username
+- Env Var: RCLONE_PROTONDRIVE_USERNAME
+- Type: string
+- Required: true
+
+#### --protondrive-password
+
+The password of your proton account.
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: password
+- Env Var: RCLONE_PROTONDRIVE_PASSWORD
+- Type: string
+- Required: true
+
+#### --protondrive-2fa
+
+The 2FA code
+
+The value can also be provided with --protondrive-2fa=000000
+
+The 2FA code of your proton drive account if the account is set up with
+two-factor authentication
+
+Properties:
+
+- Config: 2fa
+- Env Var: RCLONE_PROTONDRIVE_2FA
+- Type: string
+- Required: false
+
+### Advanced options
+
+Here are the Advanced options specific to protondrive (Proton Drive).
+
+#### --protondrive-mailbox-password
+
+The mailbox password of your two-password proton account.
+
+For more information regarding the mailbox password, please check the
+following official knowledge base article:
+https://proton.me/support/the-difference-between-the-mailbox-password-and-login-password
+
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: mailbox_password
+- Env Var: RCLONE_PROTONDRIVE_MAILBOX_PASSWORD
+- Type: string
+- Required: false
+
+#### --protondrive-client-uid
+
+Client uid key (internal use only)
+
+Properties:
+
+- Config: client_uid
+- Env Var: RCLONE_PROTONDRIVE_CLIENT_UID
+- Type: string
+- Required: false
+
+#### --protondrive-client-access-token
+
+Client access token key (internal use only)
+
+Properties:
+
+- Config: client_access_token
+- Env Var: RCLONE_PROTONDRIVE_CLIENT_ACCESS_TOKEN
+- Type: string
+- Required: false
-Remote config
-Use web browser to automatically authenticate rclone with remote?
- * Say Y if the machine running rclone has a web browser you can use
- * Say N if running rclone on a (remote) machine without web browser access
-If not sure try Y. If Y failed, try N.
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
---------------------
-[remote]
-type = premiumizeme
-token = {"access_token":"XXX","token_type":"Bearer","refresh_token":"XXX","expiry":"2029-08-07T18:44:15.548915378+01:00"}
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d>
-See the remote setup docs for how to set it up on a machine with no Internet browser available.
-Note that rclone runs a webserver on your local machine to collect the token as returned from premiumize.me. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/
and this it may require you to unblock it temporarily if you are running a host firewall.
-Once configured you can then use rclone
like this,
-List directories in top level of your premiumize.me
-rclone lsd remote:
-List all the files in your premiumize.me
-rclone ls remote:
-To copy a local directory to an premiumize.me directory called backup
-rclone copy /home/source remote:backup
-Modified time and hashes
-premiumize.me does not support modification times or hashes, therefore syncing will default to --size-only
checking. Note that using --update
will work.
-Restricted filename characters
-In addition to the default restricted characters set the following characters are also replaced:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-\
-0x5C
-\
-
-
-"
-0x22
-"
-
-
-
-Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Standard options
-Here are the Standard options specific to premiumizeme (premiumize.me).
---premiumizeme-api-key
-API Key.
-This is not normally used - use oauth instead.
-Properties:
-
-- Config: api_key
-- Env Var: RCLONE_PREMIUMIZEME_API_KEY
-- Type: string
-- Required: false
-
-Advanced options
-Here are the Advanced options specific to premiumizeme (premiumize.me).
---premiumizeme-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_PREMIUMIZEME_ENCODING
-- Type: MultiEncoder
-- Default: Slash,DoubleQuote,BackSlash,Del,Ctl,InvalidUtf8,Dot
-
-Limitations
-Note that premiumize.me is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
-premiumize.me file names can't have the \
or "
characters in. rclone maps these to and from an identical looking unicode equivalents \
and "
-premiumize.me only supports filenames up to 255 characters in length.
-put.io
-Paths are specified as remote:path
-put.io paths may be as deep as required, e.g. remote:directory/subdirectory
.
-Configuration
-The initial setup for put.io involves getting a token from put.io which you need to do in your browser. rclone config
walks you through it.
-Here is an example of how to make a remote called remote
. First run:
- rclone config
-This will guide you through an interactive setup process:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> putio
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / Put.io
- \ "putio"
-[snip]
-Storage> putio
-** See help for putio backend at: https://rclone.org/putio/ **
+#### --protondrive-client-refresh-token
-Remote config
-Use web browser to automatically authenticate rclone with remote?
- * Say Y if the machine running rclone has a web browser you can use
- * Say N if running rclone on a (remote) machine without web browser access
-If not sure try Y. If Y failed, try N.
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
---------------------
-[putio]
-type = putio
-token = {"access_token":"XXXXXXXX","expiry":"0001-01-01T00:00:00Z"}
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Current remotes:
+Client refresh token key (internal use only)
+
+Properties:
+
+- Config: client_refresh_token
+- Env Var: RCLONE_PROTONDRIVE_CLIENT_REFRESH_TOKEN
+- Type: string
+- Required: false
+
+#### --protondrive-client-salted-key-pass
+
+Client salted key pass key (internal use only)
+
+Properties:
+
+- Config: client_salted_key_pass
+- Env Var: RCLONE_PROTONDRIVE_CLIENT_SALTED_KEY_PASS
+- Type: string
+- Required: false
+
+#### --protondrive-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_PROTONDRIVE_ENCODING
+- Type: Encoding
+- Default: Slash,LeftSpace,RightSpace,InvalidUtf8,Dot
+
+#### --protondrive-original-file-size
+
+Return the file size before encryption
+
+The size of the encrypted file will be different from (bigger than) the
+original file size. Unless there is a reason to return the file size
+after encryption is performed, otherwise, set this option to true, as
+features like Open() which will need to be supplied with original content
+size, will fail to operate properly
+
+Properties:
+
+- Config: original_file_size
+- Env Var: RCLONE_PROTONDRIVE_ORIGINAL_FILE_SIZE
+- Type: bool
+- Default: true
+
+#### --protondrive-app-version
+
+The app version string
+
+The app version string indicates the client that is currently performing
+the API request. This information is required and will be sent with every
+API request.
+
+Properties:
+
+- Config: app_version
+- Env Var: RCLONE_PROTONDRIVE_APP_VERSION
+- Type: string
+- Default: "macos-drive@1.0.0-alpha.1+rclone"
+
+#### --protondrive-replace-existing-draft
+
+Create a new revision when filename conflict is detected
+
+When a file upload is cancelled or failed before completion, a draft will be
+created and the subsequent upload of the same file to the same location will be
+reported as a conflict.
+
+The value can also be set by --protondrive-replace-existing-draft=true
+
+If the option is set to true, the draft will be replaced and then the upload
+operation will restart. If there are other clients also uploading at the same
+file location at the same time, the behavior is currently unknown. Need to set
+to true for integration tests.
+If the option is set to false, an error "a draft exist - usually this means a
+file is being uploaded at another client, or, there was a failed upload attempt"
+will be returned, and no upload will happen.
+
+Properties:
+
+- Config: replace_existing_draft
+- Env Var: RCLONE_PROTONDRIVE_REPLACE_EXISTING_DRAFT
+- Type: bool
+- Default: false
+
+#### --protondrive-enable-caching
+
+Caches the files and folders metadata to reduce API calls
+
+Notice: If you are mounting ProtonDrive as a VFS, please disable this feature,
+as the current implementation doesn't update or clear the cache when there are
+external changes.
+
+The files and folders on ProtonDrive are represented as links with keyrings,
+which can be cached to improve performance and be friendly to the API server.
+
+The cache is currently built for the case when the rclone is the only instance
+performing operations to the mount point. The event system, which is the proton
+API system that provides visibility of what has changed on the drive, is yet
+to be implemented, so updates from other clients won’t be reflected in the
+cache. Thus, if there are concurrent clients accessing the same mount point,
+then we might have a problem with caching the stale data.
+
+Properties:
+
+- Config: enable_caching
+- Env Var: RCLONE_PROTONDRIVE_ENABLE_CACHING
+- Type: bool
+- Default: true
+
+
+
+## Limitations
+
+This backend uses the
+[Proton-API-Bridge](https://github.com/henrybear327/Proton-API-Bridge), which
+is based on [go-proton-api](https://github.com/henrybear327/go-proton-api), a
+fork of the [official repo](https://github.com/ProtonMail/go-proton-api).
+
+There is no official API documentation available from Proton Drive. But, thanks
+to Proton open sourcing [proton-go-api](https://github.com/ProtonMail/go-proton-api)
+and the web, iOS, and Android client codebases, we don't need to completely
+reverse engineer the APIs by observing the web client traffic!
+
+[proton-go-api](https://github.com/ProtonMail/go-proton-api) provides the basic
+building blocks of API calls and error handling, such as 429 exponential
+back-off, but it is pretty much just a barebone interface to the Proton API.
+For example, the encryption and decryption of the Proton Drive file are not
+provided in this library.
+
+The Proton-API-Bridge, attempts to bridge the gap, so rclone can be built on
+top of this quickly. This codebase handles the intricate tasks before and after
+calling Proton APIs, particularly the complex encryption scheme, allowing
+developers to implement features for other software on top of this codebase.
+There are likely quite a few errors in this library, as there isn't official
+documentation available.
+
+# Seafile
+
+This is a backend for the [Seafile](https://www.seafile.com/) storage service:
+- It works with both the free community edition or the professional edition.
+- Seafile versions 6.x, 7.x, 8.x and 9.x are all supported.
+- Encrypted libraries are also supported.
+- It supports 2FA enabled users
+- Using a Library API Token is **not** supported
+
+## Configuration
+
+There are two distinct modes you can setup your remote:
+- you point your remote to the **root of the server**, meaning you don't specify a library during the configuration:
+Paths are specified as `remote:library`. You may put subdirectories in too, e.g. `remote:library/path/to/dir`.
+- you point your remote to a specific library during the configuration:
+Paths are specified as `remote:path/to/dir`. **This is the recommended mode when using encrypted libraries**. (_This mode is possibly slightly faster than the root mode_)
+
+### Configuration in root mode
+
+Here is an example of making a seafile configuration for a user with **no** two-factor authentication. First run
+
+ rclone config
+
+This will guide you through an interactive setup process. To authenticate
+you will need the URL of your server, your email (or username) and your password.
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> seafile Type of storage to configure. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value [snip] XX / Seafile "seafile" [snip] Storage> seafile ** See help for seafile backend at: https://rclone.org/seafile/ **
+URL of seafile host to connect to Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value 1 / Connect to cloud.seafile.com "https://cloud.seafile.com/" url> http://my.seafile.server/ User name (usually email address) Enter a string value. Press Enter for the default (""). user> me@example.com Password y) Yes type in my own password g) Generate random password n) No leave this optional password blank (default) y/g> y Enter the password: password: Confirm the password: password: Two-factor authentication ('true' if the account has 2FA enabled) Enter a boolean value (true or false). Press Enter for the default ("false"). 2fa> false Name of the library. Leave blank to access all non-encrypted libraries. Enter a string value. Press Enter for the default (""). library> Library password (for encrypted libraries only). Leave blank if you pass it through the command line. y) Yes type in my own password g) Generate random password n) No leave this optional password blank (default) y/g/n> n Edit advanced config? (y/n) y) Yes n) No (default) y/n> n Remote config Two-factor authentication is not enabled on this account. -------------------- [seafile] type = seafile url = http://my.seafile.server/ user = me@example.com pass = *** ENCRYPTED *** 2fa = false -------------------- y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y
+
+This remote is called `seafile`. It's pointing to the root of your seafile server and can now be used like this:
+
+See all libraries
+
+ rclone lsd seafile:
+
+Create a new library
+
+ rclone mkdir seafile:library
+
+List the contents of a library
+
+ rclone ls seafile:library
+
+Sync `/home/local/directory` to the remote library, deleting any
+excess files in the library.
+
+ rclone sync --interactive /home/local/directory seafile:library
+
+### Configuration in library mode
+
+Here's an example of a configuration in library mode with a user that has the two-factor authentication enabled. Your 2FA code will be asked at the end of the configuration, and will attempt to authenticate you:
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> seafile Type of storage to configure. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value [snip] XX / Seafile "seafile" [snip] Storage> seafile ** See help for seafile backend at: https://rclone.org/seafile/ **
+URL of seafile host to connect to Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value 1 / Connect to cloud.seafile.com "https://cloud.seafile.com/" url> http://my.seafile.server/ User name (usually email address) Enter a string value. Press Enter for the default (""). user> me@example.com Password y) Yes type in my own password g) Generate random password n) No leave this optional password blank (default) y/g> y Enter the password: password: Confirm the password: password: Two-factor authentication ('true' if the account has 2FA enabled) Enter a boolean value (true or false). Press Enter for the default ("false"). 2fa> true Name of the library. Leave blank to access all non-encrypted libraries. Enter a string value. Press Enter for the default (""). library> My Library Library password (for encrypted libraries only). Leave blank if you pass it through the command line. y) Yes type in my own password g) Generate random password n) No leave this optional password blank (default) y/g/n> n Edit advanced config? (y/n) y) Yes n) No (default) y/n> n Remote config Two-factor authentication: please enter your 2FA code 2fa code> 123456 Authenticating... Success! -------------------- [seafile] type = seafile url = http://my.seafile.server/ user = me@example.com pass = 2fa = true library = My Library -------------------- y) Yes this is OK (default) e) Edit this remote d) Delete this remote y/e/d> y
+
+You'll notice your password is blank in the configuration. It's because we only need the password to authenticate you once.
+
+You specified `My Library` during the configuration. The root of the remote is pointing at the
+root of the library `My Library`:
+
+See all files in the library:
+
+ rclone lsd seafile:
+
+Create a new directory inside the library
+
+ rclone mkdir seafile:directory
+
+List the contents of a directory
+
+ rclone ls seafile:directory
+
+Sync `/home/local/directory` to the remote library, deleting any
+excess files in the library.
+
+ rclone sync --interactive /home/local/directory seafile:
+
+
+### --fast-list
+
+Seafile version 7+ supports `--fast-list` which allows you to use fewer
+transactions in exchange for more memory. See the [rclone
+docs](https://rclone.org/docs/#fast-list) for more details.
+Please note this is not supported on seafile server version 6.x
+
+
+### Restricted filename characters
+
+In addition to the [default restricted characters set](https://rclone.org/overview/#restricted-characters)
+the following characters are also replaced:
+
+| Character | Value | Replacement |
+| --------- |:-----:|:-----------:|
+| / | 0x2F | / |
+| " | 0x22 | " |
+| \ | 0x5C | \ |
+
+Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid-utf8),
+as they can't be used in JSON strings.
+
+### Seafile and rclone link
+
+Rclone supports generating share links for non-encrypted libraries only.
+They can either be for a file or a directory:
+
+rclone link seafile:seafile-tutorial.doc http://my.seafile.server/f/fdcd8a2f93f84b8b90f4/
+
+or if run on a directory you will get:
+
+rclone link seafile:dir http://my.seafile.server/d/9ea2455f6f55478bbb0d/
+
+Please note a share link is unique for each file or directory. If you run a link command on a file/dir
+that has already been shared, you will get the exact same link.
+
+### Compatibility
+
+It has been actively developed using the [seafile docker image](https://github.com/haiwen/seafile-docker) of these versions:
+- 6.3.4 community edition
+- 7.0.5 community edition
+- 7.1.3 community edition
+- 9.0.10 community edition
+
+Versions below 6.0 are not supported.
+Versions between 6.0 and 6.3 haven't been tested and might not work properly.
+
+Each new version of `rclone` is automatically tested against the [latest docker image](https://hub.docker.com/r/seafileltd/seafile-mc/) of the seafile community server.
+
+
+### Standard options
+
+Here are the Standard options specific to seafile (seafile).
+
+#### --seafile-url
+
+URL of seafile host to connect to.
+
+Properties:
+
+- Config: url
+- Env Var: RCLONE_SEAFILE_URL
+- Type: string
+- Required: true
+- Examples:
+ - "https://cloud.seafile.com/"
+ - Connect to cloud.seafile.com.
+
+#### --seafile-user
+
+User name (usually email address).
+
+Properties:
+
+- Config: user
+- Env Var: RCLONE_SEAFILE_USER
+- Type: string
+- Required: true
+
+#### --seafile-pass
+
+Password.
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: pass
+- Env Var: RCLONE_SEAFILE_PASS
+- Type: string
+- Required: false
+
+#### --seafile-2fa
+
+Two-factor authentication ('true' if the account has 2FA enabled).
+
+Properties:
+
+- Config: 2fa
+- Env Var: RCLONE_SEAFILE_2FA
+- Type: bool
+- Default: false
+
+#### --seafile-library
+
+Name of the library.
+
+Leave blank to access all non-encrypted libraries.
+
+Properties:
+
+- Config: library
+- Env Var: RCLONE_SEAFILE_LIBRARY
+- Type: string
+- Required: false
+
+#### --seafile-library-key
+
+Library password (for encrypted libraries only).
+
+Leave blank if you pass it through the command line.
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: library_key
+- Env Var: RCLONE_SEAFILE_LIBRARY_KEY
+- Type: string
+- Required: false
+
+#### --seafile-auth-token
+
+Authentication token.
+
+Properties:
+
+- Config: auth_token
+- Env Var: RCLONE_SEAFILE_AUTH_TOKEN
+- Type: string
+- Required: false
+
+### Advanced options
+
+Here are the Advanced options specific to seafile (seafile).
+
+#### --seafile-create-library
+
+Should rclone create a library if it doesn't exist.
+
+Properties:
+
+- Config: create_library
+- Env Var: RCLONE_SEAFILE_CREATE_LIBRARY
+- Type: bool
+- Default: false
+
+#### --seafile-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_SEAFILE_ENCODING
+- Type: Encoding
+- Default: Slash,DoubleQuote,BackSlash,Ctl,InvalidUtf8
+
+
+
+# SFTP
+
+SFTP is the [Secure (or SSH) File Transfer
+Protocol](https://en.wikipedia.org/wiki/SSH_File_Transfer_Protocol).
+
+The SFTP backend can be used with a number of different providers:
+
+
+- Hetzner Storage Box
+- rsync.net
+
+
+SFTP runs over SSH v2 and is installed as standard with most modern
+SSH installations.
+
+Paths are specified as `remote:path`. If the path does not begin with
+a `/` it is relative to the home directory of the user. An empty path
+`remote:` refers to the user's home directory. For example, `rclone lsd remote:`
+would list the home directory of the user configured in the rclone remote config
+(`i.e /home/sftpuser`). However, `rclone lsd remote:/` would list the root
+directory for remote machine (i.e. `/`)
+
+Note that some SFTP servers will need the leading / - Synology is a
+good example of this. rsync.net and Hetzner, on the other hand, requires users to
+OMIT the leading /.
+
+Note that by default rclone will try to execute shell commands on
+the server, see [shell access considerations](#shell-access-considerations).
+
+## Configuration
+
+Here is an example of making an SFTP configuration. First run
+
+ rclone config
+
+This will guide you through an interactive setup process.
+
+No remotes found, make a new one? n) New remote s) Set configuration password q) Quit config n/s/q> n name> remote Type of storage to configure. Choose a number from below, or type in your own value [snip] XX / SSH/SFTP "sftp" [snip] Storage> sftp SSH host to connect to Choose a number from below, or type in your own value 1 / Connect to example.com "example.com" host> example.com SSH username Enter a string value. Press Enter for the default ("$USER"). user> sftpuser SSH port number Enter a signed integer. Press Enter for the default (22). port> SSH password, leave blank to use ssh-agent. y) Yes type in my own password g) Generate random password n) No leave this optional password blank y/g/n> n Path to unencrypted PEM-encoded private key file, leave blank to use ssh-agent. key_file> Remote config -------------------- [remote] host = example.com user = sftpuser port = pass = key_file = -------------------- y) Yes this is OK e) Edit this remote d) Delete this remote y/e/d> y
+
+This remote is called `remote` and can now be used like this:
+
+See all directories in the home directory
+
+ rclone lsd remote:
+
+See all directories in the root directory
+
+ rclone lsd remote:/
+
+Make a new directory
+
+ rclone mkdir remote:path/to/directory
+
+List the contents of a directory
+
+ rclone ls remote:path/to/directory
+
+Sync `/home/local/directory` to the remote directory, deleting any
+excess files in the directory.
+
+ rclone sync --interactive /home/local/directory remote:directory
+
+Mount the remote path `/srv/www-data/` to the local path
+`/mnt/www-data`
-Name Type
-==== ====
-putio putio
+ rclone mount remote:/srv/www-data/ /mnt/www-data
-e) Edit existing remote
-n) New remote
-d) Delete remote
-r) Rename remote
-c) Copy remote
-s) Set configuration password
-q) Quit config
-e/n/d/r/c/s/q> q
-See the remote setup docs for how to set it up on a machine with no Internet browser available.
-Note that rclone runs a webserver on your local machine to collect the token as returned from put.io if using web browser to automatically authenticate. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/
and this it may require you to unblock it temporarily if you are running a host firewall, or use manual mode.
-You can then use it like this,
-List directories in top level of your put.io
-rclone lsd remote:
-List all the files in your put.io
-rclone ls remote:
-To copy a local directory to a put.io directory called backup
-rclone copy /home/source remote:backup
-Restricted filename characters
-In addition to the default restricted characters set the following characters are also replaced:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-\
-0x5C
-\
-
-
-
-Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Advanced options
-Here are the Advanced options specific to putio (Put.io).
---putio-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_PUTIO_ENCODING
-- Type: MultiEncoder
-- Default: Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot
-
-Limitations
-put.io has rate limiting. When you hit a limit, rclone automatically retries after waiting the amount of time requested by the server.
-If you want to avoid ever hitting these limits, you may use the --tpslimit
flag with a low number. Note that the imposed limits may be different for different operations, and may change over time.
-Seafile
-This is a backend for the Seafile storage service: - It works with both the free community edition or the professional edition. - Seafile versions 6.x, 7.x, 8.x and 9.x are all supported. - Encrypted libraries are also supported. - It supports 2FA enabled users - Using a Library API Token is not supported
-Configuration
-There are two distinct modes you can setup your remote: - you point your remote to the root of the server, meaning you don't specify a library during the configuration: Paths are specified as remote:library
. You may put subdirectories in too, e.g. remote:library/path/to/dir
. - you point your remote to a specific library during the configuration: Paths are specified as remote:path/to/dir
. This is the recommended mode when using encrypted libraries. (This mode is possibly slightly faster than the root mode)
-Configuration in root mode
-Here is an example of making a seafile configuration for a user with no two-factor authentication. First run
-rclone config
-This will guide you through an interactive setup process. To authenticate you will need the URL of your server, your email (or username) and your password.
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> seafile
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / Seafile
- \ "seafile"
-[snip]
-Storage> seafile
-** See help for seafile backend at: https://rclone.org/seafile/ **
+### SSH Authentication
-URL of seafile host to connect to
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Connect to cloud.seafile.com
- \ "https://cloud.seafile.com/"
-url> http://my.seafile.server/
-User name (usually email address)
-Enter a string value. Press Enter for the default ("").
-user> me@example.com
-Password
-y) Yes type in my own password
-g) Generate random password
-n) No leave this optional password blank (default)
-y/g> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Two-factor authentication ('true' if the account has 2FA enabled)
-Enter a boolean value (true or false). Press Enter for the default ("false").
-2fa> false
-Name of the library. Leave blank to access all non-encrypted libraries.
-Enter a string value. Press Enter for the default ("").
-library>
-Library password (for encrypted libraries only). Leave blank if you pass it through the command line.
-y) Yes type in my own password
-g) Generate random password
-n) No leave this optional password blank (default)
-y/g/n> n
-Edit advanced config? (y/n)
-y) Yes
-n) No (default)
-y/n> n
-Remote config
-Two-factor authentication is not enabled on this account.
---------------------
-[seafile]
-type = seafile
-url = http://my.seafile.server/
-user = me@example.com
-pass = *** ENCRYPTED ***
-2fa = false
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-This remote is called seafile
. It's pointing to the root of your seafile server and can now be used like this:
-See all libraries
-rclone lsd seafile:
-Create a new library
-rclone mkdir seafile:library
-List the contents of a library
-rclone ls seafile:library
-Sync /home/local/directory
to the remote library, deleting any excess files in the library.
-rclone sync --interactive /home/local/directory seafile:library
-Configuration in library mode
-Here's an example of a configuration in library mode with a user that has the two-factor authentication enabled. Your 2FA code will be asked at the end of the configuration, and will attempt to authenticate you:
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> seafile
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / Seafile
- \ "seafile"
-[snip]
-Storage> seafile
-** See help for seafile backend at: https://rclone.org/seafile/ **
+The SFTP remote supports three authentication methods:
-URL of seafile host to connect to
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Connect to cloud.seafile.com
- \ "https://cloud.seafile.com/"
-url> http://my.seafile.server/
-User name (usually email address)
-Enter a string value. Press Enter for the default ("").
-user> me@example.com
-Password
-y) Yes type in my own password
-g) Generate random password
-n) No leave this optional password blank (default)
-y/g> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Two-factor authentication ('true' if the account has 2FA enabled)
-Enter a boolean value (true or false). Press Enter for the default ("false").
-2fa> true
-Name of the library. Leave blank to access all non-encrypted libraries.
-Enter a string value. Press Enter for the default ("").
-library> My Library
-Library password (for encrypted libraries only). Leave blank if you pass it through the command line.
-y) Yes type in my own password
-g) Generate random password
-n) No leave this optional password blank (default)
-y/g/n> n
-Edit advanced config? (y/n)
-y) Yes
-n) No (default)
-y/n> n
-Remote config
-Two-factor authentication: please enter your 2FA code
-2fa code> 123456
-Authenticating...
-Success!
---------------------
-[seafile]
-type = seafile
-url = http://my.seafile.server/
-user = me@example.com
-pass =
-2fa = true
-library = My Library
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-You'll notice your password is blank in the configuration. It's because we only need the password to authenticate you once.
-You specified My Library
during the configuration. The root of the remote is pointing at the root of the library My Library
:
-See all files in the library:
-rclone lsd seafile:
-Create a new directory inside the library
-rclone mkdir seafile:directory
-List the contents of a directory
-rclone ls seafile:directory
-Sync /home/local/directory
to the remote library, deleting any excess files in the library.
-rclone sync --interactive /home/local/directory seafile:
---fast-list
-Seafile version 7+ supports --fast-list
which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details. Please note this is not supported on seafile server version 6.x
-Restricted filename characters
-In addition to the default restricted characters set the following characters are also replaced:
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-/
-0x2F
-/
-
-
-"
-0x22
-"
-
-
-\
-0x5C
-\
-
-
-
-Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Seafile and rclone link
-Rclone supports generating share links for non-encrypted libraries only. They can either be for a file or a directory:
-rclone link seafile:seafile-tutorial.doc
-http://my.seafile.server/f/fdcd8a2f93f84b8b90f4/
+ * Password
+ * Key file, including certificate signed keys
+ * ssh-agent
+
+Key files should be PEM-encoded private key files. For instance `/home/$USER/.ssh/id_rsa`.
+Only unencrypted OpenSSH or PEM encrypted files are supported.
+
+The key file can be specified in either an external file (key_file) or contained within the
+rclone config file (key_pem). If using key_pem in the config file, the entry should be on a
+single line with new line ('\n' or '\r\n') separating lines. i.e.
+
+ key_pem = -----BEGIN RSA PRIVATE KEY-----\nMaMbaIXtE\n0gAMbMbaSsd\nMbaass\n-----END RSA PRIVATE KEY-----
+
+This will generate it correctly for key_pem for use in the config:
+
+ awk '{printf "%s\\n", $0}' < ~/.ssh/id_rsa
+
+If you don't specify `pass`, `key_file`, or `key_pem` or `ask_password` then
+rclone will attempt to contact an ssh-agent. You can also specify `key_use_agent`
+to force the usage of an ssh-agent. In this case `key_file` or `key_pem` can
+also be specified to force the usage of a specific key in the ssh-agent.
+
+Using an ssh-agent is the only way to load encrypted OpenSSH keys at the moment.
+
+If you set the `ask_password` option, rclone will prompt for a password when
+needed and no password has been configured.
+
+#### Certificate-signed keys
+
+With traditional key-based authentication, you configure your private key only,
+and the public key built into it will be used during the authentication process.
+
+If you have a certificate you may use it to sign your public key, creating a
+separate SSH user certificate that should be used instead of the plain public key
+extracted from the private key. Then you must provide the path to the
+user certificate public key file in `pubkey_file`.
+
+Note: This is not the traditional public key paired with your private key,
+typically saved as `/home/$USER/.ssh/id_rsa.pub`. Setting this path in
+`pubkey_file` will not work.
+
+Example:
-or if run on a directory you will get:
-rclone link seafile:dir
-http://my.seafile.server/d/9ea2455f6f55478bbb0d/
-Please note a share link is unique for each file or directory. If you run a link command on a file/dir that has already been shared, you will get the exact same link.
-Compatibility
-It has been actively developed using the seafile docker image of these versions: - 6.3.4 community edition - 7.0.5 community edition - 7.1.3 community edition - 9.0.10 community edition
-Versions below 6.0 are not supported. Versions between 6.0 and 6.3 haven't been tested and might not work properly.
-Each new version of rclone
is automatically tested against the latest docker image of the seafile community server.
-Standard options
-Here are the Standard options specific to seafile (seafile).
---seafile-url
-URL of seafile host to connect to.
-Properties:
-
-- Config: url
-- Env Var: RCLONE_SEAFILE_URL
-- Type: string
-- Required: true
-- Examples:
-
-- "https://cloud.seafile.com/"
-
-- Connect to cloud.seafile.com.
-
-
-
---seafile-user
-User name (usually email address).
-Properties:
-
-- Config: user
-- Env Var: RCLONE_SEAFILE_USER
-- Type: string
-- Required: true
-
---seafile-pass
-Password.
-NB Input to this must be obscured - see rclone obscure.
-Properties:
-
-- Config: pass
-- Env Var: RCLONE_SEAFILE_PASS
-- Type: string
-- Required: false
-
---seafile-2fa
-Two-factor authentication ('true' if the account has 2FA enabled).
-Properties:
-
-- Config: 2fa
-- Env Var: RCLONE_SEAFILE_2FA
-- Type: bool
-- Default: false
-
---seafile-library
-Name of the library.
-Leave blank to access all non-encrypted libraries.
-Properties:
-
-- Config: library
-- Env Var: RCLONE_SEAFILE_LIBRARY
-- Type: string
-- Required: false
-
---seafile-library-key
-Library password (for encrypted libraries only).
-Leave blank if you pass it through the command line.
-NB Input to this must be obscured - see rclone obscure.
-Properties:
-
-- Config: library_key
-- Env Var: RCLONE_SEAFILE_LIBRARY_KEY
-- Type: string
-- Required: false
-
---seafile-auth-token
-Authentication token.
-Properties:
-
-- Config: auth_token
-- Env Var: RCLONE_SEAFILE_AUTH_TOKEN
-- Type: string
-- Required: false
-
-Advanced options
-Here are the Advanced options specific to seafile (seafile).
---seafile-create-library
-Should rclone create a library if it doesn't exist.
-Properties:
-
-- Config: create_library
-- Env Var: RCLONE_SEAFILE_CREATE_LIBRARY
-- Type: bool
-- Default: false
-
---seafile-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
-
-- Config: encoding
-- Env Var: RCLONE_SEAFILE_ENCODING
-- Type: MultiEncoder
-- Default: Slash,DoubleQuote,BackSlash,Ctl,InvalidUtf8
-
-SFTP
-SFTP is the Secure (or SSH) File Transfer Protocol.
-The SFTP backend can be used with a number of different providers:
-
-- Hetzner Storage Box
-- rsync.net
-
-SFTP runs over SSH v2 and is installed as standard with most modern SSH installations.
-Paths are specified as remote:path
. If the path does not begin with a /
it is relative to the home directory of the user. An empty path remote:
refers to the user's home directory. For example, rclone lsd remote:
would list the home directory of the user configured in the rclone remote config (i.e /home/sftpuser
). However, rclone lsd remote:/
would list the root directory for remote machine (i.e. /
)
-Note that some SFTP servers will need the leading / - Synology is a good example of this. rsync.net and Hetzner, on the other hand, requires users to OMIT the leading /.
-Note that by default rclone will try to execute shell commands on the server, see shell access considerations.
-Configuration
-Here is an example of making an SFTP configuration. First run
-rclone config
-This will guide you through an interactive setup process.
-No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / SSH/SFTP
- \ "sftp"
-[snip]
-Storage> sftp
-SSH host to connect to
-Choose a number from below, or type in your own value
- 1 / Connect to example.com
- \ "example.com"
-host> example.com
-SSH username
-Enter a string value. Press Enter for the default ("$USER").
-user> sftpuser
-SSH port number
-Enter a signed integer. Press Enter for the default (22).
-port>
-SSH password, leave blank to use ssh-agent.
-y) Yes type in my own password
-g) Generate random password
-n) No leave this optional password blank
-y/g/n> n
-Path to unencrypted PEM-encoded private key file, leave blank to use ssh-agent.
-key_file>
-Remote config
---------------------
+[remote] type = sftp host = example.com user = sftpuser key_file = ~/id_rsa pubkey_file = ~/id_rsa-cert.pub
+
+If you concatenate a cert with a private key then you can specify the
+merged file in both places.
+
+Note: the cert must come first in the file. e.g.
+
+```
+cat id_rsa-cert.pub id_rsa > merged_key
+```
+
+### Host key validation
+
+By default rclone will not check the server's host key for validation. This
+can allow an attacker to replace a server with their own and if you use
+password authentication then this can lead to that password being exposed.
+
+Host key matching, using standard `known_hosts` files can be turned on by
+enabling the `known_hosts_file` option. This can point to the file maintained
+by `OpenSSH` or can point to a unique file.
+
+e.g. using the OpenSSH `known_hosts` file:
+
+```
[remote]
-host = example.com
-user = sftpuser
-port =
-pass =
-key_file =
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-This remote is called remote
and can now be used like this:
-See all directories in the home directory
-rclone lsd remote:
-See all directories in the root directory
-rclone lsd remote:/
-Make a new directory
-rclone mkdir remote:path/to/directory
-List the contents of a directory
-rclone ls remote:path/to/directory
-Sync /home/local/directory
to the remote directory, deleting any excess files in the directory.
-rclone sync --interactive /home/local/directory remote:directory
-Mount the remote path /srv/www-data/
to the local path /mnt/www-data
-rclone mount remote:/srv/www-data/ /mnt/www-data
-SSH Authentication
-The SFTP remote supports three authentication methods:
-
-- Password
-- Key file, including certificate signed keys
-- ssh-agent
-
-Key files should be PEM-encoded private key files. For instance /home/$USER/.ssh/id_rsa
. Only unencrypted OpenSSH or PEM encrypted files are supported.
-The key file can be specified in either an external file (key_file) or contained within the rclone config file (key_pem). If using key_pem in the config file, the entry should be on a single line with new line ('' or '') separating lines. i.e.
-key_pem = -----BEGIN RSA PRIVATE KEY-----\nMaMbaIXtE\n0gAMbMbaSsd\nMbaass\n-----END RSA PRIVATE KEY-----
-This will generate it correctly for key_pem for use in the config:
-awk '{printf "%s\\n", $0}' < ~/.ssh/id_rsa
-If you don't specify pass
, key_file
, or key_pem
or ask_password
then rclone will attempt to contact an ssh-agent. You can also specify key_use_agent
to force the usage of an ssh-agent. In this case key_file
or key_pem
can also be specified to force the usage of a specific key in the ssh-agent.
-Using an ssh-agent is the only way to load encrypted OpenSSH keys at the moment.
-If you set the ask_password
option, rclone will prompt for a password when needed and no password has been configured.
-Certificate-signed keys
-With traditional key-based authentication, you configure your private key only, and the public key built into it will be used during the authentication process.
-If you have a certificate you may use it to sign your public key, creating a separate SSH user certificate that should be used instead of the plain public key extracted from the private key. Then you must provide the path to the user certificate public key file in pubkey_file
.
-Note: This is not the traditional public key paired with your private key, typically saved as /home/$USER/.ssh/id_rsa.pub
. Setting this path in pubkey_file
will not work.
-Example:
-[remote]
-type = sftp
-host = example.com
-user = sftpuser
-key_file = ~/id_rsa
-pubkey_file = ~/id_rsa-cert.pub
-If you concatenate a cert with a private key then you can specify the merged file in both places.
-Note: the cert must come first in the file. e.g.
-cat id_rsa-cert.pub id_rsa > merged_key
-Host key validation
-By default rclone will not check the server's host key for validation. This can allow an attacker to replace a server with their own and if you use password authentication then this can lead to that password being exposed.
-Host key matching, using standard known_hosts
files can be turned on by enabling the known_hosts_file
option. This can point to the file maintained by OpenSSH
or can point to a unique file.
-e.g. using the OpenSSH known_hosts
file:
-[remote]
type = sftp
host = example.com
user = sftpuser
@@ -27215,21 +33514,21 @@ Shell access
Shell access considerations
The shell type auto-detection logic, described above, means that by default rclone will try to run a shell command the first time a new sftp remote is accessed. If you configure a sftp remote without a config file, e.g. an on the fly remote, rclone will have nowhere to store the result, and it will re-run the command on every access. To avoid this you should explicitly set the shell_type
option to the correct value, or to none
if you want to prevent rclone from executing any remote shell commands.
It is also important to note that, since the shell type decides how quoting and escaping of file paths used as command-line arguments are performed, configuring the wrong shell type may leave you exposed to command injection exploits. Make sure to confirm the auto-detected shell type, or explicitly set the shell type you know is correct, or disable shell access until you know.
-Checksum
+Checksum
SFTP does not natively support checksums (file hash), but rclone is able to use checksumming if the same login has shell access, and can execute remote commands. If there is a command that can calculate compatible checksums on the remote system, Rclone can then be configured to execute this whenever a checksum is needed, and read back the results. Currently MD5 and SHA-1 are supported.
Normally this requires an external utility being available on the server. By default rclone will try commands md5sum
, md5
and rclone md5sum
for MD5 checksums, and the first one found usable will be picked. Same with sha1sum
, sha1
and rclone sha1sum
commands for SHA-1 checksums. These utilities normally need to be in the remote's PATH to be found.
In some cases the shell itself is capable of calculating checksums. PowerShell is an example of such a shell. If rclone detects that the remote shell is PowerShell, which means it most probably is a Windows OpenSSH server, rclone will use a predefined script block to produce the checksums when no external checksum commands are found (see shell access). This assumes PowerShell version 4.0 or newer.
The options md5sum_command
and sha1_command
can be used to customize the command to be executed for calculation of checksums. You can for example set a specific path to where md5sum and sha1sum executables are located, or use them to specify some other tools that print checksums in compatible format. The value can include command-line arguments, or even shell script blocks as with PowerShell. Rclone has subcommands md5sum and sha1sum that use compatible format, which means if you have an rclone executable on the server it can be used. As mentioned above, they will be automatically picked up if found in PATH, but if not you can set something like /path/to/rclone md5sum
as the value of option md5sum_command
to make sure a specific executable is used.
Remote checksumming is recommended and enabled by default. First time rclone is using a SFTP remote, if options md5sum_command
or sha1_command
are not set, it will check if any of the default commands for each of them, as described above, can be used. The result will be saved in the remote configuration, so next time it will use the same. Value none
will be set if none of the default commands could be used for a specific algorithm, and this algorithm will not be supported by the remote.
Disabling the checksumming may be required if you are connecting to SFTP servers which are not under your control, and to which the execution of remote shell commands is prohibited. Set the configuration option disable_hashcheck
to true
to disable checksumming entirely, or set shell_type
to none
to disable all functionality based on remote shell command execution.
-Modified time
+Modification times and hashes
Modified times are stored on the server to 1 second precision.
Modified times are used in syncing and are fully supported.
Some SFTP servers disable setting/modifying the file modification time after upload (for example, certain configurations of ProFTPd with mod_sftp). If you are using one of these servers, you can set the option set_modtime = false
in your RClone backend configuration to disable this behaviour.
About command
The about
command returns the total space, free space, and used space on the remote for the disk of the specified path on the remote or, if not set, the disk of the root on the remote.
SFTP usually supports the about command, but it depends on the server. If the server implements the vendor-specific VFS statistics extension, which is normally the case with OpenSSH instances, it will be used. If not, but the same login has access to a Unix shell, where the df
command is available (e.g. in the remote's PATH), then this will be used instead. If the server shell is PowerShell, probably with a Windows OpenSSH server, rclone will use a built-in shell command (see shell access). If none of the above is applicable, about
will fail.
-Standard options
+Standard options
Here are the Standard options specific to sftp (SSH/SFTP).
--sftp-host
SSH host to connect to.
@@ -27363,7 +33662,24 @@ --sftp-disable-hashcheck
- Type: bool
- Default: false
-Advanced options
+--sftp-ssh
+Path and arguments to external ssh binary.
+Normally rclone will use its internal ssh library to connect to the SFTP server. However it does not implement all possible ssh options so it may be desirable to use an external ssh binary.
+Rclone ignores all the internal config if you use this option and expects you to configure the ssh binary with the user/host/port and any other options you need.
+Important The ssh command must log in without asking for a password so needs to be configured with keys or certificates.
+Rclone will run the command supplied either with the additional arguments "-s sftp" to access the SFTP subsystem or with commands such as "md5sum /path/to/file" appended to read checksums.
+Any arguments with spaces in should be surrounded by "double quotes".
+An example setting might be:
+ssh -o ServerAliveInterval=20 user@example.com
+Note that when using an external ssh binary rclone makes a new ssh connection for every hash it calculates.
+Properties:
+
+- Config: ssh
+- Env Var: RCLONE_SFTP_SSH
+- Type: SpaceSepList
+- Default:
+
+Advanced options
Here are the Advanced options specific to sftp (SSH/SFTP).
--sftp-known-hosts-file
Optional path to known_hosts file.
@@ -27400,6 +33716,12 @@ --sftp-path-override
rclone sync /home/local/directory remote:/directory --sftp-path-override /volume2/directory
E.g. if home directory can be found in a shared folder called "home":
rclone sync /home/local/directory remote:/home/directory --sftp-path-override /volume1/homes/USER/directory
+To specify only the path to the SFTP remote's root, and allow rclone to add any relative subpaths automatically (including unwrapping/decrypting remotes as necessary), add the '@' character to the beginning of the path.
+E.g. the first example above could be rewritten as:
+rclone sync /home/local/directory remote:/directory --sftp-path-override @/volume2
+Note that when using this method with Synology "home" folders, the full "/homes/USER" path should be specified instead of "/home".
+E.g. the second example above should be rewritten as:
+rclone sync /home/local/directory remote:/homes/USER/directory --sftp-path-override @/volume1
Properties:
- Config: path_override
@@ -27486,6 +33808,11 @@ --sftp-subsystem
--sftp-server-command
Specifies the path or command to run a sftp server on the remote host.
The subsystem option is ignored when server_command is defined.
+If adding server_command to the configuration file please note that it should not be enclosed in quotes, since that will make rclone fail.
+A working example is:
+
[remote_name]
+type = sftp
+server_command = sudo /usr/libexec/openssh/sftp-server
Properties:
- Config: server_command
@@ -27568,7 +33895,7 @@ --sftp-set-env
to be passed to the sftp client and to any commands run (eg md5sum).
Pass multiple variables space separated, eg
VAR1=value VAR2=value
-and pass variables with spaces in in quotes, eg
+and pass variables with spaces in quotes, eg
"VAR3=value with space" "VAR4=value with space" VAR5=nospacehere
Properties:
@@ -27615,7 +33942,46 @@ --sftp-macs
- Type: SpaceSepList
- Default:
-Limitations
+--sftp-host-key-algorithms
+Space separated list of host key algorithms, ordered by preference.
+At least one must match with server configuration. This can be checked for example using ssh -Q HostKeyAlgorithms.
+Note: This can affect the outcome of key negotiation with the server even if server host key validation is not enabled.
+Example:
+ssh-ed25519 ssh-rsa ssh-dss
+Properties:
+
+- Config: host_key_algorithms
+- Env Var: RCLONE_SFTP_HOST_KEY_ALGORITHMS
+- Type: SpaceSepList
+- Default:
+
+--sftp-socks-proxy
+Socks 5 proxy host.
+Supports the format user:pass@host:port, user@host:port, host:port.
+Example:
+myUser:myPass@localhost:9005
+Properties:
+
+- Config: socks_proxy
+- Env Var: RCLONE_SFTP_SOCKS_PROXY
+- Type: string
+- Required: false
+
+--sftp-copy-is-hardlink
+Set to enable server side copies using hardlinks.
+The SFTP protocol does not define a copy command so normally server side copies are not allowed with the sftp backend.
+However the SFTP protocol does support hardlinking, and if you enable this flag then the sftp backend will support server side copies. These will be implemented by doing a hardlink from the source to the destination.
+Not all sftp servers support this.
+Note that hardlinking two files together will use no additional space as the source and the destination will be the same file.
+This feature may be useful backups made with --copy-dest.
+Properties:
+
+- Config: copy_is_hardlink
+- Env Var: RCLONE_SFTP_COPY_IS_HARDLINK
+- Type: bool
+- Default: false
+
+Limitations
On some SFTP servers (e.g. Synology) the paths are different for SSH and SFTP so the hashes can't be calculated properly. For them using disable_hashcheck
is a good idea.
The only ssh agent supported under Windows is Putty's pageant.
The Go SSH library disables the use of the aes128-cbc cipher by default, due to security concerns. This can be re-enabled on a per-connection basis by setting the use_insecure_cipher
setting in the configuration file to true
. Further details on the insecurity of this cipher can be found in this paper.
@@ -27632,11 +33998,11 @@ SMB
SMB is a communication protocol to share files over network.
This relies on go-smb2 library for communication with SMB protocol.
Paths are specified as remote:sharename
(or remote:
for the lsd
command.) You may put subdirectories in too, e.g. remote:item/path/to/dir
.
-Notes
-The first path segment must be the name of the share, which you entered when you started to share on Windows. On smbd, it's the section title in smb.conf
(usually in /etc/samba/
) file. You can find shares by quering the root if you're unsure (e.g. rclone lsd remote:
).
+Notes
+The first path segment must be the name of the share, which you entered when you started to share on Windows. On smbd, it's the section title in smb.conf
(usually in /etc/samba/
) file. You can find shares by querying the root if you're unsure (e.g. rclone lsd remote:
).
You can't access to the shared printers from rclone, obviously.
You can't use Anonymous access for logging in. You have to use the guest
user with an empty password instead. The rclone client tries to avoid 8.3 names when uploading files by encoding trailing spaces and periods. Alternatively, the local backend on Windows can access SMB servers using UNC paths, by \\server\share
. This doesn't apply to non-Windows OSes, such as Linux and macOS.
-Configuration
+Configuration
Here is an example of making a SMB configuration.
First run
rclone config
@@ -27711,7 +34077,7 @@ Configuration
e) Edit this remote
d) Delete this remote
y/e/d> d
-Standard options
+Standard options
Here are the Standard options specific to smb (SMB / CIFS).
--smb-host
SMB server hostname to connect to.
@@ -27772,7 +34138,7 @@ --smb-spn
- Type: string
- Required: false
-Advanced options
+Advanced options
Here are the Advanced options specific to smb (SMB / CIFS).
--smb-idle-timeout
Max time before closing idle connections.
@@ -27811,7 +34177,7 @@ --smb-encoding
- Config: encoding
- Env Var: RCLONE_SMB_ENCODING
-- Type: MultiEncoder
+- Type: Encoding
- Default: Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,RightSpace,RightPeriod,InvalidUtf8,Dot
Storj
@@ -27873,7 +34239,7 @@ Backend options
- S3 backend: secret encryption key is shared with the gateway
-Configuration
+Configuration
To make a new Storj configuration you need one of the following: * Access Grant that someone else shared with you. * API Key of a Storj project you are a member of.
Here is an example of how to make a remote called remote
. First run:
rclone config
@@ -27970,7 +34336,7 @@ Setup with API key and passphrase
-Standard options
+Standard options
Here are the Standard options specific to storj (Storj Decentralized Cloud Storage).
--storj-provider
Choose an authentication method.
@@ -28049,7 +34415,7 @@ --storj-passphrase
- Type: string
- Required: false
-Usage
+Usage
Paths are specified as remote:bucket
(or remote:
for the lsf
command.) You may put subdirectories in too, e.g. remote:bucket/path/to/dir
.
Once configured you can then use rclone
like this.
Create a new bucket
@@ -28103,15 +34469,15 @@ Sync two Locations
rclone sync --interactive --progress remote-us:bucket/path/to/dir/ remote-europe:bucket/path/to/dir/
Or even between another cloud storage and Storj.
rclone sync --interactive --progress s3:bucket/path/to/dir/ storj:bucket/path/to/dir/
-Limitations
+Limitations
rclone about
is not supported by the rclone Storj backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs
(most free space) as a member of an rclone union remote.
See List of backends that do not support rclone about and rclone about
-Known issues
+Known issues
If you get errors like too many open files
this usually happens when the default ulimit
for system max open files is exceeded. Native Storj protocol opens a large number of TCP connections (each of which is counted as an open file). For a single upload stream you can expect 110 TCP connections to be opened. For a single download stream you can expect 35. This batch of connections will be opened for every 64 MiB segment and you should also expect TCP connections to be reused. If you do many transfers you eventually open a connection to most storage nodes (thousands of nodes).
To fix these, please raise your system limits. You can do this issuing a ulimit -n 65536
just before you run rclone. To change the limits more permanently you can add this to your shell startup script, e.g. $HOME/.bashrc
, or change the system-wide configuration, usually /etc/sysctl.conf
and/or /etc/security/limits.conf
, but please refer to your operating system manual.
SugarSync
SugarSync is a cloud service that enables active synchronization of files across computers and other devices for file backup, access, syncing, and sharing.
-Configuration
+Configuration
The initial setup for SugarSync involves getting a token from SugarSync which you can do with rclone. rclone config
walks you through it.
Here is an example of how to make a remote called remote
. First run:
rclone config
@@ -28176,15 +34542,15 @@ Configuration
Paths are specified as remote:path
Paths may be as deep as required, e.g. remote:directory/subdirectory
.
NB you can't create files in the top level folder you have to create a folder, which rclone will create as a "Sync Folder" with SugarSync.
-Modified time and hashes
+Modification times and hashes
SugarSync does not support modification times or hashes, therefore syncing will default to --size-only
checking. Note that using --update
will work as rclone can read the time files were uploaded.
-Restricted filename characters
+Restricted filename characters
SugarSync replaces the default restricted characters set except for DEL.
Invalid UTF-8 bytes will also be replaced, as they can't be used in XML strings.
-Deleting files
+Deleting files
Deleted files will be moved to the "Deleted items" folder by default.
However you can supply the flag --sugarsync-hard-delete
or set the config parameter hard_delete = true
if you would like files to be deleted straight away.
-Standard options
+Standard options
Here are the Standard options specific to sugarsync (Sugarsync).
--sugarsync-app-id
Sugarsync App ID.
@@ -28225,7 +34591,7 @@ --sugarsync-hard-delete
- Type: bool
- Default: false
-Advanced options
+Advanced options
Here are the Advanced options specific to sugarsync (Sugarsync).
--sugarsync-refresh-token
Sugarsync refresh token.
@@ -28294,10 +34660,10 @@ --sugarsync-encoding
- Config: encoding
- Env Var: RCLONE_SUGARSYNC_ENCODING
-- Type: MultiEncoder
+- Type: Encoding
- Default: Slash,Ctl,InvalidUtf8,Dot
-Limitations
+Limitations
rclone about
is not supported by the SugarSync backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs
(most free space) as a member of an rclone union remote.
See List of backends that do not support rclone about and rclone about
Tardigrade
@@ -28306,7 +34672,7 @@ Uptobox
This is a Backend for Uptobox file storage service. Uptobox is closer to a one-click hoster than a traditional cloud storage provider and therefore not suitable for long term storage.
Paths are specified as remote:path
Paths may be as deep as required, e.g. remote:directory/subdirectory
.
-Configuration
+Configuration
To configure an Uptobox backend you'll need your personal api token. You'll find it in your account settings
Here is an example of how to make a remote called remote
with the default setup. First run:
rclone config
@@ -28360,9 +34726,9 @@ Configuration
rclone ls remote:
To copy a local directory to an Uptobox directory called backup
rclone copy /home/source remote:backup
-Modified time and hashes
-Uptobox supports neither modified times nor checksums.
-Restricted filename characters
+Modification times and hashes
+Uptobox supports neither modified times nor checksums. All timestamps will read as that set by --default-time
.
+Restricted filename characters
In addition to the default restricted characters set the following characters are also replaced:
@@ -28386,7 +34752,7 @@ Restricted filename characters
Invalid UTF-8 bytes will also be replaced, as they can't be used in XML strings.
-Standard options
+Standard options
Here are the Standard options specific to uptobox (Uptobox).
--uptobox-access-token
Your access token.
@@ -28398,8 +34764,17 @@ --uptobox-access-token
- Type: string
- Required: false
-Advanced options
+Advanced options
Here are the Advanced options specific to uptobox (Uptobox).
+--uptobox-private
+Set to make uploaded files private
+Properties:
+
+- Config: private
+- Env Var: RCLONE_UPTOBOX_PRIVATE
+- Type: bool
+- Default: false
+
--uptobox-encoding
The encoding for the backend.
See the encoding section in the overview for more info.
@@ -28407,20 +34782,24 @@ --uptobox-encoding
- Config: encoding
- Env Var: RCLONE_UPTOBOX_ENCODING
-- Type: MultiEncoder
+- Type: Encoding
- Default: Slash,LtGt,DoubleQuote,BackQuote,Del,Ctl,LeftSpace,InvalidUtf8,Dot
-Limitations
+Limitations
Uptobox will delete inactive files that have not been accessed in 60 days.
rclone about
is not supported by this backend an overview of used space can however been seen in the uptobox web interface.
Union
-The union
remote provides a unification similar to UnionFS using other remotes.
-Paths may be as deep as required or a local path, e.g. remote:directory/subdirectory
or /directory/subdirectory
.
+The union
backend joins several remotes together to make a single unified view of them.
During the initial setup with rclone config
you will specify the upstream remotes as a space separated list. The upstream remotes can either be a local paths or other remotes.
-Attribute :ro
and :nc
can be attach to the end of path to tag the remote as read only or no create, e.g. remote:directory/subdirectory:ro
or remote:directory/subdirectory:nc
.
+The attributes :ro
, :nc
and :writeback
can be attached to the end of the remote to tag the remote as read only, no create or writeback, e.g. remote:directory/subdirectory:ro
or remote:directory/subdirectory:nc
.
+
+:ro
means files will only be read from here and never written
+:nc
means new files or directories won't be created here
+:writeback
means files found in different remotes will be written back here. See the writeback section for more info.
+
Subfolders can be used in upstream remotes. Assume a union remote named backup
with the remotes mydrive:private/backup
. Invoking rclone mkdir backup:desktop
is exactly the same as invoking rclone mkdir mydrive:private/backup/desktop
.
-There will be no special handling of paths containing ..
segments. Invoking rclone mkdir backup:../desktop
is exactly the same as invoking rclone mkdir mydrive:private/backup/../desktop
.
-Configuration
+There is no special handling of paths containing ..
segments. Invoking rclone mkdir backup:../desktop
is exactly the same as invoking rclone mkdir mydrive:private/backup/../desktop
.
+Configuration
Here is an example of how to make a union called remote
for local folders. First run:
rclone config
This will guide you through an interactive setup process:
@@ -28641,7 +35020,19 @@ Policy descriptions
-Standard options
+Writeback
+The tag :writeback
on an upstream remote can be used to make a simple cache system like this:
+[union]
+type = union
+action_policy = all
+create_policy = all
+search_policy = ff
+upstreams = /local:writeback remote:dir
+When files are opened for read, if the file is in remote:dir
but not /local
then rclone will copy the file entirely into /local
before returning a reference to the file in /local
. The copy will be done with the equivalent of rclone copy
so will use --multi-thread-streams
if configured. Any copies will be logged with an INFO log.
+When files are written, they will be written to both remote:dir
and /local
.
+As many remotes as desired can be added to upstreams
but there should only be one :writeback
tag.
+Rclone does not manage the :writeback
remote in any way other than writing files back to it. So if you need to expire old files or manage the size then you will have to do this yourself.
+Standard options
Here are the Standard options specific to union (Union merges the contents of several upstream fs).
--union-upstreams
List of space separated upstreams.
@@ -28690,7 +35081,7 @@ --union-cache-time
- Type: int
- Default: 120
-Advanced options
+Advanced options
Here are the Advanced options specific to union (Union merges the contents of several upstream fs).
--union-min-free-space
Minimum viable free space for lfs/eplfs policies.
@@ -28702,13 +35093,13 @@ --union-min-free-space
- Type: SizeSuffix
- Default: 1Gi
-Metadata
+Metadata
Any metadata supported by the underlying remote is read and written.
See the metadata docs for more info.
WebDAV
Paths are specified as remote:path
Paths may be as deep as required, e.g. remote:directory/subdirectory
.
-Configuration
+Configuration
To configure the WebDAV remote you will need to have a URL for it, and a username and password. If you know what kind of system you are connecting to then rclone can enable extra features.
Here is an example of how to make a remote called remote
. First run:
rclone config
@@ -28733,17 +35124,21 @@ Configuration
url> https://example.com/remote.php/webdav/
Name of the WebDAV site/service/software you are using
Choose a number from below, or type in your own value
- 1 / Nextcloud
- \ "nextcloud"
- 2 / Owncloud
- \ "owncloud"
- 3 / Sharepoint Online, authenticated by Microsoft account.
- \ "sharepoint"
- 4 / Sharepoint with NTLM authentication. Usually self-hosted or on-premises.
- \ "sharepoint-ntlm"
- 5 / Other site/service or software
- \ "other"
-vendor> 1
+ 1 / Fastmail Files
+ \ (fastmail)
+ 2 / Nextcloud
+ \ (nextcloud)
+ 3 / Owncloud
+ \ (owncloud)
+ 4 / Sharepoint Online, authenticated by Microsoft account
+ \ (sharepoint)
+ 5 / Sharepoint with NTLM authentication, usually self-hosted or on-premises
+ \ (sharepoint-ntlm)
+ 6 / rclone WebDAV server to serve a remote over HTTP via the WebDAV protocol
+ \ (rclone)
+ 7 / Other site/service or software
+ \ (other)
+vendor> 2
User name
user> user
Password.
@@ -28778,10 +35173,10 @@ Configuration
rclone ls remote:
To copy a local directory to an WebDAV directory called backup
rclone copy /home/source remote:backup
-Modified time and hashes
-Plain WebDAV does not support modified times. However when used with Owncloud or Nextcloud rclone will support modified times.
-Likewise plain WebDAV does not support hashes, however when used with Owncloud or Nextcloud rclone will support SHA1 and MD5 hashes. Depending on the exact version of Owncloud or Nextcloud hashes may appear on all objects, or only on objects which had a hash uploaded with them.
-Standard options
+Modification times and hashes
+Plain WebDAV does not support modified times. However when used with Fastmail Files, Owncloud or Nextcloud rclone will support modified times.
+Likewise plain WebDAV does not support hashes, however when used with Fastmail Files, Owncloud or Nextcloud rclone will support SHA1 and MD5 hashes. Depending on the exact version of Owncloud or Nextcloud hashes may appear on all objects, or only on objects which had a hash uploaded with them.
+Standard options
Here are the Standard options specific to webdav (WebDAV).
--webdav-url
URL of http host to connect to.
@@ -28803,6 +35198,10 @@ --webdav-vendor
- Required: false
- Examples:
+- "fastmail"
+
+- Fastmail Files
+
- "nextcloud"
- Nextcloud
@@ -28819,6 +35218,10 @@ --webdav-vendor
- Sharepoint with NTLM authentication, usually self-hosted or on-premises
+- "rclone"
+
+- rclone WebDAV server to serve a remote over HTTP via the WebDAV protocol
+
- "other"
- Other site/service or software
@@ -28854,7 +35257,7 @@ --webdav-bearer-token
- Type: string
- Required: false
-Advanced options
+Advanced options
Here are the Advanced options specific to webdav (WebDAV).
--webdav-bearer-token-command
Command to run to get a bearer token.
@@ -28889,8 +35292,31 @@ --webdav-headers
- Type: CommaSepList
- Default:
+--webdav-pacer-min-sleep
+Minimum time to sleep between API calls.
+Properties:
+
+- Config: pacer_min_sleep
+- Env Var: RCLONE_WEBDAV_PACER_MIN_SLEEP
+- Type: Duration
+- Default: 10ms
+
+--webdav-nextcloud-chunk-size
+Nextcloud upload chunk size.
+We recommend configuring your NextCloud instance to increase the max chunk size to 1 GB for better upload performances. See https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/big_file_upload_configuration.html#adjust-chunk-size-on-nextcloud-side
+Set to 0 to disable chunked uploading.
+Properties:
+
+- Config: nextcloud_chunk_size
+- Env Var: RCLONE_WEBDAV_NEXTCLOUD_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 10Mi
+
Provider notes
See below for notes on specific providers.
+Fastmail Files
+Use https://webdav.fastmail.com/
or a subdirectory as the URL, and your Fastmail email username@domain.tld
as the username. Follow this documentation to create an app password with access to Files (WebDAV)
and use this as the password.
+Fastmail supports modified times using the X-OC-Mtime
header.
Owncloud
Click on the settings cog in the bottom right of the page and this will show the WebDAV URL that rclone needs in the config step. It will look something like https://example.com/remote.php/webdav/
.
Owncloud supports modified times using the X-OC-Mtime
header.
@@ -28931,6 +35357,9 @@ Required Flags for SharePoint
As SharePoint does some special things with uploaded documents, you won't be able to use the documents size or the documents hash to compare if a file has been changed since the upload / which file is newer.
For Rclone calls copying files (especially Office files such as .docx, .xlsx, etc.) from/to SharePoint (like copy, sync, etc.), you should append these flags to ensure Rclone uses the "Last Modified" datetime property to compare your documents:
--ignore-size --ignore-checksum --update
+Rclone
+Use this option if you are hosting remotes over WebDAV provided by rclone. Read rclone serve webdav for more details.
+rclone serve supports modified times using the X-OC-Mtime
header.
dCache
dCache is a storage system that supports many protocols and authentication/authorisation schemes. For WebDAV clients, it allows users to authenticate with username and password (BASIC), X.509, Kerberos, and various bearer tokens, including Macaroons and OpenID-Connect access tokens.
Configure as normal using the other
type. Don't enter a username or password, instead enter your Macaroon as the bearer_token
.
@@ -28961,7 +35390,7 @@ OpenID-Connect
bearer_token_command = oidc-token XDC
Yandex Disk
Yandex Disk is a cloud storage solution created by Yandex.
-Configuration
+Configuration
Here is an example of making a yandex configuration. First run
rclone config
This will guide you through an interactive setup process:
@@ -29015,18 +35444,17 @@ Configuration
Sync /home/local/directory
to the remote path, deleting any excess files in the path.
rclone sync --interactive /home/local/directory remote:directory
Yandex paths may be as deep as required, e.g. remote:directory/subdirectory
.
-Modified time
+Modification times and hashes
Modified times are supported and are stored accurate to 1 ns in custom metadata called rclone_modified
in RFC3339 with nanoseconds format.
-MD5 checksums
-MD5 checksums are natively supported by Yandex Disk.
-Emptying Trash
+The MD5 hash algorithm is natively supported by Yandex Disk.
+Emptying Trash
If you wish to empty your trash you can use the rclone cleanup remote:
command which will permanently delete all your trashed files. This command does not take any path arguments.
-Quota information
+Quota information
To view your current quota you can use the rclone about remote:
command which will display your usage limit (quota) and the current usage.
-Restricted filename characters
+Restricted filename characters
The default restricted characters set are replaced.
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-Standard options
+Standard options
Here are the Standard options specific to yandex (Yandex Disk).
--yandex-client-id
OAuth Client Id.
@@ -29048,7 +35476,7 @@ --yandex-client-secret
- Type: string
- Required: false
-Advanced options
+Advanced options
Here are the Advanced options specific to yandex (Yandex Disk).
--yandex-token
OAuth Access Token as a JSON blob.
@@ -29095,16 +35523,16 @@ --yandex-encoding
- Config: encoding
- Env Var: RCLONE_YANDEX_ENCODING
-- Type: MultiEncoder
+- Type: Encoding
- Default: Slash,Del,Ctl,InvalidUtf8,Dot
-Limitations
+Limitations
When uploading very large files (bigger than about 5 GiB) you will need to increase the --timeout
parameter. This is because Yandex pauses (perhaps to calculate the MD5SUM for the entire file) before returning confirmation that the file has been uploaded. The default handling of timeouts in rclone is to assume a 5 minute pause is an error and close the connection - you'll see net/http: timeout awaiting response headers
errors in the logs if this is happening. Setting the timeout to twice the max size of file in GiB should be enough, so if you want to upload a 30 GiB file set a timeout of 2 * 30 = 60m
, that is --timeout 60m
.
Having a Yandex Mail account is mandatory to use the Yandex.Disk subscription. Token generation will work without a mail account, but Rclone won't be able to complete any actions.
[403 - DiskUnsupportedUserAccountTypeError] User account type is not supported.
Zoho Workdrive
Zoho WorkDrive is a cloud storage solution created by Zoho.
-Configuration
+Configuration
Here is an example of making a zoho configuration. First run
rclone config
This will guide you through an interactive setup process:
@@ -29177,751 +35605,1491 @@ Configuration
Sync /home/local/directory
to the remote path, deleting any excess files in the path.
rclone sync --interactive /home/local/directory remote:directory
Zoho paths may be as deep as required, eg remote:directory/subdirectory
.
-Modified time
+Modification times and hashes
Modified times are currently not supported for Zoho Workdrive
-Checksums
-No checksums are supported.
-Usage information
+No hash algorithms are supported.
+Usage information
To view your current quota you can use the rclone about remote:
command which will display your current usage.
-Restricted filename characters
+Restricted filename characters
Only control characters and invalid UTF-8 are replaced. In addition most Unicode full-width characters are not supported at all and will be removed from filenames during upload.
-Standard options
+Standard options
Here are the Standard options specific to zoho (Zoho).
--zoho-client-id
OAuth Client Id.
Leave blank normally.
Properties:
-- Config: client_id
-- Env Var: RCLONE_ZOHO_CLIENT_ID
-- Type: string
-- Required: false
+- Config: client_id
+- Env Var: RCLONE_ZOHO_CLIENT_ID
+- Type: string
+- Required: false
+
+--zoho-client-secret
+OAuth Client Secret.
+Leave blank normally.
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_ZOHO_CLIENT_SECRET
+- Type: string
+- Required: false
+
+--zoho-region
+Zoho region to connect to.
+You'll have to use the region your organization is registered in. If not sure use the same top level domain as you connect to in your browser.
+Properties:
+
+- Config: region
+- Env Var: RCLONE_ZOHO_REGION
+- Type: string
+- Required: false
+- Examples:
+
+- "com"
+
+- United states / Global
+
+- "eu"
+
+- Europe
+
+- "in"
+
+- India
+
+- "jp"
+
+- Japan
+
+- "com.cn"
+
+- China
+
+- "com.au"
+
+- Australia
+
+
+
+Advanced options
+Here are the Advanced options specific to zoho (Zoho).
+--zoho-token
+OAuth Access Token as a JSON blob.
+Properties:
+
+- Config: token
+- Env Var: RCLONE_ZOHO_TOKEN
+- Type: string
+- Required: false
+
+--zoho-auth-url
+Auth server URL.
+Leave blank to use the provider defaults.
+Properties:
+
+- Config: auth_url
+- Env Var: RCLONE_ZOHO_AUTH_URL
+- Type: string
+- Required: false
+
+--zoho-token-url
+Token server url.
+Leave blank to use the provider defaults.
+Properties:
+
+- Config: token_url
+- Env Var: RCLONE_ZOHO_TOKEN_URL
+- Type: string
+- Required: false
+
+--zoho-encoding
+The encoding for the backend.
+See the encoding section in the overview for more info.
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_ZOHO_ENCODING
+- Type: Encoding
+- Default: Del,Ctl,InvalidUtf8
+
+Setting up your own client_id
+For Zoho we advise you to set up your own client_id. To do so you have to complete the following steps.
+
+Log in to the Zoho API Console
+Create a new client of type "Server-based Application". The name and website don't matter, but you must add the redirect URL http://localhost:53682/
.
+Once the client is created, you can go to the settings tab and enable it in other regions.
+
+The client id and client secret can now be used with rclone.
+Local Filesystem
+Local paths are specified as normal filesystem paths, e.g. /path/to/wherever
, so
+rclone sync --interactive /home/source /tmp/destination
+Will sync /home/source
to /tmp/destination
.
+Configuration
+For consistencies sake one can also configure a remote of type local
in the config file, and access the local filesystem using rclone remote paths, e.g. remote:path/to/wherever
, but it is probably easier not to.
+Modification times
+Rclone reads and writes the modification times using an accuracy determined by the OS. Typically this is 1ns on Linux, 10 ns on Windows and 1 Second on OS X.
+Filenames
+Filenames should be encoded in UTF-8 on disk. This is the normal case for Windows and OS X.
+There is a bit more uncertainty in the Linux world, but new distributions will have UTF-8 encoded files names. If you are using an old Linux filesystem with non UTF-8 file names (e.g. latin1) then you can use the convmv
tool to convert the filesystem to UTF-8. This tool is available in most distributions' package managers.
+If an invalid (non-UTF8) filename is read, the invalid characters will be replaced with a quoted representation of the invalid bytes. The name gro\xdf
will be transferred as gro‛DF
. rclone
will emit a debug message in this case (use -v
to see), e.g.
+Local file system at .: Replacing invalid UTF-8 characters in "gro\xdf"
+Restricted characters
+With the local backend, restrictions on the characters that are usable in file or directory names depend on the operating system. To check what rclone will replace by default on your system, run rclone help flags local-encoding
.
+On non Windows platforms the following characters are replaced when handling file names.
+
+
+
+Character
+Value
+Replacement
+
+
+
+
+NUL
+0x00
+␀
+
+
+/
+0x2F
+/
+
+
+
+When running on Windows the following characters are replaced. This list is based on the Windows file naming conventions.
+
+
+
+Character
+Value
+Replacement
+
+
+
+
+NUL
+0x00
+␀
+
+
+SOH
+0x01
+␁
+
+
+STX
+0x02
+␂
+
+
+ETX
+0x03
+␃
+
+
+EOT
+0x04
+␄
+
+
+ENQ
+0x05
+␅
+
+
+ACK
+0x06
+␆
+
+
+BEL
+0x07
+␇
+
+
+BS
+0x08
+␈
+
+
+HT
+0x09
+␉
+
+
+LF
+0x0A
+␊
+
+
+VT
+0x0B
+␋
+
+
+FF
+0x0C
+␌
+
+
+CR
+0x0D
+␍
+
+
+SO
+0x0E
+␎
+
+
+SI
+0x0F
+␏
+
+
+DLE
+0x10
+␐
+
+
+DC1
+0x11
+␑
+
+
+DC2
+0x12
+␒
+
+
+DC3
+0x13
+␓
+
+
+DC4
+0x14
+␔
+
+
+NAK
+0x15
+␕
+
+
+SYN
+0x16
+␖
+
+
+ETB
+0x17
+␗
+
+
+CAN
+0x18
+␘
+
+
+EM
+0x19
+␙
+
+
+SUB
+0x1A
+␚
+
+
+ESC
+0x1B
+␛
+
+
+FS
+0x1C
+␜
+
+
+GS
+0x1D
+␝
+
+
+RS
+0x1E
+␞
+
+
+US
+0x1F
+␟
+
+
+/
+0x2F
+/
+
+
+"
+0x22
+"
+
+
+*
+0x2A
+*
+
+
+:
+0x3A
+:
+
+
+<
+0x3C
+<
+
+
+>
+0x3E
+>
+
+
+?
+0x3F
+?
+
+
+\
+0x5C
+\
+
+
+|
+0x7C
+|
+
+
+
+File names on Windows can also not end with the following characters. These only get replaced if they are the last character in the name:
+
+
+
+Character
+Value
+Replacement
+
+
+
+
+SP
+0x20
+␠
+
+
+.
+0x2E
+.
+
+
+
+Invalid UTF-8 bytes will also be replaced, as they can't be converted to UTF-16.
+Paths on Windows
+On Windows there are many ways of specifying a path to a file system resource. Local paths can be absolute, like C:\path\to\wherever
, or relative, like ..\wherever
. Network paths in UNC format, \\server\share
, are also supported. Path separator can be either \
(as in C:\path\to\wherever
) or /
(as in C:/path/to/wherever
). Length of these paths are limited to 259 characters for files and 247 characters for directories, but there is an alternative extended-length path format increasing the limit to (approximately) 32,767 characters. This format requires absolute paths and the use of prefix \\?\
, e.g. \\?\D:\some\very\long\path
. For convenience rclone will automatically convert regular paths into the corresponding extended-length paths, so in most cases you do not have to worry about this (read more below).
+Note that Windows supports using the same prefix \\?\
to specify path to volumes identified by their GUID, e.g. \\?\Volume{b75e2c83-0000-0000-0000-602f00000000}\some\path
. This is not supported in rclone, due to an issue in go.
+Long paths
+Rclone handles long paths automatically, by converting all paths to extended-length path format, which allows paths up to 32,767 characters.
+This conversion will ensure paths are absolute and prefix them with the \\?\
. This is why you will see that your paths, for instance .\files
is shown as path \\?\C:\files
in the output, and \\server\share
as \\?\UNC\server\share
.
+However, in rare cases this may cause problems with buggy file system drivers like EncFS. To disable UNC conversion globally, add this to your .rclone.conf
file:
+[local]
+nounc = true
+If you want to selectively disable UNC, you can add it to a separate entry like this:
+[nounc]
+type = local
+nounc = true
+And use rclone like this:
+rclone copy c:\src nounc:z:\dst
+This will use UNC paths on c:\src
but not on z:\dst
. Of course this will cause problems if the absolute path length of a file exceeds 259 characters on z, so only use this option if you have to.
+Symlinks / Junction points
+Normally rclone will ignore symlinks or junction points (which behave like symlinks under Windows).
+If you supply --copy-links
or -L
then rclone will follow the symlink and copy the pointed to file or directory. Note that this flag is incompatible with --links
/ -l
.
+This flag applies to all commands.
+For example, supposing you have a directory structure like this
+$ tree /tmp/a
+/tmp/a
+├── b -> ../b
+├── expected -> ../expected
+├── one
+└── two
+ └── three
+Then you can see the difference with and without the flag like this
+$ rclone ls /tmp/a
+ 6 one
+ 6 two/three
+and
+$ rclone -L ls /tmp/a
+ 4174 expected
+ 6 one
+ 6 two/three
+ 6 b/two
+ 6 b/one
+--links, -l
+Normally rclone will ignore symlinks or junction points (which behave like symlinks under Windows).
+If you supply this flag then rclone will copy symbolic links from the local storage, and store them as text files, with a '.rclonelink' suffix in the remote storage.
+The text file will contain the target of the symbolic link (see example).
+This flag applies to all commands.
+For example, supposing you have a directory structure like this
+$ tree /tmp/a
+/tmp/a
+├── file1 -> ./file4
+└── file2 -> /home/user/file3
+Copying the entire directory with '-l'
+$ rclone copyto -l /tmp/a/file1 remote:/tmp/a/
+The remote files are created with a '.rclonelink' suffix
+$ rclone ls remote:/tmp/a
+ 5 file1.rclonelink
+ 14 file2.rclonelink
+The remote files will contain the target of the symbolic links
+$ rclone cat remote:/tmp/a/file1.rclonelink
+./file4
+
+$ rclone cat remote:/tmp/a/file2.rclonelink
+/home/user/file3
+Copying them back with '-l'
+$ rclone copyto -l remote:/tmp/a/ /tmp/b/
+
+$ tree /tmp/b
+/tmp/b
+├── file1 -> ./file4
+└── file2 -> /home/user/file3
+However, if copied back without '-l'
+$ rclone copyto remote:/tmp/a/ /tmp/b/
+
+$ tree /tmp/b
+/tmp/b
+├── file1.rclonelink
+└── file2.rclonelink
+Note that this flag is incompatible with -copy-links
/ -L
.
+Restricting filesystems with --one-file-system
+Normally rclone will recurse through filesystems as mounted.
+However if you set --one-file-system
or -x
this tells rclone to stay in the filesystem specified by the root and not to recurse into different file systems.
+For example if you have a directory hierarchy like this
+root
+├── disk1 - disk1 mounted on the root
+│ └── file3 - stored on disk1
+├── disk2 - disk2 mounted on the root
+│ └── file4 - stored on disk12
+├── file1 - stored on the root disk
+└── file2 - stored on the root disk
+Using rclone --one-file-system copy root remote:
will only copy file1
and file2
. Eg
+$ rclone -q --one-file-system ls root
+ 0 file1
+ 0 file2
+$ rclone -q ls root
+ 0 disk1/file3
+ 0 disk2/file4
+ 0 file1
+ 0 file2
+NB Rclone (like most unix tools such as du
, rsync
and tar
) treats a bind mount to the same device as being on the same filesystem.
+NB This flag is only available on Unix based systems. On systems where it isn't supported (e.g. Windows) it will be ignored.
+Advanced options
+Here are the Advanced options specific to local (Local Disk).
+--local-nounc
+Disable UNC (long path names) conversion on Windows.
+Properties:
+
+- Config: nounc
+- Env Var: RCLONE_LOCAL_NOUNC
+- Type: bool
+- Default: false
+- Examples:
+
+- "true"
+
+- Disables long file names.
+
+
---zoho-client-secret
-OAuth Client Secret.
-Leave blank normally.
+--copy-links / -L
+Follow symlinks and copy the pointed to item.
Properties:
-- Config: client_secret
-- Env Var: RCLONE_ZOHO_CLIENT_SECRET
-- Type: string
-- Required: false
+- Config: copy_links
+- Env Var: RCLONE_LOCAL_COPY_LINKS
+- Type: bool
+- Default: false
---zoho-region
-Zoho region to connect to.
-You'll have to use the region your organization is registered in. If not sure use the same top level domain as you connect to in your browser.
+--links / -l
+Translate symlinks to/from regular files with a '.rclonelink' extension.
Properties:
-- Config: region
-- Env Var: RCLONE_ZOHO_REGION
-- Type: string
-- Required: false
-- Examples:
-
-- "com"
-
-- United states / Global
-
-- "eu"
+
- Config: links
+- Env Var: RCLONE_LOCAL_LINKS
+- Type: bool
+- Default: false
+
+--skip-links
+Don't warn about skipped symlinks.
+This flag disables warning messages on skipped symlinks or junction points, as you explicitly acknowledge that they should be skipped.
+Properties:
-- Europe
-
-- "in"
+
- Config: skip_links
+- Env Var: RCLONE_LOCAL_SKIP_LINKS
+- Type: bool
+- Default: false
+
+--local-zero-size-links
+Assume the Stat size of links is zero (and read them instead) (deprecated).
+Rclone used to use the Stat size of links as the link size, but this fails in quite a few places:
-- India
-
-- "jp"
+
- Windows
+- On some virtual filesystems (such ash LucidLink)
+- Android
+
+So rclone now always reads the link.
+Properties:
-- Japan
-
-- "com.cn"
+
- Config: zero_size_links
+- Env Var: RCLONE_LOCAL_ZERO_SIZE_LINKS
+- Type: bool
+- Default: false
+
+--local-unicode-normalization
+Apply unicode NFC normalization to paths and filenames.
+This flag can be used to normalize file names into unicode NFC form that are read from the local filesystem.
+Rclone does not normally touch the encoding of file names it reads from the file system.
+This can be useful when using macOS as it normally provides decomposed (NFD) unicode which in some language (eg Korean) doesn't display properly on some OSes.
+Note that rclone compares filenames with unicode normalization in the sync routine so this flag shouldn't normally be used.
+Properties:
-- China
-
-- "com.au"
+
- Config: unicode_normalization
+- Env Var: RCLONE_LOCAL_UNICODE_NORMALIZATION
+- Type: bool
+- Default: false
+
+--local-no-check-updated
+Don't check to see if the files change during upload.
+Normally rclone checks the size and modification time of files as they are being uploaded and aborts with a message which starts "can't copy - source file is being updated" if the file changes during upload.
+However on some file systems this modification time check may fail (e.g. Glusterfs #2206) so this check can be disabled with this flag.
+If this flag is set, rclone will use its best efforts to transfer a file which is being updated. If the file is only having things appended to it (e.g. a log) then rclone will transfer the log file with the size it had the first time rclone saw it.
+If the file is being modified throughout (not just appended to) then the transfer may fail with a hash check failure.
+In detail, once the file has had stat() called on it for the first time we:
-- Australia
-
-
+- Only transfer the size that stat gave
+- Only checksum the size that stat gave
+- Don't update the stat info for the file
-Advanced options
-Here are the Advanced options specific to zoho (Zoho).
---zoho-token
-OAuth Access Token as a JSON blob.
+NB do not use this flag on a Windows Volume Shadow (VSS). For some unknown reason, files in a VSS sometimes show different sizes from the directory listing (where the initial stat value comes from on Windows) and when stat is called on them directly. Other copy tools always use the direct stat value and setting this flag will disable that.
Properties:
-- Config: token
-- Env Var: RCLONE_ZOHO_TOKEN
-- Type: string
-- Required: false
+- Config: no_check_updated
+- Env Var: RCLONE_LOCAL_NO_CHECK_UPDATED
+- Type: bool
+- Default: false
---zoho-auth-url
-Auth server URL.
-Leave blank to use the provider defaults.
+--one-file-system / -x
+Don't cross filesystem boundaries (unix/macOS only).
Properties:
-- Config: auth_url
-- Env Var: RCLONE_ZOHO_AUTH_URL
-- Type: string
-- Required: false
+- Config: one_file_system
+- Env Var: RCLONE_LOCAL_ONE_FILE_SYSTEM
+- Type: bool
+- Default: false
---zoho-token-url
-Token server url.
-Leave blank to use the provider defaults.
+--local-case-sensitive
+Force the filesystem to report itself as case sensitive.
+Normally the local backend declares itself as case insensitive on Windows/macOS and case sensitive for everything else. Use this flag to override the default choice.
Properties:
-- Config: token_url
-- Env Var: RCLONE_ZOHO_TOKEN_URL
-- Type: string
-- Required: false
+- Config: case_sensitive
+- Env Var: RCLONE_LOCAL_CASE_SENSITIVE
+- Type: bool
+- Default: false
---zoho-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
+--local-case-insensitive
+Force the filesystem to report itself as case insensitive.
+Normally the local backend declares itself as case insensitive on Windows/macOS and case sensitive for everything else. Use this flag to override the default choice.
Properties:
-- Config: encoding
-- Env Var: RCLONE_ZOHO_ENCODING
-- Type: MultiEncoder
-- Default: Del,Ctl,InvalidUtf8
-
-Setting up your own client_id
-For Zoho we advise you to set up your own client_id. To do so you have to complete the following steps.
-
-Log in to the Zoho API Console
-Create a new client of type "Server-based Application". The name and website don't matter, but you must add the redirect URL http://localhost:53682/
.
-Once the client is created, you can go to the settings tab and enable it in other regions.
-
-The client id and client secret can now be used with rclone.
-Local Filesystem
-Local paths are specified as normal filesystem paths, e.g. /path/to/wherever
, so
-rclone sync --interactive /home/source /tmp/destination
-Will sync /home/source
to /tmp/destination
.
-Configuration
-For consistencies sake one can also configure a remote of type local
in the config file, and access the local filesystem using rclone remote paths, e.g. remote:path/to/wherever
, but it is probably easier not to.
-Modified time
-Rclone reads and writes the modified time using an accuracy determined by the OS. Typically this is 1ns on Linux, 10 ns on Windows and 1 Second on OS X.
-Filenames
-Filenames should be encoded in UTF-8 on disk. This is the normal case for Windows and OS X.
-There is a bit more uncertainty in the Linux world, but new distributions will have UTF-8 encoded files names. If you are using an old Linux filesystem with non UTF-8 file names (e.g. latin1) then you can use the convmv
tool to convert the filesystem to UTF-8. This tool is available in most distributions' package managers.
-If an invalid (non-UTF8) filename is read, the invalid characters will be replaced with a quoted representation of the invalid bytes. The name gro\xdf
will be transferred as gro‛DF
. rclone
will emit a debug message in this case (use -v
to see), e.g.
-Local file system at .: Replacing invalid UTF-8 characters in "gro\xdf"
-Restricted characters
-With the local backend, restrictions on the characters that are usable in file or directory names depend on the operating system. To check what rclone will replace by default on your system, run rclone help flags local-encoding
.
-On non Windows platforms the following characters are replaced when handling file names.
-
-
-
-Character
-Value
-Replacement
-
-
-
-
-NUL
-0x00
-␀
-
-
-/
-0x2F
-/
-
-
-
-When running on Windows the following characters are replaced. This list is based on the Windows file naming conventions.
+- Config: case_insensitive
+- Env Var: RCLONE_LOCAL_CASE_INSENSITIVE
+- Type: bool
+- Default: false
+
+--local-no-preallocate
+Disable preallocation of disk space for transferred files.
+Preallocation of disk space helps prevent filesystem fragmentation. However, some virtual filesystem layers (such as Google Drive File Stream) may incorrectly set the actual file size equal to the preallocated space, causing checksum and file size checks to fail. Use this flag to disable preallocation.
+Properties:
+
+- Config: no_preallocate
+- Env Var: RCLONE_LOCAL_NO_PREALLOCATE
+- Type: bool
+- Default: false
+
+--local-no-sparse
+Disable sparse files for multi-thread downloads.
+On Windows platforms rclone will make sparse files when doing multi-thread downloads. This avoids long pauses on large files where the OS zeros the file. However sparse files may be undesirable as they cause disk fragmentation and can be slow to work with.
+Properties:
+
+- Config: no_sparse
+- Env Var: RCLONE_LOCAL_NO_SPARSE
+- Type: bool
+- Default: false
+
+--local-no-set-modtime
+Disable setting modtime.
+Normally rclone updates modification time of files after they are done uploading. This can cause permissions issues on Linux platforms when the user rclone is running as does not own the file uploaded, such as when copying to a CIFS mount owned by another user. If this option is enabled, rclone will no longer update the modtime after copying a file.
+Properties:
+
+- Config: no_set_modtime
+- Env Var: RCLONE_LOCAL_NO_SET_MODTIME
+- Type: bool
+- Default: false
+
+--local-encoding
+The encoding for the backend.
+See the encoding section in the overview for more info.
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_LOCAL_ENCODING
+- Type: Encoding
+- Default: Slash,Dot
+
+Metadata
+Depending on which OS is in use the local backend may return only some of the system metadata. Setting system metadata is supported on all OSes but setting user metadata is only supported on linux, freebsd, netbsd, macOS and Solaris. It is not supported on Windows yet (see pkg/attrs#47).
+User metadata is stored as extended attributes (which may not be supported by all file systems) under the "user.*" prefix.
+Here are the possible system metadata items for the local backend.
+
+
+
+
+
+
+
-Character
-Value
-Replacement
+Name
+Help
+Type
+Example
+Read Only
-NUL
-0x00
-␀
-
-
-SOH
-0x01
-␁
-
-
-STX
-0x02
-␂
-
-
-ETX
-0x03
-␃
-
-
-EOT
-0x04
-␄
-
-
-ENQ
-0x05
-␅
-
-
-ACK
-0x06
-␆
-
-
-BEL
-0x07
-␇
-
-
-BS
-0x08
-␈
-
-
-HT
-0x09
-␉
-
-
-LF
-0x0A
-␊
-
-
-VT
-0x0B
-␋
-
-
-FF
-0x0C
-␌
-
-
-CR
-0x0D
-␍
-
-
-SO
-0x0E
-␎
-
-
-SI
-0x0F
-␏
-
-
-DLE
-0x10
-␐
-
-
-DC1
-0x11
-␑
-
-
-DC2
-0x12
-␒
-
-
-DC3
-0x13
-␓
-
-
-DC4
-0x14
-␔
-
-
-NAK
-0x15
-␕
-
-
-SYN
-0x16
-␖
-
-
-ETB
-0x17
-␗
-
-
-CAN
-0x18
-␘
-
-
-EM
-0x19
-␙
-
-
-SUB
-0x1A
-␚
-
-
-ESC
-0x1B
-␛
-
-
-FS
-0x1C
-␜
-
-
-GS
-0x1D
-␝
-
-
-RS
-0x1E
-␞
-
-
-US
-0x1F
-␟
-
-
-/
-0x2F
-/
-
-
-"
-0x22
-"
-
-
-*
-0x2A
-*
-
-
-:
-0x3A
-:
-
-
-<
-0x3C
-<
-
-
->
-0x3E
->
-
-
-?
-0x3F
-?
+atime
+Time of last access
+RFC 3339
+2006-01-02T15:04:05.999999999Z07:00
+N
-\
-0x5C
-\
+btime
+Time of file birth (creation)
+RFC 3339
+2006-01-02T15:04:05.999999999Z07:00
+N
-|
-0x7C
-|
+gid
+Group ID of owner
+decimal number
+500
+N
-
-
-File names on Windows can also not end with the following characters. These only get replaced if they are the last character in the name:
-
-
-
-Character
-Value
-Replacement
+
+mode
+File type and mode
+octal, unix style
+0100664
+N
-
-
-SP
-0x20
-␠
+mtime
+Time of last modification
+RFC 3339
+2006-01-02T15:04:05.999999999Z07:00
+N
-.
-0x2E
-.
+rdev
+Device ID (if special file)
+hexadecimal
+1abc
+N
+
+
+uid
+User ID of owner
+decimal number
+500
+N
-Invalid UTF-8 bytes will also be replaced, as they can't be converted to UTF-16.
-Paths on Windows
-On Windows there are many ways of specifying a path to a file system resource. Local paths can be absolute, like C:\path\to\wherever
, or relative, like ..\wherever
. Network paths in UNC format, \\server\share
, are also supported. Path separator can be either \
(as in C:\path\to\wherever
) or /
(as in C:/path/to/wherever
). Length of these paths are limited to 259 characters for files and 247 characters for directories, but there is an alternative extended-length path format increasing the limit to (approximately) 32,767 characters. This format requires absolute paths and the use of prefix \\?\
, e.g. \\?\D:\some\very\long\path
. For convenience rclone will automatically convert regular paths into the corresponding extended-length paths, so in most cases you do not have to worry about this (read more below).
-Note that Windows supports using the same prefix \\?\
to specify path to volumes identified by their GUID, e.g. \\?\Volume{b75e2c83-0000-0000-0000-602f00000000}\some\path
. This is not supported in rclone, due to an issue in go.
-Long paths
-Rclone handles long paths automatically, by converting all paths to extended-length path format, which allows paths up to 32,767 characters.
-This conversion will ensure paths are absolute and prefix them with the \\?\
. This is why you will see that your paths, for instance .\files
is shown as path \\?\C:\files
in the output, and \\server\share
as \\?\UNC\server\share
.
-However, in rare cases this may cause problems with buggy file system drivers like EncFS. To disable UNC conversion globally, add this to your .rclone.conf
file:
-[local]
-nounc = true
-If you want to selectively disable UNC, you can add it to a separate entry like this:
-[nounc]
-type = local
-nounc = true
-And use rclone like this:
-rclone copy c:\src nounc:z:\dst
-This will use UNC paths on c:\src
but not on z:\dst
. Of course this will cause problems if the absolute path length of a file exceeds 259 characters on z, so only use this option if you have to.
-Symlinks / Junction points
-Normally rclone will ignore symlinks or junction points (which behave like symlinks under Windows).
-If you supply --copy-links
or -L
then rclone will follow the symlink and copy the pointed to file or directory. Note that this flag is incompatible with --links
/ -l
.
-This flag applies to all commands.
-For example, supposing you have a directory structure like this
-$ tree /tmp/a
-/tmp/a
-├── b -> ../b
-├── expected -> ../expected
-├── one
-└── two
- └── three
-Then you can see the difference with and without the flag like this
-$ rclone ls /tmp/a
- 6 one
- 6 two/three
-and
-$ rclone -L ls /tmp/a
- 4174 expected
- 6 one
- 6 two/three
- 6 b/two
- 6 b/one
---links, -l
-Normally rclone will ignore symlinks or junction points (which behave like symlinks under Windows).
-If you supply this flag then rclone will copy symbolic links from the local storage, and store them as text files, with a '.rclonelink' suffix in the remote storage.
-The text file will contain the target of the symbolic link (see example).
-This flag applies to all commands.
-For example, supposing you have a directory structure like this
-$ tree /tmp/a
-/tmp/a
-├── file1 -> ./file4
-└── file2 -> /home/user/file3
-Copying the entire directory with '-l'
-$ rclone copyto -l /tmp/a/file1 remote:/tmp/a/
-The remote files are created with a '.rclonelink' suffix
-$ rclone ls remote:/tmp/a
- 5 file1.rclonelink
- 14 file2.rclonelink
-The remote files will contain the target of the symbolic links
-$ rclone cat remote:/tmp/a/file1.rclonelink
-./file4
-
-$ rclone cat remote:/tmp/a/file2.rclonelink
-/home/user/file3
-Copying them back with '-l'
-$ rclone copyto -l remote:/tmp/a/ /tmp/b/
-
-$ tree /tmp/b
-/tmp/b
-├── file1 -> ./file4
-└── file2 -> /home/user/file3
-However, if copied back without '-l'
-$ rclone copyto remote:/tmp/a/ /tmp/b/
-
-$ tree /tmp/b
-/tmp/b
-├── file1.rclonelink
-└── file2.rclonelink
-Note that this flag is incompatible with -copy-links
/ -L
.
-Restricting filesystems with --one-file-system
-Normally rclone will recurse through filesystems as mounted.
-However if you set --one-file-system
or -x
this tells rclone to stay in the filesystem specified by the root and not to recurse into different file systems.
-For example if you have a directory hierarchy like this
-root
-├── disk1 - disk1 mounted on the root
-│ └── file3 - stored on disk1
-├── disk2 - disk2 mounted on the root
-│ └── file4 - stored on disk12
-├── file1 - stored on the root disk
-└── file2 - stored on the root disk
-Using rclone --one-file-system copy root remote:
will only copy file1
and file2
. Eg
-$ rclone -q --one-file-system ls root
- 0 file1
- 0 file2
-$ rclone -q ls root
- 0 disk1/file3
- 0 disk2/file4
- 0 file1
- 0 file2
-NB Rclone (like most unix tools such as du
, rsync
and tar
) treats a bind mount to the same device as being on the same filesystem.
-NB This flag is only available on Unix based systems. On systems where it isn't supported (e.g. Windows) it will be ignored.
-Advanced options
-Here are the Advanced options specific to local (Local Disk).
---local-nounc
-Disable UNC (long path names) conversion on Windows.
-Properties:
+See the metadata docs for more info.
+Backend commands
+Here are the commands specific to the local backend.
+Run them with
+rclone backend COMMAND remote:
+The help below will explain what arguments each command takes.
+See the backend command for more info on how to pass options and arguments.
+These can be run on a running backend using the rc command backend/command.
+noop
+A null operation for testing backend commands
+rclone backend noop remote: [options] [<arguments>+]
+This is a test command which has some options you can try to change the output.
+Options:
+
+- "echo": echo the input arguments
+- "error": return an error based on option value
+
+Changelog
+v1.65.0 - 2023-11-26
+
+
+- New backends
+
+- Azure Files (karan, moongdal, Nick Craig-Wood)
+- ImageKit (Abhinav Dhiman)
+- Linkbox (viktor, Nick Craig-Wood)
+
+- New commands
+
+serve s3
: Let rclone act as an S3 compatible server (Mikubill, Artur Neumann, Saw-jan, Nick Craig-Wood)
+nfsmount
: mount command to provide mount mechanism on macOS without FUSE (Saleh Dindar)
+serve nfs
: to serve a remote for use by nfsmount
(Saleh Dindar)
+
+- New Features
+
+- install.sh: Clean up temp files in install script (Jacob Hands)
+- build
+
+- Update all dependencies (Nick Craig-Wood)
+- Refactor version info and icon resource handling on windows (albertony)
+
+- doc updates (albertony, alfish2000, asdffdsazqqq, Dimitri Papadopoulos, Herby Gillot, Joda Stößer, Manoj Ghosh, Nick Craig-Wood)
+- Implement
--metadata-mapper
to transform metatadata with a user supplied program (Nick Craig-Wood)
+- Add
ChunkWriterDoesntSeek
feature flag and set it for b2 (Nick Craig-Wood)
+- lib/http: Export basic go string functions for use in
--template
(Gabriel Espinoza)
+- makefile: Use POSIX compatible install arguments (Mina Galić)
+- operations
+
+- Use less memory when doing multithread uploads (Nick Craig-Wood)
+- Implement
--partial-suffix
to control extension of temporary file names (Volodymyr)
+
+- rc
+
+- Add
operations/check
to the rc API (Nick Craig-Wood)
+- Always report an error as JSON (Nick Craig-Wood)
+- Set
Last-Modified
header for files served by --rc-serve
(Nikita Shoshin)
+
+- size: Dont show duplicate object count when less than 1k (albertony)
+
+- Bug Fixes
+
+- fshttp: Fix
--contimeout
being ignored (你知道未来吗)
+- march: Fix excessive parallelism when using
--no-traverse
(Nick Craig-Wood)
+- ncdu: Fix crash when re-entering changed directory after rescan (Nick Craig-Wood)
+- operations
+
+- Fix overwrite of destination when multi-thread transfer fails (Nick Craig-Wood)
+- Fix invalid UTF-8 when truncating file names when not using
--inplace
(Nick Craig-Wood)
+
+- serve dnla: Fix crash on graceful exit (wuxingzhong)
+
+- Mount
+
+- Disable mount for freebsd and alias cmount as mount on that platform (Nick Craig-Wood)
+
+- VFS
+
+- Add
--vfs-refresh
flag to read all the directories on start (Beyond Meat)
+- Implement Name() method in WriteFileHandle and ReadFileHandle (Saleh Dindar)
+- Add go-billy dependency and make sure vfs.Handle implements billy.File (Saleh Dindar)
+- Error out early if can't upload 0 length file (Nick Craig-Wood)
+
+- Local
+
+- Fix copying from Windows Volume Shadows (Nick Craig-Wood)
+
+- Azure Blob
+
+- Add support for cold tier (Ivan Yanitra)
+
+- B2
+
+- Implement "rclone backend lifecycle" to read and set bucket lifecycles (Nick Craig-Wood)
+- Implement
--b2-lifecycle
to control lifecycle when creating buckets (Nick Craig-Wood)
+- Fix listing all buckets when not needed (Nick Craig-Wood)
+- Fix multi-thread upload with copyto going to wrong name (Nick Craig-Wood)
+- Fix server side chunked copy when file size was exactly
--b2-copy-cutoff
(Nick Craig-Wood)
+- Fix streaming chunked files an exact multiple of chunk size (Nick Craig-Wood)
+
+- Box
+
+- Filter more EventIDs when polling (David Sze)
+- Add more logging for polling (David Sze)
+- Fix performance problem reading metadata for single files (Nick Craig-Wood)
+
+- Drive
+
+- Add read/write metadata support (Nick Craig-Wood)
+- Add support for SHA-1 and SHA-256 checksums (rinsuki)
+- Add
--drive-show-all-gdocs
to allow unexportable gdocs to be server side copied (Nick Craig-Wood)
+- Add a note that
--drive-scope
accepts comma-separated list of scopes (Keigo Imai)
+- Fix error updating created time metadata on existing object (Nick Craig-Wood)
+- Fix integration tests by enabling metadata support from the context (Nick Craig-Wood)
+
+- Dropbox
+
+- Factor batcher into lib/batcher (Nick Craig-Wood)
+- Fix missing encoding for rclone purge (Nick Craig-Wood)
+
+- Google Cloud Storage
+
+- Fix 400 Bad request errors when using multi-thread copy (Nick Craig-Wood)
+
+- Googlephotos
+
+- Implement batcher for uploads (Nick Craig-Wood)
+
+- Hdfs
+
+- Added support for list of namenodes in hdfs remote config (Tayo-pasedaRJ)
+
+- HTTP
+
+- Implement set backend command to update running backend (Nick Craig-Wood)
+- Enable methods used with WebDAV (Alen Šiljak)
+
+- Jottacloud
+
+- Add support for reading and writing metadata (albertony)
+
+- Onedrive
+
+- Implement ListR method which gives
--fast-list
support (Nick Craig-Wood)
+
+- This must be enabled with the
--onedrive-delta
flag
+
+
+- Quatrix
+
+- Add partial upload support (Oksana Zhykina)
+- Overwrite files on conflict during server-side move (Oksana Zhykina)
+
+- S3
+
+- Add Linode provider (Nick Craig-Wood)
+- Add docs on how to add a new provider (Nick Craig-Wood)
+- Fix no error being returned when creating a bucket we don't own (Nick Craig-Wood)
+- Emit a debug message if anonymous credentials are in use (Nick Craig-Wood)
+- Add
--s3-disable-multipart-uploads
flag (Nick Craig-Wood)
+- Detect looping when using gcs and versions (Nick Craig-Wood)
+
+- SFTP
+
+- Implement
--sftp-copy-is-hardlink
to server side copy as hardlink (Nick Craig-Wood)
+
+- Smb
-- Config: nounc
-- Env Var: RCLONE_LOCAL_NOUNC
-- Type: bool
-- Default: false
-- Examples:
+
- Fix incorrect
about
size by switching to github.com/cloudsoda/go-smb2
fork (Nick Craig-Wood)
+- Fix modtime of multithread uploads by setting PartialUploads (Nick Craig-Wood)
+
+- WebDAV
+
+- Added an rclone vendor to work with
rclone serve webdav
(Adithya Kumar)
+
+
+v1.64.2 - 2023-10-19
+
+
+- Bug Fixes
+
+- selfupdate: Fix "invalid hashsum signature" error (Nick Craig-Wood)
+- build: Fix docker build running out of space (Nick Craig-Wood)
+
+
+v1.64.1 - 2023-10-17
+
+
+- Bug Fixes
+
+- cmd: Make
--progress
output logs in the same format as without (Nick Craig-Wood)
+- docs fixes (Dimitri Papadopoulos Orfanos, Herby Gillot, Manoj Ghosh, Nick Craig-Wood)
+- lsjson: Make sure we set the global metadata flag too (Nick Craig-Wood)
+- operations
+
+- Ensure concurrency is no greater than the number of chunks (Pat Patterson)
+- Fix OpenOptions ignored in copy if operation was a multiThreadCopy (Vitor Gomes)
+- Fix error message on delete to have file name (Nick Craig-Wood)
+
+- serve sftp: Return not supported error for not supported commands (Nick Craig-Wood)
+- build: Upgrade golang.org/x/net to v0.17.0 to fix HTTP/2 rapid reset (Nick Craig-Wood)
+- pacer: Fix b2 deadlock by defaulting max connections to unlimited (Nick Craig-Wood)
+
+- Mount
+
+- Fix automount not detecting drive is ready (Nick Craig-Wood)
+
+- VFS
+
+- Fix update dir modification time (Saleh Dindar)
+
+- Azure Blob
+
+- Fix "fatal error: concurrent map writes" (Nick Craig-Wood)
+
+- B2
+
+- Fix multipart upload: corrupted on transfer: sizes differ XXX vs 0 (Nick Craig-Wood)
+- Fix locking window when getting mutipart upload URL (Nick Craig-Wood)
+- Fix server side copies greater than 4GB (Nick Craig-Wood)
+- Fix chunked streaming uploads (Nick Craig-Wood)
+- Reduce default
--b2-upload-concurrency
to 4 to reduce memory usage (Nick Craig-Wood)
+
+- Onedrive
+
+- Fix the configurator to allow
/teams/ID
in the config (Nick Craig-Wood)
+
+- Oracleobjectstorage
+
+- Fix OpenOptions being ignored in uploadMultipart with chunkWriter (Nick Craig-Wood)
+
+- S3
+
+- Fix slice bounds out of range error when listing (Nick Craig-Wood)
+- Fix OpenOptions being ignored in uploadMultipart with chunkWriter (Vitor Gomes)
+
+- Storj
+
+- Update storj.io/uplink to v1.12.0 (Kaloyan Raev)
+
+
+v1.64.0 - 2023-09-11
+
+
+- New backends
+
+- Proton Drive (Chun-Hung Tseng)
+- Quatrix (Oksana, Volodymyr Kit)
+- New S3 providers
+
+- Synology C2 (BakaWang)
+- Leviia (Benjamin)
+
+- New Jottacloud providers
+
+
+- Major changes
+
+- Multi-thread transfers (Vitor Gomes, Nick Craig-Wood, Manoj Ghosh, Edwin Mackenzie-Owen)
+
+- Multi-thread transfers are now available when transferring to:
+
+local
, s3
, azureblob
, b2
, oracleobjectstorage
and smb
+
+- This greatly improves transfer speed between two network sources.
+- In memory buffering has been unified between all backends and should share memory better.
+- See --multi-thread docs for more info
+
+
+- New commands
+
+rclone config redacted
support mechanism for showing redacted config (Nick Craig-Wood)
+
+- New Features
+
+- accounting
+
+- Show server side stats in own lines and not as bytes transferred (Nick Craig-Wood)
+
+- bisync
+
+- Add new
--ignore-listing-checksum
flag to distinguish from --ignore-checksum
(nielash)
+- Add experimental
--resilient
mode to allow recovery from self-correctable errors (nielash)
+- Add support for
--create-empty-src-dirs
(nielash)
+- Dry runs no longer commit filter changes (nielash)
+- Enforce
--check-access
during --resync
(nielash)
+- Apply filters correctly during deletes (nielash)
+- Equality check before renaming (leave identical files alone) (nielash)
+- Fix
dryRun
rc parameter being ignored (nielash)
+
+- build
+
+- Update to
go1.21
and make go1.19
the minimum required version (Anagh Kumar Baranwal, Nick Craig-Wood)
+- Update dependencies (Nick Craig-Wood)
+- Add snap installation (hideo aoyama)
+- Change Winget Releaser job to
ubuntu-latest
(sitiom)
+
+- cmd: Refactor and use sysdnotify in more commands (eNV25)
+- config: Add
--multi-thread-chunk-size
flag (Vitor Gomes)
+- doc updates (antoinetran, Benjamin, Bjørn Smith, Dean Attali, gabriel-suela, James Braza, Justin Hellings, kapitainsky, Mahad, Masamune3210, Nick Craig-Wood, Nihaal Sangha, Niklas Hambüchen, Raymond Berger, r-ricci, Sawada Tsunayoshi, Tiago Boeing, Vladislav Vorobev)
+- fs
+
+- Use atomic types everywhere (Roberto Ricci)
+- When
--max-transfer
limit is reached exit with code (10) (kapitainsky)
+- Add rclone completion powershell - basic implementation only (Nick Craig-Wood)
+
+- http servers: Allow CORS to be set with
--allow-origin
flag (yuudi)
+- lib/rest: Remove unnecessary
nil
check (Eng Zer Jun)
+- ncdu: Add keybinding to rescan filesystem (eNV25)
+- rc
+
+- Add
executeId
to job listings (yuudi)
+- Add
core/du
to measure local disk usage (Nick Craig-Wood)
+- Add
operations/settier
to API (Drew Stinnett)
+
+- rclone test info: Add
--check-base32768
flag to check can store all base32768 characters (Nick Craig-Wood)
+- rmdirs: Remove directories concurrently controlled by
--checkers
(Nick Craig-Wood)
+
+- Bug Fixes
+
+- accounting: Don't stop calculating average transfer speed until the operation is complete (Jacob Hands)
+- fs: Fix
transferTime
not being set in JSON logs (Jacob Hands)
+- fshttp: Fix
--bind 0.0.0.0
allowing IPv6 and --bind ::0
allowing IPv4 (Nick Craig-Wood)
+- operations: Fix overlapping check on case insensitive file systems (Nick Craig-Wood)
+- serve dlna: Fix MIME type if backend can't identify it (Nick Craig-Wood)
+- serve ftp: Fix race condition when using the auth proxy (Nick Craig-Wood)
+- serve sftp: Fix hash calculations with
--vfs-cache-mode full
(Nick Craig-Wood)
+- serve webdav: Fix error: Expecting fs.Object or fs.Directory, got
nil
(Nick Craig-Wood)
+- sync: Fix lockup with
--cutoff-mode=soft
and --max-duration
(Nick Craig-Wood)
+
+- Mount
+
+- fix: Mount parsing for linux (Anagh Kumar Baranwal)
+
+- VFS
+
+- Add
--vfs-cache-min-free-space
to control minimum free space on the disk containing the cache (Nick Craig-Wood)
+- Added cache cleaner for directories to reduce memory usage (Anagh Kumar Baranwal)
+- Update parent directory modtimes on vfs actions (David Pedersen)
+- Keep virtual directory status accurate and reduce deadlock potential (Anagh Kumar Baranwal)
+- Make sure struct field is aligned for atomic access (Roberto Ricci)
+
+- Local
+
+- Rmdir return an error if the path is not a dir (zjx20)
+
+- Azure Blob
+
+- Implement
OpenChunkWriter
and multi-thread uploads (Nick Craig-Wood)
+- Fix creation of directory markers (Nick Craig-Wood)
+- Fix purging with directory markers (Nick Craig-Wood)
+
+- B2
+
+- Implement
OpenChunkWriter
and multi-thread uploads (Nick Craig-Wood)
+- Fix rclone link when object path contains special characters (Alishan Ladhani)
+
+- Box
+
+- Add polling support (David Sze)
+- Add
--box-impersonate
to impersonate a user ID (Nick Craig-Wood)
+- Fix unhelpful decoding of error messages into decimal numbers (Nick Craig-Wood)
+
+- Chunker
+
+- Update documentation to mention issue with small files (Ricardo D'O. Albanus)
+
+- Compress
+
+- Fix ChangeNotify (Nick Craig-Wood)
+
+- Drive
+
+- Add
--drive-fast-list-bug-fix
to control ListR bug workaround (Nick Craig-Wood)
+
+- Fichier
+
+- Implement
DirMove
(Nick Craig-Wood)
+- Fix error code parsing (alexia)
+
+- FTP
+
+- Add socks_proxy support for SOCKS5 proxies (Zach)
+- Fix 425 "TLS session of data connection not resumed" errors (Nick Craig-Wood)
+
+- Hdfs
+
+- Retry "replication in progress" errors when uploading (Nick Craig-Wood)
+- Fix uploading to the wrong object on Update with overridden remote name (Nick Craig-Wood)
+
+- HTTP
+
+- CORS should not be sent if not set (yuudi)
+- Fix webdav OPTIONS response (yuudi)
+
+- Opendrive
+
+- Fix List on a just deleted and remade directory (Nick Craig-Wood)
+
+- Oracleobjectstorage
+
+- Use rclone's rate limiter in multipart transfers (Manoj Ghosh)
+- Implement
OpenChunkWriter
and multi-thread uploads (Manoj Ghosh)
+
+- S3
+
+- Refactor multipart upload to use
OpenChunkWriter
and ChunkWriter
(Vitor Gomes)
+- Factor generic multipart upload into
lib/multipart
(Nick Craig-Wood)
+- Fix purging of root directory with
--s3-directory-markers
(Nick Craig-Wood)
+- Add
rclone backend set
command to update the running config (Nick Craig-Wood)
+- Add
rclone backend restore-status
command (Nick Craig-Wood)
+
+- SFTP
+
+- Stop uploads re-using the same ssh connection to improve performance (Nick Craig-Wood)
+- Add
--sftp-ssh
to specify an external ssh binary to use (Nick Craig-Wood)
+- Add socks_proxy support for SOCKS5 proxies (Zach)
+- Support dynamic
--sftp-path-override
(nielash)
+- Fix spurious warning when using
--sftp-ssh
(Nick Craig-Wood)
+
+- Smb
+
+- Implement multi-threaded writes for copies to smb (Edwin Mackenzie-Owen)
+
+- Storj
+
+- Performance improvement for large file uploads (Kaloyan Raev)
+
+- Swift
+
+- Fix HEADing 0-length objects when
--swift-no-large-objects
set (Julian Lepinski)
+
+- Union
+
+- Add
:writback
to act as a simple cache (Nick Craig-Wood)
+
+- WebDAV
+
+- Nextcloud: fix segment violation in low-level retry (Paul)
+
+- Zoho
+
+- Remove Range requests workarounds to fix integration tests (Nick Craig-Wood)
+
+
+v1.63.1 - 2023-07-17
+
+
+- Bug Fixes
+
+- build: Fix macos builds for versions < 12 (Anagh Kumar Baranwal)
+- dirtree: Fix performance with large directories of directories and
--fast-list
(Nick Craig-Wood)
+- operations
+
+- Fix deadlock when using
lsd
/ls
with --progress
(Nick Craig-Wood)
+- Fix
.rclonelink
files not being converted back to symlinks (Nick Craig-Wood)
+
+- doc fixes (Dean Attali, Mahad, Nick Craig-Wood, Sawada Tsunayoshi, Vladislav Vorobev)
+
+- Local
+
+- Fix partial directory read for corrupted filesystem (Nick Craig-Wood)
+
+- Box
+
+- Fix reconnect failing with HTTP 400 Bad Request (albertony)
+
+- Smb
+
+- Fix "Statfs failed: bucket or container name is needed" when mounting (Nick Craig-Wood)
+
+- WebDAV
+
+- Nextcloud: fix must use /dav/files/USER endpoint not /webdav error (Paul)
+- Nextcloud chunking: add more guidance for the user to check the config (darix)
+
+
+v1.63.0 - 2023-06-30
+
+
+- New backends
+
+- Pikpak (wiserain)
+- New S3 providers
+
+- petabox.io (Andrei Smirnov)
+- Google Cloud Storage (Anthony Pessy)
+
+- New WebDAV providers
+
+- Fastmail (Arnavion)
+
+
+- Major changes
+
+- Files will be copied to a temporary name ending in
.partial
when copying to local
,ftp
,sftp
then renamed at the end of the transfer. (Janne Hellsten, Nick Craig-Wood)
+
+- This helps with data integrity as we don't delete the existing file until the new one is complete.
+- It can be disabled with the --inplace flag.
+- This behaviour will also happen if the backend is wrapped, for example
sftp
wrapped with crypt
.
+
+- The s3, azureblob and gcs backends now support directory markers so empty directories are supported (Jānis Bebrītis, Nick Craig-Wood)
+- The --default-time flag now controls the unknown modification time of files/dirs (Nick Craig-Wood)
+
+- If a file or directory does not have a modification time rclone can read then rclone will display this fixed time instead.
+- For the old behaviour use
--default-time 0s
which will set this time to the time rclone started up.
+
+
+- New Features
+
+- build
+
+- Modernise linters in use and fixup all affected code (albertony)
+- Push docker beta to GHCR (GitHub container registry) (Richard Tweed)
+
+- cat: Add
--separator
option to cat command (Loren Gordon)
+- config
+
+- Do not remove/overwrite other files during config file save (albertony)
+- Do not overwrite config file symbolic link (albertony)
+- Stop
config create
making invalid config files (Nick Craig-Wood)
+
+- doc updates (Adam K, Aditya Basu, albertony, asdffdsazqqq, Damo, danielkrajnik, Dimitri Papadopoulos, dlitster, Drew Parsons, jumbi77, kapitainsky, mac-15, Mariusz Suchodolski, Nick Craig-Wood, NickIAm, Rintze Zelle, Stanislav Gromov, Tareq Sharafy, URenko, yuudi, Zach Kipp)
+- fs
+
+- Add
size
to JSON logs when moving or copying an object (Nick Craig-Wood)
+- Allow boolean features to be enabled with
--disable !Feature
(Nick Craig-Wood)
+
+- genautocomplete: Rename to
completion
with alias to the old name (Nick Craig-Wood)
+- librclone: Added example on using
librclone
with Go (alankrit)
+- lsjson: Make
--stat
more efficient (Nick Craig-Wood)
+- operations
+
+- Implement
--multi-thread-write-buffer-size
for speed improvements on downloads (Paulo Schreiner)
+- Reopen downloads on error when using
check --download
and cat
(Nick Craig-Wood)
+
+- rc:
config/listremotes
includes remotes defined with environment variables (kapitainsky)
+- selfupdate: Obey
--no-check-certificate
flag (Nick Craig-Wood)
+- serve restic: Trigger systemd notify (Shyim)
+- serve webdav: Implement owncloud checksum and modtime extensions (WeidiDeng)
+- sync:
--suffix-keep-extension
preserve 2 part extensions like .tar.gz (Nick Craig-Wood)
+
+- Bug Fixes
+
+- accounting
+
+- Fix Prometheus metrics to be the same as
core/stats
(Nick Craig-Wood)
+- Bwlimit signal handler should always start (Sam Lai)
+
+- bisync: Fix
maxDelete
parameter being ignored via the rc (Nick Craig-Wood)
+- cmd/ncdu: Fix screen corruption when logging (eNV25)
+- filter: Fix deadlock with errors on
--files-from
(douchen)
+- fs
+
+- Fix interaction between
--progress
and --interactive
(Nick Craig-Wood)
+- Fix infinite recursive call in pacer ModifyCalculator (fixes issue reported by the staticcheck linter) (albertony)
+
+- lib/atexit: Ensure OnError only calls cancel function once (Nick Craig-Wood)
+- lib/rest: Fix problems re-using HTTP connections (Nick Craig-Wood)
+- rc
+
+- Fix
operations/stat
with trailing /
(Nick Craig-Wood)
+- Fix missing
--rc
flags (Nick Craig-Wood)
+- Fix output of Time values in
options/get
(Nick Craig-Wood)
+
+- serve dlna: Fix potential data race (Nick Craig-Wood)
+- version: Fix reported os/kernel version for windows (albertony)
+
+- Mount
+
+- Add
--mount-case-insensitive
to force the mount to be case insensitive (Nick Craig-Wood)
+- Removed unnecessary byte slice allocation for reads (Anagh Kumar Baranwal)
+- Clarify rclone mount error when installed via homebrew (Nick Craig-Wood)
+- Added _netdev to the example mount so it gets treated as a remote-fs rather than local-fs (Anagh Kumar Baranwal)
+
+- Mount2
+
+- Updated go-fuse version (Anagh Kumar Baranwal)
+- Fixed statfs (Anagh Kumar Baranwal)
+- Disable xattrs (Anagh Kumar Baranwal)
+
+- VFS
+
+- Add MkdirAll function to make a directory and all beneath (Nick Craig-Wood)
+- Fix reload: failed to add virtual dir entry: file does not exist (Nick Craig-Wood)
+- Fix writing to a read only directory creating spurious directory entries (WeidiDeng)
+- Fix potential data race (Nick Craig-Wood)
+- Fix backends being Shutdown too early when startup takes a long time (Nick Craig-Wood)
+
+- Local
+
+- Fix filtering of symlinks with
-l
/--links
flag (Nick Craig-Wood)
+- Fix /path/to/file.rclonelink when
-l
/--links
is in use (Nick Craig-Wood)
+- Fix crash with
--metadata
on Android (Nick Craig-Wood)
+
+- Cache
+
+- Fix backends shutting down when in use when used via the rc (Nick Craig-Wood)
+
+- Crypt
+
+- Add
--crypt-suffix
option to set a custom suffix for encrypted files (jladbrook)
+- Add
--crypt-pass-bad-blocks
to allow corrupted file output (Nick Craig-Wood)
+- Fix reading 0 length files (Nick Craig-Wood)
+- Try not to return "unexpected EOF" error (Nick Craig-Wood)
+- Reduce allocations (albertony)
+- Recommend Dropbox for
base32768
encoding (Nick Craig-Wood)
+
+- Azure Blob
+
+- Empty directory markers (Nick Craig-Wood)
+- Support azure workload identities (Tareq Sharafy)
+- Fix azure blob uploads with multiple bits of metadata (Nick Craig-Wood)
+- Fix azurite compatibility by sending nil tier if set to empty string (Roel Arents)
+
+- Combine
+
+- Implement missing methods (Nick Craig-Wood)
+- Fix goroutine stack overflow on bad object (Nick Craig-Wood)
+
+- Drive
+
+- Add
--drive-env-auth
to get IAM credentials from runtime (Peter Brunner)
+- Update drive service account guide (Juang, Yi-Lin)
+- Fix change notify picking up files outside the root (Nick Craig-Wood)
+- Fix trailing slash mis-identificaton of folder as file (Nick Craig-Wood)
+- Fix incorrect remote after Update on object (Nick Craig-Wood)
+
+- Dropbox
+
+- Implement
--dropbox-pacer-min-sleep
flag (Nick Craig-Wood)
+- Fix the dropbox batcher stalling (Misty)
+
+- Fichier
+
+- Add
--ficicher-cdn
option to use the CDN for download (Nick Craig-Wood)
+
+- FTP
+
+- Lower log message priority when
SetModTime
is not supported to debug (Tobias Gion)
+- Fix "unsupported LIST line" errors on startup (Nick Craig-Wood)
+- Fix "501 Not a valid pathname." errors when creating directories (Nick Craig-Wood)
+
+- Google Cloud Storage
+
+- Empty directory markers (Jānis Bebrītis, Nick Craig-Wood)
+- Added
--gcs-user-project
needed for requester pays (Christopher Merry)
+
+- HTTP
+
+- Add client certificate user auth middleware. This can auth
serve restic
from the username in the client cert. (Peter Fern)
+
+- Jottacloud
-- "true"
+
- Fix vfs writeback stuck in a failed upload loop with file versioning disabled (albertony)
+
+- Onedrive
-- Disables long file names.
+- Add
--onedrive-av-override
flag to download files flagged as virus (Nick Craig-Wood)
+- Fix quickxorhash on 32 bit architectures (Nick Craig-Wood)
+- Report any list errors during
rclone cleanup
(albertony)
+- Putio
+
+- Fix uploading to the wrong object on Update with overridden remote name (Nick Craig-Wood)
+- Fix modification times not being preserved for server side copy and move (Nick Craig-Wood)
+- Fix server side copy failures (400 errors) (Nick Craig-Wood)
-
---copy-links / -L
-Follow symlinks and copy the pointed to item.
-Properties:
+- S3
-- Config: copy_links
-- Env Var: RCLONE_LOCAL_COPY_LINKS
-- Type: bool
-- Default: false
-
---links / -l
-Translate symlinks to/from regular files with a '.rclonelink' extension.
-Properties:
+ - Empty directory markers (Jānis Bebrītis, Nick Craig-Wood)
+- Update Scaleway storage classes (Brian Starkey)
+- Fix
--s3-versions
on individual objects (Nick Craig-Wood)
+- Fix hang on aborting multipart upload with iDrive e2 (Nick Craig-Wood)
+- Fix missing "tier" metadata (Nick Craig-Wood)
+- Fix V3sign: add missing subresource delete (cc)
+- Fix Arvancloud Domain and region changes and alphabetise the provider (Ehsan Tadayon)
+- Fix Qiniu KODO quirks virtualHostStyle is false (zzq)
+
+- SFTP
-- Config: links
-- Env Var: RCLONE_LOCAL_LINKS
-- Type: bool
-- Default: false
-
---skip-links
-Don't warn about skipped symlinks.
-This flag disables warning messages on skipped symlinks or junction points, as you explicitly acknowledge that they should be skipped.
-Properties:
+ - Add
--sftp-host-key-algorithms
to allow specifying SSH host key algorithms (Joel)
+- Fix using
--sftp-key-use-agent
and --sftp-key-file
together needing private key file (Arnav Singh)
+- Fix move to allow overwriting existing files (Nick Craig-Wood)
+- Don't stat directories before listing them (Nick Craig-Wood)
+- Don't check remote points to a file if it ends with / (Nick Craig-Wood)
+
+- Sharefile
-- Config: skip_links
-- Env Var: RCLONE_LOCAL_SKIP_LINKS
-- Type: bool
-- Default: false
-
---local-zero-size-links
-Assume the Stat size of links is zero (and read them instead) (deprecated).
-Rclone used to use the Stat size of links as the link size, but this fails in quite a few places:
+ - Disable streamed transfers as they no longer work (Nick Craig-Wood)
+
+- Smb
-- Windows
-- On some virtual filesystems (such ash LucidLink)
-- Android
-
-So rclone now always reads the link.
-Properties:
+ - Code cleanup to avoid overwriting ctx before first use (fixes issue reported by the staticcheck linter) (albertony)
+
+- Storj
-- Config: zero_size_links
-- Env Var: RCLONE_LOCAL_ZERO_SIZE_LINKS
-- Type: bool
-- Default: false
-
---local-unicode-normalization
-Apply unicode NFC normalization to paths and filenames.
-This flag can be used to normalize file names into unicode NFC form that are read from the local filesystem.
-Rclone does not normally touch the encoding of file names it reads from the file system.
-This can be useful when using macOS as it normally provides decomposed (NFD) unicode which in some language (eg Korean) doesn't display properly on some OSes.
-Note that rclone compares filenames with unicode normalization in the sync routine so this flag shouldn't normally be used.
-Properties:
+ - Fix "uplink: too many requests" errors when uploading to the same file (Nick Craig-Wood)
+- Fix uploading to the wrong object on Update with overridden remote name (Nick Craig-Wood)
+
+- Swift
-- Config: unicode_normalization
-- Env Var: RCLONE_LOCAL_UNICODE_NORMALIZATION
-- Type: bool
-- Default: false
-
---local-no-check-updated
-Don't check to see if the files change during upload.
-Normally rclone checks the size and modification time of files as they are being uploaded and aborts with a message which starts "can't copy - source file is being updated" if the file changes during upload.
-However on some file systems this modification time check may fail (e.g. Glusterfs #2206) so this check can be disabled with this flag.
-If this flag is set, rclone will use its best efforts to transfer a file which is being updated. If the file is only having things appended to it (e.g. a log) then rclone will transfer the log file with the size it had the first time rclone saw it.
-If the file is being modified throughout (not just appended to) then the transfer may fail with a hash check failure.
-In detail, once the file has had stat() called on it for the first time we:
+ - Ignore 404 error when deleting an object (Nick Craig-Wood)
+
+- Union
-- Only transfer the size that stat gave
-- Only checksum the size that stat gave
-- Don't update the stat info for the file
-
-Properties:
+ - Implement missing methods (Nick Craig-Wood)
+- Allow errors to be unwrapped for inspection (Nick Craig-Wood)
+
+- Uptobox
-- Config: no_check_updated
-- Env Var: RCLONE_LOCAL_NO_CHECK_UPDATED
-- Type: bool
-- Default: false
-
---one-file-system / -x
-Don't cross filesystem boundaries (unix/macOS only).
-Properties:
+ - Add
--uptobox-private
flag to make all uploaded files private (Nick Craig-Wood)
+- Fix improper regex (Aaron Gokaslan)
+- Fix Update returning the wrong object (Nick Craig-Wood)
+- Fix rmdir declaring that directories weren't empty (Nick Craig-Wood)
+
+- WebDAV
-- Config: one_file_system
-- Env Var: RCLONE_LOCAL_ONE_FILE_SYSTEM
-- Type: bool
-- Default: false
-
---local-case-sensitive
-Force the filesystem to report itself as case sensitive.
-Normally the local backend declares itself as case insensitive on Windows/macOS and case sensitive for everything else. Use this flag to override the default choice.
-Properties:
+ - nextcloud: Add support for chunked uploads (Paul)
+- Set modtime using propset for owncloud and nextcloud (WeidiDeng)
+- Make pacer minSleep configurable with
--webdav-pacer-min-sleep
(ed)
+- Fix server side copy/move not overwriting (WeidiDeng)
+- Fix modtime on server side copy for owncloud and nextcloud (Nick Craig-Wood)
+
+- Yandex
-- Config: case_sensitive
-- Env Var: RCLONE_LOCAL_CASE_SENSITIVE
-- Type: bool
-- Default: false
-
---local-case-insensitive
-Force the filesystem to report itself as case insensitive.
-Normally the local backend declares itself as case insensitive on Windows/macOS and case sensitive for everything else. Use this flag to override the default choice.
-Properties:
+ - Fix 400 Bad Request on transfer failure (Nick Craig-Wood)
+
+- Zoho
-- Config: case_insensitive
-- Env Var: RCLONE_LOCAL_CASE_INSENSITIVE
-- Type: bool
-- Default: false
+- Fix downloads with
Range:
header returning the wrong data (Nick Craig-Wood)
+
---local-no-preallocate
-Disable preallocation of disk space for transferred files.
-Preallocation of disk space helps prevent filesystem fragmentation. However, some virtual filesystem layers (such as Google Drive File Stream) may incorrectly set the actual file size equal to the preallocated space, causing checksum and file size checks to fail. Use this flag to disable preallocation.
-Properties:
+v1.62.2 - 2023-03-16
+
-- Config: no_preallocate
-- Env Var: RCLONE_LOCAL_NO_PREALLOCATE
-- Type: bool
-- Default: false
-
---local-no-sparse
-Disable sparse files for multi-thread downloads.
-On Windows platforms rclone will make sparse files when doing multi-thread downloads. This avoids long pauses on large files where the OS zeros the file. However sparse files may be undesirable as they cause disk fragmentation and can be slow to work with.
-Properties:
+- Bug Fixes
-- Config: no_sparse
-- Env Var: RCLONE_LOCAL_NO_SPARSE
-- Type: bool
-- Default: false
-
---local-no-set-modtime
-Disable setting modtime.
-Normally rclone updates modification time of files after they are done uploading. This can cause permissions issues on Linux platforms when the user rclone is running as does not own the file uploaded, such as when copying to a CIFS mount owned by another user. If this option is enabled, rclone will no longer update the modtime after copying a file.
-Properties:
+ - docker volume plugin: Add missing fuse3 dependency (Nick Craig-Wood)
+- docs: Fix size documentation (asdffdsazqqq)
+
+- FTP
-- Config: no_set_modtime
-- Env Var: RCLONE_LOCAL_NO_SET_MODTIME
-- Type: bool
-- Default: false
+- Fix 426 errors on downloads with vsftpd (Lesmiscore)
+
---local-encoding
-The encoding for the backend.
-See the encoding section in the overview for more info.
-Properties:
+v1.62.1 - 2023-03-15
+
-- Config: encoding
-- Env Var: RCLONE_LOCAL_ENCODING
-- Type: MultiEncoder
-- Default: Slash,Dot
-
-Metadata
-Depending on which OS is in use the local backend may return only some of the system metadata. Setting system metadata is supported on all OSes but setting user metadata is only supported on linux, freebsd, netbsd, macOS and Solaris. It is not supported on Windows yet (see pkg/attrs#47).
-User metadata is stored as extended attributes (which may not be supported by all file systems) under the "user.*" prefix.
-Here are the possible system metadata items for the local backend.
-
-
-
-
-
-
-
-
-
-
-Name
-Help
-Type
-Example
-Read Only
-
-
-
-
-atime
-Time of last access
-RFC 3339
-2006-01-02T15:04:05.999999999Z07:00
-N
-
-
-btime
-Time of file birth (creation)
-RFC 3339
-2006-01-02T15:04:05.999999999Z07:00
-N
-
-
-gid
-Group ID of owner
-decimal number
-500
-N
-
-
-mode
-File type and mode
-octal, unix style
-0100664
-N
-
-
-mtime
-Time of last modification
-RFC 3339
-2006-01-02T15:04:05.999999999Z07:00
-N
-
-
-rdev
-Device ID (if special file)
-hexadecimal
-1abc
-N
-
-
-uid
-User ID of owner
-decimal number
-500
-N
-
-
-
-See the metadata docs for more info.
-Backend commands
-Here are the commands specific to the local backend.
-Run them with
-rclone backend COMMAND remote:
-The help below will explain what arguments each command takes.
-See the backend command for more info on how to pass options and arguments.
-These can be run on a running backend using the rc command backend/command.
-noop
-A null operation for testing backend commands
-rclone backend noop remote: [options] [<arguments>+]
-This is a test command which has some options you can try to change the output.
-Options:
+- Bug Fixes
-- "echo": echo the input arguments
-- "error": return an error based on option value
+- docker: Add missing fuse3 dependency (cycneuramus)
+- build: Update release docs to be more careful with the tag (Nick Craig-Wood)
+- build: Set Github release to draft while uploading binaries (Nick Craig-Wood)
+
-Changelog
v1.62.0 - 2023-03-14
@@ -32883,8 +40051,8 @@ v1.52.0 - 2020-05-27
- Calculate hashes for uploads from local disk (Nick Craig-Wood)
-- This allows crypted Jottacloud uploads without using local disk
-- This means crypted s3/b2 uploads will now have hashes
+- This allows encrypted Jottacloud uploads without using local disk
+- This means encrypted s3/b2 uploads will now have hashes
- Added
rclone backend decode
/encode
commands to replicate functionality of cryptdecode
(Anagh Kumar Baranwal)
- Get rid of the unused Cipher interface as it obfuscated the code (Nick Craig-Wood)
@@ -34690,7 +41858,7 @@ v1.42 - 2018-06-16
- Crypt
-- Check the crypted hash of files when uploading for extra data security
+- Check the encrypted hash of files when uploading for extra data security
- Dropbox
@@ -35245,7 +42413,7 @@ v1.38 - 2017-09-30
rcat
- read from standard input and stream upload
tree
- shows a nicely formatted recursive listing
-cryptdecode
- decode crypted file names (thanks ishuah)
+cryptdecode
- decode encrypted file names (thanks ishuah)
config show
- print the config file
config file
- print the config file location
@@ -35281,7 +42449,7 @@ v1.38 - 2017-09-30
- Mount
-- Re-use
rcat
internals to support uploads from all remotes
+- Reuse
rcat
internals to support uploads from all remotes
- Dropbox
@@ -35688,7 +42856,7 @@ v1.34 - 2016-11-06
- Delete src files which already existed in dst
- Fix deletion of src file when dst file older
-- Fix
rclone check
on crypted file systems
+- Fix
rclone check
on encrypted file systems
- Make failed uploads not count as "Transferred"
- Make sure high level retries show with
-q
- Use a vendor directory with godep for repeatable builds
@@ -36456,7 +43624,7 @@ v0.00 - 2012-11-18
- Project started
Bugs and Limitations
-Limitations
+Limitations
Directory timestamps aren't preserved
Rclone doesn't currently preserve the timestamps of directories. This is because rclone only really considers objects when syncing.
Rclone struggles with millions of files in a directory/bucket
@@ -36465,7 +43633,7 @@ Rclone str
Bucket-based remotes and folders
Bucket-based remotes (e.g. S3/GCS/Swift/B2) do not have a concept of directories. Rclone therefore cannot create directories in them which means that empty directories on a bucket-based remote will tend to disappear.
Some software creates empty keys ending in /
as directory markers. Rclone doesn't do this as it potentially creates more objects and costs more. This ability may be added in the future (probably via a flag/option).
-Bugs
+Bugs
Bugs are stored in rclone's GitHub project:
- Reported bugs
@@ -36544,7 +43712,14 @@ tcp lookup some.domain.com no s
dig www.googleapis.com # resolve using your default DNS
dig www.googleapis.com @8.8.8.8 # resolve with Google's DNS server
If you are using systemd-resolved
(default on Arch Linux), ensure it is at version 233 or higher. Previous releases contain a bug which causes not all domains to be resolved properly.
-Additionally with the GODEBUG=netdns=
environment variable the Go resolver decision can be influenced. This also allows to resolve certain issues with DNS resolution. See the name resolution section in the go docs.
+The Go resolver decision can be influenced with the GODEBUG=netdns=...
environment variable. This also allows to resolve certain issues with DNS resolution. On Windows or MacOS systems, try forcing use of the internal Go resolver by setting GODEBUG=netdns=go
at runtime. On other systems (Linux, *BSD, etc) try forcing use of the system name resolver by setting GODEBUG=netdns=cgo
(and recompile rclone from source with CGO enabled if necessary). See the name resolution section in the go docs.
+Failed to start auth webserver on Windows
+
Error: config failed to refresh token: failed to start auth webserver: listen tcp 127.0.0.1:53682: bind: An attempt was made to access a socket in a way forbidden by its access permissions.
+...
+yyyy/mm/dd hh:mm:ss Fatal error: config failed to refresh token: failed to start auth webserver: listen tcp 127.0.0.1:53682: bind: An attempt was made to access a socket in a way forbidden by its access permissions.
+This is sometimes caused by the Host Network Service causing issues with opening the port on the host.
+A simple solution may be restarting the Host Network Service with eg. Powershell
+Restart-Service hns
The total size reported in the stats for a sync is wrong and keeps changing
It is likely you have more than 10,000 files that need to be synced. By default, rclone only gets 10,000 files ahead in a sync so as not to use up too much memory. You can change this default with the --max-backlog flag.
Rclone is using too much memory or appears to have a memory leak
@@ -36581,7 +43756,7 @@ Authors
- Nick Craig-Wood nick@craig-wood.com
Contributors
-{{< rem email addresses removed from here need to be addeed to bin/.ignore-emails to make sure update-authors.py doesn't immediately put them back in again.
>}}
+{{< rem email addresses removed from here need to be added to bin/.ignore-emails to make sure update-authors.py doesn't immediately put them back in again.
>}}
- Alex Couper amcouper@gmail.com
- Leonid Shalupov leonid@shalupov.com shalupov@diverse.org.ru
@@ -37092,7 +44267,7 @@ Contributors
- HNGamingUK connor@earnshawhome.co.uk
- Jonta 359397+Jonta@users.noreply.github.com
- YenForYang YenForYang@users.noreply.github.com
-- Joda Stößer stoesser@yay-digital.de services+github@simjo.st
+- SimJoSt / Joda Stößer git@simjo.st
- Logeshwaran waranlogesh@gmail.com
- Rajat Goel rajat@dropbox.com
- r0kk3rz r0kk3rz@gmail.com
@@ -37107,7 +44282,6 @@ Contributors
- Chris Nelson stuff@cjnaz.com
- Felix Bünemann felix.buenemann@gmail.com
- Atílio Antônio atiliodadalto@hotmail.com
-- Roberto Ricci ricci@disroot.org
- Carlo Mion mion00@gmail.com
- Chris Lu chris.lu@gmail.com
- Vitor Arruda vitor.pimenta.arruda@gmail.com
@@ -37153,7 +44327,7 @@ Contributors
- Leroy van Logchem lr.vanlogchem@gmail.com
- Zsolt Ero zsolt.ero@gmail.com
- Lesmiscore nao20010128@gmail.com
-- ehsantdy ehsan.tadayon@arvancloud.com
+- ehsantdy ehsan.tadayon@arvancloud.com ehsantadayon85@gmail.com
- SwazRGB 65694696+swazrgb@users.noreply.github.com
- Mateusz Puczyński mati6095@gmail.com
- Michael C Tiernan - MIT-Research Computing Project mtiernan@mit.edu
@@ -37163,6 +44337,7 @@ Contributors
- Christian Galo 36752715+cgalo5758@users.noreply.github.com
- Erik van Velzen erik@evanv.nl
- Derek Battams derek@battams.ca
+- Paul devnoname120@gmail.com
- SimonLiu simonliu009@users.noreply.github.com
- Hugo Laloge hla@lescompanions.com
- Mr-Kanister 68117355+Mr-Kanister@users.noreply.github.com
@@ -37261,6 +44436,116 @@ Contributors
- Peter Brunner peter@psykhe.com
- Leandro Sacchet leandro.sacchet@animati.com.br
- dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
+- cycneuramus 56681631+cycneuramus@users.noreply.github.com
+- Arnavion me@arnavion.dev
+- Christopher Merry christopher.merry@mlb.com
+- Thibault Coupin thibault.coupin@gmail.com
+- Richard Tweed RichardoC@users.noreply.github.com
+- Zach Kipp Zacho2@users.noreply.github.com
+- yuudi 26199752+yuudi@users.noreply.github.com
+- NickIAm NickIAm@users.noreply.github.com
+- Juang, Yi-Lin frankyjuang@gmail.com
+- jumbi77 jumbi77@users.noreply.github.com
+- Aditya Basu ab.aditya.basu@gmail.com
+- ed s@ocv.me
+- Drew Parsons dparsons@emerall.com
+- Joel joelnb@users.noreply.github.com
+- wiserain mail275@gmail.com
+- Roel Arents roel.arents@kadaster.nl
+- Shyim github@shyim.de
+- Rintze Zelle 78232505+rzelle-lallemand@users.noreply.github.com
+- Damo damoclark@users.noreply.github.com
+- WeidiDeng weidi_deng@icloud.com
+- Brian Starkey stark3y@gmail.com
+- jladbrook jhladbrook@gmail.com
+- Loren Gordon lorengordon@users.noreply.github.com
+- dlitster davidlitster@gmail.com
+- Tobias Gion tobias@gion.io
+- Jānis Bebrītis janis.bebritis@wunder.io
+- Adam K github.com@ak.tidy.email
+- Andrei Smirnov smirnov.captain@gmail.com
+- Janne Hellsten jjhellst@gmail.com
+- cc 12904584+shvc@users.noreply.github.com
+- Tareq Sharafy tareq.sha@gmail.com
+- kapitainsky dariuszb@me.com
+- douchen playgoobug@gmail.com
+- Sam Lai 70988+slai@users.noreply.github.com
+- URenko 18209292+URenko@users.noreply.github.com
+- Stanislav Gromov kullfar@gmail.com
+- Paulo Schreiner paulo.schreiner@delivion.de
+- Mariusz Suchodolski mariusz@suchodol.ski
+- danielkrajnik dan94kra@gmail.com
+- Peter Fern github@0xc0dedbad.com
+- zzq i@zhangzqs.cn
+- mac-15 usman.ilamdin@phpstudios.com
+- Sawada Tsunayoshi 34431649+TsunayoshiSawada@users.noreply.github.com
+- Dean Attali daattali@gmail.com
+- Fjodor42 molgaard@gmail.com
+- BakaWang wa11579@hotmail.com
+- Mahad 56235065+Mahad-lab@users.noreply.github.com
+- Vladislav Vorobev x.miere@gmail.com
+- darix darix@users.noreply.github.com
+- Benjamin 36415086+bbenjamin-sys@users.noreply.github.com
+- Chun-Hung Tseng henrybear327@users.noreply.github.com
+- Ricardo D'O. Albanus rdalbanus@users.noreply.github.com
+- gabriel-suela gscsuela@gmail.com
+- Tiago Boeing contato@tiagoboeing.com
+- Edwin Mackenzie-Owen edwin.mowen@gmail.com
+- Niklas Hambüchen mail@nh2.me
+- yuudi yuudi@users.noreply.github.com
+- Zach github@prozach.org
+- nielash 31582349+nielash@users.noreply.github.com
+- Julian Lepinski lepinsk@users.noreply.github.com
+- Raymond Berger RayBB@users.noreply.github.com
+- Nihaal Sangha nihaal.git@gmail.com
+- Masamune3210 1053504+Masamune3210@users.noreply.github.com
+- James Braza jamesbraza@gmail.com
+- antoinetran antoinetran@users.noreply.github.com
+- alexia me@alexia.lol
+- nielash nielronash@gmail.com
+- Vitor Gomes vitor.gomes@delivion.de mail@vitorgomes.com
+- Jacob Hands jacob@gogit.io
+- hideo aoyama 100831251+boukendesho@users.noreply.github.com
+- Roberto Ricci io@r-ricci.it
+- Bjørn Smith bjornsmith@gmail.com
+- Alishan Ladhani 8869764+aladh@users.noreply.github.com
+- zjx20 zhoujianxiong2@gmail.com
+- Oksana 142890647+oks-maytech@users.noreply.github.com
+- Volodymyr Kit v.kit@maytech.net
+- David Pedersen limero@me.com
+- Drew Stinnett drew@drewlink.com
+- Pat Patterson pat@backblaze.com
+- Herby Gillot herby.gillot@gmail.com
+- Nikita Shoshin shoshin_nikita@fastmail.com
+- rinsuki 428rinsuki+git@gmail.com
+- Beyond Meat 51850644+beyondmeat@users.noreply.github.com
+- Saleh Dindar salh@fb.com
+- Volodymyr 142890760+vkit-maytech@users.noreply.github.com
+- Gabriel Espinoza 31670639+gspinoza@users.noreply.github.com
+- Keigo Imai keigo.imai@gmail.com
+- Ivan Yanitra iyanitra@tesla-consulting.com
+- alfish2000 alfish2000@gmail.com
+- wuxingzhong qq330332812@gmail.com
+- Adithya Kumar akumar42@protonmail.com
+- Tayo-pasedaRJ 138471223+Tayo-pasedaRJ@users.noreply.github.com
+- Peter Kreuser logo@kreuser.name
+- Piyush
+- fotile96 fotile96@users.noreply.github.com
+- Luc Ritchie luc.ritchie@gmail.com
+- cynful cynful@users.noreply.github.com
+- wjielai wjielai@tencent.com
+- Jack Deng jackdeng@gmail.com
+- Mikubill 31246794+Mikubill@users.noreply.github.com
+- Artur Neumann artur@jankaritech.com
+- Saw-jan saw.jan.grg3e@gmail.com
+- Oksana Zhykina o.zhykina@maytech.net
+- karan karan.gupta92@gmail.com
+- viktor viktor@yakovchuk.net
+- moongdal moongdal@tutanota.com
+- Mina Galić freebsd@igalic.co
+- Alen Šiljak dev@alensiljak.eu.org
+- 你知道未来吗 rkonfj@gmail.com
+- Abhinav Dhiman 8640877+ahnv@users.noreply.github.com
Contact the rclone project
Forum
@@ -37268,6 +44553,12 @@ Forum
- https://forum.rclone.org
+Business support
+For business support or sponsorship enquiries please see:
+
+- https://rclone.com/
+- sponsorship@rclone.com
+
GitHub repository
The project's repository is located at:
@@ -37275,11 +44566,15 @@ GitHub repository
There you can file bug reports or contribute with pull requests.
Twitter
-You can also follow me on twitter for rclone announcements:
+You can also follow Nick on twitter for rclone announcements:
- [@njcw](https://twitter.com/njcw)
Email
-Or if all else fails or you want to ask something private or confidential email Nick Craig-Wood. Please don't email me requests for help - those are better directed to the forum. Thanks!
+Or if all else fails or you want to ask something private or confidential
+
+- info@rclone.com
+
+Please don't email requests for help to this address - those are better directed to the forum unless you'd like to sign up for business support.