NOTE: This version of rclone will not support mount any more (see #5373). If mounting is wanted on macOS, either install a precompiled binary or enable the relevant option when installing from source.
-
macOS installation from precompiled binary, using curl
+
Note that this is a third party installer not controlled by the rclone developers so it may be out of date. Its current version is as below.
+
+
Precompiled binary, using curl
To avoid problems with macOS gatekeeper enforcing the binary to be signed and notarized it is enough to download with curl.
Download the latest version of rclone.
cd && curl -O https://downloads.rclone.org/rclone-current-osx-amd64.zip
@@ -254,14 +218,44 @@
macOS installatio
cd .. && rm -rf rclone-*-osx-amd64 rclone-current-osx-amd64.zip
macOS installation from precompiled binary, using a web browser
+
Precompiled binary, using a web browser
When downloading a binary with a web browser, the browser will set the macOS gatekeeper quarantine attribute. Starting from Catalina, when attempting to run rclone, a pop-up will appear saying:
-
“rclone” cannot be opened because the developer cannot be verified.
+
"rclone" cannot be opened because the developer cannot be verified.
macOS cannot verify that this app is free from malware.
The simplest fix is to run
xattr -d com.apple.quarantine rclone
-
Install with docker
-
The rclone maintains a docker image for rclone. These images are autobuilt by docker hub from the rclone source based on a minimal Alpine linux image.
+
Windows installation
+
Precompiled binary
+
Fetch the correct binary for your processor type by clicking on these links. If not sure, use the first link.
These images are built as part of the release process based on a minimal Alpine Linux.
The :latest tag will always point to the latest stable release. You can use the :beta tag to get the latest build from master. You can also use version tags, e.g. :1.49.1, :1.49 or :1.
mount dropbox:Photos /data/mount &
ls ~/data/mount
kill %1
-
Install from source
-
Make sure you have at least Go go1.15 installed. Download go if necessary. The latest release is recommended. Then
-
git clone https://github.com/rclone/rclone.git
-cd rclone
-go build
-# If on macOS and mount is wanted, instead run: make GOTAGS=cmount
-./rclone version
-
This will leave you a checked out version of rclone you can modify and send pull requests with. If you use make instead of go build then the rclone build will have the correct version information in it.
-
You can also build the latest stable rclone with:
+
Source installation
+
Make sure you have git and Go installed. Go version 1.17 or newer is required, latest release is recommended. You can get it from your package manager, or download it from golang.org/dl. Then you can run the following:
This will check out the rclone source in subfolder rclone, which you can later modify and send pull requests with. Then it will build the rclone executable in the same folder. As an initial check you can now run ./rclone version (.\rclone version on Windows).
+
Note that on macOS and Windows the mount command will not be available unless you specify an additional build tag cmount.
+
go build -tags cmount
+
This assumes you have a GCC compatible C compiler (GCC or Clang) in your PATH, as it uses cgo. But on Windows, the cgofuse library that the cmount implementation is based on, also supports building without cgo, i.e. by setting environment variable CGO_ENABLED to value 0 (static linking). This is how the official Windows release of rclone is being built, starting with version 1.59. It is still possible to build with cgo on Windows as well, by using the MinGW port of GCC, e.g. by installing it in a MSYS2 distribution (make sure you install it in the classic mingw64 subsystem, the ucrt64 version is not compatible).
+
Additionally, on Windows, you must install the third party utility WinFsp, with the "Developer" feature selected. If building with cgo, you must also set environment variable CPATH pointing to the fuse include directory within the WinFsp installation (normally C:\Program Files (x86)\WinFsp\inc\fuse).
+
You may also add arguments -ldflags -s (with or without -tags cmount), to omit symbol table and debug information, making the executable file smaller, and -trimpath to remove references to local file system paths. This is how the official rclone releases are built.
+
go build -trimpath -ldflags -s -tags cmount
+
Instead of executing the go build command directly, you can run it via the Makefile. It changes the version number suffix from "-DEV" to "-beta" and appends commit details. It also copies the resulting rclone executable into your GOPATH bin folder ($(go env GOPATH)/bin, which corresponds to ~/go/bin/rclone by default).
+
make
+
To include mount command on macOS and Windows with Makefile build:
+
make GOTAGS=cmount
+
There are other make targets that can be used for more advanced builds, such as cross-compiling for all supported os/architectures, embedding icon and version info resources into windows executable, and packaging results into release artifacts. See Makefile and cross-compile.go for details.
+
Another alternative is to download the source, build and install rclone in one operation, as a regular Go package. The source will be stored it in the Go module cache, and the resulting executable will be in your GOPATH bin folder ($(go env GOPATH)/bin, which corresponds to ~/go/bin/rclone by default).
+
With Go version 1.17 or newer:
+
go install github.com/rclone/rclone@latest
+
With Go versions older than 1.17 (do not use the -u flag, it causes Go to try to update the dependencies that rclone uses and sometimes these don't work with the current version):
go get github.com/rclone/rclone
-
or the latest version (equivalent to the beta) with
-
go get github.com/rclone/rclone@master
-
These will build the binary in $(go env GOPATH)/bin (~/go/bin/rclone by default) after downloading the source to the go module cache. Note - do not use the -u flag here. This causes go to try to update the dependencies that rclone uses and sometimes these don't work with the current version of rclone.
As mentioned above, rclone is single executable (rclone, or rclone.exe on Windows) that you can download as a zip archive and extract into a location of your choosing. When executing different commands, it may create files in different locations, such as a configuration file and various temporary files. By default the locations for these are according to your operating system, e.g. configuration file in your user profile directory and temporary files in the standard temporary directory, but you can customize all of them, e.g. to make a completely self-contained, portable installation.
Run the config paths command to see the locations that rclone will use.
After installing and configuring rclone, as described above, you are ready to use rclone as an interactive command line utility. If your goal is to perform periodic operations, such as a regular sync, you will probably want to configure your rclone command in your operating system's scheduler. If you need to expose service-like features, such as remote control, GUI, serve or mount, you will often want an rclone command always running in the background, and configuring it to run in a service infrastructure may be a better option. Below are some alternatives on how to achieve this on different operating systems.
+
After installing and configuring rclone, as described above, you are ready to use rclone as an interactive command line utility. If your goal is to perform periodic operations, such as a regular sync, you will probably want to configure your rclone command in your operating system's scheduler. If you need to expose service-like features, such as remote control, GUI, serve or mount, you will often want an rclone command always running in the background, and configuring it to run in a service infrastructure may be a better option. Below are some alternatives on how to achieve this on different operating systems.
NOTE: Before setting up autorun it is highly recommended that you have tested your command manually from a Command Prompt first.
Autostart on Windows
The most relevant alternatives for autostart on Windows are: - Run at user log on using the Startup folder - Run at user log on, at system startup or at schedule using Task Scheduler - Run at system startup using Windows service
As mentioned in the mount documentation, mounted drives created as Administrator are not visible to other accounts, not even the account that was elevated as Administrator. By running the mount command as the built-in SYSTEM user account, it will create drives accessible for everyone on the system. Both scheduled task and Windows service can be used to achieve this.
-
NOTE: Remember that when rclone runs as the SYSTEM user, the user profile that it sees will not be yours. This means that if you normally run rclone with configuration file in the default location, to be able to use the same configuration when running as the system user you must explicitely tell rclone where to find it with the --config option, or else it will look in the system users profile path (C:\Windows\System32\config\systemprofile). To test your command manually from a Command Prompt, you can run it with the PsExec utility from Microsoft's Sysinternals suite, which takes option -s to execute commands as the SYSTEM user.
+
As mentioned in the mount documentation, mounted drives created as Administrator are not visible to other accounts, not even the account that was elevated as Administrator. By running the mount command as the built-in SYSTEM user account, it will create drives accessible for everyone on the system. Both scheduled task and Windows service can be used to achieve this.
+
NOTE: Remember that when rclone runs as the SYSTEM user, the user profile that it sees will not be yours. This means that if you normally run rclone with configuration file in the default location, to be able to use the same configuration when running as the system user you must explicitly tell rclone where to find it with the --config option, or else it will look in the system users profile path (C:\Windows\System32\config\systemprofile). To test your command manually from a Command Prompt, you can run it with the PsExec utility from Microsoft's Sysinternals suite, which takes option -s to execute commands as the SYSTEM user.
Start from Startup folder
To quickly execute an rclone command you can simply create a standard Windows Explorer shortcut for the complete rclone command you want to run. If you store this shortcut in the special "Startup" start-menu folder, Windows will automatically run it at login. To open this folder in Windows Explorer, enter path %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup, or C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp if you want the command to start for every user that logs in.
This is the easiest approach to autostarting of rclone, but it offers no functionality to set it to run as different user, or to set conditions or actions on certain events. Setting up a scheduled task as described below will often give you better results.
@@ -354,12 +357,12 @@
Start from Task Scheduler
Run as service
For running rclone at system startup, you can create a Windows service that executes your rclone command, as an alternative to scheduled task configured to run at startup.
Mount command built-in service integration
-
For mount commands, Rclone has a built-in Windows service integration via the third-party WinFsp library it uses. Registering as a regular Windows service easy, as you just have to execute the built-in PowerShell command New-Service (requires administrative privileges).
+
For mount commands, rclone has a built-in Windows service integration via the third-party WinFsp library it uses. Registering as a regular Windows service easy, as you just have to execute the built-in PowerShell command New-Service (requires administrative privileges).
Example of a PowerShell command that creates a Windows service for mounting some remote:/files as drive letter X:, for all users (service will be running as the local system account):
The WinFsp service infrastructure supports incorporating services for file system implementations, such as rclone, into its own launcher service, as kind of "child services". This has the additional advantage that it also implements a network provider that integrates into Windows standard methods for managing network drives. This is currently not officially supported by Rclone, but with WinFsp version 2019.3 B2 / v1.5B2 or later it should be possible through path rewriting as described here.
Third-party service integration
-
To Windows service running any rclone command, the excellent third-party utility NSSM, the "Non-Sucking Service Manager", can be used. It includes some advanced features such as adjusting process periority, defining process environment variables, redirect to file anything written to stdout, and customized response to different exit codes, with a GUI to configure everything from (although it can also be used from command line ).
+
To Windows service running any rclone command, the excellent third-party utility NSSM, the "Non-Sucking Service Manager", can be used. It includes some advanced features such as adjusting process priority, defining process environment variables, redirect to file anything written to stdout, and customized response to different exit codes, with a GUI to configure everything from (although it can also be used from command line ).
There are also several other alternatives. To mention one more, WinSW, "Windows Service Wrapper", is worth checking out. It requires .NET Framework, but it is preinstalled on newer versions of Windows, and it also provides alternative standalone distributions which includes necessary runtime (.NET 5). WinSW is a command-line only utility, where you have to manually create an XML file with service configuration. This may be a drawback for some, but it can also be an advantage as it is easy to back up and re-use the configuration settings, without having go through manual steps in a GUI. One thing to note is that by default it does not restart the service on error, one have to explicit enable this in the configuration file (via the "onfailure" parameter).
Autostart on Linux
Start as a service
@@ -384,6 +387,7 @@
Configure
Chunker - transparently splits large files for other remotes
Copy files from source to dest, skipping identical files.
Synopsis
-
Copy the source to the destination. Does not transfer files that are identical on source and destination, testing by size and modification time or MD5SUM. Doesn't delete files from the destination.
-
Note that it is always the contents of the directory that is synced, not the directory so when source:path is a directory, it's the contents of source:path that are copied, not the directory name and contents.
+
Copy the source to the destination. Does not transfer files that are identical on source and destination, testing by size and modification time or MD5SUM. Doesn't delete files from the destination. If you want to also delete files from destination, to make it match source, use the sync command instead.
+
Note that it is always the contents of the directory that is synced, not the directory itself. So when source:path is a directory, it's the contents of source:path that are copied, not the directory name and contents.
+
To copy single files, use the copyto command instead.
If dest:path doesn't exist, it is created and the source:path contents go there.
For example
rclone copy source:sourcepath dest:destpath
@@ -494,12 +502,13 @@
SEE ALSO
rclone sync
Make source and dest identical, modifying destination only.
Synopsis
-
Sync the source to the destination, changing the destination only. Doesn't transfer files that are identical on source and destination, testing by size and modification time or MD5SUM. Destination is updated to match source, including deleting files if necessary (except duplicate objects, see below).
+
Sync the source to the destination, changing the destination only. Doesn't transfer files that are identical on source and destination, testing by size and modification time or MD5SUM. Destination is updated to match source, including deleting files if necessary (except duplicate objects, see below). If you don't want to delete files from destination, use the copy command instead.
Important: Since this can cause data loss, test first with the --dry-run or the --interactive/-i flag.
rclone sync -i SOURCE remote:DESTINATION
Note that files in the destination won't be deleted if there were any errors at any point. Duplicate objects (files with the same name, on those providers that support it) are also not yet handled.
-
It is always the contents of the directory that is synced, not the directory so when source:path is a directory, it's the contents of source:path that are copied, not the directory name and contents. See extended explanation in the copy command above if unsure.
+
It is always the contents of the directory that is synced, not the directory itself. So when source:path is a directory, it's the contents of source:path that are copied, not the directory name and contents. See extended explanation in the copy command if unsure.
If dest:path doesn't exist, it is created and the source:path contents go there.
+
It is not possible to sync overlapping remotes. However, you may exclude the destination from the sync with a filter rule or by putting an exclude-if-present file inside the destination directory and sync to a destination that is inside the source directory.
Note: Use the -P/--progress flag to view real-time transfer statistics
Note: Use the rclone dedupe command to deal with "Duplicate object/directory found in source/destination - ignoring" errors. See this forum post for more info.
rclone sync source:path dest:path [flags]
@@ -515,9 +524,10 @@
rclone move
Move files from source to dest.
Synopsis
Moves the contents of the source directory to the destination directory. Rclone will error if the source and destination overlap and the remote does not support a server-side directory move operation.
+
To move single files, use the moveto command instead.
If no filters are in use and if possible this will server-side move source:path into dest:path. After this source:path will no longer exist.
Otherwise for each file in source:path selected by the filters (if any) this will move it into dest:path. If possible a server-side move will be used, otherwise it will copy it (server-side if possible) into dest:path then delete the original (if no errors on copy) in source:path.
-
If you want to delete empty source directories after move, use the --delete-empty-src-dirs flag.
+
If you want to delete empty source directories after move, use the --delete-empty-src-dirs flag.
See the --no-traverse option for controlling whether rclone lists the destination directory or not. Supplying this option when moving a small number of files into a large destination can speed transfers up greatly.
Important: Since this can cause data loss, test first with the --dry-run or the --interactive/-i flag.
Note: Use the -P/--progress flag to view real-time transfer statistics.
@@ -534,9 +544,9 @@
SEE ALSO
rclone delete
Remove the files in path.
Synopsis
-
Remove the files in path. Unlike purge it obeys include/exclude filters so can be used to selectively delete files.
-
rclone delete only deletes files but leaves the directory structure alone. If you want to delete a directory and all of its contents use the purge command.
-
If you supply the --rmdirs flag, it will remove all empty directories along with it. You can also use the separate command rmdir or rmdirs to delete empty directories only.
+
Remove the files in path. Unlike purge it obeys include/exclude filters so can be used to selectively delete files.
+
rclone delete only deletes files but leaves the directory structure alone. If you want to delete a directory and all of its contents use the purge command.
+
If you supply the --rmdirs flag, it will remove all empty directories along with it. You can also use the separate command rmdir or rmdirs to delete empty directories only.
For example, to delete all files bigger than 100 MiB, you may first want to check what would be deleted (use either):
rclone --min-size 100M lsl remote:path
rclone --dry-run --min-size 100M delete remote:path
@@ -556,7 +566,7 @@
SEE ALSO
rclone purge
Remove the path and all of its contents.
Synopsis
-
Remove the path and all of its contents. Note that this does not obey include/exclude filters - everything will be removed. Use the delete command if you want to selectively delete files. To delete empty directories only, use command rmdir or rmdirs.
+
Remove the path and all of its contents. Note that this does not obey include/exclude filters - everything will be removed. Use the delete command if you want to selectively delete files. To delete empty directories only, use command rmdir or rmdirs.
Important: Since this can cause data loss, test first with the --dry-run or the --interactive/-i flag.
rclone purge remote:path [flags]
Options
@@ -579,8 +589,8 @@
SEE ALSO
rclone rmdir
Remove the empty directory at path.
Synopsis
-
This removes empty directory given by path. Will not remove the path if it has any objects in it, not even empty subdirectories. Use command rmdirs (or delete with option --rmdirs) to do that.
-
To delete a path and any objects in it, use purge command.
+
This removes empty directory given by path. Will not remove the path if it has any objects in it, not even empty subdirectories. Use command rmdirs (or delete with option --rmdirs) to do that.
+
To delete a path and any objects in it, use purge command.
rclone rmdir remote:path [flags]
Options
-h, --help help for rmdir
@@ -593,6 +603,7 @@
rclone check
Checks the files in the source and destination match.
Synopsis
Checks the files in the source and destination match. It compares sizes and hashes (MD5 or SHA1) and logs a report of files that don't match. It doesn't alter the source or destination.
+
For the crypt remote there is a dedicated command, cryptcheck, that are able to check the checksums of the crypted files.
If you supply the --size-only flag, it will only compare the sizes not the hashes as well. Use this for a quick check.
If you supply the --download flag, it will download the data from both remotes and check them against each other on the fly. This can be useful for remotes that don't support hashes or if you really want to check all the data.
If you supply the --checkfile HASH flag with a valid hash name, the source:path must point to a text file in the SUM format.
@@ -645,7 +656,7 @@
Synopsis
ls,lsl,lsd are designed to be human-readable. lsf is designed to be human and machine-readable. lsjson is designed to be machine-readable.
Note that ls and lsl recurse by default - use --max-depth 1 to stop the recursion.
The other list commands lsd,lsf,lsjson do not recurse by default - use -R to make them recurse.
-
Listing a non-existent directory will produce an error except for remotes which can't have empty directories (e.g. s3, swift, or gcs - the bucket-based remotes).
+
Listing a nonexistent directory will produce an error except for remotes which can't have empty directories (e.g. s3, swift, or gcs - the bucket-based remotes).
rclone ls remote:path [flags]
Options
-h, --help help for ls
@@ -657,7 +668,7 @@
SEE ALSO
rclone lsd
List all directories/containers/buckets in the path.
Synopsis
-
Lists the directories in the source path to standard output. Does not recurse by default. Use the -R flag to recurse.
+
Lists the directories in the source path to standard output. Does not recurse by default. Use the -R flag to recurse.
This command lists the total size of the directory (if known, -1 if not), the modification time (if known, the current time if not), the number of objects in the directory (if known, -1 if not) and the name of the directory, Eg
If you just want the directory names use "rclone lsf --dirs-only".
+
If you just want the directory names use rclone lsf --dirs-only.
Any of the filtering options can be applied to this command.
There are several related list commands
@@ -680,7 +691,7 @@
Synopsis
ls,lsl,lsd are designed to be human-readable. lsf is designed to be human and machine-readable. lsjson is designed to be machine-readable.
Note that ls and lsl recurse by default - use --max-depth 1 to stop the recursion.
The other list commands lsd,lsf,lsjson do not recurse by default - use -R to make them recurse.
-
Listing a non-existent directory will produce an error except for remotes which can't have empty directories (e.g. s3, swift, or gcs - the bucket-based remotes).
+
Listing a nonexistent directory will produce an error except for remotes which can't have empty directories (e.g. s3, swift, or gcs - the bucket-based remotes).
rclone lsd remote:path [flags]
Options
-h, --help help for lsd
@@ -712,7 +723,7 @@
Synopsis
ls,lsl,lsd are designed to be human-readable. lsf is designed to be human and machine-readable. lsjson is designed to be machine-readable.
Note that ls and lsl recurse by default - use --max-depth 1 to stop the recursion.
The other list commands lsd,lsf,lsjson do not recurse by default - use -R to make them recurse.
-
Listing a non-existent directory will produce an error except for remotes which can't have empty directories (e.g. s3, swift, or gcs - the bucket-based remotes).
+
Listing a nonexistent directory will produce an error except for remotes which can't have empty directories (e.g. s3, swift, or gcs - the bucket-based remotes).
rclone lsl remote:path [flags]
Options
-h, --help help for lsl
@@ -726,7 +737,8 @@
rclone md5sum
Synopsis
Produces an md5sum file for all the objects in the path. This is in the same format as the standard md5sum tool produces.
By default, the hash is requested from the remote. If MD5 is not supported by the remote, no hash will be returned. With the download flag, the file will be downloaded from the remote and hashed locally enabling MD5 for any remote.
-
This command can also hash data received on standard input (stdin), by not passing a remote:path, or by passing a hyphen as remote:path when there is data to read (if not, the hypen will be treated literaly, as a relative path).
+
For other algorithms, see the hashsum command. Running rclone md5sum remote:path is equivalent to running rclone hashsum MD5 remote:path.
+
This command can also hash data received on standard input (stdin), by not passing a remote:path, or by passing a hyphen as remote:path when there is data to read (if not, the hyphen will be treated literally, as a relative path).
Produces an sha1sum file for all the objects in the path. This is in the same format as the standard sha1sum tool produces.
By default, the hash is requested from the remote. If SHA-1 is not supported by the remote, no hash will be returned. With the download flag, the file will be downloaded from the remote and hashed locally enabling SHA-1 for any remote.
-
This command can also hash data received on standard input (stdin), by not passing a remote:path, or by passing a hyphen as remote:path when there is data to read (if not, the hypen will be treated literaly, as a relative path).
+
For other algorithms, see the hashsum command. Running rclone sha1sum remote:path is equivalent to running rclone hashsum SHA1 remote:path.
+
This command can also hash data received on standard input (stdin), by not passing a remote:path, or by passing a hyphen as remote:path when there is data to read (if not, the hyphen will be treated literally, as a relative path).
This command can also hash data received on STDIN, if not passing a remote:path.
rclone sha1sum remote:path [flags]
Options
@@ -760,6 +773,11 @@
SEE ALSO
rclone size
Prints the total size and number of objects in remote:path.
+
Synopsis
+
Counts objects in the path and calculates the total size. Prints the result to standard output.
+
By default the output is in human-readable format, but shows values in both human-readable format as well as the raw numbers (global option --human-readable is not considered). Use option --json to format output as JSON instead.
+
Recurses by default, use --max-depth 1 to stop the recursion.
+
Some backends do not always provide file sizes, see for example Google Photos and Google Drive. Rclone will then show a notice in the log indicating how many such files were encountered, and count them in as empty files in the output of the size command.
rclone size remote:path [flags]
Options
-h, --help help for size
@@ -771,7 +789,7 @@
SEE ALSO
rclone version
Show the version number.
-
Synopsis
+
Synopsis
Show the rclone version number, the go version, the build target OS and architecture, the runtime OS and kernel version and bitness, build tags and the type of executable (static or dynamic).
For example:
$ rclone version
@@ -807,7 +825,7 @@
SEE ALSO
rclone cleanup
Clean up the remote if possible.
-
Synopsis
+
Synopsis
Clean up the remote if possible. Empty the trash or delete old file versions. Not supported by all remotes.
rclone cleanup remote:path [flags]
Options
@@ -819,10 +837,10 @@
SEE ALSO
rclone dedupe
Interactively find duplicate filenames and delete/rename them.
-
Synopsis
+
Synopsis
By default dedupe interactively finds files with duplicate names and offers to delete all but one or rename them to be different. This is known as deduping by name.
Deduping by name is only useful with a small group of backends (e.g. Google Drive, Opendrive) that can have duplicate file names. It can be run on wrapping backends (e.g. crypt) if they wrap a backend which supports duplicate file names.
-
However if --by-hash is passed in then dedupe will find files with duplicate hashes instead which will work on any backend which supports at least one hash. This can be used to find files with duplicate content. This is known as deduping by hash.
+
However if --by-hash is passed in then dedupe will find files with duplicate hashes instead which will work on any backend which supports at least one hash. This can be used to find files with duplicate content. This is known as deduping by hash.
If deduping by name, first rclone will merge directories with the same name. It will do this iteratively until all the identically named directories have been merged.
Next, if deduping by name, for every group of duplicate file names / hashes, it will delete all but one identical file it finds without confirmation. This means that for most duplicated files the dedupe command will not be interactive.
dedupe considers files to be identical if they have the same file path and the same hash. If the backend does not support hashes (e.g. crypt wrapping Google Drive) then they will never be found to be identical. If you use the --size-only flag then files will be considered identical if they have the same size (any hash will be ignored). This can be useful on crypt backends which do not support hashes.
@@ -898,7 +916,7 @@
SEE ALSO
rclone about
Get quota information from the remote.
-
Synopsis
+
Synopsis
rclone about prints quota information about a remote to standard output. The output is typically used, free, quota and trash contents.
E.g. Typical output from rclone about remote: is:
Total: 17 GiB
@@ -944,7 +962,7 @@
SEE ALSO
rclone authorize
Remote authorization.
-
Synopsis
+
Synopsis
Remote authorization. Used to authorize a remote or headless rclone from a machine with a browser - use as instructed by rclone config.
Use the --auth-no-open-browser to prevent rclone to open auth link in default browser automatically.
rclone authorize [flags]
@@ -958,7 +976,7 @@
SEE ALSO
rclone backend
Run a backend-specific command.
-
Synopsis
+
Synopsis
This runs a backend-specific command. The commands themselves (except for "help" and "features") are defined by the backends and you should see the backend docs for definitions.
You can discover what commands a backend implements by using
rclone backend help remote:
@@ -981,9 +999,9 @@
SEE ALSO
rclone - Show help for rclone commands, flags and backends.
rclone bisync
-
Perform bidirectonal synchronization between two paths.
-
Synopsis
-
Perform bidirectonal synchronization between two paths.
+
Perform bidirectional synchronization between two paths.
+
Synopsis
+
Perform bidirectional synchronization between two paths.
Bisync provides a bidirectional cloud sync solution in rclone. It retains the Path1 and Path2 filesystem listings from the prior run. On each successive run it will: - list files on Path1 and Path2, and check for changes on each side. Changes include New, Newer, Older, and Deleted files. - Propagate changes on Path1 to Path2, and vice-versa.
Checks the files in the source against a SUM file.
-
Synopsis
+
Synopsis
Checks that hashsums of source files match the SUM file. It compares hashes (MD5, SHA1, etc) and logs a report of files which don't match. It doesn't alter the file system.
If you supply the --download flag, it will download the data from remote and calculate the contents hash on the fly. This can be useful for remotes that don't support hashes or if you really want to check all the data.
Note that hash values in the SUM file are treated as case insensitive.
@@ -1061,8 +1079,8 @@
SEE ALSO
rclone - Show help for rclone commands, flags and backends.
rclone completion
-
generate the autocompletion script for the specified shell
-
Synopsis
+
Generate the autocompletion script for the specified shell
+
Synopsis
Generate the autocompletion script for rclone for the specified shell. See each sub-command's help for details on how to use the generated script.
Options
-h, --help help for completion
@@ -1070,18 +1088,23 @@
Options
SEE ALSO
rclone - Show help for rclone commands, flags and backends.
Note that if the config process would normally ask a question the default is taken (unless --non-interactive is used). Each time that happens rclone will print or DEBUG a message saying how to affect the value taken.
If any of the parameters passed is a password field, then rclone will automatically obscure them if they aren't already obscured before putting them in the config file.
NB If the password parameter is 22 characters or longer and consists only of base64 characters then rclone can get confused about whether the password is already obscured or not and put unobscured passwords into the config file. If you want to be 100% certain that the passwords get obscured then use the --obscure flag, or if you are 100% certain you are already passing obscured passwords then use --no-obscure. You can also set obscured passwords using the rclone config password command.
-
The flag --non-interactive is for use by applications that wish to configure rclone themeselves, rather than using rclone's text based configuration questions. If this flag is set, and rclone needs to ask the user a question, a JSON blob will be returned with the question in it.
+
The flag --non-interactive is for use by applications that wish to configure rclone themselves, rather than using rclone's text based configuration questions. If this flag is set, and rclone needs to ask the user a question, a JSON blob will be returned with the question in it.
This will look something like (some irrelevant detail removed):
{
"State": "*oauth-islocal,teamdrive,,",
"Option": {
"Name": "config_is_local",
- "Help": "Use auto config?\n * Say Y if not sure\n * Say N if you are working on a remote or headless machine\n",
+ "Help": "Use web browser to automatically authenticate rclone with remote?\n * Say Y if the machine running rclone has a web browser you can use\n * Say N if running rclone on a (remote) machine without web browser access\nIf not sure try Y. If Y failed, try N.\n",
"Default": true,
"Examples": [
{
@@ -1223,7 +1255,7 @@
SEE ALSO
rclone config disconnect
Disconnects user from remote
-
Synopsis
+
Synopsis
This disconnects the remote: passed in to the cloud storage system.
This normally means revoking the oauth token.
To reconnect use "rclone config reconnect".
@@ -1247,7 +1279,7 @@
SEE ALSO
rclone config edit
Enter an interactive configuration session.
-
Synopsis
+
Synopsis
Enter an interactive configuration session where you can setup new remotes and manage existing ones. You may also set or remove a password to protect your configuration.
rclone config edit [flags]
Options
@@ -1269,7 +1301,7 @@
SEE ALSO
rclone config password
Update password in an existing remote.
-
Synopsis
+
Synopsis
Update an existing remote's password. The password should be passed in pairs of keypassword or as key=password. The password should be passed in in clear (unobscured).
For example, to set password of a remote of name myremote you would do:
Note that if the config process would normally ask a question the default is taken (unless --non-interactive is used). Each time that happens rclone will print or DEBUG a message saying how to affect the value taken.
If any of the parameters passed is a password field, then rclone will automatically obscure them if they aren't already obscured before putting them in the config file.
NB If the password parameter is 22 characters or longer and consists only of base64 characters then rclone can get confused about whether the password is already obscured or not and put unobscured passwords into the config file. If you want to be 100% certain that the passwords get obscured then use the --obscure flag, or if you are 100% certain you are already passing obscured passwords then use --no-obscure. You can also set obscured passwords using the rclone config password command.
-
The flag --non-interactive is for use by applications that wish to configure rclone themeselves, rather than using rclone's text based configuration questions. If this flag is set, and rclone needs to ask the user a question, a JSON blob will be returned with the question in it.
+
The flag --non-interactive is for use by applications that wish to configure rclone themselves, rather than using rclone's text based configuration questions. If this flag is set, and rclone needs to ask the user a question, a JSON blob will be returned with the question in it.
This will look something like (some irrelevant detail removed):
{
"State": "*oauth-islocal,teamdrive,,",
"Option": {
"Name": "config_is_local",
- "Help": "Use auto config?\n * Say Y if not sure\n * Say N if you are working on a remote or headless machine\n",
+ "Help": "Use web browser to automatically authenticate rclone with remote?\n * Say Y if the machine running rclone has a web browser you can use\n * Say N if running rclone on a (remote) machine without web browser access\nIf not sure try Y. If Y failed, try N.\n",
"Default": true,
"Examples": [
{
@@ -1410,7 +1442,7 @@
SEE ALSO
rclone config userinfo
Prints info about logged in user of remote.
-
Synopsis
+
Synopsis
This prints the details of the person logged in to the cloud storage system.
rclone config userinfo remote: [flags]
Options
@@ -1423,9 +1455,9 @@
SEE ALSO
rclone copyto
Copy files from source to dest, skipping identical files.
-
Synopsis
+
Synopsis
If source:path is a file or directory then it copies it to a file or directory named dest:path.
-
This can be used to upload single files to other than their current name. If the source is a directory then it acts exactly like the copy command.
+
This can be used to upload single files to other than their current name. If the source is a directory then it acts exactly like the copy command.
So
rclone copyto src dst
where src and dst are rclone paths, either remote:path or /path/to/local or C:.
@@ -1447,18 +1479,19 @@
SEE ALSO
rclone copyurl
Copy url content to dest.
-
Synopsis
+
Synopsis
Download a URL's content and copy it to the destination without saving it in temporary storage.
-
Setting --auto-filename will cause the file name to be retrieved from the URL (after any redirections) and used in the destination path. With --print-filename in addition, the resulting file name will be printed.
+
Setting --auto-filename will attempt to automatically determine the filename from the URL (after any redirections) and used in the destination path. With --auto-filename-header in addition, if a specific filename is set in HTTP headers, it will be used instead of the name from the URL. With --print-filename in addition, the resulting file name will be printed.
Setting --no-clobber will prevent overwriting file on the destination if there is one with the same name.
Setting --stdout or making the output file name - will cause the output to be written to standard output.
-a, --auto-filename Get the file name from the URL and use it for destination file path
- -h, --help help for copyurl
- --no-clobber Prevent overwriting file with same name
- -p, --print-filename Print the resulting name from --auto-filename
- --stdout Write the output to stdout rather than a file
+
-a, --auto-filename Get the file name from the URL and use it for destination file path
+ --header-filename Get the file name from the Content-Disposition header
+ -h, --help help for copyurl
+ --no-clobber Prevent overwriting file with same name
+ -p, --print-filename Print the resulting name from --auto-filename
+ --stdout Write the output to stdout rather than a file
Cryptcheck checks the integrity of a crypted remote.
-
Synopsis
-
rclone cryptcheck checks a remote against a crypted remote. This is the equivalent of running rclone check, but able to check the checksums of the crypted remote.
+
Synopsis
+
rclone cryptcheck checks a remote against a crypted remote. This is the equivalent of running rclone check, but able to check the checksums of the crypted remote.
For it to work the underlying remote of the cryptedremote must support some kind of checksum.
It works by reading the nonce from each file on the cryptedremote: and using that to encrypt each file on the remote:. It then checks the checksum of the underlying file on the cryptedremote: against the checksum of the file it has just encrypted.
Use it like this
@@ -1502,14 +1535,14 @@
SEE ALSO
rclone cryptdecode
Cryptdecode returns unencrypted file names.
-
Synopsis
+
Synopsis
rclone cryptdecode returns unencrypted file names when provided with a list of encrypted file names. List limit is 10 items.
-
If you supply the --reverse flag, it will return encrypted file names.
+
If you supply the --reverse flag, it will return encrypted file names.
-h, --help help for cryptdecode
@@ -1521,7 +1554,7 @@
SEE ALSO
rclone deletefile
Remove a single file from remote.
-
Synopsis
+
Synopsis
Remove a single file from remote. Unlike delete it cannot be used to remove a directory and it doesn't obey include/exclude filters - if the specified file exists, it will always be removed.
rclone deletefile remote:path [flags]
Options
@@ -1533,8 +1566,8 @@
SEE ALSO
rclone genautocomplete
Output completion script for a given shell.
-
Synopsis
-
Generates a shell completion script for rclone. Run with --help to list the supported shells.
+
Synopsis
+
Generates a shell completion script for rclone. Run with --help to list the supported shells.
Generates a bash shell autocompletion script for rclone.
This writes to /etc/bash_completion.d/rclone by default so will probably need to be run with sudo or as root, e.g.
sudo rclone genautocomplete bash
@@ -1565,7 +1598,7 @@
SEE ALSO
rclone genautocomplete fish
Output fish completion script for rclone.
-
Synopsis
+
Synopsis
Generates a fish autocompletion script for rclone.
This writes to /etc/fish/completions/rclone.fish by default so will probably need to be run with sudo or as root, e.g.
sudo rclone genautocomplete fish
@@ -1583,7 +1616,7 @@
SEE ALSO
rclone genautocomplete zsh
Output zsh completion script for rclone.
-
Synopsis
+
Synopsis
Generates a zsh autocompletion script for rclone.
This writes to /usr/share/zsh/vendor-completions/_rclone by default so will probably need to be run with sudo or as root, e.g.
sudo rclone genautocomplete zsh
@@ -1601,7 +1634,7 @@
SEE ALSO
rclone gendocs
Output markdown docs for rclone to the directory supplied.
-
Synopsis
+
Synopsis
This produces markdown docs for the rclone commands to the directory supplied. These are in a format suitable for hugo to render into the rclone.org website.
rclone gendocs output_directory [flags]
Options
@@ -1613,10 +1646,11 @@
SEE ALSO
rclone hashsum
Produces a hashsum file for all the objects in the path.
-
Synopsis
+
Synopsis
Produces a hash file for all the objects in the path using the hash named. The output is in the same format as the standard md5sum/sha1sum tool.
By default, the hash is requested from the remote. If the hash is not supported by the remote, no hash will be returned. With the download flag, the file will be downloaded from the remote and hashed locally enabling any hash for any remote.
-
This command can also hash data received on standard input (stdin), by not passing a remote:path, or by passing a hyphen as remote:path when there is data to read (if not, the hypen will be treated literaly, as a relative path).
+
For the MD5 and SHA1 algorithms there are also dedicated commands, md5sum and sha1sum.
+
This command can also hash data received on standard input (stdin), by not passing a remote:path, or by passing a hyphen as remote:path when there is data to read (if not, the hyphen will be treated literally, as a relative path).
Run without a hash to see the list of all supported hashes, e.g.
rclone link will create, retrieve or remove a public link to the given file or folder.
rclone link remote:path/to/file
rclone link remote:path/to/folder/
@@ -1666,9 +1701,9 @@
SEE ALSO
rclone listremotes
List all the remotes in the config file.
-
Synopsis
+
Synopsis
rclone listremotes lists all the available remotes from the config file.
-
When uses with the -l flag it lists the types too.
+
When used with the --long flag it lists the types too.
rclone listremotes [flags]
Options
-h, --help help for listremotes
@@ -1680,7 +1715,7 @@
SEE ALSO
rclone lsf
List directories and objects in remote:path formatted for parsing.
-
Synopsis
+
Synopsis
List the contents of the source path (directories and objects) to standard output in a form which is easy to parse by scripts. By default this will just be the names of the objects and directories, one per line. The directories will have a / suffix.
Eg
$ rclone lsf swift:bucket
@@ -1689,7 +1724,7 @@
Synopsis
diwogej7
ferejej3gux/
fubuwic
-
Use the --format option to control what gets listed. By default this is just the path, but you can use these parameters to control the output:
+
Use the --format option to control what gets listed. By default this is just the path, but you can use these parameters to control the output:
p - path
s - size
t - modification time
@@ -1698,8 +1733,9 @@
Synopsis
o - Original ID of underlying object
m - MimeType of object if known
e - encrypted name
-T - tier of storage if known, e.g. "Hot" or "Cool"
-
So if you wanted the path, size and modification time, you would use --format "pst", or maybe --format "tsp" to put the path last.
+T - tier of storage if known, e.g. "Hot" or "Cool"
+M - Metadata of object in JSON blob format, eg {"key":"value"}
+
So if you wanted the path, size and modification time, you would use --format "pst", or maybe --format "tsp" to put the path last.
If you specify "h" in the format you will get the MD5 hash by default, use the "--hash" flag to change which hash you want. Note that this can be returned as an empty string if it isn't available on the object (and for directories), "ERROR" if there was an error reading it from the object and "UNSUPPORTED" if that object does not support that hash type.
+
If you specify "h" in the format you will get the MD5 hash by default, use the --hash flag to change which hash you want. Note that this can be returned as an empty string if it isn't available on the object (and for directories), "ERROR" if there was an error reading it from the object and "UNSUPPORTED" if that object does not support that hash type.
For example, to emulate the md5sum command you can use
(Though "rclone md5sum ." is an easier way of typing this.)
-
By default the separator is ";" this can be changed with the --separator flag. Note that separators aren't escaped in the path so putting it last is a good strategy.
+
By default the separator is ";" this can be changed with the --separator flag. Note that separators aren't escaped in the path so putting it last is a good strategy.
ls,lsl,lsd are designed to be human-readable. lsf is designed to be human and machine-readable. lsjson is designed to be machine-readable.
Note that ls and lsl recurse by default - use --max-depth 1 to stop the recursion.
The other list commands lsd,lsf,lsjson do not recurse by default - use -R to make them recurse.
-
Listing a non-existent directory will produce an error except for remotes which can't have empty directories (e.g. s3, swift, or gcs - the bucket-based remotes).
+
Listing a nonexistent directory will produce an error except for remotes which can't have empty directories (e.g. s3, swift, or gcs - the bucket-based remotes).
rclone lsf remote:path [flags]
Options
--absolute Put a leading / in front of path names
@@ -1768,18 +1804,37 @@
SEE ALSO
rclone lsjson
List directories and objects in the path in JSON format.
-
Synopsis
+
Synopsis
List directories and objects in the path in JSON format.
The output is an array of Items, where each Item looks like this
If --hash is not specified the Hashes property won't be emitted. The types of hash can be specified with the --hash-type parameter (which may be repeated). If --hash-type is set then it implies --hash.
-
If --no-modtime is specified then ModTime will be blank. This can speed things up on remotes where reading the ModTime takes an extra request (e.g. s3, swift).
-
If --no-mimetype is specified then MimeType will be blank. This can speed things up on remotes where reading the MimeType takes an extra request (e.g. s3, swift).
-
If --encrypted is not specified the Encrypted won't be emitted.
-
If --dirs-only is not specified files in addition to directories are returned
-
If --files-only is not specified directories in addition to the files will be returned.
-
if --stat is set then a single JSON blob will be returned about the item pointed to. This will return an error if the item isn't found. However on bucket based backends (like s3, gcs, b2, azureblob etc) if the item isn't found it will return an empty directory as it isn't possible to tell empty directories from missing directories there.
-
The Path field will only show folders below the remote path being listed. If "remote:path" contains the file "subfolder/file.txt", the Path for "file.txt" will be "subfolder/file.txt", not "remote:path/subfolder/file.txt". When used without --recursive the Path will always be the same as Name.
If --hash is not specified the Hashes property won't be emitted. The types of hash can be specified with the --hash-type parameter (which may be repeated). If --hash-type is set then it implies --hash.
+
If --no-modtime is specified then ModTime will be blank. This can speed things up on remotes where reading the ModTime takes an extra request (e.g. s3, swift).
+
If --no-mimetype is specified then MimeType will be blank. This can speed things up on remotes where reading the MimeType takes an extra request (e.g. s3, swift).
+
If --encrypted is not specified the Encrypted won't be emitted.
+
If --dirs-only is not specified files in addition to directories are returned
+
If --files-only is not specified directories in addition to the files will be returned.
+
If --metadata is set then an additional Metadata key will be returned. This will have metadata in rclone standard format as a JSON object.
+
if --stat is set then a single JSON blob will be returned about the item pointed to. This will return an error if the item isn't found. However on bucket based backends (like s3, gcs, b2, azureblob etc) if the item isn't found it will return an empty directory as it isn't possible to tell empty directories from missing directories there.
+
The Path field will only show folders below the remote path being listed. If "remote:path" contains the file "subfolder/file.txt", the Path for "file.txt" will be "subfolder/file.txt", not "remote:path/subfolder/file.txt". When used without --recursive the Path will always be the same as Name.
If the directory is a bucket in a bucket-based backend, then "IsBucket" will be set to true. This key won't be present unless it is "true".
The time is in RFC3339 format with up to nanosecond precision. The number of decimal digits in the seconds will depend on the precision that the remote can hold the times, so if times are accurate to the nearest millisecond (e.g. Google Drive) then 3 digits will always be shown ("2017-05-31T16:15:57.034+01:00") whereas if the times are accurate to the nearest second (Dropbox, Box, WebDav, etc.) no digits will be shown ("2017-05-31T16:15:57+01:00").
The whole output can be processed as a JSON blob, or alternatively it can be processed line by line as each item is written one to a line.
@@ -1795,15 +1850,16 @@
Synopsis
ls,lsl,lsd are designed to be human-readable. lsf is designed to be human and machine-readable. lsjson is designed to be machine-readable.
Note that ls and lsl recurse by default - use --max-depth 1 to stop the recursion.
The other list commands lsd,lsf,lsjson do not recurse by default - use -R to make them recurse.
-
Listing a non-existent directory will produce an error except for remotes which can't have empty directories (e.g. s3, swift, or gcs - the bucket-based remotes).
+
Listing a nonexistent directory will produce an error except for remotes which can't have empty directories (e.g. s3, swift, or gcs - the bucket-based remotes).
rclone lsjson remote:path [flags]
Options
--dirs-only Show only directories in the listing
- -M, --encrypted Show the encrypted names
+ --encrypted Show the encrypted names
--files-only Show only files in the listing
--hash Include hashes in the output (may take longer)
--hash-type stringArray Show only this hash type (may be repeated)
-h, --help help for lsjson
+ -M, --metadata Add metadata to the listing
--no-mimetype Don't read the mime type (can speed things up)
--no-modtime Don't read the modification time (can speed things up)
--original Show the ID of the underlying Object
@@ -1816,7 +1872,7 @@
SEE ALSO
rclone mount
Mount the remote as file system on a mountpoint.
-
Synopsis
+
Synopsis
rclone mount allows Linux, FreeBSD, macOS and Windows to mount any of Rclone's cloud storage systems as a file system with FUSE.
First set up your remote using rclone config. Check it works with rclone ls etc.
On Linux and macOS, you can run mount in either foreground or background (aka daemon) mode. Mount runs in foreground mode by default. Use the --daemon flag to force background mode. On Windows you can run mount in foreground only, the flag is ignored.
@@ -1839,11 +1895,11 @@
Synopsis
The size of the mounted file system will be set according to information retrieved from the remote, the same as returned by the rclone about command. Remotes with unlimited storage may report the used size only, then an additional 1 PiB of free space is assumed. If the remote does not support the about feature at all, then 1 PiB is set as both the total and the free size.
Installing on Windows
To run rclone mount on Windows, you will need to download and install WinFsp.
-
WinFsp is an open-source Windows File System Proxy which makes it easy to write user space file systems for Windows. It provides a FUSE emulation layer which rclone uses combination with cgofuse. Both of these packages are by Bill Zissimopoulos who was very helpful during the implementation of rclone mount for Windows.
+
WinFsp is an open-source Windows File System Proxy which makes it easy to write user space file systems for Windows. It provides a FUSE emulation layer which rclone uses combination with cgofuse. Both of these packages are by Bill Zissimopoulos who was very helpful during the implementation of rclone mount for Windows.
Mounting modes on windows
Unlike other operating systems, Microsoft Windows provides a different filesystem type for network and fixed drives. It optimises access on the assumption fixed disk drives are fast and reliable, while network drives have relatively high latency and less reliability. Some settings can also be differentiated between the two types, for example that Windows Explorer should just display icons and not create preview thumbnails for image and video files on network drives.
In most cases, rclone will mount the remote as a normal, fixed disk drive by default. However, you can also choose to mount it as a remote network drive, often described as a network share. If you mount an rclone remote using the default, fixed drive mode and experience unexpected program errors, freezes or other issues, consider mounting as a network drive instead.
-
When mounting as a fixed disk drive you can either mount to an unused drive letter, or to a path representing a non-existent subdirectory of an existing parent directory or drive. Using the special value * will tell rclone to automatically assign the next available drive letter, starting with Z: and moving backward. Examples:
+
When mounting as a fixed disk drive you can either mount to an unused drive letter, or to a path representing a nonexistent subdirectory of an existing parent directory or drive. Using the special value * will tell rclone to automatically assign the next available drive letter, starting with Z: and moving backward. Examples:
rclone mount remote:path/to/files *
rclone mount remote:path/to/files X:
rclone mount remote:path/to/files C:\path\parent\mount
@@ -1852,10 +1908,10 @@
Mounting modes on windows
To mount as network drive, you can add option --network-mode to your mount command. Mounting to a directory path is not supported in this mode, it is a limitation Windows imposes on junctions, so the remote must always be mounted to a drive letter.
rclone mount remote:path/to/files X: --network-mode
A volume name specified with --volname will be used to create the network share path. A complete UNC path, such as \\cloud\remote, optionally with path \\cloud\remote\madeup\path, will be used as is. Any other string will be used as the share part, after a default prefix \\server\. If no volume name is specified then \\server\share will be used. You must make sure the volume name is unique when you are mounting more than one drive, or else the mount command will fail. The share name will treated as the volume label for the mapped drive, shown in Windows Explorer etc, while the complete \\server\share will be reported as the remote UNC path by net use etc, just like a normal network drive mapping.
-
If you specify a full network share UNC path with --volname, this will implicitely set the --network-mode option, so the following two examples have same result:
+
If you specify a full network share UNC path with --volname, this will implicitly set the --network-mode option, so the following two examples have same result:
rclone mount remote:path/to/files X: --network-mode
rclone mount remote:path/to/files X: --volname \\server\share
-
You may also specify the network share UNC path as the mountpoint itself. Then rclone will automatically assign a drive letter, same as with * and use that as mountpoint, and instead use the UNC path specified as the volume name, as if it were specified with the --volname option. This will also implicitely set the --network-mode option. This means the following two examples have same result:
+
You may also specify the network share UNC path as the mountpoint itself. Then rclone will automatically assign a drive letter, same as with * and use that as mountpoint, and instead use the UNC path specified as the volume name, as if it were specified with the --volname option. This will also implicitly set the --network-mode option. This means the following two examples have same result:
rclone mount remote:path/to/files \\cloud\remote
rclone mount remote:path/to/files * --volname \\cloud\remote
There is yet another way to enable network mode, and to set the share path, and that is to pass the "native" libfuse/WinFsp option directly: --fuse-flag --VolumePrefix=\server\share. Note that the path must be with just a single backslash prefix in this case.
@@ -1865,7 +1921,7 @@
Mounting modes on windows
Windows filesystem permissions
The FUSE emulation layer on Windows must convert between the POSIX-based permission model used in FUSE, and the permission model used in Windows, based on access-control lists (ACL).
The mounted filesystem will normally get three entries in its access-control list (ACL), representing permissions for the POSIX permission scopes: Owner, group and others. By default, the owner and group will be taken from the current user, and the built-in group "Everyone" will be used to represent others. The user/group can be customized with FUSE options "UserName" and "GroupName", e.g. -o UserName=user123 -o GroupName="Authenticated Users". The permissions on each entry will be set according to options--dir-perms and --file-perms, which takes a value in traditional numeric notation.
-
The default permissions corresponds to --file-perms 0666 --dir-perms 0777, i.e. read and write permissions to everyone. This means you will not be able to start any programs from the the mount. To be able to do that you must add execute permissions, e.g. --file-perms 0777 --dir-perms 0777 to add it to everyone. If the program needs to write files, chances are you will have to enable VFS File Caching as well (see also limitations).
+
The default permissions corresponds to --file-perms 0666 --dir-perms 0777, i.e. read and write permissions to everyone. This means you will not be able to start any programs from the mount. To be able to do that you must add execute permissions, e.g. --file-perms 0777 --dir-perms 0777 to add it to everyone. If the program needs to write files, chances are you will have to enable VFS File Caching as well (see also limitations).
Note that the mapping of permissions is not always trivial, and the result you see in Windows Explorer may not be exactly like you expected. For example, when setting a value that includes write access, this will be mapped to individual permissions "write attributes", "write data" and "append data", but not "write extended attributes". Windows will then show this as basic permission "Special" instead of "Write", because "Write" includes the "write extended attributes" permission.
If you set POSIX permissions for only allowing access to the owner, using --file-perms 0600 --dir-perms 0700, the user group and the built-in "Everyone" group will still be given some special permissions, such as "read attributes" and "read permissions", in Windows. This is done for compatibility reasons, e.g. to allow users without additional permissions to be able to read basic metadata about files like in UNIX. One case that may arise is that other programs (incorrectly) interprets this as the file being accessible by everyone. For example an SSH client may warn about "unprotected private key file".
WinFsp 2021 (version 1.9) introduces a new FUSE option "FileSecurity", that allows the complete specification of file security descriptors using SDDL. With this you can work around issues such as the mentioned "unprotected private key file" by specifying -o FileSecurity="D:P(A;;FA;;;OW)", for file all access (FA) to the owner (OW).
@@ -1873,11 +1929,11 @@
Windows caveats
Drives created as Administrator are not visible to other accounts, not even an account that was elevated to Administrator with the User Account Control (UAC) feature. A result of this is that if you mount to a drive letter from a Command Prompt run as Administrator, and then try to access the same drive from Windows Explorer (which does not run as Administrator), you will not be able to see the mounted drive.
If you don't need to access the drive from applications running with administrative privileges, the easiest way around this is to always create the mount from a non-elevated command prompt.
To make mapped drives available to the user account that created them regardless if elevated or not, there is a special Windows setting called linked connections that can be enabled.
-
It is also possible to make a drive mount available to everyone on the system, by running the process creating it as the built-in SYSTEM account. There are several ways to do this: One is to use the command-line utility PsExec, from Microsoft's Sysinternals suite, which has option -s to start processes as the SYSTEM account. Another alternative is to run the mount command from a Windows Scheduled Task, or a Windows Service, configured to run as the SYSTEM account. A third alternative is to use the WinFsp.Launcher infrastructure). Note that when running rclone as another user, it will not use the configuration file from your profile unless you tell it to with the --config option. Read more in the install documentation.
+
It is also possible to make a drive mount available to everyone on the system, by running the process creating it as the built-in SYSTEM account. There are several ways to do this: One is to use the command-line utility PsExec, from Microsoft's Sysinternals suite, which has option -s to start processes as the SYSTEM account. Another alternative is to run the mount command from a Windows Scheduled Task, or a Windows Service, configured to run as the SYSTEM account. A third alternative is to use the WinFsp.Launcher infrastructure). Note that when running rclone as another user, it will not use the configuration file from your profile unless you tell it to with the --config option. Read more in the install documentation.
Note that mapping to a directory path, instead of a drive letter, does not suffer from the same limitations.
Limitations
Without the use of --vfs-cache-mode this can only write files sequentially, it can only seek when reading. This means that many applications won't work with their files on an rclone mount without --vfs-cache-mode writes or --vfs-cache-mode full. See the VFS File Caching section for more info.
-
The bucket-based remotes (e.g. Swift, S3, Google Compute Storage, B2, Hubic) do not support the concept of empty directories, so empty directories will have a tendency to disappear once they fall out of the directory cache.
+
The bucket-based remotes (e.g. Swift, S3, Google Compute Storage, B2) do not support the concept of empty directories, so empty directories will have a tendency to disappear once they fall out of the directory cache.
When rclone mount is invoked on Unix with --daemon flag, the main rclone program will wait for the background mount to become ready or until the timeout specified by the --daemon-wait flag. On Linux it can check mount status using ProcFS so the flag in fact sets maximum time to wait, while the real wait can be less. On macOS / BSD the time to wait is constant and the check is performed only at the end. We advise you to set wait time on macOS reasonably.
Only supported on Linux, FreeBSD, OS X and Windows at the moment.
rclone mount vs rclone sync/copy
@@ -1936,7 +1992,7 @@
VFS - Virtual File System
Cloud storage objects have lots of properties which aren't like disk files - you can't extend them or write to the middle of them, so the VFS layer has to deal with that. Because there is no one right way of doing this there are various options explained below.
The VFS layer also implements a directory cache - this caches info about files and directories (but not the data) in memory.
VFS Directory Cache
-
Using the --dir-cache-time flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the mount will appear immediately or invalidate the cache.
+
Using the --dir-cache-time flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the VFS will appear immediately or invalidate the cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
--poll-interval duration Time to wait between polling for changes. Must be smaller than dir-cache-time. Only on supported remotes. Set to 0 to disable (default 1m0s)
However, changes made directly on the cloud storage by the web interface or a different copy of rclone will only be picked up once the directory cache expires if the backend configured does not support polling for changes. If the backend supports polling, changes will be picked up within the polling interval.
@@ -1999,6 +2055,19 @@
--vfs-cache-mode full
When reading a file rclone will read --buffer-size plus --vfs-read-ahead bytes ahead. The --buffer-size is buffered in memory whereas the --vfs-read-ahead is buffered on disk.
When using this mode it is recommended that --buffer-size is not set too large and --vfs-read-ahead is set large if required.
IMPORTANT not all file systems support sparse files. In particular FAT/exFAT do not. Rclone will perform very badly if the cache directory is on a filesystem which doesn't support sparse files and it will log an ERROR message if one is detected.
+
Fingerprinting
+
Various parts of the VFS use fingerprinting to see if a local file copy has changed relative to a remote file. Fingerprints are made from:
+
+
size
+
modification time
+
hash
+
+
where available on an object.
+
On some backends some of these attributes are slow to read (they take an extra API call per object, or extra work per object).
+
For example hash is slow with the local and sftp backends as they have to read the entire file and hash it, and modtime is slow with the s3, swift, ftp and qinqstor backends because they need to do an extra API call to fetch it.
+
If you use the --vfs-fast-fingerprint flag then rclone will not include the slow operations in the fingerprint. This makes the fingerprinting less accurate but much faster and will improve the opening time of cached files.
+
If you are running a vfs cache over local, s3 or swift backends then using this flag is recommended.
+
Note that if you change the value of this flag, the fingerprints of the files in the cache may be invalidated and the files will need to be downloaded again.
VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This means that rather than requesting the whole file rclone reads the chunk specified. This can reduce the used download quota for some remotes by requesting only chunks from the remote that are actually read, at the cost of an increased number of requests.
These flags control the chunking:
@@ -2013,20 +2082,23 @@
VFS Performance
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
---read-only Mount read-only.
+--read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather than seeking rclone will wait a short time for the in sequence read or write to come in. These flags only come into effect when not using an on disk cache file.
--vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
-
When using VFS write caching (--vfs-cache-mode with value writes or full), the global flag --transfers can be set to adjust the number of parallel uploads of modified files from cache (the related global flag --checkers have no effect on mount).
+
When using VFS write caching (--vfs-cache-mode with value writes or full), the global flag --transfers can be set to adjust the number of parallel uploads of modified files from the cache (the related global flag --checkers has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
VFS Case Sensitivity
Linux file systems are case-sensitive: two files can differ only by case, and the exact case must be used when opening a file.
File systems in modern Windows are case-insensitive but case-preserving: although existing files can be opened using any case, the exact case used to create the file is preserved and available for programs to query. It is not allowed for two files in the same directory to differ only by case.
Usually file systems on macOS are case-insensitive. It is possible to make macOS file systems case-sensitive but that is not the default.
-
The --vfs-case-insensitive mount flag controls how rclone handles these two cases. If its value is "false", rclone passes file names to the mounted file system as-is. If the flag is "true" (or appears without a value on command line), rclone may perform a "fixup" as explained below.
-
The user may specify a file name to open/delete/rename/etc with a case different than what is stored on mounted file system. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by an underlying mounted file system.
-
Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system mounted by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
+
The --vfs-case-insensitive VFS flag controls how rclone handles these two cases. If its value is "false", rclone passes file names to the remote as-is. If the flag is "true" (or appears without a value on the command line), rclone may perform a "fixup" as explained below.
+
The user may specify a file name to open/delete/rename/etc with a case different than what is stored on the remote. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by the underlying remote.
+
Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system presented by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
If the flag is not provided on the command line, then its default value depends on the operating system where rclone runs: "true" on Windows and macOS, "false" otherwise. If the flag is provided without a value, then it is "true".
+
VFS Disk Options
+
This flag allows you to manually set the statistics about the filing system. It can be useful when those statistics cannot be read correctly automatically.
+
--vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used. If you need this information to be available when running df on the filesystem, then pass the flag --vfs-used-is-size to rclone. With this flag set, instead of relying on the backend to report this information, rclone will scan the whole remote similar to rclone size and compute the total used space itself.
WARNING. Contrary to rclone size, this flag ignores filters so that the result is accurate. However, this is very inefficient and may cost lots of API calls resulting in extra charges. Use it as a last resort and only with caching.
@@ -2036,14 +2108,14 @@
Options
--allow-other Allow access to other users (not supported on Windows)
--allow-root Allow access to root user (not supported on Windows)
--async-read Use asynchronous reads (not supported on Windows) (default true)
- --attr-timeout duration Time for which file/directory attributes are cached (default 1s)
+ --attr-timeout Duration Time for which file/directory attributes are cached (default 1s)
--daemon Run mount in background and exit parent process (as background output is suppressed, use --log-file with --log-format=pid,... to monitor) (not supported on Windows)
- --daemon-timeout duration Time limit for rclone to respond to kernel (not supported on Windows)
- --daemon-wait duration Time to wait for ready mount from daemon (maximum time on Linux, constant sleep time on OSX/BSD) (not supported on Windows) (default 1m0s)
+ --daemon-timeout Duration Time limit for rclone to respond to kernel (not supported on Windows) (default 0s)
+ --daemon-wait Duration Time to wait for ready mount from daemon (maximum time on Linux, constant sleep time on OSX/BSD) (not supported on Windows) (default 1m0s)
--debug-fuse Debug the FUSE internals - needs -v
--default-permissions Makes kernel enforce access control based on the file mode (not supported on Windows)
--devname string Set the device name - default is remote:path
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--fuse-flag stringArray Flags or arguments to be passed direct to libfuse/WinFsp (repeat if required)
@@ -2057,22 +2129,24 @@
Options
--noappledouble Ignore Apple Double (._) and .DS_Store files (supported on OSX only) (default true)
--noapplexattr Ignore all "com.apple.*" extended attributes (supported on OSX only)
-o, --option stringArray Option for libfuse/WinFsp (repeat if required)
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
--volname string Set the volume name (supported on Windows and OSX only)
--write-back-cache Makes kernel buffer writes before sending them to rclone (without this, writethrough caching is used) (not supported on Windows)
If source:path is a file or directory then it moves it to a file or directory named dest:path.
-
This can be used to rename files or upload single files to other than their existing name. If the source is a directory then it acts exactly like the move command.
+
This can be used to rename files or upload single files to other than their existing name. If the source is a directory then it acts exactly like the move command.
So
rclone moveto src dst
where src and dst are rclone paths, either remote:path or /path/to/local or C:.
@@ -2107,26 +2181,42 @@
SEE ALSO
rclone ncdu
Explore a remote with a text based user interface.
-
Synopsis
+
Synopsis
This displays a text based user interface allowing the navigation of a remote. It is most useful for answering the question - "What is using all my disk space?".
To make the user interface it first scans the entire remote given and builds an in memory representation. rclone ncdu can be used during this scanning phase and you will see it building up the directory structure as it goes along.
-
Here are the keys - press '?' to toggle the help on and off
+
You can interact with the user interface using key presses, press '?' to toggle the help on and off. The supported keys are:
↑,↓ or k,j to Move
→,l to enter
←,h to return
- c toggle counts
g toggle graph
+ c toggle counts
a toggle average size in directory
+ m toggle modified time
u toggle human-readable format
- n,s,C,A sort by name,size,count,average size
+ n,s,C,A,M sort by name,size,count,asize,mtime
d delete file/directory
+ v select file/directory
+ V enter visual select mode
+ D delete selected files/directories
y copy current path to clipboard
Y display current path
- ^L refresh screen
+ ^L refresh screen (fix screen corruption)
? to toggle help on and off
- q/ESC/c-C to quit
+ q/ESC/^c to quit
+
Listed files/directories may be prefixed by a one-character flag, some of them combined with a description in brackets at end of line. These flags have the following meaning:
+
e means this is an empty directory, i.e. contains no files (but
+ may contain empty subdirectories)
+~ means this is a directory where some of the files (possibly in
+ subdirectories) have unknown size, and therefore the directory
+ size may be underestimated (and average size inaccurate, as it
+ is average of the files with known sizes).
+. means an error occurred while reading a subdirectory, and
+ therefore the directory size may be underestimated (and average
+ size inaccurate)
+! means an error occurred while reading this directory
This an homage to the ncdu tool but for rclone remotes. It is missing lots of features at the moment but is useful as it stands.
-
Note that it might take some time to delete big files/folders. The UI won't respond in the meantime since the deletion is done synchronously.
+
Note that it might take some time to delete big files/directories. The UI won't respond in the meantime since the deletion is done synchronously.
+
For a non-interactive listing of the remote, see the tree command. To just get the total size of the remote you can also use the size command.
rclone ncdu remote:path [flags]
Options
-h, --help help for ncdu
@@ -2137,11 +2227,11 @@
SEE ALSO
rclone obscure
Obscure password for use in the rclone config file.
-
Synopsis
+
Synopsis
In the rclone config file, human-readable passwords are obscured. Obscuring them is done by encrypting them and writing them out in base64. This is not a secure way of encrypting these passwords as rclone can decrypt them - it is to prevent "eyedropping" - namely someone seeing a password in the rclone config file by accident.
Many equally important things (like access tokens) are not obscured in the config file. However it is very hard to shoulder surf a 64 character hex token.
This command can also accept a password through STDIN instead of an argument by passing a hyphen as an argument. This will use the first line of STDIN as the password not including the trailing newline.
-
echo "secretpassword" | rclone obscure -
+
echo "secretpassword" | rclone obscure -
If there is no data on STDIN to read, rclone obscure will default to obfuscating the hyphen itself.
If you want to encrypt the config file then please use config file encryption - see rclone config for more info.
rclone obscure password [flags]
@@ -2154,24 +2244,24 @@
SEE ALSO
rclone rc
Run a command against a running rclone.
-
Synopsis
-
This runs a command against a running rclone. Use the --url flag to specify an non default URL to connect on. This can be either a ":port" which is taken to mean "http://localhost:port" or a "host:port" which is taken to mean "http://host:port"
-
A username and password can be passed in with --user and --pass.
-
Note that --rc-addr, --rc-user, --rc-pass will be read also for --url, --user, --pass.
+
Synopsis
+
This runs a command against a running rclone. Use the --url flag to specify an non default URL to connect on. This can be either a ":port" which is taken to mean "http://localhost:port" or a "host:port" which is taken to mean "http://host:port"
+
A username and password can be passed in with --user and --pass.
+
Note that --rc-addr, --rc-user, --rc-pass will be read also for --url, --user, --pass.
Arguments should be passed in as parameter=value.
The result will be returned as a JSON object by default.
-
The --json parameter can be used to pass in a JSON blob as an input instead of key=value arguments. This is the only way of passing in more complicated values.
-
The -o/--opt option can be used to set a key "opt" with key, value options in the form "-o key=value" or "-o key". It can be repeated as many times as required. This is useful for rc commands which take the "opt" parameter which by convention is a dictionary of strings.
+
The --json parameter can be used to pass in a JSON blob as an input instead of key=value arguments. This is the only way of passing in more complicated values.
+
The -o/--opt option can be used to set a key "opt" with key, value options in the form -o key=value or -o key. It can be repeated as many times as required. This is useful for rc commands which take the "opt" parameter which by convention is a dictionary of strings.
-o key=value -o key2
Will place this in the "opt" value
{"key":"value", "key2","")
-
The -a/--arg option can be used to set strings in the "arg" value. It can be repeated as many times as required. This is useful for rc commands which take the "arg" parameter which by convention is a list of strings.
+
The -a/--arg option can be used to set strings in the "arg" value. It can be repeated as many times as required. This is useful for rc commands which take the "arg" parameter which by convention is a list of strings.
-a value -a value2
Will place this in the "arg" value
["value", "value2"]
-
Use --loopback to connect to the rclone instance running "rclone rc". This is very useful for testing commands without having to run an rclone rc server, e.g.:
+
Use --loopback to connect to the rclone instance running rclone rc. This is very useful for testing commands without having to run an rclone rc server, e.g.:
rclone rc --loopback operations/about fs=/
-
Use "rclone rc" to see a list of all possible commands.
+
Use rclone rc to see a list of all possible commands.
rclone rc commands parameter [flags]
Options
-a, --arg stringArray Argument placed in the "arg" array
@@ -2190,14 +2280,14 @@
SEE ALSO
rclone rcat
Copies standard input to file on remote.
-
Synopsis
+
Synopsis
rclone rcat reads from standard input (stdin) and copies it to a single remote file.
If the remote file already exists, it will be overwritten.
rcat will try to upload small files in a single request, which is usually more efficient than the streaming/chunked upload endpoints, which use multiple requests. Exact behaviour depends on the remote. What is considered a small file may be set through --streaming-upload-cutoff. Uploading only starts after the cutoff is reached or if the file ends before that. The data must fit into RAM. The cutoff needs to be small enough to adhere the limits of your remote, please see there. Generally speaking, setting this cutoff too high will decrease your performance.
-
Use the |--size| flag to preallocate the file in advance at the remote end and actually stream it, even if remote backend doesn't support streaming.
-
|--size| should be the exact size of the input stream in bytes. If the size of the stream is different in length to the |--size| passed in then the transfer will likely fail.
+
Use the --size flag to preallocate the file in advance at the remote end and actually stream it, even if remote backend doesn't support streaming.
+
--size should be the exact size of the input stream in bytes. If the size of the stream is different in length to the --size passed in then the transfer will likely fail.
Note that the upload can also not be retried because the data is not kept around until the upload succeeds. If you need to transfer a lot of data, you're better off caching locally and then rclone move it to the destination.
rclone rcat remote:path [flags]
Options
@@ -2210,11 +2300,114 @@
SEE ALSO
rclone rcd
Run rclone listening to remote control commands only.
-
Synopsis
+
Synopsis
This runs rclone so that it only listens to remote control commands.
This is useful if you are controlling rclone via the rc API.
If you pass in a path to a directory, rclone will serve that directory for GET requests on the URL passed in. It will also open the URL in the browser when rclone is run.
Use --addr to specify which IP address and port the server should listen on, eg --addr 1.2.3.4:8000 or --addr :8080 to listen to all IPs. By default it only listens on localhost. You can use port :0 to let the OS choose an available port.
+
If you set --addr to listen on a public or LAN accessible IP address then using Authentication is advised - see the next section for info.
+
You can use a unix socket by setting the url to unix:///path/to/socket or just by using an absolute path name. Note that unix sockets bypass the authentication - this is expected to be done with file system permissions.
+
--addr may be repeated to listen on multiple IPs/ports/sockets.
+
--server-read-timeout and --server-write-timeout can be used to control the timeouts on the server. Note that this is the total time for a transfer.
+
--max-header-bytes controls the maximum number of bytes the server will accept in the HTTP header.
+
--baseurl controls the URL prefix that rclone serves from. By default rclone will serve from the root. If you used --baseurl "/rclone" then rclone would serve from a URL starting with "/rclone/". This is useful if you wish to proxy rclone serve. Rclone automatically inserts leading and trailing "/" on --baseurl, so --baseurl "rclone", --baseurl "/rclone" and --baseurl "/rclone/" are all treated identically.
+
TLS (SSL)
+
By default this will serve over http. If you want you can serve over https. You will need to supply the --cert and --key flags. If you wish to do client side certificate validation then you will need to supply --client-ca also.
+
--cert should be a either a PEM encoded certificate or a concatenation of that with the CA certificate. --key should be the PEM encoded private key and --client-ca should be the PEM encoded client certificate authority certificate.
+
--min-tls-version is minimum TLS version that is acceptable. Valid values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default "tls1.0").
+
Template
+
--template allows a user to specify a custom markup template for HTTP and WebDAV serve functions. The server exports the following markup to be used within the template to server pages:
+
+
+
+
+
+
+
+
Parameter
+
Description
+
+
+
+
+
.Name
+
The full path of a file/directory.
+
+
+
.Title
+
Directory listing of .Name
+
+
+
.Sort
+
The current sort used. This is changeable via ?sort= parameter
The current ordering used. This is changeable via ?order= parameter
+
+
+
+
Order Options: asc,desc (default asc)
+
+
+
.Query
+
Currently unused.
+
+
+
.Breadcrumb
+
Allows for creating a relative navigation
+
+
+
-- .Link
+
The relative to the root link of the Text.
+
+
+
-- .Text
+
The Name of the directory.
+
+
+
.Entries
+
Information about a specific file/directory.
+
+
+
-- .URL
+
The 'url' of an entry.
+
+
+
-- .Leaf
+
Currently same as 'URL' but intended to be 'just' the name.
+
+
+
-- .IsDir
+
Boolean for if an entry is a directory or not.
+
+
+
-- .Size
+
Size in Bytes of the entry.
+
+
+
-- .ModTime
+
The UTC timestamp of an entry.
+
+
+
+
Authentication
+
By default this will serve files without needing a login.
+
You can either use an htpasswd file which can take lots of users, or set a single username and password with the --user and --pass flags.
+
Use --htpasswd /path/to/htpasswd to provide an htpasswd file. This is in standard apache format and supports MD5, SHA1 and BCrypt for basic authentication. Bcrypt is recommended.
+
To create an htpasswd file:
+
touch htpasswd
+htpasswd -B htpasswd user
+htpasswd -B htpasswd anotherUser
+
The password file can be updated while rclone is running.
+
Use --realm to set the authentication realm.
+
Use --salt to change the password hashing salt from the default.
rclone rcd <path to files to serve>* [flags]
Options
-h, --help help for rcd
@@ -2225,11 +2418,11 @@
SEE ALSO
rclone rmdirs
Remove empty directories under the path.
-
Synopsis
+
Synopsis
This recursively removes any empty directories (including directories that only contain empty directories), that it finds under the path. The root path itself will also be removed if it is empty, unless you supply the --leave-root flag.
-
Use command rmdir to delete just the empty directory given by path, not recurse.
-
This is useful for tidying up remotes that rclone has left a lot of empty directories in. For example the delete command will delete files but leave the directory structure (unless used with option --rmdirs).
-
To delete a path and any objects in it, use purge command.
+
Use command rmdir to delete just the empty directory given by path, not recurse.
+
This is useful for tidying up remotes that rclone has left a lot of empty directories in. For example the delete command will delete files but leave the directory structure (unless used with option --rmdirs).
+
To delete a path and any objects in it, use purge command.
rclone rmdirs remote:path [flags]
Options
-h, --help help for rmdirs
@@ -2241,7 +2434,7 @@
SEE ALSO
rclone selfupdate
Update the rclone binary.
-
Synopsis
+
Synopsis
This command downloads the latest release of rclone and replaces the currently running binary. The download is verified with a hashsum and cryptographically signed signature.
If used without flags (or with implied --stable flag), this command will install the latest stable release. However, some issues may be fixed (or features added) only in the latest beta release. In such cases you should run the command with the --beta flag, i.e. rclone selfupdate --beta. You can check in advance what version would be installed by adding the --check flag, then repeat the command without it when you are satisfied.
Sometimes the rclone team may recommend you a concrete beta or stable rclone release to troubleshoot your issue or add a bleeding edge feature. The --version VER flag, if given, will update to the concrete version instead of the latest one. If you omit micro version from VER (for example 1.53), the latest matching micro version will be used.
@@ -2266,8 +2459,8 @@
SEE ALSO
rclone serve
Serve a remote over a protocol.
-
Synopsis
-
rclone serve is used to serve a remote over a given protocol. This command requires the use of a subcommand to specify the protocol, e.g.
+
Synopsis
+
Serve a remote over a given protocol. Requires the use of a subcommand to specify the protocol, e.g.
rclone serve http remote:
Each subcommand has its own options which you can see in their help.
rclone serve dlna is a DLNA media server for media stored in an rclone remote. Many devices, such as the Xbox and PlayStation, can automatically discover this server in the LAN and play audio/video from it. VLC is also supported. Service discovery uses UDP multicast packets (SSDP) and will thus only work on LANs.
+
Synopsis
+
Run a DLNA media server for media stored in an rclone remote. Many devices, such as the Xbox and PlayStation, can automatically discover this server in the LAN and play audio/video from it. VLC is also supported. Service discovery uses UDP multicast packets (SSDP) and will thus only work on LANs.
Rclone will list all files present in the remote, without filtering based on media formats or file extensions. Additionally, there is no media transcoding support. This means that some players might show files that they are not able to play back correctly.
-
Server options
+
Server options
Use --addr to specify which IP address and port the server should listen on, e.g. --addr 1.2.3.4:8000 or --addr :8080 to listen to all IPs.
Use --name to choose the friendly server name, which is by default "rclone (hostname)".
Use --log-trace in conjunction with -vv to enable additional debug logging of all UPNP traffic.
@@ -2299,7 +2492,7 @@
VFS - Virtual File System
Cloud storage objects have lots of properties which aren't like disk files - you can't extend them or write to the middle of them, so the VFS layer has to deal with that. Because there is no one right way of doing this there are various options explained below.
The VFS layer also implements a directory cache - this caches info about files and directories (but not the data) in memory.
VFS Directory Cache
-
Using the --dir-cache-time flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the mount will appear immediately or invalidate the cache.
+
Using the --dir-cache-time flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the VFS will appear immediately or invalidate the cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
--poll-interval duration Time to wait between polling for changes. Must be smaller than dir-cache-time. Only on supported remotes. Set to 0 to disable (default 1m0s)
However, changes made directly on the cloud storage by the web interface or a different copy of rclone will only be picked up once the directory cache expires if the backend configured does not support polling for changes. If the backend supports polling, changes will be picked up within the polling interval.
@@ -2362,6 +2555,19 @@
--vfs-cache-mode full
When reading a file rclone will read --buffer-size plus --vfs-read-ahead bytes ahead. The --buffer-size is buffered in memory whereas the --vfs-read-ahead is buffered on disk.
When using this mode it is recommended that --buffer-size is not set too large and --vfs-read-ahead is set large if required.
IMPORTANT not all file systems support sparse files. In particular FAT/exFAT do not. Rclone will perform very badly if the cache directory is on a filesystem which doesn't support sparse files and it will log an ERROR message if one is detected.
+
Fingerprinting
+
Various parts of the VFS use fingerprinting to see if a local file copy has changed relative to a remote file. Fingerprints are made from:
+
+
size
+
modification time
+
hash
+
+
where available on an object.
+
On some backends some of these attributes are slow to read (they take an extra API call per object, or extra work per object).
+
For example hash is slow with the local and sftp backends as they have to read the entire file and hash it, and modtime is slow with the s3, swift, ftp and qinqstor backends because they need to do an extra API call to fetch it.
+
If you use the --vfs-fast-fingerprint flag then rclone will not include the slow operations in the fingerprint. This makes the fingerprinting less accurate but much faster and will improve the opening time of cached files.
+
If you are running a vfs cache over local, s3 or swift backends then using this flag is recommended.
+
Note that if you change the value of this flag, the fingerprints of the files in the cache may be invalidated and the files will need to be downloaded again.
VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This means that rather than requesting the whole file rclone reads the chunk specified. This can reduce the used download quota for some remotes by requesting only chunks from the remote that are actually read, at the cost of an increased number of requests.
These flags control the chunking:
@@ -2376,52 +2582,59 @@
VFS Performance
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
---read-only Mount read-only.
+--read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather than seeking rclone will wait a short time for the in sequence read or write to come in. These flags only come into effect when not using an on disk cache file.
--vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
-
When using VFS write caching (--vfs-cache-mode with value writes or full), the global flag --transfers can be set to adjust the number of parallel uploads of modified files from cache (the related global flag --checkers have no effect on mount).
+
When using VFS write caching (--vfs-cache-mode with value writes or full), the global flag --transfers can be set to adjust the number of parallel uploads of modified files from the cache (the related global flag --checkers has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
VFS Case Sensitivity
Linux file systems are case-sensitive: two files can differ only by case, and the exact case must be used when opening a file.
File systems in modern Windows are case-insensitive but case-preserving: although existing files can be opened using any case, the exact case used to create the file is preserved and available for programs to query. It is not allowed for two files in the same directory to differ only by case.
Usually file systems on macOS are case-insensitive. It is possible to make macOS file systems case-sensitive but that is not the default.
-
The --vfs-case-insensitive mount flag controls how rclone handles these two cases. If its value is "false", rclone passes file names to the mounted file system as-is. If the flag is "true" (or appears without a value on command line), rclone may perform a "fixup" as explained below.
-
The user may specify a file name to open/delete/rename/etc with a case different than what is stored on mounted file system. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by an underlying mounted file system.
-
Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system mounted by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
+
The --vfs-case-insensitive VFS flag controls how rclone handles these two cases. If its value is "false", rclone passes file names to the remote as-is. If the flag is "true" (or appears without a value on the command line), rclone may perform a "fixup" as explained below.
+
The user may specify a file name to open/delete/rename/etc with a case different than what is stored on the remote. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by the underlying remote.
+
Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system presented by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
If the flag is not provided on the command line, then its default value depends on the operating system where rclone runs: "true" on Windows and macOS, "false" otherwise. If the flag is provided without a value, then it is "true".
+
VFS Disk Options
+
This flag allows you to manually set the statistics about the filing system. It can be useful when those statistics cannot be read correctly automatically.
+
--vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used. If you need this information to be available when running df on the filesystem, then pass the flag --vfs-used-is-size to rclone. With this flag set, instead of relying on the backend to report this information, rclone will scan the whole remote similar to rclone size and compute the total used space itself.
WARNING. Contrary to rclone size, this flag ignores filters so that the result is accurate. However, this is very inefficient and may cost lots of API calls resulting in extra charges. Use it as a last resort and only with caching.
rclone serve dlna remote:path [flags]
Options
--addr string The ip:port or :port to bind the DLNA http server to (default ":7879")
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --announce-interval Duration The interval between SSDP announcements (default 12m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
-h, --help help for dlna
+ --interface stringArray The interface to use for SSDP (repeat as necessary)
--log-trace Enable trace logging of SOAP traffic
--name string Name of DLNA server
--no-checksum Don't compare checksums on up/download
--no-modtime Don't read/write the modification time (can speed things up)
--no-seek Don't allow seeking in files
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
This command implements the Docker volume plugin API allowing docker to use rclone as a data storage mechanism for various cloud providers. rclone provides docker volume plugin based on it.
To create a docker plugin, one must create a Unix or TCP socket that Docker will look for when you use the plugin and then it listens for commands from docker daemon and runs the corresponding code when necessary. Docker plugins can run as a managed plugin under control of the docker daemon or as an independent native service. For testing, you can just run it directly from the command line, for example:
Cloud storage objects have lots of properties which aren't like disk files - you can't extend them or write to the middle of them, so the VFS layer has to deal with that. Because there is no one right way of doing this there are various options explained below.
The VFS layer also implements a directory cache - this caches info about files and directories (but not the data) in memory.
VFS Directory Cache
-
Using the --dir-cache-time flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the mount will appear immediately or invalidate the cache.
+
Using the --dir-cache-time flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the VFS will appear immediately or invalidate the cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
--poll-interval duration Time to wait between polling for changes. Must be smaller than dir-cache-time. Only on supported remotes. Set to 0 to disable (default 1m0s)
However, changes made directly on the cloud storage by the web interface or a different copy of rclone will only be picked up once the directory cache expires if the backend configured does not support polling for changes. If the backend supports polling, changes will be picked up within the polling interval.
@@ -2505,6 +2718,19 @@
--vfs-cache-mode full
When reading a file rclone will read --buffer-size plus --vfs-read-ahead bytes ahead. The --buffer-size is buffered in memory whereas the --vfs-read-ahead is buffered on disk.
When using this mode it is recommended that --buffer-size is not set too large and --vfs-read-ahead is set large if required.
IMPORTANT not all file systems support sparse files. In particular FAT/exFAT do not. Rclone will perform very badly if the cache directory is on a filesystem which doesn't support sparse files and it will log an ERROR message if one is detected.
+
Fingerprinting
+
Various parts of the VFS use fingerprinting to see if a local file copy has changed relative to a remote file. Fingerprints are made from:
+
+
size
+
modification time
+
hash
+
+
where available on an object.
+
On some backends some of these attributes are slow to read (they take an extra API call per object, or extra work per object).
+
For example hash is slow with the local and sftp backends as they have to read the entire file and hash it, and modtime is slow with the s3, swift, ftp and qinqstor backends because they need to do an extra API call to fetch it.
+
If you use the --vfs-fast-fingerprint flag then rclone will not include the slow operations in the fingerprint. This makes the fingerprinting less accurate but much faster and will improve the opening time of cached files.
+
If you are running a vfs cache over local, s3 or swift backends then using this flag is recommended.
+
Note that if you change the value of this flag, the fingerprints of the files in the cache may be invalidated and the files will need to be downloaded again.
VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This means that rather than requesting the whole file rclone reads the chunk specified. This can reduce the used download quota for some remotes by requesting only chunks from the remote that are actually read, at the cost of an increased number of requests.
These flags control the chunking:
@@ -2519,20 +2745,23 @@
VFS Performance
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
---read-only Mount read-only.
+--read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather than seeking rclone will wait a short time for the in sequence read or write to come in. These flags only come into effect when not using an on disk cache file.
--vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
-
When using VFS write caching (--vfs-cache-mode with value writes or full), the global flag --transfers can be set to adjust the number of parallel uploads of modified files from cache (the related global flag --checkers have no effect on mount).
+
When using VFS write caching (--vfs-cache-mode with value writes or full), the global flag --transfers can be set to adjust the number of parallel uploads of modified files from the cache (the related global flag --checkers has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
VFS Case Sensitivity
Linux file systems are case-sensitive: two files can differ only by case, and the exact case must be used when opening a file.
File systems in modern Windows are case-insensitive but case-preserving: although existing files can be opened using any case, the exact case used to create the file is preserved and available for programs to query. It is not allowed for two files in the same directory to differ only by case.
Usually file systems on macOS are case-insensitive. It is possible to make macOS file systems case-sensitive but that is not the default.
-
The --vfs-case-insensitive mount flag controls how rclone handles these two cases. If its value is "false", rclone passes file names to the mounted file system as-is. If the flag is "true" (or appears without a value on command line), rclone may perform a "fixup" as explained below.
-
The user may specify a file name to open/delete/rename/etc with a case different than what is stored on mounted file system. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by an underlying mounted file system.
-
Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system mounted by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
+
The --vfs-case-insensitive VFS flag controls how rclone handles these two cases. If its value is "false", rclone passes file names to the remote as-is. If the flag is "true" (or appears without a value on the command line), rclone may perform a "fixup" as explained below.
+
The user may specify a file name to open/delete/rename/etc with a case different than what is stored on the remote. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by the underlying remote.
+
Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system presented by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
If the flag is not provided on the command line, then its default value depends on the operating system where rclone runs: "true" on Windows and macOS, "false" otherwise. If the flag is provided without a value, then it is "true".
+
VFS Disk Options
+
This flag allows you to manually set the statistics about the filing system. It can be useful when those statistics cannot be read correctly automatically.
+
--vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used. If you need this information to be available when running df on the filesystem, then pass the flag --vfs-used-is-size to rclone. With this flag set, instead of relying on the backend to report this information, rclone will scan the whole remote similar to rclone size and compute the total used space itself.
WARNING. Contrary to rclone size, this flag ignores filters so that the result is accurate. However, this is very inefficient and may cost lots of API calls resulting in extra charges. Use it as a last resort and only with caching.
@@ -2542,15 +2771,15 @@
Options
--allow-other Allow access to other users (not supported on Windows)
--allow-root Allow access to root user (not supported on Windows)
--async-read Use asynchronous reads (not supported on Windows) (default true)
- --attr-timeout duration Time for which file/directory attributes are cached (default 1s)
+ --attr-timeout Duration Time for which file/directory attributes are cached (default 1s)
--base-dir string Base directory for volumes (default "/var/lib/docker-volumes/rclone")
--daemon Run mount in background and exit parent process (as background output is suppressed, use --log-file with --log-format=pid,... to monitor) (not supported on Windows)
- --daemon-timeout duration Time limit for rclone to respond to kernel (not supported on Windows)
- --daemon-wait duration Time to wait for ready mount from daemon (maximum time on Linux, constant sleep time on OSX/BSD) (not supported on Windows) (default 1m0s)
+ --daemon-timeout Duration Time limit for rclone to respond to kernel (not supported on Windows) (default 0s)
+ --daemon-wait Duration Time to wait for ready mount from daemon (maximum time on Linux, constant sleep time on OSX/BSD) (not supported on Windows) (default 1m0s)
--debug-fuse Debug the FUSE internals - needs -v
--default-permissions Makes kernel enforce access control based on the file mode (not supported on Windows)
--devname string Set the device name - default is remote:path
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--forget-state Skip restoring previous state
@@ -2566,24 +2795,26 @@
Options
--noappledouble Ignore Apple Double (._) and .DS_Store files (supported on OSX only) (default true)
--noapplexattr Ignore all "com.apple.*" extended attributes (supported on OSX only)
-o, --option stringArray Option for libfuse/WinFsp (repeat if required)
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
--socket-addr string Address <host:port> or absolute path (default: /run/docker/plugins/rclone.sock)
--socket-gid int GID for unix socket (default: current process GID) (default 1000)
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
--volname string Set the volume name (supported on Windows and OSX only)
--write-back-cache Makes kernel buffer writes before sending them to rclone (without this, writethrough caching is used) (not supported on Windows)
rclone serve ftp implements a basic ftp server to serve the remote over FTP protocol. This can be viewed with a ftp client or you can make a remote of type ftp to read and write it.
-
Server options
+
Synopsis
+
Run a basic FTP server to serve a remote over FTP protocol. This can be viewed with a FTP client or you can make a remote of type FTP to read and write it.
+
Server options
Use --addr to specify which IP address and port the server should listen on, e.g. --addr 1.2.3.4:8000 or --addr :8080 to listen to all IPs. By default it only listens on localhost. You can use port :0 to let the OS choose an available port.
If you set --addr to listen on a public or LAN accessible IP address then using Authentication is advised - see the next section for info.
-
Authentication
+
Authentication
By default this will serve files without needing a login.
You can set a single username and password with the --user and --pass flags.
VFS - Virtual File System
@@ -2606,7 +2837,7 @@
VFS - Virtual File System
Cloud storage objects have lots of properties which aren't like disk files - you can't extend them or write to the middle of them, so the VFS layer has to deal with that. Because there is no one right way of doing this there are various options explained below.
The VFS layer also implements a directory cache - this caches info about files and directories (but not the data) in memory.
VFS Directory Cache
-
Using the --dir-cache-time flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the mount will appear immediately or invalidate the cache.
+
Using the --dir-cache-time flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the VFS will appear immediately or invalidate the cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
--poll-interval duration Time to wait between polling for changes. Must be smaller than dir-cache-time. Only on supported remotes. Set to 0 to disable (default 1m0s)
However, changes made directly on the cloud storage by the web interface or a different copy of rclone will only be picked up once the directory cache expires if the backend configured does not support polling for changes. If the backend supports polling, changes will be picked up within the polling interval.
@@ -2669,6 +2900,19 @@
--vfs-cache-mode full
When reading a file rclone will read --buffer-size plus --vfs-read-ahead bytes ahead. The --buffer-size is buffered in memory whereas the --vfs-read-ahead is buffered on disk.
When using this mode it is recommended that --buffer-size is not set too large and --vfs-read-ahead is set large if required.
IMPORTANT not all file systems support sparse files. In particular FAT/exFAT do not. Rclone will perform very badly if the cache directory is on a filesystem which doesn't support sparse files and it will log an ERROR message if one is detected.
+
Fingerprinting
+
Various parts of the VFS use fingerprinting to see if a local file copy has changed relative to a remote file. Fingerprints are made from:
+
+
size
+
modification time
+
hash
+
+
where available on an object.
+
On some backends some of these attributes are slow to read (they take an extra API call per object, or extra work per object).
+
For example hash is slow with the local and sftp backends as they have to read the entire file and hash it, and modtime is slow with the s3, swift, ftp and qinqstor backends because they need to do an extra API call to fetch it.
+
If you use the --vfs-fast-fingerprint flag then rclone will not include the slow operations in the fingerprint. This makes the fingerprinting less accurate but much faster and will improve the opening time of cached files.
+
If you are running a vfs cache over local, s3 or swift backends then using this flag is recommended.
+
Note that if you change the value of this flag, the fingerprints of the files in the cache may be invalidated and the files will need to be downloaded again.
VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This means that rather than requesting the whole file rclone reads the chunk specified. This can reduce the used download quota for some remotes by requesting only chunks from the remote that are actually read, at the cost of an increased number of requests.
These flags control the chunking:
@@ -2683,20 +2927,23 @@
VFS Performance
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
---read-only Mount read-only.
+--read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather than seeking rclone will wait a short time for the in sequence read or write to come in. These flags only come into effect when not using an on disk cache file.
--vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
-
When using VFS write caching (--vfs-cache-mode with value writes or full), the global flag --transfers can be set to adjust the number of parallel uploads of modified files from cache (the related global flag --checkers have no effect on mount).
+
When using VFS write caching (--vfs-cache-mode with value writes or full), the global flag --transfers can be set to adjust the number of parallel uploads of modified files from the cache (the related global flag --checkers has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
VFS Case Sensitivity
Linux file systems are case-sensitive: two files can differ only by case, and the exact case must be used when opening a file.
File systems in modern Windows are case-insensitive but case-preserving: although existing files can be opened using any case, the exact case used to create the file is preserved and available for programs to query. It is not allowed for two files in the same directory to differ only by case.
Usually file systems on macOS are case-insensitive. It is possible to make macOS file systems case-sensitive but that is not the default.
-
The --vfs-case-insensitive mount flag controls how rclone handles these two cases. If its value is "false", rclone passes file names to the mounted file system as-is. If the flag is "true" (or appears without a value on command line), rclone may perform a "fixup" as explained below.
-
The user may specify a file name to open/delete/rename/etc with a case different than what is stored on mounted file system. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by an underlying mounted file system.
-
Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system mounted by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
+
The --vfs-case-insensitive VFS flag controls how rclone handles these two cases. If its value is "false", rclone passes file names to the remote as-is. If the flag is "true" (or appears without a value on the command line), rclone may perform a "fixup" as explained below.
+
The user may specify a file name to open/delete/rename/etc with a case different than what is stored on the remote. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by the underlying remote.
+
Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system presented by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
If the flag is not provided on the command line, then its default value depends on the operating system where rclone runs: "true" on Windows and macOS, "false" otherwise. If the flag is provided without a value, then it is "true".
+
VFS Disk Options
+
This flag allows you to manually set the statistics about the filing system. It can be useful when those statistics cannot be read correctly automatically.
+
--vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used. If you need this information to be available when running df on the filesystem, then pass the flag --vfs-used-is-size to rclone. With this flag set, instead of relying on the backend to report this information, rclone will scan the whole remote similar to rclone size and compute the total used space itself.
WARNING. Contrary to rclone size, this flag ignores filters so that the result is accurate. However, this is very inefficient and may cost lots of API calls resulting in extra charges. Use it as a last resort and only with caching.
@@ -2735,7 +2982,7 @@
Options
--addr string IPaddress:Port or :Port to bind server to (default "localhost:2121")
--auth-proxy string A program to use to create the backend from the auth
--cert string TLS PEM key (concatenation of certificate and CA certificate)
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
@@ -2746,24 +2993,26 @@
Options
--no-seek Don't allow seeking in files
--pass string Password for authentication (empty value allow every password)
--passive-port string Passive port range to use (default "30000-32000")
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
--public-ip string Public IP address to advertise for passive connections
- --read-only Mount read-only
+ --read-only Only allow read-only access
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
--user string User name for authentication (default "anonymous")
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
rclone serve http implements a basic web server to serve the remote over HTTP. This can be viewed in a web browser or you can make a remote of type http read from it.
-
You can use the filter flags (e.g. --include, --exclude) to control what is served.
-
The server will log errors. Use -v to see access logs.
-
--bwlimit will be respected for file transfers. Use --stats to control the stats printing.
-
Server options
-
Use --addr to specify which IP address and port the server should listen on, eg --addr 1.2.3.4:8000 or --addr :8080 to listen to all IPs. By default it only listens on localhost. You can use port :0 to let the OS choose an available port.
-
If you set --addr to listen on a public or LAN accessible IP address then using Authentication is advised - see the next section for info.
-
--server-read-timeout and --server-write-timeout can be used to control the timeouts on the server. Note that this is the total time for a transfer.
-
--max-header-bytes controls the maximum number of bytes the server will accept in the HTTP header.
-
--baseurl controls the URL prefix that rclone serves from. By default rclone will serve from the root. If you used --baseurl "/rclone" then rclone would serve from a URL starting with "/rclone/". This is useful if you wish to proxy rclone serve. Rclone automatically inserts leading and trailing "/" on --baseurl, so --baseurl "rclone", --baseurl "/rclone" and --baseurl "/rclone/" are all treated identically.
-
SSL/TLS
-
By default this will serve over http. If you want you can serve over https. You will need to supply the --cert and --key flags. If you wish to do client side certificate validation then you will need to supply --client-ca also.
-
--cert should be a either a PEM encoded certificate or a concatenation of that with the CA certificate. --key should be the PEM encoded private key and --client-ca should be the PEM encoded client certificate authority certificate.
-
Template
-
--template allows a user to specify a custom markup template for http and webdav serve functions. The server exports the following markup to be used within the template to server pages:
+
Synopsis
+
Run a basic web server to serve a remote over HTTP. This can be viewed in a web browser or you can make a remote of type http read from it.
+
You can use the filter flags (e.g. --include, --exclude) to control what is served.
+
The server will log errors. Use -v to see access logs.
+
--bwlimit will be respected for file transfers. Use --stats to control the stats printing.
+
Server options
+
Use --addr to specify which IP address and port the server should listen on, eg --addr 1.2.3.4:8000 or --addr :8080 to listen to all IPs. By default it only listens on localhost. You can use port :0 to let the OS choose an available port.
+
If you set --addr to listen on a public or LAN accessible IP address then using Authentication is advised - see the next section for info.
+
You can use a unix socket by setting the url to unix:///path/to/socket or just by using an absolute path name. Note that unix sockets bypass the authentication - this is expected to be done with file system permissions.
+
--addr may be repeated to listen on multiple IPs/ports/sockets.
+
--server-read-timeout and --server-write-timeout can be used to control the timeouts on the server. Note that this is the total time for a transfer.
+
--max-header-bytes controls the maximum number of bytes the server will accept in the HTTP header.
+
--baseurl controls the URL prefix that rclone serves from. By default rclone will serve from the root. If you used --baseurl "/rclone" then rclone would serve from a URL starting with "/rclone/". This is useful if you wish to proxy rclone serve. Rclone automatically inserts leading and trailing "/" on --baseurl, so --baseurl "rclone", --baseurl "/rclone" and --baseurl "/rclone/" are all treated identically.
+
TLS (SSL)
+
By default this will serve over http. If you want you can serve over https. You will need to supply the --cert and --key flags. If you wish to do client side certificate validation then you will need to supply --client-ca also.
+
--cert should be a either a PEM encoded certificate or a concatenation of that with the CA certificate. --key should be the PEM encoded private key and --client-ca should be the PEM encoded client certificate authority certificate.
+
--min-tls-version is minimum TLS version that is acceptable. Valid values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default "tls1.0").
+
Template
+
--template allows a user to specify a custom markup template for HTTP and WebDAV serve functions. The server exports the following markup to be used within the template to server pages:
@@ -2865,23 +3117,23 @@
Template
-
Authentication
+
Authentication
By default this will serve files without needing a login.
-
You can either use an htpasswd file which can take lots of users, or set a single username and password with the --user and --pass flags.
-
Use --htpasswd /path/to/htpasswd to provide an htpasswd file. This is in standard apache format and supports MD5, SHA1 and BCrypt for basic authentication. Bcrypt is recommended.
+
You can either use an htpasswd file which can take lots of users, or set a single username and password with the --user and --pass flags.
+
Use --htpasswd /path/to/htpasswd to provide an htpasswd file. This is in standard apache format and supports MD5, SHA1 and BCrypt for basic authentication. Bcrypt is recommended.
To create an htpasswd file:
touch htpasswd
htpasswd -B htpasswd user
htpasswd -B htpasswd anotherUser
The password file can be updated while rclone is running.
-
Use --realm to set the authentication realm.
-
Use --salt to change the password hashing salt from the default.
+
Use --realm to set the authentication realm.
+
Use --salt to change the password hashing salt from the default.
VFS - Virtual File System
This command uses the VFS layer. This adapts the cloud storage objects that rclone uses into something which looks much more like a disk filing system.
Cloud storage objects have lots of properties which aren't like disk files - you can't extend them or write to the middle of them, so the VFS layer has to deal with that. Because there is no one right way of doing this there are various options explained below.
The VFS layer also implements a directory cache - this caches info about files and directories (but not the data) in memory.
VFS Directory Cache
-
Using the --dir-cache-time flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the mount will appear immediately or invalidate the cache.
+
Using the --dir-cache-time flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the VFS will appear immediately or invalidate the cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
--poll-interval duration Time to wait between polling for changes. Must be smaller than dir-cache-time. Only on supported remotes. Set to 0 to disable (default 1m0s)
However, changes made directly on the cloud storage by the web interface or a different copy of rclone will only be picked up once the directory cache expires if the backend configured does not support polling for changes. If the backend supports polling, changes will be picked up within the polling interval.
@@ -2944,6 +3196,19 @@
--vfs-cache-mode full
When reading a file rclone will read --buffer-size plus --vfs-read-ahead bytes ahead. The --buffer-size is buffered in memory whereas the --vfs-read-ahead is buffered on disk.
When using this mode it is recommended that --buffer-size is not set too large and --vfs-read-ahead is set large if required.
IMPORTANT not all file systems support sparse files. In particular FAT/exFAT do not. Rclone will perform very badly if the cache directory is on a filesystem which doesn't support sparse files and it will log an ERROR message if one is detected.
+
Fingerprinting
+
Various parts of the VFS use fingerprinting to see if a local file copy has changed relative to a remote file. Fingerprints are made from:
+
+
size
+
modification time
+
hash
+
+
where available on an object.
+
On some backends some of these attributes are slow to read (they take an extra API call per object, or extra work per object).
+
For example hash is slow with the local and sftp backends as they have to read the entire file and hash it, and modtime is slow with the s3, swift, ftp and qinqstor backends because they need to do an extra API call to fetch it.
+
If you use the --vfs-fast-fingerprint flag then rclone will not include the slow operations in the fingerprint. This makes the fingerprinting less accurate but much faster and will improve the opening time of cached files.
+
If you are running a vfs cache over local, s3 or swift backends then using this flag is recommended.
+
Note that if you change the value of this flag, the fingerprints of the files in the cache may be invalidated and the files will need to be downloaded again.
VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This means that rather than requesting the whole file rclone reads the chunk specified. This can reduce the used download quota for some remotes by requesting only chunks from the remote that are actually read, at the cost of an increased number of requests.
These flags control the chunking:
@@ -2958,63 +3223,69 @@
VFS Performance
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
---read-only Mount read-only.
+--read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather than seeking rclone will wait a short time for the in sequence read or write to come in. These flags only come into effect when not using an on disk cache file.
--vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
-
When using VFS write caching (--vfs-cache-mode with value writes or full), the global flag --transfers can be set to adjust the number of parallel uploads of modified files from cache (the related global flag --checkers have no effect on mount).
+
When using VFS write caching (--vfs-cache-mode with value writes or full), the global flag --transfers can be set to adjust the number of parallel uploads of modified files from the cache (the related global flag --checkers has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
VFS Case Sensitivity
Linux file systems are case-sensitive: two files can differ only by case, and the exact case must be used when opening a file.
File systems in modern Windows are case-insensitive but case-preserving: although existing files can be opened using any case, the exact case used to create the file is preserved and available for programs to query. It is not allowed for two files in the same directory to differ only by case.
Usually file systems on macOS are case-insensitive. It is possible to make macOS file systems case-sensitive but that is not the default.
-
The --vfs-case-insensitive mount flag controls how rclone handles these two cases. If its value is "false", rclone passes file names to the mounted file system as-is. If the flag is "true" (or appears without a value on command line), rclone may perform a "fixup" as explained below.
-
The user may specify a file name to open/delete/rename/etc with a case different than what is stored on mounted file system. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by an underlying mounted file system.
-
Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system mounted by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
+
The --vfs-case-insensitive VFS flag controls how rclone handles these two cases. If its value is "false", rclone passes file names to the remote as-is. If the flag is "true" (or appears without a value on the command line), rclone may perform a "fixup" as explained below.
+
The user may specify a file name to open/delete/rename/etc with a case different than what is stored on the remote. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by the underlying remote.
+
Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system presented by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
If the flag is not provided on the command line, then its default value depends on the operating system where rclone runs: "true" on Windows and macOS, "false" otherwise. If the flag is provided without a value, then it is "true".
+
VFS Disk Options
+
This flag allows you to manually set the statistics about the filing system. It can be useful when those statistics cannot be read correctly automatically.
+
--vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used. If you need this information to be available when running df on the filesystem, then pass the flag --vfs-used-is-size to rclone. With this flag set, instead of relying on the backend to report this information, rclone will scan the whole remote similar to rclone size and compute the total used space itself.
WARNING. Contrary to rclone size, this flag ignores filters so that the result is accurate. However, this is very inefficient and may cost lots of API calls resulting in extra charges. Use it as a last resort and only with caching.
rclone serve http remote:path [flags]
Options
-
--addr string IPaddress:Port or :Port to bind server to (default "127.0.0.1:8080")
+
--addr stringArray IPaddress:Port or :Port to bind server to (default [127.0.0.1:8080])
--baseurl string Prefix for URLs - leave blank for root
- --cert string SSL PEM key (concatenation of certificate and CA certificate)
+ --cert string TLS PEM key (concatenation of certificate and CA certificate)
--client-ca string Client certificate authority to verify clients with
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
-h, --help help for http
--htpasswd string A htpasswd file - if not provided no authentication is done
- --key string SSL PEM Private key
+ --key string TLS PEM Private key
--max-header-bytes int Maximum size of request header (default 4096)
+ --min-tls-version string Minimum TLS version that is acceptable (default "tls1.0")
--no-checksum Don't compare checksums on up/download
--no-modtime Don't read/write the modification time (can speed things up)
--no-seek Don't allow seeking in files
--pass string Password for authentication
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
--realm string Realm for authentication
--salt string Password hashing salt (default "dlPL2MqE")
- --server-read-timeout duration Timeout for server reading data (default 1h0m0s)
- --server-write-timeout duration Timeout for server writing data (default 1h0m0s)
+ --server-read-timeout Duration Timeout for server reading data (default 1h0m0s)
+ --server-write-timeout Duration Timeout for server writing data (default 1h0m0s)
--template string User-specified template
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
--user string User name for authentication
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
rclone serve restic implements restic's REST backend API over HTTP. This allows restic to use rclone as a data storage mechanism for cloud providers that restic does not support directly.
+
Synopsis
+
Run a basic web server to serve a remote over restic's REST backend API over HTTP. This allows restic to use rclone as a data storage mechanism for cloud providers that restic does not support directly.
Restic is a command-line program for doing backups.
The server will log errors. Use -v to see access logs.
-
--bwlimit will be respected for file transfers. Use --stats to control the stats printing.
+
--bwlimit will be respected for file transfers. Use --stats to control the stats printing.
Once you have set up the remote, check it is working with, for example "rclone lsd remote:". You may have called the remote something other than "remote:" - just substitute whatever you called it in the following instructions.
Now start the rclone restic server
rclone serve restic -v remote:backup
Where you can replace "backup" in the above by whatever path in the remote you wish to use.
-
By default this will serve on "localhost:8080" you can change this with use of the "--addr" flag.
+
By default this will serve on "localhost:8080" you can change this with use of the --addr flag.
You might wish to start this server on boot.
-
Adding --cache-objects=false will cause rclone to stop caching objects returned from the List call. Caching is normally desirable as it speeds up downloading objects, saves transactions and uses very little memory.
+
Adding --cache-objects=false will cause rclone to stop caching objects returned from the List call. Caching is normally desirable as it speeds up downloading objects, saves transactions and uses very little memory.
The "--private-repos" flag can be used to limit users to repositories starting with a path of /<username>/.
-
Server options
-
Use --addr to specify which IP address and port the server should listen on, e.g. --addr 1.2.3.4:8000 or --addr :8080 to listen to all IPs. By default it only listens on localhost. You can use port :0 to let the OS choose an available port.
-
If you set --addr to listen on a public or LAN accessible IP address then using Authentication is advised - see the next section for info.
-
--server-read-timeout and --server-write-timeout can be used to control the timeouts on the server. Note that this is the total time for a transfer.
-
--max-header-bytes controls the maximum number of bytes the server will accept in the HTTP header.
-
--baseurl controls the URL prefix that rclone serves from. By default rclone will serve from the root. If you used --baseurl "/rclone" then rclone would serve from a URL starting with "/rclone/". This is useful if you wish to proxy rclone serve. Rclone automatically inserts leading and trailing "/" on --baseurl, so --baseurl "rclone", --baseurl "/rclone" and --baseurl "/rclone/" are all treated identically.
-
--template allows a user to specify a custom markup template for http and webdav serve functions. The server exports the following markup to be used within the template to server pages:
-
-
-
-
-
-
-
-
Parameter
-
Description
-
-
-
-
-
.Name
-
The full path of a file/directory.
-
-
-
.Title
-
Directory listing of .Name
-
-
-
.Sort
-
The current sort used. This is changeable via ?sort= parameter
The current ordering used. This is changeable via ?order= parameter
-
-
-
-
Order Options: asc,desc (default asc)
-
-
-
.Query
-
Currently unused.
-
-
-
.Breadcrumb
-
Allows for creating a relative navigation
-
-
-
-- .Link
-
The relative to the root link of the Text.
-
-
-
-- .Text
-
The Name of the directory.
-
-
-
.Entries
-
Information about a specific file/directory.
-
-
-
-- .URL
-
The 'url' of an entry.
-
-
-
-- .Leaf
-
Currently same as 'URL' but intended to be 'just' the name.
-
-
-
-- .IsDir
-
Boolean for if an entry is a directory or not.
-
-
-
-- .Size
-
Size in Bytes of the entry.
-
-
-
-- .ModTime
-
The UTC timestamp of an entry.
-
-
-
-
Authentication
+
The--private-repos flag can be used to limit users to repositories starting with a path of /<username>/.
+
Server options
+
Use --addr to specify which IP address and port the server should listen on, eg --addr 1.2.3.4:8000 or --addr :8080 to listen to all IPs. By default it only listens on localhost. You can use port :0 to let the OS choose an available port.
+
If you set --addr to listen on a public or LAN accessible IP address then using Authentication is advised - see the next section for info.
+
You can use a unix socket by setting the url to unix:///path/to/socket or just by using an absolute path name. Note that unix sockets bypass the authentication - this is expected to be done with file system permissions.
+
--addr may be repeated to listen on multiple IPs/ports/sockets.
+
--server-read-timeout and --server-write-timeout can be used to control the timeouts on the server. Note that this is the total time for a transfer.
+
--max-header-bytes controls the maximum number of bytes the server will accept in the HTTP header.
+
--baseurl controls the URL prefix that rclone serves from. By default rclone will serve from the root. If you used --baseurl "/rclone" then rclone would serve from a URL starting with "/rclone/". This is useful if you wish to proxy rclone serve. Rclone automatically inserts leading and trailing "/" on --baseurl, so --baseurl "rclone", --baseurl "/rclone" and --baseurl "/rclone/" are all treated identically.
+
TLS (SSL)
+
By default this will serve over http. If you want you can serve over https. You will need to supply the --cert and --key flags. If you wish to do client side certificate validation then you will need to supply --client-ca also.
+
--cert should be a either a PEM encoded certificate or a concatenation of that with the CA certificate. --key should be the PEM encoded private key and --client-ca should be the PEM encoded client certificate authority certificate.
+
--min-tls-version is minimum TLS version that is acceptable. Valid values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default "tls1.0").
+
Authentication
By default this will serve files without needing a login.
-
You can either use an htpasswd file which can take lots of users, or set a single username and password with the --user and --pass flags.
-
Use --htpasswd /path/to/htpasswd to provide an htpasswd file. This is in standard apache format and supports MD5, SHA1 and BCrypt for basic authentication. Bcrypt is recommended.
+
You can either use an htpasswd file which can take lots of users, or set a single username and password with the --user and --pass flags.
+
Use --htpasswd /path/to/htpasswd to provide an htpasswd file. This is in standard apache format and supports MD5, SHA1 and BCrypt for basic authentication. Bcrypt is recommended.
To create an htpasswd file:
touch htpasswd
htpasswd -B htpasswd user
htpasswd -B htpasswd anotherUser
The password file can be updated while rclone is running.
-
Use --realm to set the authentication realm.
-
SSL/TLS
-
By default this will serve over http. If you want you can serve over https. You will need to supply the --cert and --key flags. If you wish to do client side certificate validation then you will need to supply --client-ca also.
-
--cert should be either a PEM encoded certificate or a concatenation of that with the CA certificate. --key should be the PEM encoded private key and --client-ca should be the PEM encoded client certificate authority certificate.
+
Use --realm to set the authentication realm.
+
Use --salt to change the password hashing salt from the default.
rclone serve restic remote:path [flags]
Options
-
--addr string IPaddress:Port or :Port to bind server to (default "localhost:8080")
+
--addr stringArray IPaddress:Port or :Port to bind server to (default [127.0.0.1:8080])
--append-only Disallow deletion of repository data
--baseurl string Prefix for URLs - leave blank for root
--cache-objects Cache listed objects (default true)
- --cert string SSL PEM key (concatenation of certificate and CA certificate)
+ --cert string TLS PEM key (concatenation of certificate and CA certificate)
--client-ca string Client certificate authority to verify clients with
-h, --help help for restic
- --htpasswd string htpasswd file - if not provided no authentication is done
- --key string SSL PEM Private key
+ --htpasswd string A htpasswd file - if not provided no authentication is done
+ --key string TLS PEM Private key
--max-header-bytes int Maximum size of request header (default 4096)
+ --min-tls-version string Minimum TLS version that is acceptable (default "tls1.0")
--pass string Password for authentication
--private-repos Users can only access their private repo
- --realm string Realm for authentication (default "rclone")
- --server-read-timeout duration Timeout for server reading data (default 1h0m0s)
- --server-write-timeout duration Timeout for server writing data (default 1h0m0s)
+ --realm string Realm for authentication
+ --salt string Password hashing salt (default "dlPL2MqE")
+ --server-read-timeout Duration Timeout for server reading data (default 1h0m0s)
+ --server-write-timeout Duration Timeout for server writing data (default 1h0m0s)
--stdio Run an HTTP2 server on stdin/stdout
- --template string User-specified template
--user string User name for authentication
rclone serve sftp implements an SFTP server to serve the remote over SFTP. This can be used with an SFTP client or you can make a remote of type sftp to use with it.
-
You can use the filter flags (e.g. --include, --exclude) to control what is served.
-
The server will log errors. Use -v to see access logs.
-
--bwlimit will be respected for file transfers. Use --stats to control the stats printing.
-
You must provide some means of authentication, either with --user/--pass, an authorized keys file (specify location with --authorized-keys - the default is the same as ssh), an --auth-proxy, or set the --no-auth flag for no authentication when logging in.
-
Note that this also implements a small number of shell commands so that it can provide md5sum/sha1sum/df information for the rclone sftp backend. This means that is can support SHA1SUMs, MD5SUMs and the about command when paired with the rclone sftp backend.
-
If you don't supply a host --key then rclone will generate rsa, ecdsa and ed25519 variants, and cache them for later use in rclone's cache directory (see "rclone help flags cache-dir") in the "serve-sftp" directory.
-
By default the server binds to localhost:2022 - if you want it to be reachable externally then supply "--addr :2022" for example.
-
Note that the default of "--vfs-cache-mode off" is fine for the rclone sftp backend, but it may not be with other SFTP clients.
-
If --stdio is specified, rclone will serve SFTP over stdio, which can be used with sshd via ~/.ssh/authorized_keys, for example:
+
Synopsis
+
Run an SFTP server to serve a remote over SFTP. This can be used with an SFTP client or you can make a remote of type sftp to use with it.
+
You can use the filter flags (e.g. --include, --exclude) to control what is served.
+
The server will respond to a small number of shell commands, mainly md5sum, sha1sum and df, which enable it to provide support for checksums and the about feature when accessed from an sftp remote.
+
Note that this server uses standard 32 KiB packet payload size, which means you must not configure the client to expect anything else, e.g. with the chunk_size option on an sftp remote.
+
The server will log errors. Use -v to see access logs.
+
--bwlimit will be respected for file transfers. Use --stats to control the stats printing.
+
You must provide some means of authentication, either with --user/--pass, an authorized keys file (specify location with --authorized-keys - the default is the same as ssh), an --auth-proxy, or set the --no-auth flag for no authentication when logging in.
+
If you don't supply a host --key then rclone will generate rsa, ecdsa and ed25519 variants, and cache them for later use in rclone's cache directory (see rclone help flags cache-dir) in the "serve-sftp" directory.
+
By default the server binds to localhost:2022 - if you want it to be reachable externally then supply --addr :2022 for example.
+
Note that the default of --vfs-cache-mode off is fine for the rclone sftp backend, but it may not be with other SFTP clients.
+
If --stdio is specified, rclone will serve SFTP over stdio, which can be used with sshd via ~/.ssh/authorized_keys, for example:
On the client you need to set "--transfers 1" when using --stdio. Otherwise multiple instances of the rclone server are started by OpenSSH which can lead to "corrupted on transfer" errors. This is the case because the client chooses indiscriminately which server to send commands to while the servers all have different views of the state of the filing system.
-
The "restrict" in authorized_keys prevents SHA1SUMs and MD5SUMs from beeing used. Omitting "restrict" and using --sftp-path-override to enable checksumming is possible but less secure and you could use the SFTP server provided by OpenSSH in this case.
+
On the client you need to set --transfers 1 when using --stdio. Otherwise multiple instances of the rclone server are started by OpenSSH which can lead to "corrupted on transfer" errors. This is the case because the client chooses indiscriminately which server to send commands to while the servers all have different views of the state of the filing system.
+
The "restrict" in authorized_keys prevents SHA1SUMs and MD5SUMs from beeing used. Omitting "restrict" and using --sftp-path-override to enable checksumming is possible but less secure and you could use the SFTP server provided by OpenSSH in this case.
VFS - Virtual File System
This command uses the VFS layer. This adapts the cloud storage objects that rclone uses into something which looks much more like a disk filing system.
Cloud storage objects have lots of properties which aren't like disk files - you can't extend them or write to the middle of them, so the VFS layer has to deal with that. Because there is no one right way of doing this there are various options explained below.
The VFS layer also implements a directory cache - this caches info about files and directories (but not the data) in memory.
VFS Directory Cache
-
Using the --dir-cache-time flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the mount will appear immediately or invalidate the cache.
+
Using the --dir-cache-time flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the VFS will appear immediately or invalidate the cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
--poll-interval duration Time to wait between polling for changes. Must be smaller than dir-cache-time. Only on supported remotes. Set to 0 to disable (default 1m0s)
However, changes made directly on the cloud storage by the web interface or a different copy of rclone will only be picked up once the directory cache expires if the backend configured does not support polling for changes. If the backend supports polling, changes will be picked up within the polling interval.
@@ -3270,6 +3468,19 @@
--vfs-cache-mode full
When reading a file rclone will read --buffer-size plus --vfs-read-ahead bytes ahead. The --buffer-size is buffered in memory whereas the --vfs-read-ahead is buffered on disk.
When using this mode it is recommended that --buffer-size is not set too large and --vfs-read-ahead is set large if required.
IMPORTANT not all file systems support sparse files. In particular FAT/exFAT do not. Rclone will perform very badly if the cache directory is on a filesystem which doesn't support sparse files and it will log an ERROR message if one is detected.
+
Fingerprinting
+
Various parts of the VFS use fingerprinting to see if a local file copy has changed relative to a remote file. Fingerprints are made from:
+
+
size
+
modification time
+
hash
+
+
where available on an object.
+
On some backends some of these attributes are slow to read (they take an extra API call per object, or extra work per object).
+
For example hash is slow with the local and sftp backends as they have to read the entire file and hash it, and modtime is slow with the s3, swift, ftp and qinqstor backends because they need to do an extra API call to fetch it.
+
If you use the --vfs-fast-fingerprint flag then rclone will not include the slow operations in the fingerprint. This makes the fingerprinting less accurate but much faster and will improve the opening time of cached files.
+
If you are running a vfs cache over local, s3 or swift backends then using this flag is recommended.
+
Note that if you change the value of this flag, the fingerprints of the files in the cache may be invalidated and the files will need to be downloaded again.
VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This means that rather than requesting the whole file rclone reads the chunk specified. This can reduce the used download quota for some remotes by requesting only chunks from the remote that are actually read, at the cost of an increased number of requests.
These flags control the chunking:
@@ -3284,20 +3495,23 @@
VFS Performance
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
---read-only Mount read-only.
+--read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather than seeking rclone will wait a short time for the in sequence read or write to come in. These flags only come into effect when not using an on disk cache file.
--vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
-
When using VFS write caching (--vfs-cache-mode with value writes or full), the global flag --transfers can be set to adjust the number of parallel uploads of modified files from cache (the related global flag --checkers have no effect on mount).
+
When using VFS write caching (--vfs-cache-mode with value writes or full), the global flag --transfers can be set to adjust the number of parallel uploads of modified files from the cache (the related global flag --checkers has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
VFS Case Sensitivity
Linux file systems are case-sensitive: two files can differ only by case, and the exact case must be used when opening a file.
File systems in modern Windows are case-insensitive but case-preserving: although existing files can be opened using any case, the exact case used to create the file is preserved and available for programs to query. It is not allowed for two files in the same directory to differ only by case.
Usually file systems on macOS are case-insensitive. It is possible to make macOS file systems case-sensitive but that is not the default.
-
The --vfs-case-insensitive mount flag controls how rclone handles these two cases. If its value is "false", rclone passes file names to the mounted file system as-is. If the flag is "true" (or appears without a value on command line), rclone may perform a "fixup" as explained below.
-
The user may specify a file name to open/delete/rename/etc with a case different than what is stored on mounted file system. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by an underlying mounted file system.
-
Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system mounted by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
+
The --vfs-case-insensitive VFS flag controls how rclone handles these two cases. If its value is "false", rclone passes file names to the remote as-is. If the flag is "true" (or appears without a value on the command line), rclone may perform a "fixup" as explained below.
+
The user may specify a file name to open/delete/rename/etc with a case different than what is stored on the remote. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by the underlying remote.
+
Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system presented by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
If the flag is not provided on the command line, then its default value depends on the operating system where rclone runs: "true" on Windows and macOS, "false" otherwise. If the flag is provided without a value, then it is "true".
+
VFS Disk Options
+
This flag allows you to manually set the statistics about the filing system. It can be useful when those statistics cannot be read correctly automatically.
+
--vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used. If you need this information to be available when running df on the filesystem, then pass the flag --vfs-used-is-size to rclone. With this flag set, instead of relying on the backend to report this information, rclone will scan the whole remote similar to rclone size and compute the total used space itself.
WARNING. Contrary to rclone size, this flag ignores filters so that the result is accurate. However, this is very inefficient and may cost lots of API calls resulting in extra charges. Use it as a last resort and only with caching.
@@ -3336,7 +3550,7 @@
Options
--addr string IPaddress:Port or :Port to bind server to (default "localhost:2022")
--auth-proxy string A program to use to create the backend from the auth
--authorized-keys string Authorized keys file (default "~/.ssh/authorized_keys")
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
@@ -3347,45 +3561,53 @@
Options
--no-modtime Don't read/write the modification time (can speed things up)
--no-seek Don't allow seeking in files
--pass string Password for authentication
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
- --stdio Run an sftp server on run stdin/stdout
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
+ --stdio Run an sftp server on stdin/stdout
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
--user string User name for authentication
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
rclone serve webdav implements a basic webdav server to serve the remote over HTTP via the webdav protocol. This can be viewed with a webdav client, through a web browser, or you can make a remote of type webdav to read and write it.
-
Webdav options
+
Serve remote:path over WebDAV.
+
Synopsis
+
Run a basic WebDAV server to serve a remote over HTTP via the WebDAV protocol. This can be viewed with a WebDAV client, through a web browser, or you can make a remote of type WebDAV to read and write it.
+
WebDAV options
--etag-hash
This controls the ETag header. Without this flag the ETag will be based on the ModTime and Size of the object.
-
If this flag is set to "auto" then rclone will choose the first supported hash on the backend or you can use a named hash such as "MD5" or "SHA-1".
-
Use "rclone hashsum" to see the full list.
-
Server options
-
Use --addr to specify which IP address and port the server should listen on, e.g. --addr 1.2.3.4:8000 or --addr :8080 to listen to all IPs. By default it only listens on localhost. You can use port :0 to let the OS choose an available port.
-
If you set --addr to listen on a public or LAN accessible IP address then using Authentication is advised - see the next section for info.
-
--server-read-timeout and --server-write-timeout can be used to control the timeouts on the server. Note that this is the total time for a transfer.
-
--max-header-bytes controls the maximum number of bytes the server will accept in the HTTP header.
-
--baseurl controls the URL prefix that rclone serves from. By default rclone will serve from the root. If you used --baseurl "/rclone" then rclone would serve from a URL starting with "/rclone/". This is useful if you wish to proxy rclone serve. Rclone automatically inserts leading and trailing "/" on --baseurl, so --baseurl "rclone", --baseurl "/rclone" and --baseurl "/rclone/" are all treated identically.
-
--template allows a user to specify a custom markup template for http and webdav serve functions. The server exports the following markup to be used within the template to server pages:
+
If this flag is set to "auto" then rclone will choose the first supported hash on the backend or you can use a named hash such as "MD5" or "SHA-1". Use the hashsum command to see the full list.
+
Server options
+
Use --addr to specify which IP address and port the server should listen on, eg --addr 1.2.3.4:8000 or --addr :8080 to listen to all IPs. By default it only listens on localhost. You can use port :0 to let the OS choose an available port.
+
If you set --addr to listen on a public or LAN accessible IP address then using Authentication is advised - see the next section for info.
+
You can use a unix socket by setting the url to unix:///path/to/socket or just by using an absolute path name. Note that unix sockets bypass the authentication - this is expected to be done with file system permissions.
+
--addr may be repeated to listen on multiple IPs/ports/sockets.
+
--server-read-timeout and --server-write-timeout can be used to control the timeouts on the server. Note that this is the total time for a transfer.
+
--max-header-bytes controls the maximum number of bytes the server will accept in the HTTP header.
+
--baseurl controls the URL prefix that rclone serves from. By default rclone will serve from the root. If you used --baseurl "/rclone" then rclone would serve from a URL starting with "/rclone/". This is useful if you wish to proxy rclone serve. Rclone automatically inserts leading and trailing "/" on --baseurl, so --baseurl "rclone", --baseurl "/rclone" and --baseurl "/rclone/" are all treated identically.
+
TLS (SSL)
+
By default this will serve over http. If you want you can serve over https. You will need to supply the --cert and --key flags. If you wish to do client side certificate validation then you will need to supply --client-ca also.
+
--cert should be a either a PEM encoded certificate or a concatenation of that with the CA certificate. --key should be the PEM encoded private key and --client-ca should be the PEM encoded client certificate authority certificate.
+
--min-tls-version is minimum TLS version that is acceptable. Valid values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default "tls1.0").
+
Template
+
--template allows a user to specify a custom markup template for HTTP and WebDAV serve functions. The server exports the following markup to be used within the template to server pages:
@@ -3464,25 +3686,23 @@
Server options
-
Authentication
+
Authentication
By default this will serve files without needing a login.
-
You can either use an htpasswd file which can take lots of users, or set a single username and password with the --user and --pass flags.
-
Use --htpasswd /path/to/htpasswd to provide an htpasswd file. This is in standard apache format and supports MD5, SHA1 and BCrypt for basic authentication. Bcrypt is recommended.
+
You can either use an htpasswd file which can take lots of users, or set a single username and password with the --user and --pass flags.
+
Use --htpasswd /path/to/htpasswd to provide an htpasswd file. This is in standard apache format and supports MD5, SHA1 and BCrypt for basic authentication. Bcrypt is recommended.
To create an htpasswd file:
touch htpasswd
htpasswd -B htpasswd user
htpasswd -B htpasswd anotherUser
The password file can be updated while rclone is running.
-
Use --realm to set the authentication realm.
-
SSL/TLS
-
By default this will serve over http. If you want you can serve over https. You will need to supply the --cert and --key flags. If you wish to do client side certificate validation then you will need to supply --client-ca also.
-
--cert should be either a PEM encoded certificate or a concatenation of that with the CA certificate. --key should be the PEM encoded private key and --client-ca should be the PEM encoded client certificate authority certificate.
+
Use --realm to set the authentication realm.
+
Use --salt to change the password hashing salt from the default.
VFS - Virtual File System
This command uses the VFS layer. This adapts the cloud storage objects that rclone uses into something which looks much more like a disk filing system.
Cloud storage objects have lots of properties which aren't like disk files - you can't extend them or write to the middle of them, so the VFS layer has to deal with that. Because there is no one right way of doing this there are various options explained below.
The VFS layer also implements a directory cache - this caches info about files and directories (but not the data) in memory.
VFS Directory Cache
-
Using the --dir-cache-time flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the mount will appear immediately or invalidate the cache.
+
Using the --dir-cache-time flag, you can control how long a directory should be considered up to date and not refreshed from the backend. Changes made through the VFS will appear immediately or invalidate the cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
--poll-interval duration Time to wait between polling for changes. Must be smaller than dir-cache-time. Only on supported remotes. Set to 0 to disable (default 1m0s)
However, changes made directly on the cloud storage by the web interface or a different copy of rclone will only be picked up once the directory cache expires if the backend configured does not support polling for changes. If the backend supports polling, changes will be picked up within the polling interval.
@@ -3545,6 +3765,19 @@
--vfs-cache-mode full
When reading a file rclone will read --buffer-size plus --vfs-read-ahead bytes ahead. The --buffer-size is buffered in memory whereas the --vfs-read-ahead is buffered on disk.
When using this mode it is recommended that --buffer-size is not set too large and --vfs-read-ahead is set large if required.
IMPORTANT not all file systems support sparse files. In particular FAT/exFAT do not. Rclone will perform very badly if the cache directory is on a filesystem which doesn't support sparse files and it will log an ERROR message if one is detected.
+
Fingerprinting
+
Various parts of the VFS use fingerprinting to see if a local file copy has changed relative to a remote file. Fingerprints are made from:
+
+
size
+
modification time
+
hash
+
+
where available on an object.
+
On some backends some of these attributes are slow to read (they take an extra API call per object, or extra work per object).
+
For example hash is slow with the local and sftp backends as they have to read the entire file and hash it, and modtime is slow with the s3, swift, ftp and qinqstor backends because they need to do an extra API call to fetch it.
+
If you use the --vfs-fast-fingerprint flag then rclone will not include the slow operations in the fingerprint. This makes the fingerprinting less accurate but much faster and will improve the opening time of cached files.
+
If you are running a vfs cache over local, s3 or swift backends then using this flag is recommended.
+
Note that if you change the value of this flag, the fingerprints of the files in the cache may be invalidated and the files will need to be downloaded again.
VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This means that rather than requesting the whole file rclone reads the chunk specified. This can reduce the used download quota for some remotes by requesting only chunks from the remote that are actually read, at the cost of an increased number of requests.
These flags control the chunking:
@@ -3559,20 +3792,23 @@
VFS Performance
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
---read-only Mount read-only.
+--read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather than seeking rclone will wait a short time for the in sequence read or write to come in. These flags only come into effect when not using an on disk cache file.
--vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
-
When using VFS write caching (--vfs-cache-mode with value writes or full), the global flag --transfers can be set to adjust the number of parallel uploads of modified files from cache (the related global flag --checkers have no effect on mount).
+
When using VFS write caching (--vfs-cache-mode with value writes or full), the global flag --transfers can be set to adjust the number of parallel uploads of modified files from the cache (the related global flag --checkers has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
VFS Case Sensitivity
Linux file systems are case-sensitive: two files can differ only by case, and the exact case must be used when opening a file.
File systems in modern Windows are case-insensitive but case-preserving: although existing files can be opened using any case, the exact case used to create the file is preserved and available for programs to query. It is not allowed for two files in the same directory to differ only by case.
Usually file systems on macOS are case-insensitive. It is possible to make macOS file systems case-sensitive but that is not the default.
-
The --vfs-case-insensitive mount flag controls how rclone handles these two cases. If its value is "false", rclone passes file names to the mounted file system as-is. If the flag is "true" (or appears without a value on command line), rclone may perform a "fixup" as explained below.
-
The user may specify a file name to open/delete/rename/etc with a case different than what is stored on mounted file system. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by an underlying mounted file system.
-
Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system mounted by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
+
The --vfs-case-insensitive VFS flag controls how rclone handles these two cases. If its value is "false", rclone passes file names to the remote as-is. If the flag is "true" (or appears without a value on the command line), rclone may perform a "fixup" as explained below.
+
The user may specify a file name to open/delete/rename/etc with a case different than what is stored on the remote. If an argument refers to an existing file with exactly the same name, then the case of the existing file on the disk will be used. However, if a file name with exactly the same name is not found but a name differing only by case exists, rclone will transparently fixup the name. This fixup happens only when an existing file is requested. Case sensitivity of file names created anew by rclone is controlled by the underlying remote.
+
Note that case sensitivity of the operating system running rclone (the target) may differ from case sensitivity of a file system presented by rclone (the source). The flag controls whether "fixup" is performed to satisfy the target.
If the flag is not provided on the command line, then its default value depends on the operating system where rclone runs: "true" on Windows and macOS, "false" otherwise. If the flag is provided without a value, then it is "true".
+
VFS Disk Options
+
This flag allows you to manually set the statistics about the filing system. It can be useful when those statistics cannot be read correctly automatically.
+
--vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used. If you need this information to be available when running df on the filesystem, then pass the flag --vfs-used-is-size to rclone. With this flag set, instead of relying on the backend to report this information, rclone will scan the whole remote similar to rclone size and compute the total used space itself.
WARNING. Contrary to rclone size, this flag ignores filters so that the result is accurate. However, this is very inefficient and may cost lots of API calls resulting in extra charges. Use it as a last resort and only with caching.
@@ -3608,46 +3844,50 @@
Auth Proxy
This can be used to build general purpose proxies to any kind of backend that rclone supports.
rclone serve webdav remote:path [flags]
Options
-
--addr string IPaddress:Port or :Port to bind server to (default "localhost:8080")
+
--addr stringArray IPaddress:Port or :Port to bind server to (default [127.0.0.1:8080])
--auth-proxy string A program to use to create the backend from the auth
--baseurl string Prefix for URLs - leave blank for root
- --cert string SSL PEM key (concatenation of certificate and CA certificate)
+ --cert string TLS PEM key (concatenation of certificate and CA certificate)
--client-ca string Client certificate authority to verify clients with
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--disable-dir-list Disable HTML directory list on GET request for a directory
--etag-hash string Which hash to use for the ETag, or auto or blank for off
--file-perms FileMode File permissions (default 0666)
--gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
-h, --help help for webdav
- --htpasswd string htpasswd file - if not provided no authentication is done
- --key string SSL PEM Private key
+ --htpasswd string A htpasswd file - if not provided no authentication is done
+ --key string TLS PEM Private key
--max-header-bytes int Maximum size of request header (default 4096)
+ --min-tls-version string Minimum TLS version that is acceptable (default "tls1.0")
--no-checksum Don't compare checksums on up/download
--no-modtime Don't read/write the modification time (can speed things up)
--no-seek Don't allow seeking in files
--pass string Password for authentication
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
- --realm string Realm for authentication (default "rclone")
- --server-read-timeout duration Timeout for server reading data (default 1h0m0s)
- --server-write-timeout duration Timeout for server writing data (default 1h0m0s)
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
+ --realm string Realm for authentication
+ --salt string Password hashing salt (default "dlPL2MqE")
+ --server-read-timeout Duration Timeout for server reading data (default 1h0m0s)
+ --server-write-timeout Duration Timeout for server writing data (default 1h0m0s)
--template string User-specified template
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
--user string User name for authentication
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
rclone settier changes storage tier or class at remote if supported. Few cloud storage services provides different storage classes on objects, for example AWS S3 and Glacier, Azure Blob storage - Hot, Cool and Archive, Google Cloud Storage, Regional Storage, Nearline, Coldline etc.
Note that, certain tier changes make objects not available to access immediately. For example tiering to archive in azure blob storage makes objects in frozen state, user can restore by setting tier to Hot/Cool, similarly S3 to Glacier makes object inaccessible.true
You can use it to tier single object
@@ -3674,7 +3914,7 @@
SEE ALSO
rclone test
Run a test command
-
Synopsis
+
Synopsis
Rclone test is used to run test commands.
Select which test comand you want with the subcommand, eg
This command outputs JSON which shows the histogram of characters used in filenames in the remote:path specified.
The data doesn't contain any identifying information but is useful for the rclone developers when developing filename compression.
rclone test histogram [remote:path] [flags]
@@ -3718,7 +3959,7 @@
SEE ALSO
rclone test info
Discovers file name or other limitations for paths.
-
Synopsis
+
Synopsis
rclone info discovers what filenames and upload methods are possible to write to the paths passed in and how long they can be. It can take some time. It will write test files into the remote:path passed in. It outputs a bit of go code for each one.
NB this can create undeletable files and other hazards - use with care
rclone test info [remote:path]+ [flags]
@@ -3729,43 +3970,65 @@
Options
--check-normalization Check UTF-8 Normalization
--check-streaming Check uploads with indeterminate file size
-h, --help help for info
- --upload-wait duration Wait after writing a file
+ --upload-wait Duration Wait after writing a file (default 0s)
--write-json string Write results to file
--ascii Fill files with random ASCII printable bytes only
+ --chargen Fill files with a ASCII chargen pattern
+ -h, --help help for makefile
+ --pattern Fill files with a periodic pattern
+ --seed int Seed for the random number generator (0 for random) (default 1)
+ --sparse Make the files sparse (appear to be filled with ASCII 0x00)
+ --zero Fill files with ASCII 0x00
--files int Number of files to create (default 1000)
+
Options
+
--ascii Fill files with random ASCII printable bytes only
+ --chargen Fill files with a ASCII chargen pattern
+ --files int Number of files to create (default 1000)
--files-per-directory int Average number of files per directory (default 10)
-h, --help help for makefiles
+ --max-depth int Maximum depth of directory hierarchy (default 10)
--max-file-size SizeSuffix Maximum size of files to create (default 100)
--max-name-length int Maximum size of file names (default 12)
--min-file-size SizeSuffix Minimum size of file to create
--min-name-length int Minimum size of file names (default 4)
- --seed int Seed for the random number generator (0 for random) (default 1)
+ --pattern Fill files with a periodic pattern
+ --seed int Seed for the random number generator (0 for random) (default 1)
+ --sparse Make the files sparse (appear to be filled with ASCII 0x00)
+ --zero Fill files with ASCII 0x00
Set the modification time on file(s) as specified by remote:path to have the current time.
If remote:path does not exist then a zero sized file will be created, unless --no-create or --recursive is provided.
If --recursive is used then recursively sets the modification time on all existing files that is found under the path. Filters are supported, and you can test with the --dry-run or the --interactive flag.
@@ -3777,20 +4040,20 @@
Synopsis
Note that value of --timestamp is in UTC. If you want local time then add the --localtime flag.
rclone touch remote:path [flags]
-
Options
+
Options
-h, --help help for touch
--localtime Use localtime for timestamp, not UTC
-C, --no-create Do not create the file if it does not exist (implied with --recursive)
-R, --recursive Recursively touch all files
-t, --timestamp string Use specified time instead of the current time of day
rclone - Show help for rclone commands, flags and backends.
rclone tree
List the contents of the remote in a tree like fashion.
-
Synopsis
+
Synopsis
rclone tree lists the contents of a remote in a similar way to the unix tree command.
For example
$ rclone tree remote:path
@@ -3803,12 +4066,12 @@
Synopsis
└── file5
1 directories, 5 files
-
You can use any of the filtering options with the tree command (e.g. --include and --exclude). You can also use --fast-list.
-
The tree command has many options for controlling the listing which are compatible with the tree command. Note that not all of them have short options as they conflict with rclone's short options.
+
You can use any of the filtering options with the tree command (e.g. --include and --exclude. You can also use --fast-list.
+
The tree command has many options for controlling the listing which are compatible with the tree command, for example you can include file sizes with --size. Note that not all of them have short options as they conflict with rclone's short options.
+
For a more interactive navigation of the remote see the ncdu command.
rclone tree remote:path [flags]
-
Options
+
Options
-a, --all All files are listed (list . files too)
- -C, --color Turn colorization on always
-d, --dirs-only List directories only
--dirsfirst List directories before files (-U disables)
--full-path Print the full path prefix for each file
@@ -3828,7 +4091,7 @@
Options
-U, --unsorted Leave files unsorted
--version Sort files alphanumerically by version
rclone - Show help for rclone commands, flags and backends.
@@ -3907,7 +4170,8 @@
Connection strings, config and lo
Will get their own names
DEBUG : :s3: detected overridden config - adding "{YTu53}" suffix to name
Valid remote names
-
Remote names are case sensitive, and must adhere to the following rules: - May only contain 0-9, A-Z, a-z, _, -, . and space. - May not start with - or space.
+
Remote names are case sensitive, and must adhere to the following rules: - May contain number, letter, _, -, . and space. - May not start with - or space. - May not end with space.
+
Starting with rclone version 1.61, any Unicode numbers and letters are allowed, while in older versions it was limited to plain ASCII (0-9, A-Z, a-z). If you use the same rclone configuration from different shells, which may be configured with different character encoding, you must be cautious to use characters that are possible to write in all of them. This is mostly a problem on Windows, where the console traditionally uses a non-Unicode character set - defined by the so-called "code page".
Quoting and the shell
When you are typing commands to your computer you are using something called the command line shell. This interprets various characters in an OS specific way.
Here are some gotchas which may help users unfamiliar with the shell rules
@@ -3917,7 +4181,7 @@
Linux / OSX
If you want to send a ' you will need to use ", e.g.
rclone copy "O'Reilly Reviews" remote:backup
The rules for quoting metacharacters are complicated and if you want the full details you'll have to consult the manual page for your shell.
-
Windows
+
Windows
If your names have spaces in you need to put them in ", e.g.
Metadata is data about a file which isn't the contents of the file. Normally rclone only preserves the modification time and the content (MIME) type where possible.
+
Rclone supports preserving all the available metadata on files (not directories) when using the --metadata or -M flag.
+
Exactly what metadata is supported and what that support means depends on the backend. Backends that support metadata have a metadata section in their docs and are listed in the features table (Eg local, s3)
+
Rclone only supports a one-time sync of metadata. This means that metadata will be synced from the source object to the destination object only when the source object has changed and needs to be re-uploaded. If the metadata subsequently changes on the source object without changing the object itself then it won't be synced to the destination object. This is in line with the way rclone syncs Content-Type without the --metadata flag.
+
Using --metadata when syncing from local to local will preserve file attributes such as file mode, owner, extended attributes (not Windows).
+
Note that arbitrary metadata may be added to objects using the --metadata-set key=value flag when the object is first uploaded. This flag can be repeated as many times as necessary.
+
Types of metadata
+
Metadata is divided into two type. System metadata and User metadata.
+
Metadata which the backend uses itself is called system metadata. For example on the local backend the system metadata uid will store the user ID of the file when used on a unix based platform.
+
Arbitrary metadata is called user metadata and this can be set however is desired.
+
When objects are copied from backend to backend, they will attempt to interpret system metadata if it is supplied. Metadata may change from being user metadata to system metadata as objects are copied between different backends. For example copying an object from s3 sets the content-type metadata. In a backend which understands this (like azureblob) this will become the Content-Type of the object. In a backend which doesn't understand this (like the local backend) this will become user metadata. However should the local object be copied back to s3, the Content-Type will be set correctly.
+
Metadata framework
+
Rclone implements a metadata framework which can read metadata from an object and write it to the object when (and only when) it is being uploaded.
+
This metadata is stored as a dictionary with string keys and string values.
+
There are some limits on the names of the keys (these may be clarified further in the future).
+
+
must be lower case
+
may be a-z0-9 containing .- or _
+
length is backend dependent
+
+
Each backend can provide system metadata that it understands. Some backends can also store arbitrary user metadata.
+
Where possible the key names are standardized, so, for example, it is possible to copy object metadata from s3 to azureblob for example and metadata will be translated appropriately.
+
Some backends have limits on the size of the metadata and rclone will give errors on upload if they are exceeded.
+
Metadata preservation
+
The goal of the implementation is to
+
+
Preserve metadata if at all possible
+
Interpret metadata if at all possible
+
+
The consequences of 1 is that you can copy an S3 object to a local disk then back to S3 losslessly. Likewise you can copy a local file with file attributes and xattrs from local disk to s3 and back again losslessly.
+
The consequence of 2 is that you can copy an S3 object with metadata to Azureblob (say) and have the metadata appear on the Azureblob object also.
+
Standard system metadata
+
Here is a table of standard system metadata which, if appropriate, a backend may implement.
+
+
+
+
+
+
+
+
+
key
+
description
+
example
+
+
+
+
+
mode
+
File type and mode: octal, unix style
+
0100664
+
+
+
uid
+
User ID of owner: decimal number
+
500
+
+
+
gid
+
Group ID of owner: decimal number
+
500
+
+
+
rdev
+
Device ID (if special file) => hexadecimal
+
0
+
+
+
atime
+
Time of last access: RFC 3339
+
2006-01-02T15:04:05.999999999Z07:00
+
+
+
mtime
+
Time of last modification: RFC 3339
+
2006-01-02T15:04:05.999999999Z07:00
+
+
+
btime
+
Time of file creation (birth): RFC 3339
+
2006-01-02T15:04:05.999999999Z07:00
+
+
+
cache-control
+
Cache-Control header
+
no-cache
+
+
+
content-disposition
+
Content-Disposition header
+
inline
+
+
+
content-encoding
+
Content-Encoding header
+
gzip
+
+
+
content-language
+
Content-Language header
+
en-US
+
+
+
content-type
+
Content-Type header
+
text/plain
+
+
+
+
The metadata keys mtime and content-type will take precedence if supplied in the metadata over reading the Content-Type or modification time of the source object.
+
Hashes are not included in system metadata as there is a well defined way of reading those already.
+
Options
Rclone has a number of options to control its behaviour.
Options that take parameters can have the values passed in two ways, --option=value or --option value. However boolean (true/false) options behave slightly differently to the other options in that --boolean sets the option to true and the absence of the flag sets it to false. It is also possible to specify --boolean=false or --boolean=true. Note that --boolean false is not valid - this is parsed as --boolean and the false is parsed as an extra command line argument for rclone.
-
Options which use TIME use the go time parser. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
+
Time or duration options
+
TIME or DURATION options can be specified as a duration string or a time string.
+
A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Default units are seconds or the following abbreviations are valid:
+
+
ms - Milliseconds
+
s - Seconds
+
m - Minutes
+
h - Hours
+
d - Days
+
w - Weeks
+
M - Months
+
y - Years
+
+
These can also be specified as an absolute time in the following formats:
+
+
RFC3339 - e.g. 2006-01-02T15:04:05Z or 2006-01-02T15:04:05+07:00
+
ISO8601 Date and time, local timezone - 2006-01-02T15:04:05
+
ISO8601 Date and time, local timezone - 2006-01-02 15:04:05
+
ISO8601 Date - 2006-01-02 (YYYY-MM-DD)
+
+
Size options
Options which use SIZE use KiB (multiples of 1024 bytes) by default. However, a suffix of B for Byte, K for KiB, M for MiB, G for GiB, T for TiB and P for PiB may be used. These are the binary units, e.g. 1, 2**10, 2**20, 2**30 respectively.
--backup-dir=DIR
When using sync, copy or move any files which would have been overwritten or deleted are moved in their original hierarchy into this directory.
If --suffix is set, then the moved files will have the suffix added to them. If there is a file with the same path (after the suffix has been added) in DIR, then it will be overwritten.
-
The remote in use must support server-side move or copy and you must use the same remote as the destination of the sync. The backup directory must not overlap the destination directory.
+
The remote in use must support server-side move or copy and you must use the same remote as the destination of the sync. The backup directory must not overlap the destination directory without it being excluded by a filter rule.
will sync /path/to/local to remote:current, but for any files which would have been updated or deleted will be stored in remote:old.
@@ -3960,7 +4356,7 @@
--bwlimit=BANDWIDTH_SPEC
This option controls the bandwidth limit. For example
--bwlimit 10M
would mean limit the upload and download bandwidth to 10 MiB/s. NB this is bytes per second not bits per second. To use a single limit, specify the desired bandwidth in KiB/s, or use a suffix B|K|M|G|T|P. The default is 0 which means to not limit bandwidth.
-
The upload and download bandwidth can be specified seperately, as --bwlimit UP:DOWN, so
+
The upload and download bandwidth can be specified separately, as --bwlimit UP:DOWN, so
--bwlimit 10M:100k
would mean limit the upload bandwidth to 10 MiB/s and the download bandwidth to 100 KiB/s. Either limit can be "off" meaning no limit, so to just limit the upload bandwidth you would use
--bwlimit 10M:off
@@ -4010,14 +4406,20 @@
--check-first
It can also be useful to ensure perfect ordering when using --order-by.
Using this flag can use more memory as it effectively sets --max-backlog to infinite. This means that all the info on the objects to transfer is held in memory before the transfers start.
--checkers=N
-
The number of checkers to run in parallel. Checkers do the equality checking of files during a sync. For some storage systems (e.g. S3, Swift, Dropbox) this can take a significant amount of time so they are run in parallel.
-
The default is to run 8 checkers in parallel.
+
Originally controlling just the number of file checkers to run in parallel, e.g. by rclone copy. Now a fairly universal parallelism control used by rclone in several places.
+
Note: checkers do the equality checking of files during a sync. For some storage systems (e.g. S3, Swift, Dropbox) this can take a significant amount of time so they are run in parallel.
+
The default is to run 8 checkers in parallel. However, in case of slow-reacting backends you may need to lower (rather than increase) this default by setting --checkers to 4 or less threads. This is especially advised if you are experiencing backend server crashes during file checking phase (e.g. on subsequent or top-up backups where little or no file copying is done and checking takes up most of the time). Increase this setting only with utmost care, while monitoring your server health and file checking throughput.
-c, --checksum
Normally rclone will look at modification time and size of files to see if they are equal. If you set this flag then rclone will check the file hash and size to determine if files are equal.
This is useful when the remote doesn't support setting modified time and a more accurate sync is desired than just checking the file size.
This is very useful when transferring between remotes which store the same hash type on the object, e.g. Drive and Swift. For details of which remotes support which hash type see the table in the overview section.
Eg rclone --checksum sync s3:/bucket swift:/bucket would run much quicker than without the --checksum flag.
When using this flag, rclone won't update mtimes of remote files if they are incorrect as it would normally.
+
--color WHEN
+
Specifiy when colors (and other ANSI codes) should be added to the output.
+
AUTO (default) only allows ANSI codes when the output is a terminal
+
NEVER never allow ANSI codes
+
ALWAYS always add ANSI codes, regardless of the output format (terminal or file)
--compare-dest=DIR
When using sync, copy or move DIR is checked in addition to the destination for files. If a file identical to the source is found that file is NOT copied from source. This is useful to copy just files that have changed since the last backup.
You must use the same remote as the destination of the sync. The compare directory must not overlap the destination directory.
@@ -4068,7 +4470,8 @@
--copy-dest=DIR
The remote in use must support server-side copy and you must use the same remote as the destination of the sync. The compare directory must not overlap the destination directory.
See --compare-dest and --backup-dir.
--dedupe-mode MODE
-
Mode to run dedupe command in. One of interactive, skip, first, newest, oldest, rename. The default is interactive. See the dedupe command for more information as to what these options mean.
+
Mode to run dedupe command in. One of interactive, skip, first, newest, oldest, rename. The default is interactive.
+See the dedupe command for more information as to what these options mean.
--disable FEATURE,FEATURE,...
This disables a comma separated list of optional features. For example to disable server-side move and server-side copy use:
--disable move,copy
@@ -4118,11 +4521,11 @@
--header-upload
--human-readable
Rclone commands output values for sizes (e.g. number of bytes) and counts (e.g. number of files) either as raw numbers, or in human-readable format.
In human-readable format the values are scaled to larger units, indicated with a suffix shown after the value, and rounded to three decimals. Rclone consistently uses binary units (powers of 2) for sizes and decimal units (powers of 10) for counts. The unit prefix for size is according to IEC standard notation, e.g. Ki for kibi. Used with byte unit, 1 KiB means 1024 Byte. In list type of output, only the unit prefix appended to the value (e.g. 9.762Ki), while in more textual output the full unit is shown (e.g. 9.762 KiB). For counts the SI standard notation is used, e.g. prefix k for kilo. Used with file counts, 1k means 1000 files.
-
The various list commands output raw numbers by default. Option --human-readable will make them output values in human-readable format instead (with the short unit prefix).
-
The about command outputs human-readable by default, with a command-specific option --full to output the raw numbers instead.
-
Command size outputs both human-readable and raw numbers in the same output.
-
The tree command also considers --human-readable, but it will not use the exact same notation as the other commands: It rounds to one decimal, and uses single letter suffix, e.g. K instead of Ki. The reason for this is that it relies on an external library.
-
The interactive command ncdu shows human-readable by default, and responds to key u for toggling human-readable format.
+
The various list commands output raw numbers by default. Option --human-readable will make them output values in human-readable format instead (with the short unit prefix).
+
The about command outputs human-readable by default, with a command-specific option --full to output the raw numbers instead.
+
Command size outputs both human-readable and raw numbers in the same output.
+
The tree command also considers --human-readable, but it will not use the exact same notation as the other commands: It rounds to one decimal, and uses single letter suffix, e.g. K instead of Ki. The reason for this is that it relies on an external library.
+
The interactive command ncdu shows human-readable by default, and responds to key u for toggling human-readable format.
--ignore-case-sync
Using this option will cause rclone to ignore the case of the files when synchronizing so files will not be copied/synced when the existing filenames are the same, even if the casing is different.
--ignore-checksum
@@ -4208,6 +4611,10 @@
--max-transfer=SIZE
Rclone will stop transferring when it has reached the size specified. Defaults to off.
When the limit is reached all transfers will stop immediately.
Rclone will exit with exit code 8 if the transfer limit is reached.
+
--metadata / -M
+
Setting this flag enables rclone to copy the metadata from the source to the destination. For local backends this is ownership, permissions, xattr etc. See the #metadata for more info.
+
--metadata-set key=value
+
Add metadata key = value when uploading. This can be repeated as many times as required. See the #metadata for more info.
--cutoff-mode=hard|soft|cautious
This modifies the behavior of --max-transfer Defaults to --cutoff-mode=hard.
Specifying --cutoff-mode=hard will stop transferring immediately when Rclone reaches the limit.
@@ -4328,6 +4735,10 @@
--retries int
--retries-sleep=TIME
This sets the interval between each retry specified by --retries
The default is 0. Use 0 to disable.
+
--server-side-across-configs
+
Allow server-side operations (e.g. copy or move) to work across different configurations.
+
This can be useful if you wish to do a server-side copy or move between two remotes which use the same backend but are configured differently.
+
Note that this isn't enabled by default because it isn't easy for rclone to tell if it will work between any two configurations.
--size-only
Normally rclone will look at modification time and size of files to see if they are equal. If you set this flag then rclone will check only the size.
This can be useful transferring files from Dropbox which have been modified by the desktop sync client which doesn't set checksums of modification times in the same way as rclone.
@@ -4391,14 +4802,15 @@
--tpslimit-burst int
This may be used to increase performance of --tpslimit without changing the long term average number of transactions per second.
--track-renames
By default, rclone doesn't keep track of renamed files, so if you rename a file locally then sync it to a remote, rclone will delete the old file on the remote and upload a new copy.
-
If you use this flag, and the remote supports server-side copy or server-side move, and the source and destination have a compatible hash, then this will track renames during sync operations and perform renaming server-side.
-
Files will be matched by size and hash - if both match then a rename will be considered.
+
An rclone sync with --track-renames runs like a normal sync, but keeps track of objects which exist in the destination but not in the source (which would normally be deleted), and which objects exist in the source but not the destination (which would normally be transferred). These objects are then candidates for renaming.
+
After the sync, rclone matches up the source only and destination only objects using the --track-renames-strategy specified and either renames the destination object or transfers the source and deletes the destination object. --track-renames is stateless like all of rclone's syncs.
+
To use this flag the destination must support server-side copy or server-side move, and to use a hash based --track-renames-strategy (the default) the source and the destination must have a compatible hash.
If the destination does not support server-side copy or move, rclone will fall back to the default behaviour and log an error level message to the console.
Encrypted destinations are not currently supported by --track-renames if --track-renames-strategy includes hash.
Note that --track-renames is incompatible with --no-traverse and that it uses extra memory to keep track of all the rename candidates.
Note also that --track-renames is incompatible with --delete-before and will select --delete-after instead of --delete-during.
--track-renames-strategy (hash,modtime,leaf,size)
-
This option changes the matching criteria for --track-renames.
+
This option changes the file matching criteria for --track-renames.
The matching is controlled by a comma separated selection of these tokens:
modtime - the modification time of the file - not supported on all backends
@@ -4406,9 +4818,9 @@
--track-renames-strategy (ha
leaf - the name of the file not including its directory name
size - the size of the file (this is always enabled)
-
So using --track-renames-strategy modtime,leaf would match files based on modification time, the leaf of the file name and the size only.
+
The default option is hash.
+
Using --track-renames-strategy modtime,leaf would match files based on modification time, the leaf of the file name and the size only.
Using --track-renames-strategy modtime or leaf can enable --track-renames support for encrypted destinations.
-
If nothing is specified, the default option is matching by hashes.
Note that the hash strategy is not supported with encrypted destinations.
--delete-(before,during,after)
This option allows you to specify when files on your destination are deleted when you sync folders.
@@ -4417,7 +4829,7 @@
--delete-(before,during,after)
Specifying --delete-after (the default value) will delay deletion of files until all new/updated files have been successfully transferred. The files to be deleted are collected in the copy pass then deleted after the copy pass has completed successfully. The files to be deleted are held in memory so this mode may use more memory. This is the safest mode as it will only delete files if there have been no errors subsequent to that. If there have been errors before the deletions start then you will get the message not deleting files as there were IO errors.
--fast-list
When doing anything which involves a directory listing (e.g. sync, copy, ls - in fact nearly every command), rclone normally lists a directory and processes it before using more directory lists to process any subdirectories. This can be parallelised and works very quickly using the least amount of memory.
-
However, some remotes have a way of listing all files beneath a directory in one (or a small number) of transactions. These tend to be the bucket-based remotes (e.g. S3, B2, GCS, Swift, Hubic).
+
However, some remotes have a way of listing all files beneath a directory in one (or a small number) of transactions. These tend to be the bucket-based remotes (e.g. S3, B2, GCS, Swift).
If you use the --fast-list flag then rclone will use this method for listing directories. This will have the following consequences for the listing:
It will use fewer transactions (important if you pay for them)
@@ -4434,13 +4846,14 @@
--timeout=TIME
--transfers=N
The number of file transfers to run in parallel. It can sometimes be useful to set this to a smaller number if the remote is giving a lot of timeouts or bigger if you have lots of bandwidth and a fast remote.
The default is to run 4 file transfers in parallel.
+
Look at --multi-thread-streams if you would like to control single file transfers.
-u, --update
This forces rclone to skip any files which exist on the destination and have a modified time that is newer than the source file.
This can be useful in avoiding needless transfers when transferring to a remote which doesn't support modification times directly (or when using --use-server-modtime to avoid extra API calls) as it is more accurate than a --size-only check and faster than using --checksum. On such remotes (or when using --use-server-modtime) the time checked will be the uploaded time.
If an existing destination file has a modification time older than the source file's, it will be updated if the sizes are different. If the sizes are the same, it will be updated if the checksum is different or not available.
If an existing destination file has a modification time equal (within the computed modify window) to the source file's, it will be updated if the sizes are different. The checksum will not be checked in this case unless the --checksum flag is provided.
In all other cases the file will not be updated.
-
Consider using the --modify-window flag to compensate for time skews between the source and the backend, for backends that do not support mod times, and instead use uploaded times. However, if the backend does not support checksums, note that sync'ing or copying within the time skew window may still result in additional transfers for safety.
+
Consider using the --modify-window flag to compensate for time skews between the source and the backend, for backends that do not support mod times, and instead use uploaded times. However, if the backend does not support checksums, note that syncing or copying within the time skew window may still result in additional transfers for safety.
--use-mmap
If this flag is set then rclone will use anonymous memory allocated by mmap on Unix based platforms and VirtualAlloc on Windows for its transfer buffers (size controlled by --buffer-size). Memory allocated like this does not go on the Go heap and can be returned to the OS immediately when it is finished with.
If this flag is not set then rclone will allocate and free the buffers using the Go memory allocator which may use more memory as memory pages are returned less aggressively to the OS.
@@ -4452,6 +4865,7 @@
--use-server-modtime
-v, -vv, --verbose
With -v rclone will tell you about each file that is transferred and a small number of significant events.
With -vv rclone will become very verbose telling you about every file it considers and transfers. Please send bug reports with a log with this setting.
+
When setting verbosity as an environment variable, use RCLONE_VERBOSE=1 or RCLONE_VERBOSE=2 for -v and -vv respectively.
Rclone can be configured entirely using environment variables. These can be used to set defaults for options or config file entries.
-
Options
+
Options
Every option in rclone can have its default set by environment variable.
To find the name of the environment variable, first, take the long option name, strip the leading --, change - to _, make upper case and prepend RCLONE_.
For example, to always set --stats 5s, set the environment variable RCLONE_STATS=5s. If you set stats on the command line this will override the environment variable setting.
Or to always use the trash in drive --drive-use-trash, set RCLONE_DRIVE_USE_TRASH=true.
+
Verbosity is slightly different, the environment variable equivalent of --verbose or -v is RCLONE_VERBOSE=1, or for -vv, RCLONE_VERBOSE=2.
The same parser is used for the options and the environment variables so they take exactly the same form.
The options set by environment variables can be seen with the -vv flag, e.g. rclone version -vv.
Config file
@@ -4662,12 +5084,13 @@
Configuring rclone on a
Some of the configurations (those involving oauth2) require an Internet connected web browser.
If you are trying to set rclone up on a remote or headless box with no browser available on it (e.g. a NAS or a server in a datacenter) then you will need to use an alternative means of configuration. There are two ways of doing it, described below.
Configuring using rclone authorize
-
On the headless box run rclone config but answer N to the Use auto config? question.
+
On the headless box run rclone config but answer N to the Use web browser to automatically authenticate? question.
...
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes (default)
n) No
y/n> n
@@ -4714,6 +5137,20 @@
Configuring by copying the confi
Configuration file is stored at:
/home/user/.rclone.conf
Now transfer it to the remote box (scp, cut paste, ftp, sftp, etc.) and place it in the correct place (use rclone config file on the remote box to find out where).
+
Configuring using SSH Tunnel
+
Linux and MacOS users can utilize SSH Tunnel to redirect the headless box port 53682 to local machine by using the following command:
Then on the headless box run rclone config and answer Y to the Use web browser to automatically authenticate? question.
+
...
+Remote config
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
+y) Yes (default)
+n) No
+y/n> y
+
Then copy and paste the auth url http://127.0.0.1:53682/auth?state=xxxxxxxxxxxx to the browser on your local machine, complete the auth and it is done.
Filtering, includes and excludes
Filter flags determine which files rclone sync, move, ls, lsl, md5sum, sha1sum, size, delete, check and similar commands apply to.
They are specified in terms of path/file name patterns; path/file lists; file age and size, or presence of a file in a directory. Bucket based remotes without the concept of directory apply filters to object key, age and size in an analogous way.
@@ -4723,7 +5160,7 @@
Filtering, includes and excludes
E.g. rclone copy "remote:dir*.jpg" /path/to/dir does not have a filter effect. rclone copy remote:dir /path/to/dir --include "*.jpg" does.
Important Avoid mixing any two of --include..., --exclude... or --filter... flags in an rclone command. The results may not be what you expect. Instead use a --filter... flag.
Patterns for matching path/file names
-
Pattern syntax
+
Pattern syntax
Here is a formal definition of the pattern syntax, examples are below.
Rclone matching rules follow a glob style:
* matches any sequence of non-separator (/) characters
@@ -4780,7 +5217,7 @@
Pattern syntax
- matches "POTATO"
Using regular expressions in filter patterns
The syntax of filter patterns is glob style matching (like bash uses) to make things easy for users. However this does not provide absolute control over the matching, so for advanced users rclone also provides a regular expression syntax.
-
The regular expressions used are as defined in the Go regular expression reference. Regular expressions should be enclosed in {{}}. They will match only the last path segment if the glob doesn't start with / or the whole path name if it does.
+
The regular expressions used are as defined in the Go regular expression reference. Regular expressions should be enclosed in {{}}. They will match only the last path segment if the glob doesn't start with / or the whole path name if it does. Note that rclone does not attempt to parse the supplied regular expression, meaning that using any regular expression filter will prevent rclone from using directory filter rules, as it will instead check every path against the supplied regular expression(s).
Here is how the {{regexp}} is transformed into an full regular expression to match the entire path:
Rclone path/file name filters are made up of one or more of the following flags:
--include
@@ -4949,14 +5386,15 @@
How filter rules are applied to f
Any path/file included at that stage is processed by the rclone command.
--files-from and --files-from-raw flags over-ride and cannot be combined with other filter options.
To see the internal combined rule list, in regular expression form, for a command add the --dump filters flag. Running an rclone command with --dump filters and -vv flags lists the internal filter elements and shows how they are applied to each source path/file. There is not currently a means provided to pass regular expression filter options into rclone directly though character class filter rules contain character classes. Go regular expression reference
-
How filter rules are applied to directories
+
How filter rules are applied to directories
Rclone commands are applied to path/file names not directories. The entire contents of a directory can be matched to a filter by the pattern directory/* or recursively by directory/**.
Directory filter rules are defined with a closing / separator.
E.g. /directory/subdirectory/ is an rclone directory filter rule.
Rclone commands can use directory filter rules to determine whether they recurse into subdirectories. This potentially optimises access to a remote by avoiding listing unnecessary directories. Whether optimisation is desirable depends on the specific filter rules and source remote content.
+
If any regular expression filters are in use, then no directory recursion optimisation is possible, as rclone must check every path against the supplied regular expression(s).
Directory recursion optimisation occurs if either:
-
A source remote does not support the rclone ListR primitive. local, sftp, Microsoft OneDrive and WebDav do not support ListR. Google Drive and most bucket type storage do. Full list
+
A source remote does not support the rclone ListR primitive. local, sftp, Microsoft OneDrive and WebDAV do not support ListR. Google Drive and most bucket type storage do. Full list
On other remotes (those that support ListR), if the rclone command is not naturally recursive, and provided it is not run with the --fast-list flag. ls, lsf -R and size are naturally recursive but sync, copy and move are not.
Whenever the --disable ListR flag is applied to an rclone command.
@@ -5118,34 +5556,21 @@
Other filters
--min-size - Don't transfer any file smaller than this
Controls the minimum size file within the scope of an rclone command. Default units are KiB but abbreviations K, M, G, T or P are valid.
E.g. rclone ls remote: --min-size 50k lists files on remote: of 50 KiB size or larger.
--delete-excluded - Delete files on dest excluded from sync
Important this flag is dangerous to your data - use with --dry-run and -v first.
@@ -5157,7 +5582,7 @@
--dump filtersDumps the defined filters to standard output in regular expression format.
Useful for debugging.
Exclude directory based on a file
-
The --exclude-if-present flag controls whether a directory is within the scope of an rclone command based on the presence of a named file within it.
+
The --exclude-if-present flag controls whether a directory is within the scope of an rclone command based on the presence of a named file within it. The flag can be repeated to check for multiple file names, presence of any of them will exclude the directory.
This flag has a priority over other filter flags.
E.g. for the following directory structure:
dir1/file1
@@ -5165,7 +5590,24 @@
Exclude directory based on a file
The command rclone ls --exclude-if-present .ignore dir1 does not list dir3, file3 or .ignore.
-
--exclude-if-present can only be used once in an rclone command.
+
Metadata filters
+
The metadata filters work in a very similar way to the normal file name filters, except they match metadata on the object.
--metadata-exclude-from - Read metadata exclude patterns from file (use - to read from stdin)
+
--metadata-filter - Add a metadata filtering rule
+
--metadata-filter-from - Read metadata filtering patterns from a file (use - to read from stdin)
+
+
Each flag can be repeated. See the section on how filter rules are applied for more details - these flags work in an identical way to the file name filtering flags, but instead of file name patterns have metadata patterns.
Common pitfalls
The most frequent filter support issues on the rclone forum are:
@@ -5245,8 +5687,8 @@
Project
If you have questions then please ask them on the rclone forum.
Remote controlling rclone with its API
If rclone is run with the --rc flag then it starts an HTTP server which can be used to remote control rclone using its API.
If you just want to run a remote control then see the rcd command.
Supported parameters
--rc
Flag to start the http server listen on remote requests
@@ -5262,6 +5704,8 @@
--rc-key=PATH
SSL PEM Private key
--rc-max-header-bytes=VALUE
Maximum size of request header (default 4096)
+
--rc-min-tls-version=VALUE
+
The minimum TLS version that is acceptable. Valid values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default "tls1.0").
--rc-user=VALUE
User name for authentication.
--rc-pass=VALUE
@@ -5310,6 +5754,11 @@
--rc-no-auth
By default rclone will require authorisation to have been set up on the rc interface in order to use any methods which access any rclone remotes. Eg operations/list is denied as it involved creating a remote as is sync/copy.
If this is set then no authorisation will be required on the server to use these methods. The alternative is to use --rc-user and --rc-pass and use these credentials in the request.
Default Off.
+
--rc-baseurl
+
Prefix for URLs.
+
Default is root
+
--rc-template
+
User-specified template.
Accessing the remote control via the rclone rc command
Rclone itself implements the remote control protocol in its rclone rc command.
You can use it like this
@@ -5427,7 +5876,7 @@
Data types
Specifying remotes to work on
Remotes are specified with the fs=, srcFs=, dstFs= parameters depending on the command being used.
The parameters can be a string as per the rest of rclone, eg s3:bucket/path or :sftp:/my/dir. They can also be specified as JSON blobs.
-
If specifyng a JSON blob it should be a object mapping strings to strings. These values will be used to configure the remote. There are 3 special values which may be set:
+
If specifying a JSON blob it should be a object mapping strings to strings. These values will be used to configure the remote. There are 3 special values which may be set:
type - set to type to specify a remote called :type:
_name - set to name to specify a remote called name:
@@ -5516,30 +5965,30 @@
config/create: create the config for a remote.
result - result to restart with - used with continue
See the config update command for more information on the above.
Authentication is required for this call.
core/bwlimit: Set the bandwidth limit.
This sets the bandwidth limit to the string passed in. This should be a single bandwidth limit entry or a pair of upload:download bandwidth.
@@ -5636,7 +6091,7 @@
core/command: Run a rclone terminal command over rc.
"result": "<Raw command line output>"
}
-OR
+OR
{
"error": true,
"result": "<Raw command line output>"
@@ -5774,6 +6229,14 @@
debug/set-block-profile-rate: Set runtime.
rate - int
+
debug/set-gc-percent: Call runtime/debug.SetGCPercent for setting the garbage collection target percentage.
+
SetGCPercent sets the garbage collection target percentage: a collection is triggered when the ratio of freshly allocated data to live data remaining after the previous collection reaches this percentage. SetGCPercent returns the previous setting. The initial setting is the value of the GOGC environment variable at startup, or 100 if the variable is not set.
+
This setting may be effectively reduced in order to maintain a memory limit. A negative percentage effectively disables garbage collection, unless the memory limit is reached.
+
See https://pkg.go.dev/runtime/debug#SetMemoryLimit for more details.
+
Parameters:
+
+
gc-percent - int
+
debug/set-mutex-profile-fraction: Set runtime.SetMutexProfileFraction for mutex profiling.
SetMutexProfileFraction controls the fraction of mutex contention events that are reported in the mutex profile. On average 1/rate events are reported. The previous rate is returned.
To turn off profiling entirely, pass rate 0. To just read the current rate, pass rate < 0. (For n>1 the details of sampling may change.)
@@ -5787,6 +6250,18 @@
debug/set-mutex-profile-fraction: Set
previousRate - int
+
debug/set-soft-memory-limit: Call runtime/debug.SetMemoryLimit for setting a soft memory limit for the runtime.
+
SetMemoryLimit provides the runtime with a soft memory limit.
+
The runtime undertakes several processes to try to respect this memory limit, including adjustments to the frequency of garbage collections and returning memory to the underlying system more aggressively. This limit will be respected even if GOGC=off (or, if SetGCPercent(-1) is executed).
+
The input limit is provided as bytes, and includes all memory mapped, managed, and not released by the Go runtime. Notably, it does not account for space used by the Go binary and memory external to Go, such as memory managed by the underlying system on behalf of the process, or memory managed by non-Go code inside the same process. Examples of excluded memory sources include: OS kernel memory held on behalf of the process, memory allocated by C code, and memory mapped by syscall.Mmap (because it is not managed by the Go runtime).
+
A zero limit or a limit that's lower than the amount of memory used by the Go runtime may cause the garbage collector to run nearly continuously. However, the application may still make progress.
+
The memory limit is always respected by the Go runtime, so to effectively disable this behavior, set the limit very high. math.MaxInt64 is the canonical value for disabling the limit, but values much greater than the available memory on the underlying system work just as well.
+
See https://go.dev/doc/gc-guide for a detailed guide explaining the soft memory limit in more detail, as well as a variety of common use-cases and scenarios.
+
SetMemoryLimit returns the previously set memory limit. A negative input does not adjust the limit, and allows for retrieval of the currently set memory limit.
+
Parameters:
+
+
mem-limit - int
+
fscache/clear: Clear the Fs cache.
This clears the fs cache. This is where remotes created from backends are cached for a short while to make repeated rc calls more efficient.
If you change the parameters of a backend then you may want to call this to clear an existing remote out of the cache before re-creating it.
@@ -5824,6 +6299,11 @@
job/stop: Stop the running job
jobid - id of the job (integer).
+
job/stopgroup: Stop all running jobs in a group
+
Parameters:
+
+
group - name of the group (string).
+
mount/listmounts: Show current mount points
This shows currently mounted points, which can be used for performing an unmount.
See the deletefile command for more information on the above.
Authentication is required for this call.
operations/fsinfo: Return information about the remote
This takes the following parameters:
@@ -5931,46 +6412,103 @@
operations/fsinfo: Return information about the remot
This returns info about the remote passed in;
{
- // optional features and whether they are available or not
- "Features": {
- "About": true,
- "BucketBased": false,
- "CanHaveEmptyDirectories": true,
- "CaseInsensitive": false,
- "ChangeNotify": false,
- "CleanUp": false,
- "Copy": false,
- "DirCacheFlush": false,
- "DirMove": true,
- "DuplicateFiles": false,
- "GetTier": false,
- "ListR": false,
- "MergeDirs": false,
- "Move": true,
- "OpenWriterAt": true,
- "PublicLink": false,
- "Purge": true,
- "PutStream": true,
- "PutUnchecked": false,
- "ReadMimeType": false,
- "ServerSideAcrossConfigs": false,
- "SetTier": false,
- "SetWrapper": false,
- "UnWrap": false,
- "WrapFs": false,
- "WriteMimeType": false
- },
- // Names of hashes available
- "Hashes": [
- "MD5",
- "SHA-1",
- "DropboxHash",
- "QuickXorHash"
- ],
- "Name": "local", // Name as created
- "Precision": 1, // Precision of timestamps in ns
- "Root": "/", // Path as created
- "String": "Local file system at /" // how the remote will appear in logs
+ // optional features and whether they are available or not
+ "Features": {
+ "About": true,
+ "BucketBased": false,
+ "BucketBasedRootOK": false,
+ "CanHaveEmptyDirectories": true,
+ "CaseInsensitive": false,
+ "ChangeNotify": false,
+ "CleanUp": false,
+ "Command": true,
+ "Copy": false,
+ "DirCacheFlush": false,
+ "DirMove": true,
+ "Disconnect": false,
+ "DuplicateFiles": false,
+ "GetTier": false,
+ "IsLocal": true,
+ "ListR": false,
+ "MergeDirs": false,
+ "MetadataInfo": true,
+ "Move": true,
+ "OpenWriterAt": true,
+ "PublicLink": false,
+ "Purge": true,
+ "PutStream": true,
+ "PutUnchecked": false,
+ "ReadMetadata": true,
+ "ReadMimeType": false,
+ "ServerSideAcrossConfigs": false,
+ "SetTier": false,
+ "SetWrapper": false,
+ "Shutdown": false,
+ "SlowHash": true,
+ "SlowModTime": false,
+ "UnWrap": false,
+ "UserInfo": false,
+ "UserMetadata": true,
+ "WrapFs": false,
+ "WriteMetadata": true,
+ "WriteMimeType": false
+ },
+ // Names of hashes available
+ "Hashes": [
+ "md5",
+ "sha1",
+ "whirlpool",
+ "crc32",
+ "sha256",
+ "dropbox",
+ "mailru",
+ "quickxor"
+ ],
+ "Name": "local", // Name as created
+ "Precision": 1, // Precision of timestamps in ns
+ "Root": "/", // Path as created
+ "String": "Local file system at /", // how the remote will appear in logs
+ // Information about the system metadata for this backend
+ "MetadataInfo": {
+ "System": {
+ "atime": {
+ "Help": "Time of last access",
+ "Type": "RFC 3339",
+ "Example": "2006-01-02T15:04:05.999999999Z07:00"
+ },
+ "btime": {
+ "Help": "Time of file birth (creation)",
+ "Type": "RFC 3339",
+ "Example": "2006-01-02T15:04:05.999999999Z07:00"
+ },
+ "gid": {
+ "Help": "Group ID of owner",
+ "Type": "decimal number",
+ "Example": "500"
+ },
+ "mode": {
+ "Help": "File type and mode",
+ "Type": "octal, unix style",
+ "Example": "0100664"
+ },
+ "mtime": {
+ "Help": "Time of last modification",
+ "Type": "RFC 3339",
+ "Example": "2006-01-02T15:04:05.999999999Z07:00"
+ },
+ "rdev": {
+ "Help": "Device ID (if special file)",
+ "Type": "hexadecimal",
+ "Example": "1abc"
+ },
+ "uid": {
+ "Help": "User ID of owner",
+ "Type": "decimal number",
+ "Example": "500"
+ }
+ },
+ "Help": "Textual help string\n"
+ }
}
This command does not have a command line equivalent so use this instead:
rclone rc --loopback operations/fsinfo fs=remote:
@@ -5989,6 +6527,7 @@
operations/list: List the given remote and path in JSON
noMimeType - If set don't show mime types
dirsOnly - If set only show directories
filesOnly - If set only show files
+
metadata - If set return metadata of objects also
hashTypes - array of strings of hash types to show if showHash set
@@ -5999,7 +6538,7 @@
operations/list: List the given remote and path in JSON
This is an array of objects as described in the lsjson command
-
See the lsjson command for more information on the above and examples.
+
See the lsjson command for more information on the above and examples.
Authentication is required for this call.
operations/mkdir: Make a destination directory or container
This takes the following parameters:
@@ -6007,7 +6546,7 @@
operations/mkdir: Make a destination directory or cont
fs - a remote name string e.g. "drive:"
remote - a path within that remote e.g. "dir"
-
See the mkdir command command for more information on the above.
+
See the mkdir command for more information on the above.
Authentication is required for this call.
operations/movefile: Move a file from source remote to destination remote
This takes the following parameters:
@@ -6030,7 +6569,7 @@
operations/publiclink: Create or retrieve a publi
url - URL of the resource
-
See the link command command for more information on the above.
+
See the link command for more information on the above.
Authentication is required for this call.
operations/purge: Remove a directory or container and all of its contents
This takes the following parameters:
@@ -6038,7 +6577,7 @@
operations/purge: Remove a directory or container and
fs - a remote name string e.g. "drive:"
remote - a path within that remote e.g. "dir"
-
See the purge command command for more information on the above.
+
See the purge command for more information on the above.
Authentication is required for this call.
operations/rmdir: Remove an empty directory or container
This takes the following parameters:
@@ -6046,15 +6585,16 @@
operations/rmdir: Remove an empty directory or contain
fs - a remote name string e.g. "drive:"
remote - a path within that remote e.g. "dir"
-
See the rmdir command command for more information on the above.
+
See the rmdir command for more information on the above.
Authentication is required for this call.
operations/rmdirs: Remove all the empty directories in the path
This takes the following parameters:
fs - a remote name string e.g. "drive:"
remote - a path within that remote e.g. "dir"
-
leaveRoot - boolean, set to true not to delete the root See the rmdirs command command for more information on the above.
+
leaveRoot - boolean, set to true not to delete the root
+
See the rmdirs command for more information on the above.
Authentication is required for this call.
operations/size: Count the number of bytes and files in remote
This takes the following parameters:
@@ -6066,7 +6606,7 @@
operations/size: Count the number of bytes and files in
count - number of files
bytes - number of bytes in those files
-
See the size command command for more information on the above.
+
See the size command for more information on the above.
Authentication is required for this call.
operations/stat: Give information about the supplied file or directory
This takes the following parameters
@@ -6083,15 +6623,16 @@
operations/stat: Give information about the supplied fi
item - an object as described in the lsjson command. Will be null if not found.
Note that if you are only interested in files then it is much more efficient to set the filesOnly flag in the options.
-
See the lsjson command for more information on the above and examples.
+
See the lsjson command for more information on the above and examples.
Authentication is required for this call.
operations/uploadfile: Upload file using multiform/form-data
This takes the following parameters:
fs - a remote name string e.g. "drive:"
remote - a path within that remote e.g. "dir"
-
each part in body represents a file to be uploaded See the uploadfile command command for more information on the above.
+
each part in body represents a file to be uploaded
+
See the uploadfile command for more information on the above.
Authentication is required for this call.
options/blocks: List all the option blocks
Returns: - options - a list of the options block names
@@ -6192,7 +6733,7 @@
rc/noop: Echo the input to the output parameters
rc/noopauth: Echo the input to the output parameters requiring auth
This echoes the input parameters to the output parameters for testing purposes. It can be used to check that rclone is still alive and to check that parameter passing is working properly.
Authentication is required for this call.
-
sync/bisync: Perform bidirectonal synchronization between two paths.
+
sync/bisync: Perform bidirectional synchronization between two paths.
This takes the following parameters
path1 - a remote directory string e.g. drive:path1
@@ -6218,7 +6759,7 @@
sync/copy: copy a directory from source remote to destination
dstFs - a remote name string e.g. "drive:dst" for the destination
createEmptySrcDirs - create empty src directories on destination if set
-
See the copy command command for more information on the above.
+
See the copy command for more information on the above.
Authentication is required for this call.
sync/move: move a directory from source remote to destination remote
This takes the following parameters:
@@ -6228,7 +6769,7 @@
sync/move: move a directory from source remote to destination
createEmptySrcDirs - create empty src directories on destination if set
deleteEmptySrcDirs - delete empty src directories if set
-
See the move command command for more information on the above.
+
See the move command for more information on the above.
Authentication is required for this call.
sync/sync: sync a directory from source remote to destination remote
This takes the following parameters:
@@ -6237,7 +6778,7 @@
sync/sync: sync a directory from source remote to destination
dstFs - a remote name string e.g. "drive:dst" for the destination
createEmptySrcDirs - create empty src directories on destination if set
-
See the sync command command for more information on the above.
+
See the sync command for more information on the above.
Authentication is required for this call.
vfs/forget: Forget files or directories in the directory cache.
This forgets the paths in the directory cache causing them to be re-read from the remote when needed.
@@ -6428,320 +6969,387 @@
Features
Case Insensitive
Duplicate Files
MIME Type
+
Metadata
1Fichier
Whirlpool
-
No
+
-
No
Yes
R
+
-
Akamai Netstorage
MD5, SHA256
-
Yes
+
R/W
No
No
R
+
-
Amazon Drive
MD5
-
No
+
-
Yes
No
R
+
-
Amazon S3 (or S3 compatible)
MD5
-
Yes
+
R/W
No
No
R/W
+
RWU
Backblaze B2
SHA1
-
Yes
+
R/W
No
No
R/W
+
-
Box
SHA1
-
Yes
+
R/W
Yes
No
-
+
-
Citrix ShareFile
MD5
-
Yes
+
R/W
Yes
No
-
+
-
Dropbox
DBHASH ¹
-
Yes
+
R
Yes
No
-
+
-
Enterprise File Fabric
-
-
Yes
+
R/W
Yes
No
R/W
+
-
FTP
-
-
No
+
R/W ¹⁰
No
No
-
+
-
Google Cloud Storage
MD5
-
Yes
+
R/W
No
No
R/W
+
-
Google Drive
MD5
-
Yes
+
R/W
No
Yes
R/W
+
-
Google Photos
-
-
No
+
-
No
Yes
R
+
-
HDFS
-
-
Yes
+
R/W
No
No
-
+
-
+
HiDrive
+
HiDrive ¹²
+
R/W
+
No
+
No
+
-
+
-
+
+
HTTP
-
-
No
+
R
No
No
R
+
-
-
-
Hubic
-
MD5
-
Yes
+
+
Internet Archive
+
MD5, SHA1, CRC32
+
R/W ¹¹
No
No
-
R/W
+
-
+
RWU
-
+
Jottacloud
MD5
-
Yes
+
R/W
Yes
No
R
+
-
-
+
Koofr
MD5
-
No
+
-
Yes
No
-
+
-
-
+
Mail.ru Cloud
Mailru ⁶
-
Yes
+
R/W
Yes
No
-
+
-
-
+
Mega
-
-
No
+
-
No
Yes
-
+
-
-
+
Memory
MD5
-
Yes
+
R/W
No
No
-
+
-
-
+
Microsoft Azure Blob Storage
MD5
-
Yes
+
R/W
No
No
R/W
+
-
-
+
Microsoft OneDrive
SHA1 ⁵
-
Yes
+
R/W
Yes
No
R
+
-
-
+
OpenDrive
MD5
-
Yes
+
R/W
Yes
Partial ⁸
-
+
-
-
+
OpenStack Swift
MD5
-
Yes
+
R/W
+
No
+
No
+
R/W
+
-
+
+
+
Oracle Object Storage
+
MD5
+
R/W
No
No
R/W
+
-
pCloud
MD5, SHA1 ⁷
-
Yes
+
R
No
No
W
+
-
premiumize.me
-
-
No
+
-
Yes
No
R
+
-
put.io
CRC-32
-
Yes
+
R/W
No
Yes
R
+
-
QingStor
MD5
-
No
+
- ⁹
No
No
R/W
+
-
Seafile
-
+
-
No
No
-
No
+
-
-
SFTP
MD5, SHA1 ²
-
Yes
+
R/W
Depends
No
-
+
-
Sia
-
+
-
No
No
-
No
+
-
-
-
SugarSync
+
SMB
+
-
-
+
Yes
No
+
-
+
-
+
+
+
SugarSync
+
-
+
-
No
No
-
+
-
-
+
Storj
-
-
Yes
+
R
No
No
-
+
-
-
+
Uptobox
-
-
No
+
-
No
Yes
-
+
-
-
+
WebDAV
MD5, SHA1 ³
-
Yes ⁴
+
R ⁴
Depends
No
-
+
-
-
+
Yandex Disk
MD5
-
Yes
+
R/W
No
No
R
+
-
-
+
Zoho WorkDrive
-
+
-
No
No
-
No
+
-
-
-
+
The local filesystem
All
-
Yes
+
R/W
Depends
No
-
+
RWU
@@ -6754,12 +7362,18 @@
Notes
⁶ Mail.ru uses its own modified SHA1 hash
⁷ pCloud only supports SHA1 (not MD5) in its EU region
⁸ Opendrive does not support creation of duplicate files using their web client interface or other stock clients, but the underlying storage platform has been determined to allow duplicate files, and it is possible to create them with rclone. It may be that this is a mistake or an unsupported feature.
+
⁹ QingStor does not support SetModTime for objects bigger than 5 GiB.
+
¹⁰ FTP supports modtimes for the major FTP servers, and also others if they advertised required protocol extensions. See this for more details.
+
¹¹ Internet Archive requires option wait_archive to be set to a non-zero value for full modtime support.
+
¹² HiDrive supports its own custom hash. It combines SHA1 sums for each 4 KiB block hierarchically to a single top-level sum.
Hash
The cloud storage system supports various hash types of the objects. The hashes are used when transferring data as an integrity check and can be specifically used with the --checksum flag in syncs and in the check command.
To use the verify checksums when transferring between cloud storage systems they must support a common hash type.
ModTime
-
The cloud storage system supports setting modification times on objects. If it does then this enables a using the modification times as part of the sync. If not then only the size will be checked by default, though the MD5SUM can be checked with the --checksum flag.
-
All cloud storage systems support some kind of date on the object and these will be set when transferring from the cloud storage system.
+
Almost all cloud storage systems store some sort of timestamp on objects, but several of them not something that is appropriate to use for syncing. E.g. some backends will only write a timestamp that represent the time of the upload. To be relevant for syncing it should be able to store the modification time of the source object. If this is not the case, rclone will only check the file size by default, though can be configured to check the file hash (with the --checksum flag). Ideally it should also be possible to change the timestamp of an existing file without having to re-upload it.
+
Storage systems with a - in the ModTime column, means the modification read on objects is not the modification time of the file when uploaded. It is most likely the time the file was uploaded, or possibly something else (like the time the picture was taken in Google Photos).
+
Storage systems with a R (for read-only) in the ModTime column, means the it keeps modification times on objects, and updates them when uploading objects, but it does not support changing only the modification time (SetModTime operation) without re-uploading, possibly not even without deleting existing first. Some operations in rclone, such as copy and sync commands, will automatically check for SetModTime support and re-upload if necessary to keep the modification times in sync. Other commands will not work without SetModTime support, e.g. touch command on an existing file will fail, and changes to modification time only on a files in a mount will be silently ignored.
+
Storage systems with R/W (for read/write) in the ModTime column, means they do also support modtime-only operations.
Case Insensitive
If a cloud storage systems is case sensitive then it is possible to have two files which differ only in case, e.g. file.txt and FILE.txt. If a cloud storage system is case insensitive then that isn't possible.
This can cause problems when syncing between a case insensitive system and a case sensitive system. The symptom of this is that no matter how many times you run the sync it never completes fully.
@@ -7000,120 +7614,158 @@
Encoding option
The --backend-encoding flags allow you to change that. You can disable the encoding completely with --backend-encoding None or set encoding = None in the config file.
Encoding takes a comma separated list of encodings. You can see the list of all possible values by passing an invalid value to this flag, e.g. --local-encoding "help". The command rclone help flags encoding will show you the defaults for the backends.
+
+
+
+
+
Encoding
Characters
+
Encoded as
Asterisk
*
+
*
BackQuote
`
+
`
BackSlash
\
+
\
Colon
:
+
:
CrLf
CR 0x0D, LF 0x0A
+
␍, ␊
Ctl
All control characters 0x00-0x1F
+
␀␁␂␃␄␅␆␇␈␉␊␋␌␍␎␏␐␑␒␓␔␕␖␗␘␙␚␛␜␝␞␟
Del
DEL 0x7F
+
␡
Dollar
$
+
$
Dot
. or .. as entire string
+
., ..
DoubleQuote
"
+
"
Hash
#
+
#
InvalidUtf8
An invalid UTF-8 character (e.g. latin1)
+
�
LeftCrLfHtVt
-
CR 0x0D, LF 0x0A,HT 0x09, VT 0x0B on the left of a string
+
CR 0x0D, LF 0x0A, HT 0x09, VT 0x0B on the left of a string
+
␍, ␊, ␉, ␋
LeftPeriod
. on the left of a string
+
.
LeftSpace
SPACE on the left of a string
+
␠
LeftTilde
~ on the left of a string
+
~
LtGt
<, >
+
<, >
None
No characters are encoded
+
Percent
%
+
%
Pipe
|
+
|
Question
?
+
?
RightCrLfHtVt
CR 0x0D, LF 0x0A, HT 0x09, VT 0x0B on the right of a string
+
␍, ␊, ␉, ␋
RightPeriod
. on the right of a string
+
.
RightSpace
SPACE on the right of a string
+
␠
+
Semicolon
+
;
+
;
+
+
SingleQuote
'
+
'
-
+
Slash
/
+
/
-
+
SquareBracket
[, ]
+
[, ]
@@ -7139,6 +7791,32 @@
MIME Type
Some cloud storage systems support reading (R) the MIME type of objects and some support writing (W) the MIME type of objects.
The MIME type can be important if you are serving files directly to HTTP from the storage system.
If you are copying from a remote which supports reading (R) to a remote which supports writing (W) then rclone will preserve the MIME types. Otherwise they will be guessed from the extension, or the remote itself may assign the MIME type.
+
Metadata
+
Backends may or may support reading or writing metadata. They may support reading and writing system metadata (metadata intrinsic to that backend) and/or user metadata (general purpose metadata).
+
The levels of metadata support are
+
+
+
+
Key
+
Explanation
+
+
+
+
+
R
+
Read only System Metadata
+
+
+
RW
+
Read and write System Metadata
+
+
+
RWU
+
Read and write System Metadata and read and write User Metadata
All rclone remotes support a base command set. Other features depend upon backend-specific capabilities.
@@ -7172,6 +7850,19 @@
Optional Features
Yes
+
Akamai Netstorage
+
Yes
+
No
+
No
+
No
+
No
+
Yes
+
Yes
+
No
+
No
+
Yes
+
+
Amazon Drive
Yes
No
@@ -7184,8 +7875,8 @@
Optional Features
No
Yes
-
-
Amazon S3
+
+
Amazon S3 (or S3 compatible)
No
Yes
No
@@ -7197,7 +7888,7 @@
Optional Features
No
No
-
+
Backblaze B2
No
Yes
@@ -7210,7 +7901,7 @@
Optional Features
No
No
-
+
Box
Yes
Yes
@@ -7223,7 +7914,7 @@
Optional Features
Yes
Yes
-
+
Citrix ShareFile
Yes
Yes
@@ -7236,7 +7927,7 @@
Optional Features
No
Yes
-
+
Dropbox
Yes
Yes
@@ -7249,7 +7940,7 @@
Optional Features
Yes
Yes
-
+
Enterprise File Fabric
Yes
Yes
@@ -7262,7 +7953,7 @@
Optional Features
No
Yes
-
+
FTP
No
No
@@ -7275,7 +7966,7 @@
Optional Features
No
Yes
-
+
Google Cloud Storage
Yes
Yes
@@ -7288,7 +7979,7 @@
Optional Features
No
No
-
+
Google Drive
Yes
Yes
@@ -7301,7 +7992,7 @@
Optional Features
Yes
Yes
-
+
Google Photos
No
No
@@ -7314,7 +8005,7 @@
Optional Features
No
No
-
+
HDFS
Yes
No
@@ -7327,6 +8018,19 @@
Optional Features
Yes
Yes
+
+
HiDrive
+
Yes
+
Yes
+
Yes
+
Yes
+
No
+
No
+
Yes
+
No
+
No
+
Yes
+
HTTP
No
@@ -7341,16 +8045,16 @@
Optional Features
Yes
-
Hubic
-
Yes †
-
Yes
+
Internet Archive
No
+
Yes
No
No
Yes
Yes
No
Yes
+
Yes
No
@@ -7367,6 +8071,19 @@
Optional Features
Yes
+
Koofr
+
Yes
+
Yes
+
Yes
+
Yes
+
No
+
No
+
Yes
+
Yes
+
Yes
+
Yes
+
+
Mail.ru Cloud
Yes
Yes
@@ -7379,7 +8096,7 @@
Optional Features
Yes
Yes
-
+
Mega
Yes
No
@@ -7392,7 +8109,7 @@
Optional Features
Yes
Yes
-
+
Memory
No
Yes
@@ -7405,7 +8122,7 @@
Optional Features
No
No
-
+
Microsoft Azure Blob Storage
Yes
Yes
@@ -7418,7 +8135,7 @@
Optional Features
No
No
-
+
Microsoft OneDrive
Yes
Yes
@@ -7431,7 +8148,7 @@
Optional Features
Yes
Yes
-
+
OpenDrive
Yes
Yes
@@ -7444,7 +8161,7 @@
Optional Features
No
Yes
-
+
OpenStack Swift
Yes †
Yes
@@ -7457,6 +8174,19 @@
Optional Features
Yes
No
+
+
Oracle Object Storage
+
No
+
Yes
+
No
+
No
+
Yes
+
Yes
+
Yes
+
No
+
No
+
No
+
pCloud
Yes
@@ -7536,6 +8266,32 @@
Optional Features
Yes
+
Sia
+
No
+
No
+
No
+
No
+
No
+
No
+
Yes
+
No
+
No
+
Yes
+
+
+
SMB
+
No
+
No
+
Yes
+
Yes
+
No
+
No
+
Yes
+
No
+
No
+
Yes
+
+
SugarSync
Yes
Yes
@@ -7551,7 +8307,7 @@
Optional Features
Storj
Yes †
-
No
+
Yes
Yes
No
No
@@ -7630,7 +8386,7 @@
Optional Features
Purge
This deletes a directory quicker than just deleting all the files in the directory.
-
† Note Swift, Hubic, and Storj implement this in order to delete directory markers but they don't actually have a quicker way of deleting files other than deleting them individually.
+
† Note Swift and Storj implement this in order to delete directory markers but they don't actually have a quicker way of deleting files other than deleting them individually.
‡ StreamUpload is not supported with Nextcloud
Copy
Used when copying an object to and from the same remote. This known as a server-side copy so you can copy a file without downloading it and uploading it again. It is used if you use rclone copy or rclone move if the remote doesn't support Move directly.
@@ -7675,9 +8431,10 @@
Non Backend Flags
-c, --checksum Skip based on checksum (if available) & size, not mod-time & size
--client-cert string Client SSL certificate (PEM) for mutual TLS auth
--client-key string Client SSL private key (PEM) for mutual TLS auth
+ --color string When to show colors (and other ANSI codes) AUTO|NEVER|ALWAYS (default "AUTO")
--compare-dest stringArray Include additional comma separated server-side paths during comparison
--config string Config file (default "$HOME/.config/rclone/rclone.conf")
- --contimeout duration Connect timeout (default 1m0s)
+ --contimeout Duration Connect timeout (default 1m0s)
--copy-dest stringArray Implies --compare-dest but also copies files from paths into destination
--cpuprofile string Write cpu profile to file
--cutoff-mode string Mode to stop transfers when reaching the max transfer limit HARD|SOFT|CAUTIOUS (default "HARD")
@@ -7686,6 +8443,7 @@
Non Backend Flags
--delete-during When synchronizing, delete files during transfer
--delete-excluded Delete files on dest excluded from sync
--disable string Disable a comma separated list of features (use --disable help to see a list)
+ --disable-http-keep-alives Disable HTTP keep-alives and use each connection once.
--disable-http2 Disable HTTP/2 in the global transport
-n, --dry-run Do a trial run with no permanent changes
--dscp string Set DSCP value to connections, value or name, e.g. CS1, LE, DF, AF21
@@ -7694,16 +8452,16 @@
Non Backend Flags
--dump-headers Dump HTTP headers - may contain sensitive info
--error-on-no-transfer Sets exit code 9 if no files are transferred, useful in scripts
--exclude stringArray Exclude files matching pattern
- --exclude-from stringArray Read exclude patterns from file (use - to read from stdin)
- --exclude-if-present string Exclude directories if filename is present
- --expect-continue-timeout duration Timeout when using expect / 100-continue in HTTP (default 1s)
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --expect-continue-timeout Duration Timeout when using expect / 100-continue in HTTP (default 1s)
--fast-list Use recursive list if available; uses more memory but fewer transactions
--files-from stringArray Read list of source-file names from file (use - to read from stdin)
--files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
- -f, --filter stringArray Add a file-filtering rule
- --filter-from stringArray Read filtering patterns from a file (use - to read from stdin)
- --fs-cache-expire-duration duration Cache remotes for this long (0 to disable caching) (default 5m0s)
- --fs-cache-expire-interval duration Interval to check for expired remotes (default 1m0s)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --fs-cache-expire-duration Duration Cache remotes for this long (0 to disable caching) (default 5m0s)
+ --fs-cache-expire-interval Duration Interval to check for expired remotes (default 1m0s)
--header stringArray Set HTTP header for all transactions
--header-download stringArray Set HTTP header for download transactions
--header-upload stringArray Set HTTP header for upload transactions
@@ -7717,9 +8475,9 @@
Non Backend Flags
-I, --ignore-times Don't skip files that match size and time - transfer all files
--immutable Do not modify files, fail if existing files have been modified
--include stringArray Include files matching pattern
- --include-from stringArray Read include patterns from file (use - to read from stdin)
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
-i, --interactive Enable interactive mode
- --kv-lock-time duration Maximum time to keep key-value database locked by process (default 1s)
+ --kv-lock-time Duration Maximum time to keep key-value database locked by process (default 1s)
--log-file string Log everything to this file
--log-format string Comma separated list of log format options (default "date,time")
--log-level string Log level DEBUG|INFO|NOTICE|ERROR (default "NOTICE")
@@ -7729,14 +8487,22 @@
Non Backend Flags
--max-backlog int Maximum number of objects in sync or check backlog (default 10000)
--max-delete int When synchronizing, limit the number of deletes (default -1)
--max-depth int If set limits the recursion depth to this (default -1)
- --max-duration duration Maximum duration rclone will transfer data for
+ --max-duration Duration Maximum duration rclone will transfer data for (default 0s)
--max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
--max-stats-groups int Maximum number of stats groups to keep in memory, on max oldest is discarded (default 1000)
--max-transfer SizeSuffix Maximum size of data to transfer (default off)
--memprofile string Write memory profile to file
+ -M, --metadata If set, preserve metadata when copying objects
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --metadata-set stringArray Add metadata key=value when uploading
--min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
--min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
- --modify-window duration Max time diff to be considered the same (default 1ns)
+ --modify-window Duration Max time diff to be considered the same (default 1ns)
--multi-thread-cutoff SizeSuffix Use multi-thread downloads for files above this size (default 250Mi)
--multi-thread-streams int Max number of streams to use for multi-thread downloads (default 4)
--no-check-certificate Do not verify the server SSL certificate (insecure)
@@ -7752,24 +8518,26 @@
Non Backend Flags
--progress-terminal-title Show progress on the terminal title (requires -P/--progress)
-q, --quiet Print as little stuff as possible
--rc Enable the remote control server
- --rc-addr string IPaddress:Port or :Port to bind server to (default "localhost:5572")
+ --rc-addr stringArray IPaddress:Port or :Port to bind server to (default [localhost:5572])
--rc-allow-origin string Set the allowed origin for CORS
--rc-baseurl string Prefix for URLs - leave blank for root
- --rc-cert string SSL PEM key (concatenation of certificate and CA certificate)
+ --rc-cert string TLS PEM key (concatenation of certificate and CA certificate)
--rc-client-ca string Client certificate authority to verify clients with
--rc-enable-metrics Enable prometheus metrics on /metrics
--rc-files string Path to local files to serve on the HTTP server
- --rc-htpasswd string htpasswd file - if not provided no authentication is done
- --rc-job-expire-duration duration Expire finished async jobs older than this value (default 1m0s)
- --rc-job-expire-interval duration Interval to check for expired async jobs (default 10s)
- --rc-key string SSL PEM Private key
+ --rc-htpasswd string A htpasswd file - if not provided no authentication is done
+ --rc-job-expire-duration Duration Expire finished async jobs older than this value (default 1m0s)
+ --rc-job-expire-interval Duration Interval to check for expired async jobs (default 10s)
+ --rc-key string TLS PEM Private key
--rc-max-header-bytes int Maximum size of request header (default 4096)
+ --rc-min-tls-version string Minimum TLS version that is acceptable (default "tls1.0")
--rc-no-auth Don't require auth for certain methods
--rc-pass string Password for authentication
- --rc-realm string Realm for authentication (default "rclone")
+ --rc-realm string Realm for authentication
+ --rc-salt string Password hashing salt (default "dlPL2MqE")
--rc-serve Enable the serving of remote objects
- --rc-server-read-timeout duration Timeout for server reading data (default 1h0m0s)
- --rc-server-write-timeout duration Timeout for server writing data (default 1h0m0s)
+ --rc-server-read-timeout Duration Timeout for server reading data (default 1h0m0s)
+ --rc-server-write-timeout Duration Timeout for server writing data (default 1h0m0s)
--rc-template string User-specified template
--rc-user string User name for authentication
--rc-web-fetch-url string URL to fetch the releases for webgui (default "https://api.github.com/repos/rclone/rclone-webui-react/releases/latest")
@@ -7779,9 +8547,10 @@
Non Backend Flags
--rc-web-gui-update Check and update to latest version of web gui
--refresh-times Refresh the modtime of remote files
--retries int Retry operations this many times if they fail (default 3)
- --retries-sleep duration Interval between retrying operations if they fail, e.g. 500ms, 60s, 5m (0 to disable)
+ --retries-sleep Duration Interval between retrying operations if they fail, e.g. 500ms, 60s, 5m (0 to disable) (default 0s)
+ --server-side-across-configs Allow server-side operations (e.g. copy) to work across different configs
--size-only Skip based on size only, not mod-time or checksum
- --stats duration Interval between printing stats, e.g. 500ms, 60s, 5m (0 to disable) (default 1m0s)
+ --stats Duration Interval between printing stats, e.g. 500ms, 60s, 5m (0 to disable) (default 1m0s)
--stats-file-name-length int Max file name length in stats (0 for no limit) (default 45)
--stats-log-level string Log level to show --stats output DEBUG|INFO|NOTICE|ERROR (default "INFO")
--stats-one-line Make the stats fit on one line
@@ -7794,7 +8563,7 @@
Non Backend Flags
--syslog Use Syslog for logging
--syslog-facility string Facility for syslog, e.g. KERN,USER,... (default "DAEMON")
--temp-dir string Directory rclone will use for temporary files (default "/tmp")
- --timeout duration IO idle timeout (default 5m0s)
+ --timeout Duration IO idle timeout (default 5m0s)
--tpslimit float Limit HTTP transactions per second to this
--tpslimit-burst int Max burst of transactions for --tpslimit (default 1)
--track-renames When synchronizing, track file renames and do a server-side move if possible
@@ -7805,473 +8574,547 @@
Non Backend Flags
--use-json-log Use json log format
--use-mmap Use mmap allocator (see docs)
--use-server-modtime Use server modified time instead of object metadata
- --user-agent string Set the user-agent to a specified string (default "rclone/v1.58.0")
+ --user-agent string Set the user-agent to a specified string (default "rclone/v1.61.0")
-v, --verbose count Print lots more stuff (repeat for more)
Backend Flags
These flags are available for every command. They control the backends and may be set in the config file.
-
--acd-auth-url string Auth server URL
- --acd-client-id string OAuth Client Id
- --acd-client-secret string OAuth Client Secret
- --acd-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
- --acd-templink-threshold SizeSuffix Files >= this size will be downloaded via their tempLink (default 9Gi)
- --acd-token string OAuth Access Token as a JSON blob
- --acd-token-url string Token server url
- --acd-upload-wait-per-gb Duration Additional time per GiB to wait after a failed complete upload to see if it appears (default 3m0s)
- --alias-remote string Remote or path to alias
- --azureblob-access-tier string Access tier of blob: hot, cool or archive
- --azureblob-account string Storage Account Name
- --azureblob-archive-tier-delete Delete archive tier blobs before overwriting
- --azureblob-chunk-size SizeSuffix Upload chunk size (default 4Mi)
- --azureblob-disable-checksum Don't store MD5 checksum with object metadata
- --azureblob-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,RightPeriod,InvalidUtf8)
- --azureblob-endpoint string Endpoint for the service
- --azureblob-key string Storage Account Key
- --azureblob-list-chunk int Size of blob list (default 5000)
- --azureblob-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
- --azureblob-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
- --azureblob-msi-client-id string Object ID of the user-assigned MSI to use, if any
- --azureblob-msi-mi-res-id string Azure resource ID of the user-assigned MSI to use, if any
- --azureblob-msi-object-id string Object ID of the user-assigned MSI to use, if any
- --azureblob-no-head-object If set, do not do HEAD before GET when getting objects
- --azureblob-public-access string Public access level of a container: blob or container
- --azureblob-sas-url string SAS URL for container level access only
- --azureblob-service-principal-file string Path to file containing credentials for use with a service principal
- --azureblob-upload-concurrency int Concurrency for multipart uploads (default 16)
- --azureblob-upload-cutoff string Cutoff for switching to chunked upload (<= 256 MiB) (deprecated)
- --azureblob-use-emulator Uses local storage emulator if provided as 'true'
- --azureblob-use-msi Use a managed service identity to authenticate (only works in Azure)
- --b2-account string Account ID or Application Key ID
- --b2-chunk-size SizeSuffix Upload chunk size (default 96Mi)
- --b2-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4Gi)
- --b2-disable-checksum Disable checksums for large (> upload cutoff) files
- --b2-download-auth-duration Duration Time before the authorization token will expire in s or suffix ms|s|m|h|d (default 1w)
- --b2-download-url string Custom endpoint for downloads
- --b2-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --b2-endpoint string Endpoint for the service
- --b2-hard-delete Permanently delete files on remote removal, otherwise hide files
- --b2-key string Application Key
- --b2-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
- --b2-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
- --b2-test-mode string A flag string for X-Bz-Test-Mode header for debugging
- --b2-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
- --b2-versions Include old versions in directory listings
- --box-access-token string Box App Primary Access Token
- --box-auth-url string Auth server URL
- --box-box-config-file string Box App config.json location
- --box-box-sub-type string (default "user")
- --box-client-id string OAuth Client Id
- --box-client-secret string OAuth Client Secret
- --box-commit-retries int Max number of times to try committing a multipart file (default 100)
- --box-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,RightSpace,InvalidUtf8,Dot)
- --box-list-chunk int Size of listing chunk 1-1000 (default 1000)
- --box-owned-by string Only show items owned by the login (email address) passed in
- --box-root-folder-id string Fill in for rclone to use a non root folder as its starting point
- --box-token string OAuth Access Token as a JSON blob
- --box-token-url string Token server url
- --box-upload-cutoff SizeSuffix Cutoff for switching to multipart upload (>= 50 MiB) (default 50Mi)
- --cache-chunk-clean-interval Duration How often should the cache perform cleanups of the chunk storage (default 1m0s)
- --cache-chunk-no-memory Disable the in-memory cache for storing chunks during streaming
- --cache-chunk-path string Directory to cache chunk files (default "$HOME/.cache/rclone/cache-backend")
- --cache-chunk-size SizeSuffix The size of a chunk (partial file data) (default 5Mi)
- --cache-chunk-total-size SizeSuffix The total size that the chunks can take up on the local disk (default 10Gi)
- --cache-db-path string Directory to store file structure metadata DB (default "$HOME/.cache/rclone/cache-backend")
- --cache-db-purge Clear all the cached data for this remote on start
- --cache-db-wait-time Duration How long to wait for the DB to be available - 0 is unlimited (default 1s)
- --cache-info-age Duration How long to cache file structure information (directory listings, file size, times, etc.) (default 6h0m0s)
- --cache-plex-insecure string Skip all certificate verification when connecting to the Plex server
- --cache-plex-password string The password of the Plex user (obscured)
- --cache-plex-url string The URL of the Plex server
- --cache-plex-username string The username of the Plex user
- --cache-read-retries int How many times to retry a read from a cache storage (default 10)
- --cache-remote string Remote to cache
- --cache-rps int Limits the number of requests per second to the source FS (-1 to disable) (default -1)
- --cache-tmp-upload-path string Directory to keep temporary files until they are uploaded
- --cache-tmp-wait-time Duration How long should files be stored in local cache before being uploaded (default 15s)
- --cache-workers int How many workers should run in parallel to download chunks (default 4)
- --cache-writes Cache file data on writes through the FS
- --chunker-chunk-size SizeSuffix Files larger than chunk size will be split in chunks (default 2Gi)
- --chunker-fail-hard Choose how chunker should handle files with missing or invalid chunks
- --chunker-hash-type string Choose how chunker handles hash sums (default "md5")
- --chunker-remote string Remote to chunk/unchunk
- --compress-level int GZIP compression level (-2 to 9) (default -1)
- --compress-mode string Compression mode (default "gzip")
- --compress-ram-cache-limit SizeSuffix Some remotes don't allow the upload of files with unknown size (default 20Mi)
- --compress-remote string Remote to compress
- -L, --copy-links Follow symlinks and copy the pointed to item
- --crypt-directory-name-encryption Option to either encrypt directory names or leave them intact (default true)
- --crypt-filename-encoding string How to encode the encrypted filename to text string (default "base32")
- --crypt-filename-encryption string How to encrypt the filenames (default "standard")
- --crypt-no-data-encryption Option to either encrypt file data or leave it unencrypted
- --crypt-password string Password or pass phrase for encryption (obscured)
- --crypt-password2 string Password or pass phrase for salt (obscured)
- --crypt-remote string Remote to encrypt/decrypt
- --crypt-server-side-across-configs Allow server-side operations (e.g. copy) to work across different crypt configs
- --crypt-show-mapping For all files listed show how the names encrypt
- --drive-acknowledge-abuse Set to allow files which return cannotDownloadAbusiveFile to be downloaded
- --drive-allow-import-name-change Allow the filetype to change when uploading Google docs
- --drive-auth-owner-only Only consider files owned by the authenticated user
- --drive-auth-url string Auth server URL
- --drive-chunk-size SizeSuffix Upload chunk size (default 8Mi)
- --drive-client-id string Google Application Client Id
- --drive-client-secret string OAuth Client Secret
- --drive-copy-shortcut-content Server side copy contents of shortcuts instead of the shortcut
- --drive-disable-http2 Disable drive using http2 (default true)
- --drive-encoding MultiEncoder The encoding for the backend (default InvalidUtf8)
- --drive-export-formats string Comma separated list of preferred formats for downloading Google docs (default "docx,xlsx,pptx,svg")
- --drive-formats string Deprecated: See export_formats
- --drive-impersonate string Impersonate this user when using a service account
- --drive-import-formats string Comma separated list of preferred formats for uploading Google docs
- --drive-keep-revision-forever Keep new head revision of each file forever
- --drive-list-chunk int Size of listing chunk 100-1000, 0 to disable (default 1000)
- --drive-pacer-burst int Number of API calls to allow without sleeping (default 100)
- --drive-pacer-min-sleep Duration Minimum time to sleep between API calls (default 100ms)
- --drive-root-folder-id string ID of the root folder
- --drive-scope string Scope that rclone should use when requesting access from drive
- --drive-server-side-across-configs Allow server-side operations (e.g. copy) to work across different drive configs
- --drive-service-account-credentials string Service Account Credentials JSON blob
- --drive-service-account-file string Service Account Credentials JSON file path
- --drive-shared-with-me Only show files that are shared with me
- --drive-size-as-quota Show sizes as storage quota usage, not actual size
- --drive-skip-checksum-gphotos Skip MD5 checksum on Google photos and videos only
- --drive-skip-dangling-shortcuts If set skip dangling shortcut files
- --drive-skip-gdocs Skip google documents in all listings
- --drive-skip-shortcuts If set skip shortcut files
- --drive-starred-only Only show files that are starred
- --drive-stop-on-download-limit Make download limit errors be fatal
- --drive-stop-on-upload-limit Make upload limit errors be fatal
- --drive-team-drive string ID of the Shared Drive (Team Drive)
- --drive-token string OAuth Access Token as a JSON blob
- --drive-token-url string Token server url
- --drive-trashed-only Only show files that are in the trash
- --drive-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 8Mi)
- --drive-use-created-date Use file created date instead of modified date
- --drive-use-shared-date Use date file was shared instead of modified date
- --drive-use-trash Send files to the trash instead of deleting permanently (default true)
- --drive-v2-download-min-size SizeSuffix If Object's are greater, use drive v2 API to download (default off)
- --dropbox-auth-url string Auth server URL
- --dropbox-batch-commit-timeout Duration Max time to wait for a batch to finish comitting (default 10m0s)
- --dropbox-batch-mode string Upload file batching sync|async|off (default "sync")
- --dropbox-batch-size int Max number of files in upload batch
- --dropbox-batch-timeout Duration Max time to allow an idle upload batch before uploading (default 0s)
- --dropbox-chunk-size SizeSuffix Upload chunk size (< 150Mi) (default 48Mi)
- --dropbox-client-id string OAuth Client Id
- --dropbox-client-secret string OAuth Client Secret
- --dropbox-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,RightSpace,InvalidUtf8,Dot)
- --dropbox-impersonate string Impersonate this user when using a business account
- --dropbox-shared-files Instructs rclone to work on individual shared files
- --dropbox-shared-folders Instructs rclone to work on shared folders
- --dropbox-token string OAuth Access Token as a JSON blob
- --dropbox-token-url string Token server url
- --fichier-api-key string Your API Key, get it from https://1fichier.com/console/params.pl
- --fichier-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,SingleQuote,BackQuote,Dollar,BackSlash,Del,Ctl,LeftSpace,RightSpace,InvalidUtf8,Dot)
- --fichier-file-password string If you want to download a shared file that is password protected, add this parameter (obscured)
- --fichier-folder-password string If you want to list the files in a shared folder that is password protected, add this parameter (obscured)
- --fichier-shared-folder string If you want to download a shared folder, add this parameter
- --filefabric-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,InvalidUtf8,Dot)
- --filefabric-permanent-token string Permanent Authentication Token
- --filefabric-root-folder-id string ID of the root folder
- --filefabric-token string Session Token
- --filefabric-token-expiry string Token expiry time
- --filefabric-url string URL of the Enterprise File Fabric to connect to
- --filefabric-version string Version read from the file fabric
- --ftp-ask-password Allow asking for FTP password when needed
- --ftp-close-timeout Duration Maximum time to wait for a response to close (default 1m0s)
- --ftp-concurrency int Maximum number of FTP simultaneous connections, 0 for unlimited
- --ftp-disable-epsv Disable using EPSV even if server advertises support
- --ftp-disable-mlsd Disable using MLSD even if server advertises support
- --ftp-disable-tls13 Disable TLS 1.3 (workaround for FTP servers with buggy TLS)
- --ftp-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,RightSpace,Dot)
- --ftp-explicit-tls Use Explicit FTPS (FTP over TLS)
- --ftp-host string FTP host to connect to
- --ftp-idle-timeout Duration Max time before closing idle connections (default 1m0s)
- --ftp-no-check-certificate Do not verify the TLS certificate of the server
- --ftp-pass string FTP password (obscured)
- --ftp-port int FTP port number (default 21)
- --ftp-shut-timeout Duration Maximum time to wait for data connection closing status (default 1m0s)
- --ftp-tls Use Implicit FTPS (FTP over TLS)
- --ftp-tls-cache-size int Size of TLS session cache for all control and data connections (default 32)
- --ftp-user string FTP username (default "$USER")
- --ftp-writing-mdtm Use MDTM to set modification time (VsFtpd quirk)
- --gcs-anonymous Access public buckets and objects without credentials
- --gcs-auth-url string Auth server URL
- --gcs-bucket-acl string Access Control List for new buckets
- --gcs-bucket-policy-only Access checks should use bucket-level IAM policies
- --gcs-client-id string OAuth Client Id
- --gcs-client-secret string OAuth Client Secret
- --gcs-encoding MultiEncoder The encoding for the backend (default Slash,CrLf,InvalidUtf8,Dot)
- --gcs-location string Location for the newly created buckets
- --gcs-object-acl string Access Control List for new objects
- --gcs-project-number string Project number
- --gcs-service-account-file string Service Account Credentials JSON file path
- --gcs-storage-class string The storage class to use when storing objects in Google Cloud Storage
- --gcs-token string OAuth Access Token as a JSON blob
- --gcs-token-url string Token server url
- --gphotos-auth-url string Auth server URL
- --gphotos-client-id string OAuth Client Id
- --gphotos-client-secret string OAuth Client Secret
- --gphotos-encoding MultiEncoder The encoding for the backend (default Slash,CrLf,InvalidUtf8,Dot)
- --gphotos-include-archived Also view and download archived media
- --gphotos-read-only Set to make the Google Photos backend read only
- --gphotos-read-size Set to read the size of media items
- --gphotos-start-year int Year limits the photos to be downloaded to those which are uploaded after the given year (default 2000)
- --gphotos-token string OAuth Access Token as a JSON blob
- --gphotos-token-url string Token server url
- --hasher-auto-size SizeSuffix Auto-update checksum for files smaller than this size (disabled by default)
- --hasher-hashes CommaSepList Comma separated list of supported checksum types (default md5,sha1)
- --hasher-max-age Duration Maximum time to keep checksums in cache (0 = no cache, off = cache forever) (default off)
- --hasher-remote string Remote to cache checksums for (e.g. myRemote:path)
- --hdfs-data-transfer-protection string Kerberos data transfer protection: authentication|integrity|privacy
- --hdfs-encoding MultiEncoder The encoding for the backend (default Slash,Colon,Del,Ctl,InvalidUtf8,Dot)
- --hdfs-namenode string Hadoop name node and port
- --hdfs-service-principal-name string Kerberos service principal name for the namenode
- --hdfs-username string Hadoop user name
- --http-headers CommaSepList Set HTTP headers for all transactions
- --http-no-head Don't use HEAD requests
- --http-no-slash Set this if the site doesn't end directories with /
- --http-url string URL of http host to connect to
- --hubic-auth-url string Auth server URL
- --hubic-chunk-size SizeSuffix Above this size files will be chunked into a _segments container (default 5Gi)
- --hubic-client-id string OAuth Client Id
- --hubic-client-secret string OAuth Client Secret
- --hubic-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8)
- --hubic-no-chunk Don't chunk files during streaming upload
- --hubic-token string OAuth Access Token as a JSON blob
- --hubic-token-url string Token server url
- --jottacloud-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,Del,Ctl,InvalidUtf8,Dot)
- --jottacloud-hard-delete Delete files permanently rather than putting them into the trash
- --jottacloud-md5-memory-limit SizeSuffix Files bigger than this will be cached on disk to calculate the MD5 if required (default 10Mi)
- --jottacloud-no-versions Avoid server side versioning by deleting files and recreating files instead of overwriting them
- --jottacloud-trashed-only Only show files that are in the trash
- --jottacloud-upload-resume-limit SizeSuffix Files bigger than this can be resumed if the upload fail's (default 10Mi)
- --koofr-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --koofr-endpoint string The Koofr API endpoint to use
- --koofr-mountid string Mount ID of the mount to use
- --koofr-password string Your password for rclone (generate one at https://app.koofr.net/app/admin/preferences/password) (obscured)
- --koofr-provider string Choose your storage provider
- --koofr-setmtime Does the backend support setting modification time (default true)
- --koofr-user string Your user name
- -l, --links Translate symlinks to/from regular files with a '.rclonelink' extension
- --local-case-insensitive Force the filesystem to report itself as case insensitive
- --local-case-sensitive Force the filesystem to report itself as case sensitive
- --local-encoding MultiEncoder The encoding for the backend (default Slash,Dot)
- --local-no-check-updated Don't check to see if the files change during upload
- --local-no-preallocate Disable preallocation of disk space for transferred files
- --local-no-set-modtime Disable setting modtime
- --local-no-sparse Disable sparse files for multi-thread downloads
- --local-nounc string Disable UNC (long path names) conversion on Windows
- --local-unicode-normalization Apply unicode NFC normalization to paths and filenames
- --local-zero-size-links Assume the Stat size of links is zero (and read them instead) (deprecated)
- --mailru-check-hash What should copy do if file checksum is mismatched or invalid (default true)
- --mailru-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --mailru-pass string Password (obscured)
- --mailru-speedup-enable Skip full upload if there is another file with same data hash (default true)
- --mailru-speedup-file-patterns string Comma separated list of file name patterns eligible for speedup (put by hash) (default "*.mkv,*.avi,*.mp4,*.mp3,*.zip,*.gz,*.rar,*.pdf")
- --mailru-speedup-max-disk SizeSuffix This option allows you to disable speedup (put by hash) for large files (default 3Gi)
- --mailru-speedup-max-memory SizeSuffix Files larger than the size given below will always be hashed on disk (default 32Mi)
- --mailru-user string User name (usually email)
- --mega-debug Output more debug from Mega
- --mega-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
- --mega-hard-delete Delete files permanently rather than putting them into the trash
- --mega-pass string Password (obscured)
- --mega-user string User name
- --netstorage-account string Set the NetStorage account name
- --netstorage-host string Domain+path of NetStorage host to connect to
- --netstorage-protocol string Select between HTTP or HTTPS protocol (default "https")
- --netstorage-secret string Set the NetStorage account secret/G2O key for authentication (obscured)
- -x, --one-file-system Don't cross filesystem boundaries (unix/macOS only)
- --onedrive-auth-url string Auth server URL
- --onedrive-chunk-size SizeSuffix Chunk size to upload files with - must be multiple of 320k (327,680 bytes) (default 10Mi)
- --onedrive-client-id string OAuth Client Id
- --onedrive-client-secret string OAuth Client Secret
- --onedrive-disable-site-permission Disable the request for Sites.Read.All permission
- --onedrive-drive-id string The ID of the drive to use
- --onedrive-drive-type string The type of the drive (personal | business | documentLibrary)
- --onedrive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,LeftSpace,LeftTilde,RightSpace,RightPeriod,InvalidUtf8,Dot)
- --onedrive-expose-onenote-files Set to make OneNote files show up in directory listings
- --onedrive-link-password string Set the password for links created by the link command
- --onedrive-link-scope string Set the scope of the links created by the link command (default "anonymous")
- --onedrive-link-type string Set the type of the links created by the link command (default "view")
- --onedrive-list-chunk int Size of listing chunk (default 1000)
- --onedrive-no-versions Remove all versions on modifying operations
- --onedrive-region string Choose national cloud region for OneDrive (default "global")
- --onedrive-root-folder-id string ID of the root folder
- --onedrive-server-side-across-configs Allow server-side operations (e.g. copy) to work across different onedrive configs
- --onedrive-token string OAuth Access Token as a JSON blob
- --onedrive-token-url string Token server url
- --opendrive-chunk-size SizeSuffix Files will be uploaded in chunks this size (default 10Mi)
- --opendrive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,LeftSpace,LeftCrLfHtVt,RightSpace,RightCrLfHtVt,InvalidUtf8,Dot)
- --opendrive-password string Password (obscured)
- --opendrive-username string Username
- --pcloud-auth-url string Auth server URL
- --pcloud-client-id string OAuth Client Id
- --pcloud-client-secret string OAuth Client Secret
- --pcloud-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --pcloud-hostname string Hostname to connect to (default "api.pcloud.com")
- --pcloud-root-folder-id string Fill in for rclone to use a non root folder as its starting point (default "d0")
- --pcloud-token string OAuth Access Token as a JSON blob
- --pcloud-token-url string Token server url
- --premiumizeme-encoding MultiEncoder The encoding for the backend (default Slash,DoubleQuote,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --putio-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --qingstor-access-key-id string QingStor Access Key ID
- --qingstor-chunk-size SizeSuffix Chunk size to use for uploading (default 4Mi)
- --qingstor-connection-retries int Number of connection retries (default 3)
- --qingstor-encoding MultiEncoder The encoding for the backend (default Slash,Ctl,InvalidUtf8)
- --qingstor-endpoint string Enter an endpoint URL to connection QingStor API
- --qingstor-env-auth Get QingStor credentials from runtime
- --qingstor-secret-access-key string QingStor Secret Access Key (password)
- --qingstor-upload-concurrency int Concurrency for multipart uploads (default 1)
- --qingstor-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
- --qingstor-zone string Zone to connect to
- --s3-access-key-id string AWS Access Key ID
- --s3-acl string Canned ACL used when creating buckets and storing or copying objects
- --s3-bucket-acl string Canned ACL used when creating buckets
- --s3-chunk-size SizeSuffix Chunk size to use for uploading (default 5Mi)
- --s3-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4.656Gi)
- --s3-disable-checksum Don't store MD5 checksum with object metadata
- --s3-disable-http2 Disable usage of http2 for S3 backends
- --s3-download-url string Custom endpoint for downloads
- --s3-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
- --s3-endpoint string Endpoint for S3 API
- --s3-env-auth Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars)
- --s3-force-path-style If true use path style access if false use virtual hosted style (default true)
- --s3-leave-parts-on-error If true avoid calling abort upload on a failure, leaving all successfully uploaded parts on S3 for manual recovery
- --s3-list-chunk int Size of listing chunk (response list for each ListObject S3 request) (default 1000)
- --s3-list-url-encode Tristate Whether to url encode listings: true/false/unset (default unset)
- --s3-list-version int Version of ListObjects to use: 1,2 or 0 for auto
- --s3-location-constraint string Location constraint - must be set to match the Region
- --s3-max-upload-parts int Maximum number of parts in a multipart upload (default 10000)
- --s3-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
- --s3-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
- --s3-no-check-bucket If set, don't attempt to check the bucket exists or create it
- --s3-no-head If set, don't HEAD uploaded objects to check integrity
- --s3-no-head-object If set, do not do HEAD before GET when getting objects
- --s3-profile string Profile to use in the shared credentials file
- --s3-provider string Choose your S3 provider
- --s3-region string Region to connect to
- --s3-requester-pays Enables requester pays option when interacting with S3 bucket
- --s3-secret-access-key string AWS Secret Access Key (password)
- --s3-server-side-encryption string The server-side encryption algorithm used when storing this object in S3
- --s3-session-token string An AWS session token
- --s3-shared-credentials-file string Path to the shared credentials file
- --s3-sse-customer-algorithm string If using SSE-C, the server-side encryption algorithm used when storing this object in S3
- --s3-sse-customer-key string If using SSE-C you must provide the secret encryption key used to encrypt/decrypt your data
- --s3-sse-customer-key-md5 string If using SSE-C you may provide the secret encryption key MD5 checksum (optional)
- --s3-sse-kms-key-id string If using KMS ID you must provide the ARN of Key
- --s3-storage-class string The storage class to use when storing new objects in S3
- --s3-upload-concurrency int Concurrency for multipart uploads (default 4)
- --s3-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
- --s3-use-accelerate-endpoint If true use the AWS S3 accelerated endpoint
- --s3-use-multipart-etag Tristate Whether to use ETag in multipart uploads for verification (default unset)
- --s3-v2-auth If true use v2 authentication
- --seafile-2fa Two-factor authentication ('true' if the account has 2FA enabled)
- --seafile-create-library Should rclone create a library if it doesn't exist
- --seafile-encoding MultiEncoder The encoding for the backend (default Slash,DoubleQuote,BackSlash,Ctl,InvalidUtf8)
- --seafile-library string Name of the library
- --seafile-library-key string Library password (for encrypted libraries only) (obscured)
- --seafile-pass string Password (obscured)
- --seafile-url string URL of seafile host to connect to
- --seafile-user string User name (usually email address)
- --sftp-ask-password Allow asking for SFTP password when needed
- --sftp-disable-concurrent-reads If set don't use concurrent reads
- --sftp-disable-concurrent-writes If set don't use concurrent writes
- --sftp-disable-hashcheck Disable the execution of SSH commands to determine if remote file hashing is available
- --sftp-host string SSH host to connect to
- --sftp-idle-timeout Duration Max time before closing idle connections (default 1m0s)
- --sftp-key-file string Path to PEM-encoded private key file
- --sftp-key-file-pass string The passphrase to decrypt the PEM-encoded private key file (obscured)
- --sftp-key-pem string Raw PEM-encoded private key
- --sftp-key-use-agent When set forces the usage of the ssh-agent
- --sftp-known-hosts-file string Optional path to known_hosts file
- --sftp-md5sum-command string The command used to read md5 hashes
- --sftp-pass string SSH password, leave blank to use ssh-agent (obscured)
- --sftp-path-override string Override path used by SSH connection
- --sftp-port int SSH port number (default 22)
- --sftp-pubkey-file string Optional path to public key file
- --sftp-server-command string Specifies the path or command to run a sftp server on the remote host
- --sftp-set-modtime Set the modified time on the remote if set (default true)
- --sftp-sha1sum-command string The command used to read sha1 hashes
- --sftp-skip-links Set to skip any symlinks and any other non regular files
- --sftp-subsystem string Specifies the SSH2 subsystem on the remote host (default "sftp")
- --sftp-use-fstat If set use fstat instead of stat
- --sftp-use-insecure-cipher Enable the use of insecure ciphers and key exchange methods
- --sftp-user string SSH username (default "$USER")
- --sharefile-chunk-size SizeSuffix Upload chunk size (default 64Mi)
- --sharefile-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,LeftSpace,LeftPeriod,RightSpace,RightPeriod,InvalidUtf8,Dot)
- --sharefile-endpoint string Endpoint for API calls
- --sharefile-root-folder-id string ID of the root folder
- --sharefile-upload-cutoff SizeSuffix Cutoff for switching to multipart upload (default 128Mi)
- --sia-api-password string Sia Daemon API Password (obscured)
- --sia-api-url string Sia daemon API URL, like http://sia.daemon.host:9980 (default "http://127.0.0.1:9980")
- --sia-encoding MultiEncoder The encoding for the backend (default Slash,Question,Hash,Percent,Del,Ctl,InvalidUtf8,Dot)
- --sia-user-agent string Siad User Agent (default "Sia-Agent")
- --skip-links Don't warn about skipped symlinks
- --storj-access-grant string Access grant
- --storj-api-key string API key
- --storj-passphrase string Encryption passphrase
- --storj-provider string Choose an authentication method (default "existing")
- --storj-satellite-address string Satellite address (default "us-central-1.storj.io")
- --sugarsync-access-key-id string Sugarsync Access Key ID
- --sugarsync-app-id string Sugarsync App ID
- --sugarsync-authorization string Sugarsync authorization
- --sugarsync-authorization-expiry string Sugarsync authorization expiry
- --sugarsync-deleted-id string Sugarsync deleted folder id
- --sugarsync-encoding MultiEncoder The encoding for the backend (default Slash,Ctl,InvalidUtf8,Dot)
- --sugarsync-hard-delete Permanently delete files if true
- --sugarsync-private-access-key string Sugarsync Private Access Key
- --sugarsync-refresh-token string Sugarsync refresh token
- --sugarsync-root-id string Sugarsync root id
- --sugarsync-user string Sugarsync user
- --swift-application-credential-id string Application Credential ID (OS_APPLICATION_CREDENTIAL_ID)
- --swift-application-credential-name string Application Credential Name (OS_APPLICATION_CREDENTIAL_NAME)
- --swift-application-credential-secret string Application Credential Secret (OS_APPLICATION_CREDENTIAL_SECRET)
- --swift-auth string Authentication URL for server (OS_AUTH_URL)
- --swift-auth-token string Auth Token from alternate authentication - optional (OS_AUTH_TOKEN)
- --swift-auth-version int AuthVersion - optional - set to (1,2,3) if your auth URL has no version (ST_AUTH_VERSION)
- --swift-chunk-size SizeSuffix Above this size files will be chunked into a _segments container (default 5Gi)
- --swift-domain string User domain - optional (v3 auth) (OS_USER_DOMAIN_NAME)
- --swift-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8)
- --swift-endpoint-type string Endpoint type to choose from the service catalogue (OS_ENDPOINT_TYPE) (default "public")
- --swift-env-auth Get swift credentials from environment variables in standard OpenStack form
- --swift-key string API key or password (OS_PASSWORD)
- --swift-leave-parts-on-error If true avoid calling abort upload on a failure
- --swift-no-chunk Don't chunk files during streaming upload
- --swift-region string Region name - optional (OS_REGION_NAME)
- --swift-storage-policy string The storage policy to use when creating a new container
- --swift-storage-url string Storage URL - optional (OS_STORAGE_URL)
- --swift-tenant string Tenant name - optional for v1 auth, this or tenant_id required otherwise (OS_TENANT_NAME or OS_PROJECT_NAME)
- --swift-tenant-domain string Tenant domain - optional (v3 auth) (OS_PROJECT_DOMAIN_NAME)
- --swift-tenant-id string Tenant ID - optional for v1 auth, this or tenant required otherwise (OS_TENANT_ID)
- --swift-user string User name to log in (OS_USERNAME)
- --swift-user-id string User ID to log in - optional - most swift systems use user and leave this blank (v3 auth) (OS_USER_ID)
- --union-action-policy string Policy to choose upstream on ACTION category (default "epall")
- --union-cache-time int Cache time of usage and free space (in seconds) (default 120)
- --union-create-policy string Policy to choose upstream on CREATE category (default "epmfs")
- --union-search-policy string Policy to choose upstream on SEARCH category (default "ff")
- --union-upstreams string List of space separated upstreams
- --uptobox-access-token string Your access token
- --uptobox-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,BackQuote,Del,Ctl,LeftSpace,InvalidUtf8,Dot)
- --webdav-bearer-token string Bearer token instead of user/pass (e.g. a Macaroon)
- --webdav-bearer-token-command string Command to run to get a bearer token
- --webdav-encoding string The encoding for the backend
- --webdav-headers CommaSepList Set HTTP headers for all transactions
- --webdav-pass string Password (obscured)
- --webdav-url string URL of http host to connect to
- --webdav-user string User name
- --webdav-vendor string Name of the Webdav site/service/software you are using
- --yandex-auth-url string Auth server URL
- --yandex-client-id string OAuth Client Id
- --yandex-client-secret string OAuth Client Secret
- --yandex-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,InvalidUtf8,Dot)
- --yandex-hard-delete Delete files permanently rather than putting them into the trash
- --yandex-token string OAuth Access Token as a JSON blob
- --yandex-token-url string Token server url
- --zoho-auth-url string Auth server URL
- --zoho-client-id string OAuth Client Id
- --zoho-client-secret string OAuth Client Secret
- --zoho-encoding MultiEncoder The encoding for the backend (default Del,Ctl,InvalidUtf8)
- --zoho-region string Zoho region to connect to
- --zoho-token string OAuth Access Token as a JSON blob
- --zoho-token-url string Token server url
+
--acd-auth-url string Auth server URL
+ --acd-client-id string OAuth Client Id
+ --acd-client-secret string OAuth Client Secret
+ --acd-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
+ --acd-templink-threshold SizeSuffix Files >= this size will be downloaded via their tempLink (default 9Gi)
+ --acd-token string OAuth Access Token as a JSON blob
+ --acd-token-url string Token server url
+ --acd-upload-wait-per-gb Duration Additional time per GiB to wait after a failed complete upload to see if it appears (default 3m0s)
+ --alias-remote string Remote or path to alias
+ --azureblob-access-tier string Access tier of blob: hot, cool or archive
+ --azureblob-account string Azure Storage Account Name
+ --azureblob-archive-tier-delete Delete archive tier blobs before overwriting
+ --azureblob-chunk-size SizeSuffix Upload chunk size (default 4Mi)
+ --azureblob-client-certificate-password string Password for the certificate file (optional) (obscured)
+ --azureblob-client-certificate-path string Path to a PEM or PKCS12 certificate file including the private key
+ --azureblob-client-id string The ID of the client in use
+ --azureblob-client-secret string One of the service principal's client secrets
+ --azureblob-client-send-certificate-chain Send the certificate chain when using certificate auth
+ --azureblob-disable-checksum Don't store MD5 checksum with object metadata
+ --azureblob-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,RightPeriod,InvalidUtf8)
+ --azureblob-endpoint string Endpoint for the service
+ --azureblob-env-auth Read credentials from runtime (environment variables, CLI or MSI)
+ --azureblob-key string Storage Account Shared Key
+ --azureblob-list-chunk int Size of blob list (default 5000)
+ --azureblob-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
+ --azureblob-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
+ --azureblob-msi-client-id string Object ID of the user-assigned MSI to use, if any
+ --azureblob-msi-mi-res-id string Azure resource ID of the user-assigned MSI to use, if any
+ --azureblob-msi-object-id string Object ID of the user-assigned MSI to use, if any
+ --azureblob-no-check-container If set, don't attempt to check the container exists or create it
+ --azureblob-no-head-object If set, do not do HEAD before GET when getting objects
+ --azureblob-password string The user's password (obscured)
+ --azureblob-public-access string Public access level of a container: blob or container
+ --azureblob-sas-url string SAS URL for container level access only
+ --azureblob-service-principal-file string Path to file containing credentials for use with a service principal
+ --azureblob-tenant string ID of the service principal's tenant. Also called its directory ID
+ --azureblob-upload-concurrency int Concurrency for multipart uploads (default 16)
+ --azureblob-upload-cutoff string Cutoff for switching to chunked upload (<= 256 MiB) (deprecated)
+ --azureblob-use-emulator Uses local storage emulator if provided as 'true'
+ --azureblob-use-msi Use a managed service identity to authenticate (only works in Azure)
+ --azureblob-username string User name (usually an email address)
+ --b2-account string Account ID or Application Key ID
+ --b2-chunk-size SizeSuffix Upload chunk size (default 96Mi)
+ --b2-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4Gi)
+ --b2-disable-checksum Disable checksums for large (> upload cutoff) files
+ --b2-download-auth-duration Duration Time before the authorization token will expire in s or suffix ms|s|m|h|d (default 1w)
+ --b2-download-url string Custom endpoint for downloads
+ --b2-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --b2-endpoint string Endpoint for the service
+ --b2-hard-delete Permanently delete files on remote removal, otherwise hide files
+ --b2-key string Application Key
+ --b2-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
+ --b2-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
+ --b2-test-mode string A flag string for X-Bz-Test-Mode header for debugging
+ --b2-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
+ --b2-version-at Time Show file versions as they were at the specified time (default off)
+ --b2-versions Include old versions in directory listings
+ --box-access-token string Box App Primary Access Token
+ --box-auth-url string Auth server URL
+ --box-box-config-file string Box App config.json location
+ --box-box-sub-type string (default "user")
+ --box-client-id string OAuth Client Id
+ --box-client-secret string OAuth Client Secret
+ --box-commit-retries int Max number of times to try committing a multipart file (default 100)
+ --box-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,RightSpace,InvalidUtf8,Dot)
+ --box-list-chunk int Size of listing chunk 1-1000 (default 1000)
+ --box-owned-by string Only show items owned by the login (email address) passed in
+ --box-root-folder-id string Fill in for rclone to use a non root folder as its starting point
+ --box-token string OAuth Access Token as a JSON blob
+ --box-token-url string Token server url
+ --box-upload-cutoff SizeSuffix Cutoff for switching to multipart upload (>= 50 MiB) (default 50Mi)
+ --cache-chunk-clean-interval Duration How often should the cache perform cleanups of the chunk storage (default 1m0s)
+ --cache-chunk-no-memory Disable the in-memory cache for storing chunks during streaming
+ --cache-chunk-path string Directory to cache chunk files (default "$HOME/.cache/rclone/cache-backend")
+ --cache-chunk-size SizeSuffix The size of a chunk (partial file data) (default 5Mi)
+ --cache-chunk-total-size SizeSuffix The total size that the chunks can take up on the local disk (default 10Gi)
+ --cache-db-path string Directory to store file structure metadata DB (default "$HOME/.cache/rclone/cache-backend")
+ --cache-db-purge Clear all the cached data for this remote on start
+ --cache-db-wait-time Duration How long to wait for the DB to be available - 0 is unlimited (default 1s)
+ --cache-info-age Duration How long to cache file structure information (directory listings, file size, times, etc.) (default 6h0m0s)
+ --cache-plex-insecure string Skip all certificate verification when connecting to the Plex server
+ --cache-plex-password string The password of the Plex user (obscured)
+ --cache-plex-url string The URL of the Plex server
+ --cache-plex-username string The username of the Plex user
+ --cache-read-retries int How many times to retry a read from a cache storage (default 10)
+ --cache-remote string Remote to cache
+ --cache-rps int Limits the number of requests per second to the source FS (-1 to disable) (default -1)
+ --cache-tmp-upload-path string Directory to keep temporary files until they are uploaded
+ --cache-tmp-wait-time Duration How long should files be stored in local cache before being uploaded (default 15s)
+ --cache-workers int How many workers should run in parallel to download chunks (default 4)
+ --cache-writes Cache file data on writes through the FS
+ --chunker-chunk-size SizeSuffix Files larger than chunk size will be split in chunks (default 2Gi)
+ --chunker-fail-hard Choose how chunker should handle files with missing or invalid chunks
+ --chunker-hash-type string Choose how chunker handles hash sums (default "md5")
+ --chunker-remote string Remote to chunk/unchunk
+ --combine-upstreams SpaceSepList Upstreams for combining
+ --compress-level int GZIP compression level (-2 to 9) (default -1)
+ --compress-mode string Compression mode (default "gzip")
+ --compress-ram-cache-limit SizeSuffix Some remotes don't allow the upload of files with unknown size (default 20Mi)
+ --compress-remote string Remote to compress
+ -L, --copy-links Follow symlinks and copy the pointed to item
+ --crypt-directory-name-encryption Option to either encrypt directory names or leave them intact (default true)
+ --crypt-filename-encoding string How to encode the encrypted filename to text string (default "base32")
+ --crypt-filename-encryption string How to encrypt the filenames (default "standard")
+ --crypt-no-data-encryption Option to either encrypt file data or leave it unencrypted
+ --crypt-password string Password or pass phrase for encryption (obscured)
+ --crypt-password2 string Password or pass phrase for salt (obscured)
+ --crypt-remote string Remote to encrypt/decrypt
+ --crypt-server-side-across-configs Allow server-side operations (e.g. copy) to work across different crypt configs
+ --crypt-show-mapping For all files listed show how the names encrypt
+ --drive-acknowledge-abuse Set to allow files which return cannotDownloadAbusiveFile to be downloaded
+ --drive-allow-import-name-change Allow the filetype to change when uploading Google docs
+ --drive-auth-owner-only Only consider files owned by the authenticated user
+ --drive-auth-url string Auth server URL
+ --drive-chunk-size SizeSuffix Upload chunk size (default 8Mi)
+ --drive-client-id string Google Application Client Id
+ --drive-client-secret string OAuth Client Secret
+ --drive-copy-shortcut-content Server side copy contents of shortcuts instead of the shortcut
+ --drive-disable-http2 Disable drive using http2 (default true)
+ --drive-encoding MultiEncoder The encoding for the backend (default InvalidUtf8)
+ --drive-export-formats string Comma separated list of preferred formats for downloading Google docs (default "docx,xlsx,pptx,svg")
+ --drive-formats string Deprecated: See export_formats
+ --drive-impersonate string Impersonate this user when using a service account
+ --drive-import-formats string Comma separated list of preferred formats for uploading Google docs
+ --drive-keep-revision-forever Keep new head revision of each file forever
+ --drive-list-chunk int Size of listing chunk 100-1000, 0 to disable (default 1000)
+ --drive-pacer-burst int Number of API calls to allow without sleeping (default 100)
+ --drive-pacer-min-sleep Duration Minimum time to sleep between API calls (default 100ms)
+ --drive-resource-key string Resource key for accessing a link-shared file
+ --drive-root-folder-id string ID of the root folder
+ --drive-scope string Scope that rclone should use when requesting access from drive
+ --drive-server-side-across-configs Allow server-side operations (e.g. copy) to work across different drive configs
+ --drive-service-account-credentials string Service Account Credentials JSON blob
+ --drive-service-account-file string Service Account Credentials JSON file path
+ --drive-shared-with-me Only show files that are shared with me
+ --drive-size-as-quota Show sizes as storage quota usage, not actual size
+ --drive-skip-checksum-gphotos Skip MD5 checksum on Google photos and videos only
+ --drive-skip-dangling-shortcuts If set skip dangling shortcut files
+ --drive-skip-gdocs Skip google documents in all listings
+ --drive-skip-shortcuts If set skip shortcut files
+ --drive-starred-only Only show files that are starred
+ --drive-stop-on-download-limit Make download limit errors be fatal
+ --drive-stop-on-upload-limit Make upload limit errors be fatal
+ --drive-team-drive string ID of the Shared Drive (Team Drive)
+ --drive-token string OAuth Access Token as a JSON blob
+ --drive-token-url string Token server url
+ --drive-trashed-only Only show files that are in the trash
+ --drive-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 8Mi)
+ --drive-use-created-date Use file created date instead of modified date
+ --drive-use-shared-date Use date file was shared instead of modified date
+ --drive-use-trash Send files to the trash instead of deleting permanently (default true)
+ --drive-v2-download-min-size SizeSuffix If Object's are greater, use drive v2 API to download (default off)
+ --dropbox-auth-url string Auth server URL
+ --dropbox-batch-commit-timeout Duration Max time to wait for a batch to finish committing (default 10m0s)
+ --dropbox-batch-mode string Upload file batching sync|async|off (default "sync")
+ --dropbox-batch-size int Max number of files in upload batch
+ --dropbox-batch-timeout Duration Max time to allow an idle upload batch before uploading (default 0s)
+ --dropbox-chunk-size SizeSuffix Upload chunk size (< 150Mi) (default 48Mi)
+ --dropbox-client-id string OAuth Client Id
+ --dropbox-client-secret string OAuth Client Secret
+ --dropbox-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,RightSpace,InvalidUtf8,Dot)
+ --dropbox-impersonate string Impersonate this user when using a business account
+ --dropbox-shared-files Instructs rclone to work on individual shared files
+ --dropbox-shared-folders Instructs rclone to work on shared folders
+ --dropbox-token string OAuth Access Token as a JSON blob
+ --dropbox-token-url string Token server url
+ --fichier-api-key string Your API Key, get it from https://1fichier.com/console/params.pl
+ --fichier-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,SingleQuote,BackQuote,Dollar,BackSlash,Del,Ctl,LeftSpace,RightSpace,InvalidUtf8,Dot)
+ --fichier-file-password string If you want to download a shared file that is password protected, add this parameter (obscured)
+ --fichier-folder-password string If you want to list the files in a shared folder that is password protected, add this parameter (obscured)
+ --fichier-shared-folder string If you want to download a shared folder, add this parameter
+ --filefabric-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,InvalidUtf8,Dot)
+ --filefabric-permanent-token string Permanent Authentication Token
+ --filefabric-root-folder-id string ID of the root folder
+ --filefabric-token string Session Token
+ --filefabric-token-expiry string Token expiry time
+ --filefabric-url string URL of the Enterprise File Fabric to connect to
+ --filefabric-version string Version read from the file fabric
+ --ftp-ask-password Allow asking for FTP password when needed
+ --ftp-close-timeout Duration Maximum time to wait for a response to close (default 1m0s)
+ --ftp-concurrency int Maximum number of FTP simultaneous connections, 0 for unlimited
+ --ftp-disable-epsv Disable using EPSV even if server advertises support
+ --ftp-disable-mlsd Disable using MLSD even if server advertises support
+ --ftp-disable-tls13 Disable TLS 1.3 (workaround for FTP servers with buggy TLS)
+ --ftp-disable-utf8 Disable using UTF-8 even if server advertises support
+ --ftp-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,RightSpace,Dot)
+ --ftp-explicit-tls Use Explicit FTPS (FTP over TLS)
+ --ftp-force-list-hidden Use LIST -a to force listing of hidden files and folders. This will disable the use of MLSD
+ --ftp-host string FTP host to connect to
+ --ftp-idle-timeout Duration Max time before closing idle connections (default 1m0s)
+ --ftp-no-check-certificate Do not verify the TLS certificate of the server
+ --ftp-pass string FTP password (obscured)
+ --ftp-port int FTP port number (default 21)
+ --ftp-shut-timeout Duration Maximum time to wait for data connection closing status (default 1m0s)
+ --ftp-tls Use Implicit FTPS (FTP over TLS)
+ --ftp-tls-cache-size int Size of TLS session cache for all control and data connections (default 32)
+ --ftp-user string FTP username (default "$USER")
+ --ftp-writing-mdtm Use MDTM to set modification time (VsFtpd quirk)
+ --gcs-anonymous Access public buckets and objects without credentials
+ --gcs-auth-url string Auth server URL
+ --gcs-bucket-acl string Access Control List for new buckets
+ --gcs-bucket-policy-only Access checks should use bucket-level IAM policies
+ --gcs-client-id string OAuth Client Id
+ --gcs-client-secret string OAuth Client Secret
+ --gcs-decompress If set this will decompress gzip encoded objects
+ --gcs-encoding MultiEncoder The encoding for the backend (default Slash,CrLf,InvalidUtf8,Dot)
+ --gcs-endpoint string Endpoint for the service
+ --gcs-location string Location for the newly created buckets
+ --gcs-no-check-bucket If set, don't attempt to check the bucket exists or create it
+ --gcs-object-acl string Access Control List for new objects
+ --gcs-project-number string Project number
+ --gcs-service-account-file string Service Account Credentials JSON file path
+ --gcs-storage-class string The storage class to use when storing objects in Google Cloud Storage
+ --gcs-token string OAuth Access Token as a JSON blob
+ --gcs-token-url string Token server url
+ --gphotos-auth-url string Auth server URL
+ --gphotos-client-id string OAuth Client Id
+ --gphotos-client-secret string OAuth Client Secret
+ --gphotos-encoding MultiEncoder The encoding for the backend (default Slash,CrLf,InvalidUtf8,Dot)
+ --gphotos-include-archived Also view and download archived media
+ --gphotos-read-only Set to make the Google Photos backend read only
+ --gphotos-read-size Set to read the size of media items
+ --gphotos-start-year int Year limits the photos to be downloaded to those which are uploaded after the given year (default 2000)
+ --gphotos-token string OAuth Access Token as a JSON blob
+ --gphotos-token-url string Token server url
+ --hasher-auto-size SizeSuffix Auto-update checksum for files smaller than this size (disabled by default)
+ --hasher-hashes CommaSepList Comma separated list of supported checksum types (default md5,sha1)
+ --hasher-max-age Duration Maximum time to keep checksums in cache (0 = no cache, off = cache forever) (default off)
+ --hasher-remote string Remote to cache checksums for (e.g. myRemote:path)
+ --hdfs-data-transfer-protection string Kerberos data transfer protection: authentication|integrity|privacy
+ --hdfs-encoding MultiEncoder The encoding for the backend (default Slash,Colon,Del,Ctl,InvalidUtf8,Dot)
+ --hdfs-namenode string Hadoop name node and port
+ --hdfs-service-principal-name string Kerberos service principal name for the namenode
+ --hdfs-username string Hadoop user name
+ --hidrive-auth-url string Auth server URL
+ --hidrive-chunk-size SizeSuffix Chunksize for chunked uploads (default 48Mi)
+ --hidrive-client-id string OAuth Client Id
+ --hidrive-client-secret string OAuth Client Secret
+ --hidrive-disable-fetching-member-count Do not fetch number of objects in directories unless it is absolutely necessary
+ --hidrive-encoding MultiEncoder The encoding for the backend (default Slash,Dot)
+ --hidrive-endpoint string Endpoint for the service (default "https://api.hidrive.strato.com/2.1")
+ --hidrive-root-prefix string The root/parent folder for all paths (default "/")
+ --hidrive-scope-access string Access permissions that rclone should use when requesting access from HiDrive (default "rw")
+ --hidrive-scope-role string User-level that rclone should use when requesting access from HiDrive (default "user")
+ --hidrive-token string OAuth Access Token as a JSON blob
+ --hidrive-token-url string Token server url
+ --hidrive-upload-concurrency int Concurrency for chunked uploads (default 4)
+ --hidrive-upload-cutoff SizeSuffix Cutoff/Threshold for chunked uploads (default 96Mi)
+ --http-headers CommaSepList Set HTTP headers for all transactions
+ --http-no-head Don't use HEAD requests
+ --http-no-slash Set this if the site doesn't end directories with /
+ --http-url string URL of HTTP host to connect to
+ --internetarchive-access-key-id string IAS3 Access Key
+ --internetarchive-disable-checksum Don't ask the server to test against MD5 checksum calculated by rclone (default true)
+ --internetarchive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,CrLf,Del,Ctl,InvalidUtf8,Dot)
+ --internetarchive-endpoint string IAS3 Endpoint (default "https://s3.us.archive.org")
+ --internetarchive-front-endpoint string Host of InternetArchive Frontend (default "https://archive.org")
+ --internetarchive-secret-access-key string IAS3 Secret Key (password)
+ --internetarchive-wait-archive Duration Timeout for waiting the server's processing tasks (specifically archive and book_op) to finish (default 0s)
+ --jottacloud-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,Del,Ctl,InvalidUtf8,Dot)
+ --jottacloud-hard-delete Delete files permanently rather than putting them into the trash
+ --jottacloud-md5-memory-limit SizeSuffix Files bigger than this will be cached on disk to calculate the MD5 if required (default 10Mi)
+ --jottacloud-no-versions Avoid server side versioning by deleting files and recreating files instead of overwriting them
+ --jottacloud-trashed-only Only show files that are in the trash
+ --jottacloud-upload-resume-limit SizeSuffix Files bigger than this can be resumed if the upload fail's (default 10Mi)
+ --koofr-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --koofr-endpoint string The Koofr API endpoint to use
+ --koofr-mountid string Mount ID of the mount to use
+ --koofr-password string Your password for rclone (generate one at https://app.koofr.net/app/admin/preferences/password) (obscured)
+ --koofr-provider string Choose your storage provider
+ --koofr-setmtime Does the backend support setting modification time (default true)
+ --koofr-user string Your user name
+ -l, --links Translate symlinks to/from regular files with a '.rclonelink' extension
+ --local-case-insensitive Force the filesystem to report itself as case insensitive
+ --local-case-sensitive Force the filesystem to report itself as case sensitive
+ --local-encoding MultiEncoder The encoding for the backend (default Slash,Dot)
+ --local-no-check-updated Don't check to see if the files change during upload
+ --local-no-preallocate Disable preallocation of disk space for transferred files
+ --local-no-set-modtime Disable setting modtime
+ --local-no-sparse Disable sparse files for multi-thread downloads
+ --local-nounc Disable UNC (long path names) conversion on Windows
+ --local-unicode-normalization Apply unicode NFC normalization to paths and filenames
+ --local-zero-size-links Assume the Stat size of links is zero (and read them instead) (deprecated)
+ --mailru-check-hash What should copy do if file checksum is mismatched or invalid (default true)
+ --mailru-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --mailru-pass string Password (obscured)
+ --mailru-speedup-enable Skip full upload if there is another file with same data hash (default true)
+ --mailru-speedup-file-patterns string Comma separated list of file name patterns eligible for speedup (put by hash) (default "*.mkv,*.avi,*.mp4,*.mp3,*.zip,*.gz,*.rar,*.pdf")
+ --mailru-speedup-max-disk SizeSuffix This option allows you to disable speedup (put by hash) for large files (default 3Gi)
+ --mailru-speedup-max-memory SizeSuffix Files larger than the size given below will always be hashed on disk (default 32Mi)
+ --mailru-user string User name (usually email)
+ --mega-debug Output more debug from Mega
+ --mega-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
+ --mega-hard-delete Delete files permanently rather than putting them into the trash
+ --mega-pass string Password (obscured)
+ --mega-user string User name
+ --netstorage-account string Set the NetStorage account name
+ --netstorage-host string Domain+path of NetStorage host to connect to
+ --netstorage-protocol string Select between HTTP or HTTPS protocol (default "https")
+ --netstorage-secret string Set the NetStorage account secret/G2O key for authentication (obscured)
+ -x, --one-file-system Don't cross filesystem boundaries (unix/macOS only)
+ --onedrive-access-scopes SpaceSepList Set scopes to be requested by rclone (default Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All Sites.Read.All offline_access)
+ --onedrive-auth-url string Auth server URL
+ --onedrive-chunk-size SizeSuffix Chunk size to upload files with - must be multiple of 320k (327,680 bytes) (default 10Mi)
+ --onedrive-client-id string OAuth Client Id
+ --onedrive-client-secret string OAuth Client Secret
+ --onedrive-drive-id string The ID of the drive to use
+ --onedrive-drive-type string The type of the drive (personal | business | documentLibrary)
+ --onedrive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,LeftSpace,LeftTilde,RightSpace,RightPeriod,InvalidUtf8,Dot)
+ --onedrive-expose-onenote-files Set to make OneNote files show up in directory listings
+ --onedrive-link-password string Set the password for links created by the link command
+ --onedrive-link-scope string Set the scope of the links created by the link command (default "anonymous")
+ --onedrive-link-type string Set the type of the links created by the link command (default "view")
+ --onedrive-list-chunk int Size of listing chunk (default 1000)
+ --onedrive-no-versions Remove all versions on modifying operations
+ --onedrive-region string Choose national cloud region for OneDrive (default "global")
+ --onedrive-root-folder-id string ID of the root folder
+ --onedrive-server-side-across-configs Allow server-side operations (e.g. copy) to work across different onedrive configs
+ --onedrive-token string OAuth Access Token as a JSON blob
+ --onedrive-token-url string Token server url
+ --oos-chunk-size SizeSuffix Chunk size to use for uploading (default 5Mi)
+ --oos-compartment string Object storage compartment OCID
+ --oos-config-file string Path to OCI config file (default "~/.oci/config")
+ --oos-config-profile string Profile name inside the oci config file (default "Default")
+ --oos-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4.656Gi)
+ --oos-copy-timeout Duration Timeout for copy (default 1m0s)
+ --oos-disable-checksum Don't store MD5 checksum with object metadata
+ --oos-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
+ --oos-endpoint string Endpoint for Object storage API
+ --oos-leave-parts-on-error If true avoid calling abort upload on a failure, leaving all successfully uploaded parts on S3 for manual recovery
+ --oos-namespace string Object storage namespace
+ --oos-no-check-bucket If set, don't attempt to check the bucket exists or create it
+ --oos-provider string Choose your Auth Provider (default "env_auth")
+ --oos-region string Object storage Region
+ --oos-upload-concurrency int Concurrency for multipart uploads (default 10)
+ --oos-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
+ --opendrive-chunk-size SizeSuffix Files will be uploaded in chunks this size (default 10Mi)
+ --opendrive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,LeftSpace,LeftCrLfHtVt,RightSpace,RightCrLfHtVt,InvalidUtf8,Dot)
+ --opendrive-password string Password (obscured)
+ --opendrive-username string Username
+ --pcloud-auth-url string Auth server URL
+ --pcloud-client-id string OAuth Client Id
+ --pcloud-client-secret string OAuth Client Secret
+ --pcloud-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --pcloud-hostname string Hostname to connect to (default "api.pcloud.com")
+ --pcloud-password string Your pcloud password (obscured)
+ --pcloud-root-folder-id string Fill in for rclone to use a non root folder as its starting point (default "d0")
+ --pcloud-token string OAuth Access Token as a JSON blob
+ --pcloud-token-url string Token server url
+ --pcloud-username string Your pcloud username
+ --premiumizeme-encoding MultiEncoder The encoding for the backend (default Slash,DoubleQuote,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --putio-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --qingstor-access-key-id string QingStor Access Key ID
+ --qingstor-chunk-size SizeSuffix Chunk size to use for uploading (default 4Mi)
+ --qingstor-connection-retries int Number of connection retries (default 3)
+ --qingstor-encoding MultiEncoder The encoding for the backend (default Slash,Ctl,InvalidUtf8)
+ --qingstor-endpoint string Enter an endpoint URL to connection QingStor API
+ --qingstor-env-auth Get QingStor credentials from runtime
+ --qingstor-secret-access-key string QingStor Secret Access Key (password)
+ --qingstor-upload-concurrency int Concurrency for multipart uploads (default 1)
+ --qingstor-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
+ --qingstor-zone string Zone to connect to
+ --s3-access-key-id string AWS Access Key ID
+ --s3-acl string Canned ACL used when creating buckets and storing or copying objects
+ --s3-bucket-acl string Canned ACL used when creating buckets
+ --s3-chunk-size SizeSuffix Chunk size to use for uploading (default 5Mi)
+ --s3-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4.656Gi)
+ --s3-decompress If set this will decompress gzip encoded objects
+ --s3-disable-checksum Don't store MD5 checksum with object metadata
+ --s3-disable-http2 Disable usage of http2 for S3 backends
+ --s3-download-url string Custom endpoint for downloads
+ --s3-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
+ --s3-endpoint string Endpoint for S3 API
+ --s3-env-auth Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars)
+ --s3-force-path-style If true use path style access if false use virtual hosted style (default true)
+ --s3-leave-parts-on-error If true avoid calling abort upload on a failure, leaving all successfully uploaded parts on S3 for manual recovery
+ --s3-list-chunk int Size of listing chunk (response list for each ListObject S3 request) (default 1000)
+ --s3-list-url-encode Tristate Whether to url encode listings: true/false/unset (default unset)
+ --s3-list-version int Version of ListObjects to use: 1,2 or 0 for auto
+ --s3-location-constraint string Location constraint - must be set to match the Region
+ --s3-max-upload-parts int Maximum number of parts in a multipart upload (default 10000)
+ --s3-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
+ --s3-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
+ --s3-might-gzip Tristate Set this if the backend might gzip objects (default unset)
+ --s3-no-check-bucket If set, don't attempt to check the bucket exists or create it
+ --s3-no-head If set, don't HEAD uploaded objects to check integrity
+ --s3-no-head-object If set, do not do HEAD before GET when getting objects
+ --s3-no-system-metadata Suppress setting and reading of system metadata
+ --s3-profile string Profile to use in the shared credentials file
+ --s3-provider string Choose your S3 provider
+ --s3-region string Region to connect to
+ --s3-requester-pays Enables requester pays option when interacting with S3 bucket
+ --s3-secret-access-key string AWS Secret Access Key (password)
+ --s3-server-side-encryption string The server-side encryption algorithm used when storing this object in S3
+ --s3-session-token string An AWS session token
+ --s3-shared-credentials-file string Path to the shared credentials file
+ --s3-sse-customer-algorithm string If using SSE-C, the server-side encryption algorithm used when storing this object in S3
+ --s3-sse-customer-key string To use SSE-C you may provide the secret encryption key used to encrypt/decrypt your data
+ --s3-sse-customer-key-base64 string If using SSE-C you must provide the secret encryption key encoded in base64 format to encrypt/decrypt your data
+ --s3-sse-customer-key-md5 string If using SSE-C you may provide the secret encryption key MD5 checksum (optional)
+ --s3-sse-kms-key-id string If using KMS ID you must provide the ARN of Key
+ --s3-storage-class string The storage class to use when storing new objects in S3
+ --s3-upload-concurrency int Concurrency for multipart uploads (default 4)
+ --s3-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
+ --s3-use-accelerate-endpoint If true use the AWS S3 accelerated endpoint
+ --s3-use-multipart-etag Tristate Whether to use ETag in multipart uploads for verification (default unset)
+ --s3-use-presigned-request Whether to use a presigned request or PutObject for single part uploads
+ --s3-v2-auth If true use v2 authentication
+ --s3-version-at Time Show file versions as they were at the specified time (default off)
+ --s3-versions Include old versions in directory listings
+ --seafile-2fa Two-factor authentication ('true' if the account has 2FA enabled)
+ --seafile-create-library Should rclone create a library if it doesn't exist
+ --seafile-encoding MultiEncoder The encoding for the backend (default Slash,DoubleQuote,BackSlash,Ctl,InvalidUtf8)
+ --seafile-library string Name of the library
+ --seafile-library-key string Library password (for encrypted libraries only) (obscured)
+ --seafile-pass string Password (obscured)
+ --seafile-url string URL of seafile host to connect to
+ --seafile-user string User name (usually email address)
+ --sftp-ask-password Allow asking for SFTP password when needed
+ --sftp-chunk-size SizeSuffix Upload and download chunk size (default 32Ki)
+ --sftp-ciphers SpaceSepList Space separated list of ciphers to be used for session encryption, ordered by preference
+ --sftp-concurrency int The maximum number of outstanding requests for one file (default 64)
+ --sftp-disable-concurrent-reads If set don't use concurrent reads
+ --sftp-disable-concurrent-writes If set don't use concurrent writes
+ --sftp-disable-hashcheck Disable the execution of SSH commands to determine if remote file hashing is available
+ --sftp-host string SSH host to connect to
+ --sftp-idle-timeout Duration Max time before closing idle connections (default 1m0s)
+ --sftp-key-exchange SpaceSepList Space separated list of key exchange algorithms, ordered by preference
+ --sftp-key-file string Path to PEM-encoded private key file
+ --sftp-key-file-pass string The passphrase to decrypt the PEM-encoded private key file (obscured)
+ --sftp-key-pem string Raw PEM-encoded private key
+ --sftp-key-use-agent When set forces the usage of the ssh-agent
+ --sftp-known-hosts-file string Optional path to known_hosts file
+ --sftp-macs SpaceSepList Space separated list of MACs (message authentication code) algorithms, ordered by preference
+ --sftp-md5sum-command string The command used to read md5 hashes
+ --sftp-pass string SSH password, leave blank to use ssh-agent (obscured)
+ --sftp-path-override string Override path used by SSH shell commands
+ --sftp-port int SSH port number (default 22)
+ --sftp-pubkey-file string Optional path to public key file
+ --sftp-server-command string Specifies the path or command to run a sftp server on the remote host
+ --sftp-set-env SpaceSepList Environment variables to pass to sftp and commands
+ --sftp-set-modtime Set the modified time on the remote if set (default true)
+ --sftp-sha1sum-command string The command used to read sha1 hashes
+ --sftp-shell-type string The type of SSH shell on remote server, if any
+ --sftp-skip-links Set to skip any symlinks and any other non regular files
+ --sftp-subsystem string Specifies the SSH2 subsystem on the remote host (default "sftp")
+ --sftp-use-fstat If set use fstat instead of stat
+ --sftp-use-insecure-cipher Enable the use of insecure ciphers and key exchange methods
+ --sftp-user string SSH username (default "$USER")
+ --sharefile-chunk-size SizeSuffix Upload chunk size (default 64Mi)
+ --sharefile-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,LeftSpace,LeftPeriod,RightSpace,RightPeriod,InvalidUtf8,Dot)
+ --sharefile-endpoint string Endpoint for API calls
+ --sharefile-root-folder-id string ID of the root folder
+ --sharefile-upload-cutoff SizeSuffix Cutoff for switching to multipart upload (default 128Mi)
+ --sia-api-password string Sia Daemon API Password (obscured)
+ --sia-api-url string Sia daemon API URL, like http://sia.daemon.host:9980 (default "http://127.0.0.1:9980")
+ --sia-encoding MultiEncoder The encoding for the backend (default Slash,Question,Hash,Percent,Del,Ctl,InvalidUtf8,Dot)
+ --sia-user-agent string Siad User Agent (default "Sia-Agent")
+ --skip-links Don't warn about skipped symlinks
+ --smb-case-insensitive Whether the server is configured to be case-insensitive (default true)
+ --smb-domain string Domain name for NTLM authentication (default "WORKGROUP")
+ --smb-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,RightSpace,RightPeriod,InvalidUtf8,Dot)
+ --smb-hide-special-share Hide special shares (e.g. print$) which users aren't supposed to access (default true)
+ --smb-host string SMB server hostname to connect to
+ --smb-idle-timeout Duration Max time before closing idle connections (default 1m0s)
+ --smb-pass string SMB password (obscured)
+ --smb-port int SMB port number (default 445)
+ --smb-user string SMB username (default "$USER")
+ --storj-access-grant string Access grant
+ --storj-api-key string API key
+ --storj-passphrase string Encryption passphrase
+ --storj-provider string Choose an authentication method (default "existing")
+ --storj-satellite-address string Satellite address (default "us-central-1.storj.io")
+ --sugarsync-access-key-id string Sugarsync Access Key ID
+ --sugarsync-app-id string Sugarsync App ID
+ --sugarsync-authorization string Sugarsync authorization
+ --sugarsync-authorization-expiry string Sugarsync authorization expiry
+ --sugarsync-deleted-id string Sugarsync deleted folder id
+ --sugarsync-encoding MultiEncoder The encoding for the backend (default Slash,Ctl,InvalidUtf8,Dot)
+ --sugarsync-hard-delete Permanently delete files if true
+ --sugarsync-private-access-key string Sugarsync Private Access Key
+ --sugarsync-refresh-token string Sugarsync refresh token
+ --sugarsync-root-id string Sugarsync root id
+ --sugarsync-user string Sugarsync user
+ --swift-application-credential-id string Application Credential ID (OS_APPLICATION_CREDENTIAL_ID)
+ --swift-application-credential-name string Application Credential Name (OS_APPLICATION_CREDENTIAL_NAME)
+ --swift-application-credential-secret string Application Credential Secret (OS_APPLICATION_CREDENTIAL_SECRET)
+ --swift-auth string Authentication URL for server (OS_AUTH_URL)
+ --swift-auth-token string Auth Token from alternate authentication - optional (OS_AUTH_TOKEN)
+ --swift-auth-version int AuthVersion - optional - set to (1,2,3) if your auth URL has no version (ST_AUTH_VERSION)
+ --swift-chunk-size SizeSuffix Above this size files will be chunked into a _segments container (default 5Gi)
+ --swift-domain string User domain - optional (v3 auth) (OS_USER_DOMAIN_NAME)
+ --swift-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8)
+ --swift-endpoint-type string Endpoint type to choose from the service catalogue (OS_ENDPOINT_TYPE) (default "public")
+ --swift-env-auth Get swift credentials from environment variables in standard OpenStack form
+ --swift-key string API key or password (OS_PASSWORD)
+ --swift-leave-parts-on-error If true avoid calling abort upload on a failure
+ --swift-no-chunk Don't chunk files during streaming upload
+ --swift-no-large-objects Disable support for static and dynamic large objects
+ --swift-region string Region name - optional (OS_REGION_NAME)
+ --swift-storage-policy string The storage policy to use when creating a new container
+ --swift-storage-url string Storage URL - optional (OS_STORAGE_URL)
+ --swift-tenant string Tenant name - optional for v1 auth, this or tenant_id required otherwise (OS_TENANT_NAME or OS_PROJECT_NAME)
+ --swift-tenant-domain string Tenant domain - optional (v3 auth) (OS_PROJECT_DOMAIN_NAME)
+ --swift-tenant-id string Tenant ID - optional for v1 auth, this or tenant required otherwise (OS_TENANT_ID)
+ --swift-user string User name to log in (OS_USERNAME)
+ --swift-user-id string User ID to log in - optional - most swift systems use user and leave this blank (v3 auth) (OS_USER_ID)
+ --union-action-policy string Policy to choose upstream on ACTION category (default "epall")
+ --union-cache-time int Cache time of usage and free space (in seconds) (default 120)
+ --union-create-policy string Policy to choose upstream on CREATE category (default "epmfs")
+ --union-min-free-space SizeSuffix Minimum viable free space for lfs/eplfs policies (default 1Gi)
+ --union-search-policy string Policy to choose upstream on SEARCH category (default "ff")
+ --union-upstreams string List of space separated upstreams
+ --uptobox-access-token string Your access token
+ --uptobox-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,BackQuote,Del,Ctl,LeftSpace,InvalidUtf8,Dot)
+ --webdav-bearer-token string Bearer token instead of user/pass (e.g. a Macaroon)
+ --webdav-bearer-token-command string Command to run to get a bearer token
+ --webdav-encoding string The encoding for the backend
+ --webdav-headers CommaSepList Set HTTP headers for all transactions
+ --webdav-pass string Password (obscured)
+ --webdav-url string URL of http host to connect to
+ --webdav-user string User name
+ --webdav-vendor string Name of the WebDAV site/service/software you are using
+ --yandex-auth-url string Auth server URL
+ --yandex-client-id string OAuth Client Id
+ --yandex-client-secret string OAuth Client Secret
+ --yandex-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,InvalidUtf8,Dot)
+ --yandex-hard-delete Delete files permanently rather than putting them into the trash
+ --yandex-token string OAuth Access Token as a JSON blob
+ --yandex-token-url string Token server url
+ --zoho-auth-url string Auth server URL
+ --zoho-client-id string OAuth Client Id
+ --zoho-client-secret string OAuth Client Secret
+ --zoho-encoding MultiEncoder The encoding for the backend (default Del,Ctl,InvalidUtf8)
+ --zoho-region string Zoho region to connect to
+ --zoho-token string OAuth Access Token as a JSON blob
+ --zoho-token-url string Token server url
Docker Volume Plugin
Introduction
Docker 1.9 has added support for creating named volumes via command-line interface and mounting them in containers as a way to share data between them. Since Docker 1.10 you can create named volumes with Docker Compose by descriptions in docker-compose.yml files for use by container groups on a single host. As of Docker 1.12 volumes are supported by Docker Swarm included with Docker Engine and created from descriptions in swarm compose v3 files for use with swarm stacks across multiple cluster nodes.
@@ -8539,7 +9382,7 @@
Command line syntax
-v, --verbose Increases logging verbosity.
May be specified more than once for more details.
-h, --help help for bisync
-
Arbitrary rclone flags may be specified on the bisync command line, for example rclone bsync ./testdir/path1/ gdrive:testdir/path2/ --drive-skip-gdocs -v -v --timeout 10s Note that interactions of various rclone flags with bisync process flow has not been fully tested yet.
+
Arbitrary rclone flags may be specified on the bisync command line, for example rclone bisync ./testdir/path1/ gdrive:testdir/path2/ --drive-skip-gdocs -v -v --timeout 10s Note that interactions of various rclone flags with bisync process flow has not been fully tested yet.
Paths
Path1 and Path2 arguments may be references to any mix of local directory paths (absolute or relative), UNC paths (//server/share/path), Windows drive paths (with a drive letter and :) or configured remotes with optional subdirectory paths. Cloud references are distinguished by having a : in the argument (see Windows support below).
Path1 and Path2 are treated equally, in that neither has priority for file changes, and access efficiency does not change whether a remote is on Path1 or Path2.
@@ -8706,7 +9549,7 @@
Modification time
Error handling
Certain bisync critical errors, such as file copy/move failing, will result in a bisync lockout of following runs. The lockout is asserted because the sync status and history of the Path1 and Path2 filesystems cannot be trusted, so it is safer to block any further changes until someone checks things out. The recovery is to do a --resync again.
It is recommended to use --resync --dry-run --verbose initially and carefully review what changes will be made before running the --resync without --dry-run.
-
Most of these events come up due to a error status from an internal call. On such a critical error the {...}.path1.lst and {...}.path2.lst listing files are renamed to extension .lst-err, which blocks any future bisync runs (since the normal .lst files are not found). Bisync keeps them under bisync subdirectory of the rclone cache direcory, typically at ${HOME}/.cache/rclone/bisync/ on Linux.
+
Most of these events come up due to a error status from an internal call. On such a critical error the {...}.path1.lst and {...}.path2.lst listing files are renamed to extension .lst-err, which blocks any future bisync runs (since the normal .lst files are not found). Bisync keeps them under bisync subdirectory of the rclone cache directory, typically at ${HOME}/.cache/rclone/bisync/ on Linux.
Some errors are considered temporary and re-running the bisync is not blocked. The critical return blocks further bisync runs.
Lock file
When bisync is running, a lock file is created in the bisync working directory, typically at ~/.cache/rclone/bisync/PATH1..PATH2.lck on Linux. If bisync should crash or hang, the lock file will remain in place and block any further runs of bisync for the same paths. Delete the lock file as part of debugging the situation. The lock file effectively blocks follow-on (e.g., scheduled by cron) runs when the prior invocation is taking a long time. The lock file contains PID of the blocking process, which may help in debug.
@@ -8715,7 +9558,7 @@
Return codes
rclone bisync returns the following codes to calling program: - 0 on a successful run, - 1 for a non-critical failing run (a rerun may be successful), - 2 for a critically aborted run (requires a --resync to recover).
Limitations
Supported backends
-
Bisync is considered BETA and has been tested with the following backends: - Local filesystem - Google Drive - Dropbox - OneDrive - S3 - SFTP
+
Bisync is considered BETA and has been tested with the following backends: - Local filesystem - Google Drive - Dropbox - OneDrive - S3 - SFTP - Yandex Disk
It has not been fully tested with other services yet. If it works, or sorta works, please let us know and we'll update the list. Run the test suite to check for proper operation as described below.
First release of rclone bisync requires that underlying backend supported the modification time feature and will refuse to run otherwise. This limitation will be lifted in a future rclone bisync release.
Concurrent modifications
@@ -8731,7 +9574,7 @@
Renamed directories
Case sensitivity
Synching with case-insensitive filesystems, such as Windows or Box, can result in file name conflicts. This will be fixed in a future release. The near term workaround is to make sure that files on both sides don't have spelling case differences (Smile.jpg vs. smile.jpg).
Windows support
-
Bisync has been tested on Windows 8.1, Windows 10 Pro 64-bit and on Windows Github runners.
+
Bisync has been tested on Windows 8.1, Windows 10 Pro 64-bit and on Windows GitHub runners.
Drive letters are allowed, including drive letters mapped to network drives (rclone bisync J:\localsync GDrive:). If a drive letter is omitted, the shell current drive is the default. Drive letters are a single character follows by :, so cloud names must be more than one character long.
Absolute paths (with or without a drive letter), and relative paths (with or without a drive letter) are supported.
Working directory is created at C:\Users\MyLogin\AppData\Local\rclone\bisync.
@@ -8883,7 +9726,7 @@
Retries
Denied downloads of "infected" or "abusive" files
Google Drive has a filter for certain file types (.exe, .apk, et cetera) that by default cannot be copied from Google Drive to the local filesystem. If you are having problems, run with --verbose to see specifically which files are generating complaints. If the error is This file has been identified as malware or spam and cannot be downloaded, consider using the flag --drive-acknowledge-abuse.
Google Doc files
-
Google docs exist as virtual files on Google Drive and cannot be transferred to other filesystems natively. While it is possible to export a Google doc to a normal file (with .xlsx extension, for example), it's not possible to import a normal file back into a Google document.
+
Google docs exist as virtual files on Google Drive and cannot be transferred to other filesystems natively. While it is possible to export a Google doc to a normal file (with .xlsx extension, for example), it is not possible to import a normal file back into a Google document.
Bisync's handling of Google Doc files is to flag them in the run log output for user's attention and ignore them for any file transfers, deletes, or syncs. They will show up with a length of -1 in the listings. This bisync run is otherwise successful:
2021/05/11 08:23:15 INFO : Synching Path1 "/path/to/local/tree/base/" with Path2 "GDrive:"
2021/05/11 08:23:15 INFO : ...path2.lst-new: Ignoring incorrect line: "- -1 - - 2018-07-29T08:49:30.136000000+0000 GoogleDoc.docx"
@@ -8988,11 +9831,11 @@
Notes about testing
path1 and/or path2 subdirectories are created in a temporary directory under the respective local or cloud test remote.
By default, the Path1 and Path2 test dirs and workdir will be deleted after each test run. The -no-cleanup flag disables purging these directories when validating and debugging a given test. These directories will be flushed before running another test, independent of the -no-cleanup usage.
You will likely want to add `- /testdir/to your normal bisync--filters-fileso that normal syncs do not attempt to sync the test temporary directories, which may haveRCLONE_TESTmiscompares in some testcases which would otherwise trip the--check-accesssystem. The--check-accessmechanism is hard-coded to ignoreRCLONE_TESTfiles beneathbisync/testdata`, so the test cases may reside on the synched tree even if there are check file mismatches in the test tree.
-
Some Dropbox tests can fail, notably printing the following message: src and dst identical but can't set mod time without deleting and re-uploading This is expected and happens due a way Dropbox handles modificaion times. You should use the -refresh-times test flag to make up for this.
+
Some Dropbox tests can fail, notably printing the following message: src and dst identical but can't set mod time without deleting and re-uploading This is expected and happens due a way Dropbox handles modification times. You should use the -refresh-times test flag to make up for this.
If Dropbox tests hit request limit for you and print error message too_many_requests/...: Too many requests or write operations. then follow the Dropbox App ID instructions.
Updating golden results
-
Sometimes even a slight change in the bisync source can cause little changes spread around many log files. Updating them manually would be a nighmare.
+
Sometimes even a slight change in the bisync source can cause little changes spread around many log files. Updating them manually would be a nightmare.
The -golden flag will store the test.log and *.lst listings from each test case into respective golden directories. Golden results will automatically contain generic strings instead of local or cloud paths which means that they should match when run with a different cloud service.
Your normal workflow might be as follows: 1. Git-clone the rclone sources locally 2. Modify bisync source and check that it builds 3. Run the whole test suite go test ./cmd/bisync -remote local 4. If some tests show log difference, recheck them individually, e.g.: go test ./cmd/bisync -remote local -case basic 5. If you are convinced with the difference, goldenize all tests at once: go test ./cmd/bisync -remote local -golden 6. Use word diff: git diff --word-diff ./cmd/bisync/testdata/. Please note that normal line-level diff is generally useless here. 7. Check the difference carefully! 8. Commit the change (git commit) only if you are sure. If unsure, save your code changes then wipe the log diffs from git: git reset [--hard].
Structure of test scenarios
@@ -9223,7 +10066,7 @@
Restricted filename characters
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
Standard options
-
Here are the standard options specific to fichier (1Fichier).
+
Here are the Standard options specific to fichier (1Fichier).
--fichier-api-key
Your API Key, get it from https://1fichier.com/console/params.pl.
Properties:
@@ -9234,7 +10077,7 @@
--fichier-api-key
Required: false
Advanced options
-
Here are the advanced options specific to fichier (1Fichier).
+
Here are the Advanced options specific to fichier (1Fichier).
--fichier-shared-folder
If you want to download a shared folder, add this parameter.
Properties:
@@ -9276,13 +10119,14 @@
--fichier-encoding
Limitations
rclone about is not supported by the 1Fichier backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
The alias remote provides a new name for another remote.
Paths may be as deep as required or a local path, e.g. remote:directory/subdirectory or /directory/subdirectory.
During the initial setup with rclone config you will specify the target remote. The target remote can either be a local path or another remote.
Subfolders can be used in target remote. Assume an alias remote named backup with the target mydrive:private/backup. Invoking rclone mkdir backup:desktop is exactly the same as invoking rclone mkdir mydrive:private/backup/desktop.
There will be no special handling of paths containing .. segments. Invoking rclone mkdir backup:../desktop is exactly the same as invoking rclone mkdir mydrive:private/backup/../desktop. The empty path is not allowed as a remote. To alias the current directory use . instead.
+
The target remote can also be a connection string. This can be used to modify the config of a remote for different uses, e.g. the alias myDriveTrash with the target remote myDrive,trashed_only: can be used to only show the trashed files in myDrive.
Configuration
Here is an example of how to make an alias called remote for local folder. First run:
rclone config
@@ -9334,7 +10178,7 @@
Configuration
Copy another local directory to the alias directory called source
rclone copy /home/source remote:source
Standard options
-
Here are the standard options specific to alias (Alias for an existing remote).
+
Here are the Standard options specific to alias (Alias for an existing remote).
--alias-remote
Remote or path to alias.
Can be "myremote:path/to/dir", "myremote:bucket", "myremote:" or "/local/path".
@@ -9384,9 +10228,10 @@
Configuration
token_url> Optional token URL
Remote config
Make sure your Redirect URL is set to "http://127.0.0.1:53682/" in your custom config.
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -9446,7 +10291,7 @@
Deleting files
Using with non .com Amazon accounts
Let's say you usually use amazon.co.uk. When you authenticate with rclone it will take you to an amazon.com page to log in. Your amazon.co.uk email and password should work here just fine.
Standard options
-
Here are the standard options specific to amazon cloud drive (Amazon Drive).
+
Here are the Standard options specific to amazon cloud drive (Amazon Drive).
--acd-client-id
OAuth Client Id.
Leave blank normally.
@@ -9468,7 +10313,7 @@
--acd-client-secret
Required: false
Advanced options
-
Here are the advanced options specific to amazon cloud drive (Amazon Drive).
+
Here are the Advanced options specific to amazon cloud drive (Amazon Drive).
--acd-token
OAuth Access Token as a JSON blob.
Properties:
@@ -9549,17 +10394,25 @@
Limitations
At the time of writing (Jan 2016) is in the area of 50 GiB per file. This means that larger files are likely to fail.
Unfortunately there is no way for rclone to see that this failure is because of file size, so it will retry the operation, as any other failure. To avoid this problem, use --max-size 50000M option to limit the maximum size of uploaded files. Note that --max-size does not split files into segments, it only ignores files over this size.
rclone about is not supported by the Amazon Drive backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
The S3 backend can be used with a number of different providers:
AWS S3
Alibaba Cloud (Aliyun) Object Storage System (OSS)
Ceph
+
China Mobile Ecloud Elastic Object Storage (EOS)
+
Cloudflare R2
+
Arvan Cloud Object Storage (AOS)
DigitalOcean Spaces
Dreamhost
+
Huawei OBS
IBM COS S3
+
IDrive e2
+
IONOS Cloud
+
Liara Object Storage
Minio
+
Qiniu Cloud Object Storage (Kodo)
RackCorp Object Storage
Scaleway
Seagate Lyve Cloud
@@ -9593,7 +10446,7 @@
Configuration
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / Amazon S3 Compliant Storage Providers including AWS, Ceph, Dreamhost, IBM COS, Minio, and Tencent COS
+XX / Amazon S3 Compliant Storage Providers including AWS, Ceph, ChinaMobile, ArvanCloud, Dreamhost, IBM COS, Liara, Minio, and Tencent COS
\ "s3"
[snip]
Storage> s3
@@ -9603,7 +10456,7 @@
These flags can and should be used in combination with --fast-list - see below.
If using rclone mount or any command using the VFS (eg rclone serve) commands then you might want to consider using the VFS flag --no-modtime which will stop rclone reading the modification time for every object. You could also use --use-server-modtime if you are happy with the modification times of the objects being the time of upload.
Avoiding GET requests to read directory listings
-
Rclone's default directory traversal is to process each directory individually. This takes one API call per directory. Using the --fast-list flag will read all info about the the objects into memory first using a smaller number of API calls (one per 1000 objects). See the rclone docs for more details.
+
Rclone's default directory traversal is to process each directory individually. This takes one API call per directory. Using the --fast-list flag will read all info about the objects into memory first using a smaller number of API calls (one per 1000 objects). See the rclone docs for more details.
--fast-list trades off API transactions for memory use. As a rough guide rclone uses 1k of memory per object stored, so using --fast-list on a sync of a million objects will use roughly 1 GiB of RAM.
If you are only copying a small number of files into a big repository then using --no-traverse is a good idea. This finds objects directly instead of through directory listings. You can do a "top-up" sync very cheaply by using --max-age and --no-traverse to copy only recent files, eg
@@ -9833,19 +10686,49 @@
Hashes
However for objects which were uploaded as multipart uploads or with server side encryption (SSE-AWS or SSE-C) the ETag header is no longer the MD5 sum of the data, so rclone adds an additional piece of metadata X-Amz-Meta-Md5chksum which is a base64 encoded MD5 hash (in the same format as is required for Content-MD5).
For large objects, calculating this hash can take some time so the addition of this hash can be disabled with --s3-disable-checksum. This will mean that these objects do not have an MD5 checksum.
Note that reading this from the object takes an additional HEAD request as the metadata isn't returned in object listings.
-
Cleanup
-
If you run rclone cleanup s3:bucket then it will remove all pending multipart uploads older than 24 hours. You can use the -i flag to see exactly what it will do. If you want more control over the expiry date then run rclone backend cleanup s3:bucket -o max-age=1h to expire all uploads older than one hour. You can use rclone backend list-multipart-uploads s3:bucket to see the pending multipart uploads.
-
Restricted filename characters
-
S3 allows any valid UTF-8 string as a key.
-
Invalid UTF-8 bytes will be replaced, as they can't be used in XML.
-
The following characters are replaced since these are problematic when dealing with the REST API:
-
-
-
-
Character
-
Value
-
Replacement
-
+
Versions
+
When bucket versioning is enabled (this can be done with rclone with the rclone backend versioning command) when rclone uploads a new version of a file it creates a new version of it Likewise when you delete a file, the old version will be marked hidden and still be available.
+
Old versions of files, where available, are visible using the --s3-versions flag.
+
It is also possible to view a bucket as it was at a certain point in time, using the --s3-version-at flag. This will show the file versions as they were at that time, showing files that have been deleted afterwards, and hiding files that were created since.
+
If you wish to remove all the old versions then you can use the rclone backend cleanup-hidden remote:bucket command which will delete all the old hidden versions of files, leaving the current ones intact. You can also supply a path and only old versions under that path will be deleted, e.g. rclone backend cleanup-hidden remote:bucket/path/to/stuff.
+
When you purge a bucket, the current and the old versions will be deleted then the bucket will be deleted.
+
However delete will cause the current versions of the files to become hidden old versions.
+
Here is a session showing the listing and retrieval of an old version followed by a cleanup of the old versions.
+
Show current version and all the versions with --s3-versions flag.
If you run rclone cleanup s3:bucket then it will remove all pending multipart uploads older than 24 hours. You can use the -i flag to see exactly what it will do. If you want more control over the expiry date then run rclone backend cleanup s3:bucket -o max-age=1h to expire all uploads older than one hour. You can use rclone backend list-multipart-uploads s3:bucket to see the pending multipart uploads.
+
Restricted filename characters
+
S3 allows any valid UTF-8 string as a key.
+
Invalid UTF-8 bytes will be replaced, as they can't be used in XML.
+
The following characters are replaced since these are problematic when dealing with the REST API:
+
+
+
+
Character
+
Value
+
Replacement
+
@@ -9889,7 +10772,7 @@
Multipart uploads
Increasing --s3-upload-concurrency will increase throughput (8 would be a sensible value) and increasing --s3-chunk-size also increases throughput (16M would be sensible). Increasing either of these will use more memory. The default values are high enough to gain most of the possible performance without using too much memory.
Buckets and Regions
With Amazon S3 you can list buckets (rclone lsd) using any region, but you can only access the content of a bucket from the region it was created in. If you attempt to access a bucket from the wrong region, you will get an error, incorrect region, the bucket is not in 'XXX' region.
-
Authentication
+
Authentication
There are a number of ways to supply rclone with a set of AWS credentials, with and without using the environment.
The different authentication methods are tried in this order:
@@ -9979,7 +10862,7 @@
Object-lock enabled S3 bucket
As mentioned in the Hashes section, small files that are not uploaded as multipart, use a different tag, causing the upload to fail. A simple solution is to set the --s3-upload-cutoff 0 and force all the files to be uploaded as multipart.
Standard options
-
Here are the standard options specific to s3 (Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, Digital Ocean, Dreamhost, IBM COS, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent COS).
+
Here are the Standard options specific to s3 (Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, IONOS Cloud, Liara, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS, Qiniu and Wasabi).
--s3-provider
Choose your S3 provider.
Properties:
@@ -10002,22 +10885,50 @@
--s3-provider
Ceph Object Storage
+
"ChinaMobile"
+
+
China Mobile Ecloud Elastic Object Storage (EOS)
+
+
"Cloudflare"
+
+
Cloudflare R2 Storage
+
+
"ArvanCloud"
+
+
Arvan Cloud Object Storage (AOS)
+
"DigitalOcean"
-
Digital Ocean Spaces
+
DigitalOcean Spaces
"Dreamhost"
Dreamhost DreamObjects
+
"HuaweiOBS"
+
+
Huawei Object Storage Service
+
"IBMCOS"
IBM COS S3
+
"IDrive"
+
+
IDrive e2
+
+
"IONOS"
+
+
IONOS Cloud
+
"LyveCloud"
Seagate Lyve Cloud
+
"Liara"
+
+
Liara Object Storage
+
"Minio"
Minio Object Storage
@@ -10054,6 +10965,10 @@
--s3-provider
Wasabi Object Storage
+
"Qiniu"
+
+
Qiniu Object Storage (Kodo)
+
"Other"
Any other S3 compatible provider
@@ -10348,16 +11263,184 @@
--s3-region
Paris, France
+
"pl-waw"
+
+
Warsaw, Poland
+
--s3-region
+
Region to connect to. - the location where your bucket will be created and your data stored. Need bo be same with your endpoint.
+
Properties:
+
+
Config: region
+
Env Var: RCLONE_S3_REGION
+
Provider: HuaweiOBS
+
Type: string
+
Required: false
+
Examples:
+
+
"af-south-1"
+
+
AF-Johannesburg
+
+
"ap-southeast-2"
+
+
AP-Bangkok
+
+
"ap-southeast-3"
+
+
AP-Singapore
+
+
"cn-east-3"
+
+
CN East-Shanghai1
+
+
"cn-east-2"
+
+
CN East-Shanghai2
+
+
"cn-north-1"
+
+
CN North-Beijing1
+
+
"cn-north-4"
+
+
CN North-Beijing4
+
+
"cn-south-1"
+
+
CN South-Guangzhou
+
+
"ap-southeast-1"
+
+
CN-Hong Kong
+
+
"sa-argentina-1"
+
+
LA-Buenos Aires1
+
+
"sa-peru-1"
+
+
LA-Lima1
+
+
"na-mexico-1"
+
+
LA-Mexico City1
+
+
"sa-chile-1"
+
+
LA-Santiago2
+
+
"sa-brazil-1"
+
+
LA-Sao Paulo1
+
+
"ru-northwest-2"
+
+
RU-Moscow2
+
+
+
+
--s3-region
+
Region to connect to.
+
Properties:
+
+
Config: region
+
Env Var: RCLONE_S3_REGION
+
Provider: Cloudflare
+
Type: string
+
Required: false
+
Examples:
+
+
"auto"
+
+
R2 buckets are automatically distributed across Cloudflare's data centers for low latency.
+
+
+
+
--s3-region
+
Region to connect to.
+
Properties:
+
+
Config: region
+
Env Var: RCLONE_S3_REGION
+
Provider: Qiniu
+
Type: string
+
Required: false
+
Examples:
+
+
"cn-east-1"
+
+
The default endpoint - a good choice if you are unsure.
+
East China Region 1.
+
Needs location constraint cn-east-1.
+
+
"cn-east-2"
+
+
East China Region 2.
+
Needs location constraint cn-east-2.
+
+
"cn-north-1"
+
+
North China Region 1.
+
Needs location constraint cn-north-1.
+
+
"cn-south-1"
+
+
South China Region 1.
+
Needs location constraint cn-south-1.
+
+
"us-north-1"
+
+
North America Region.
+
Needs location constraint us-north-1.
+
+
"ap-southeast-1"
+
+
Southeast Asia Region 1.
+
Needs location constraint ap-southeast-1.
+
+
"ap-northeast-1"
+
+
Northeast Asia Region 1.
+
Needs location constraint ap-northeast-1.
+
+
+
+
--s3-region
+
Region where your bucket will be created and your data stored.
+
Properties:
+
+
Config: region
+
Env Var: RCLONE_S3_REGION
+
Provider: IONOS
+
Type: string
+
Required: false
+
Examples:
+
+
"de"
+
+
Frankfurt, Germany
+
+
"eu-central-2"
+
+
Berlin, Germany
+
+
"eu-south-2"
+
+
Logrono, Spain
+
+
+
+
--s3-region
Region to connect to.
Leave blank if you are using an S3 clone and you don't have a region.
This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
Note that this ACL is applied when server-side copying objects as S3 doesn't copy the ACL from the source but rather writes a fresh one.
+
If the acl is an empty string then no X-Amz-Acl: header is added and the default (private) will be used.
Properties:
Config: acl
Env Var: RCLONE_S3_ACL
-
Provider: !Storj
+
Provider: !Storj,Cloudflare
Type: string
Required: false
Examples:
@@ -11515,7 +13167,7 @@
--s3-server-side-encryption
Config: server_side_encryption
Env Var: RCLONE_S3_SERVER_SIDE_ENCRYPTION
-
Provider: AWS,Ceph,Minio
+
Provider: AWS,Ceph,ChinaMobile,Minio
Type: string
Required: false
Examples:
@@ -11634,6 +13286,69 @@
--s3-storage-class
--s3-storage-class
+
The storage class to use when storing new objects in ChinaMobile.
+
Properties:
+
+
Config: storage_class
+
Env Var: RCLONE_S3_STORAGE_CLASS
+
Provider: ChinaMobile
+
Type: string
+
Required: false
+
Examples:
+
+
""
+
+
Default
+
+
"STANDARD"
+
+
Standard storage class
+
+
"GLACIER"
+
+
Archive storage mode
+
+
"STANDARD_IA"
+
+
Infrequent access storage mode
+
+
+
+
--s3-storage-class
+
The storage class to use when storing new objects in Liara
+
Properties:
+
+
Config: storage_class
+
Env Var: RCLONE_S3_STORAGE_CLASS
+
Provider: Liara
+
Type: string
+
Required: false
+
Examples:
+
+
"STANDARD"
+
+
Standard storage class
+
+
+
+
--s3-storage-class
+
The storage class to use when storing new objects in ArvanCloud.
+
Properties:
+
+
Config: storage_class
+
Env Var: RCLONE_S3_STORAGE_CLASS
+
Provider: ArvanCloud
+
Type: string
+
Required: false
+
Examples:
+
+
"STANDARD"
+
+
Standard storage class
+
+
+
+
--s3-storage-class
The storage class to use when storing new objects in Tencent COS.
Properties:
@@ -11662,7 +13377,7 @@
--s3-storage-class
-
--s3-storage-class
+
--s3-storage-class
The storage class to use when storing new objects in S3.
Properties:
@@ -11689,12 +13404,42 @@
--s3-storage-class
+
--s3-storage-class
+
The storage class to use when storing new objects in Qiniu.
+
Properties:
+
+
Config: storage_class
+
Env Var: RCLONE_S3_STORAGE_CLASS
+
Provider: Qiniu
+
Type: string
+
Required: false
+
Examples:
+
+
"STANDARD"
+
+
Standard storage class
+
+
"LINE"
+
+
Infrequent access storage mode
+
+
"GLACIER"
+
+
Archive storage mode
+
+
"DEEP_ARCHIVE"
+
+
Deep archive storage mode
+
+
+
Advanced options
-
Here are the advanced options specific to s3 (Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, Digital Ocean, Dreamhost, IBM COS, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent COS).
+
Here are the Advanced options specific to s3 (Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, IONOS Cloud, Liara, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS, Qiniu and Wasabi).
--s3-bucket-acl
Canned ACL used when creating buckets.
For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
Note that this ACL is applied when only when creating buckets. If it isn't set then "acl" is used instead.
+
If the "acl" and "bucket_acl" are empty strings then no X-Amz-Acl: header is added and the default (private) will be used.
Properties:
Config: bucket_acl
@@ -11742,7 +13487,7 @@
--s3-sse-customer-algorithm
Config: sse_customer_algorithm
Env Var: RCLONE_S3_SSE_CUSTOMER_ALGORITHM
-
Provider: AWS,Ceph,Minio
+
Provider: AWS,Ceph,ChinaMobile,Minio
Type: string
Required: false
Examples:
@@ -11758,12 +13503,31 @@
--s3-sse-customer-algorithm
--s3-sse-customer-key
-
If using SSE-C you must provide the secret encryption key used to encrypt/decrypt your data.
+
To use SSE-C you may provide the secret encryption key used to encrypt/decrypt your data.
+
Alternatively you can provide --sse-customer-key-base64.
Properties:
Config: sse_customer_key
Env Var: RCLONE_S3_SSE_CUSTOMER_KEY
-
Provider: AWS,Ceph,Minio
+
Provider: AWS,Ceph,ChinaMobile,Minio
+
Type: string
+
Required: false
+
Examples:
+
+
""
+
+
None
+
+
+
+
--s3-sse-customer-key-base64
+
If using SSE-C you must provide the secret encryption key encoded in base64 format to encrypt/decrypt your data.
+
Alternatively you can provide --sse-customer-key.
+
Properties:
+
+
Config: sse_customer_key_base64
+
Env Var: RCLONE_S3_SSE_CUSTOMER_KEY_BASE64
+
Provider: AWS,Ceph,ChinaMobile,Minio
Type: string
Required: false
Examples:
@@ -11781,7 +13545,7 @@
--s3-sse-customer-key-md5
Config: sse_customer_key_md5
Env Var: RCLONE_S3_SSE_CUSTOMER_KEY_MD5
-
Provider: AWS,Ceph,Minio
+
Provider: AWS,Ceph,ChinaMobile,Minio
Type: string
Required: false
Examples:
@@ -11809,6 +13573,7 @@
--s3-chunk-size
If you are transferring large files over high-speed links and you have enough memory, then increasing this will speed up the transfers.
Rclone will automatically increase the chunk size when uploading a large file of known size to stay below the 10,000 chunks limit.
Files of unknown size are uploaded with the configured chunk_size. Since the default chunk size is 5 MiB and there can be at most 10,000 chunks, this means that by default the maximum size of a file you can stream upload is 48 GiB. If you wish to stream upload larger files then you will need to increase chunk_size.
+
Increasing the chunk size decreases the accuracy of the progress statistics displayed with "-P" flag. Rclone treats chunk as sent when it's buffered by the AWS SDK, when in fact it may still be uploading. A bigger chunk size means a bigger AWS SDK buffer and progress reporting more deviating from the truth.
Properties:
Config: chunk_size
@@ -12073,12 +13838,159 @@
--s3-use-multipart-etag
Type: Tristate
Default: unset
+
--s3-use-presigned-request
+
Whether to use a presigned request or PutObject for single part uploads
+
If this is false rclone will use PutObject from the AWS SDK to upload an object.
+
Versions of rclone < 1.59 use presigned requests to upload a single part object and setting this flag to true will re-enable that functionality. This shouldn't be necessary except in exceptional circumstances or for testing.
+
Properties:
+
+
Config: use_presigned_request
+
Env Var: RCLONE_S3_USE_PRESIGNED_REQUEST
+
Type: bool
+
Default: false
+
+
--s3-versions
+
Include old versions in directory listings.
+
Properties:
+
+
Config: versions
+
Env Var: RCLONE_S3_VERSIONS
+
Type: bool
+
Default: false
+
+
--s3-version-at
+
Show file versions as they were at the specified time.
+
The parameter should be a date, "2006-01-02", datetime "2006-01-02 15:04:05" or a duration for that long ago, eg "100d" or "1h".
+
Note that when using this no file write operations are permitted, so you can't upload files or delete them.
It is possible to upload objects to S3 with "Content-Encoding: gzip" set. Normally rclone will download these files as compressed objects.
+
If this flag is set then rclone will decompress these files with "Content-Encoding: gzip" as they are received. This means that rclone can't check the size and hash but the file contents will be decompressed.
+
Properties:
+
+
Config: decompress
+
Env Var: RCLONE_S3_DECOMPRESS
+
Type: bool
+
Default: false
+
+
--s3-might-gzip
+
Set this if the backend might gzip objects.
+
Normally providers will not alter objects when they are downloaded. If an object was not uploaded with Content-Encoding: gzip then it won't be set on download.
+
However some providers may gzip objects even if they weren't uploaded with Content-Encoding: gzip (eg Cloudflare).
+
A symptom of this would be receiving errors like
+
ERROR corrupted on transfer: sizes differ NNN vs MMM
+
If you set this flag and rclone downloads an object with Content-Encoding: gzip set and chunked transfer encoding, then rclone will decompress the object on the fly.
+
If this is set to unset (the default) then rclone will choose according to the provider setting what to apply, but you can override rclone's choice here.
+
Properties:
+
+
Config: might_gzip
+
Env Var: RCLONE_S3_MIGHT_GZIP
+
Type: Tristate
+
Default: unset
+
+
--s3-no-system-metadata
+
Suppress setting and reading of system metadata
+
Properties:
+
+
Config: no_system_metadata
+
Env Var: RCLONE_S3_NO_SYSTEM_METADATA
+
Type: bool
+
Default: false
+
+
Metadata
+
User metadata is stored as x-amz-meta- keys. S3 metadata keys are case insensitive and are always returned in lower case.
+
Here are the possible system metadata items for the s3 backend.
+
+
+
+
+
+
+
+
+
+
+
Name
+
Help
+
Type
+
Example
+
Read Only
+
+
+
+
+
btime
+
Time of file birth (creation) read from Last-Modified header
+
RFC 3339
+
2006-01-02T15:04:05.999999999Z07:00
+
Y
+
+
+
cache-control
+
Cache-Control header
+
string
+
no-cache
+
N
+
+
+
content-disposition
+
Content-Disposition header
+
string
+
inline
+
N
+
+
+
content-encoding
+
Content-Encoding header
+
string
+
gzip
+
N
+
+
+
content-language
+
Content-Language header
+
string
+
en-US
+
N
+
+
+
content-type
+
Content-Type header
+
string
+
text/plain
+
N
+
+
+
mtime
+
Time of last modification, read from rclone metadata
This command sets versioning support if a parameter is passed and then returns the current versioning status for the bucket supplied.
+
rclone backend versioning s3:bucket # read status only
+rclone backend versioning s3:bucket Enabled
+rclone backend versioning s3:bucket Suspended
+
It may return "Enabled", "Suspended" or "Unversioned". Note that once versioning has been enabled the status can't be set back to "Unversioned".
Anonymous access to public buckets
If you want to use rclone to access a public bucket, configure with a blank access_key_id and secret_access_key. Your config should end up looking like this:
[anons3]
@@ -12170,7 +14096,9 @@
AWS S3
This is the provider used as main example and described in the configuration section above.
AWS Snowball Edge
AWS Snowball is a hardware appliance used for transferring bulk data back to AWS. Its main software interface is S3 object storage.
-
To use rclone with AWS Snowball Edge devices, configure as standard for an 'S3 Compatible Service' be sure to set upload_cutoff = 0 otherwise you will run into authentication header issues as the snowball device does not support query parameter based authentication.
+
To use rclone with AWS Snowball Edge devices, configure as standard for an 'S3 Compatible Service'.
+
If using rclone pre v1.59 be sure to set upload_cutoff = 0 otherwise you will run into authentication header issues as the snowball device does not support query parameter based authentication.
+
With rclone v1.59 or later setting upload_cutoff should not be necessary.
eg.
[snowball]
type = s3
@@ -12194,7 +14122,7 @@
Ceph
acl =
server_side_encryption =
storage_class =
-
If you are using an older version of CEPH, e.g. 10.2.x Jewel, then you may need to supply the parameter --s3-upload-cutoff 0 or put this in the config file as upload_cutoff 0 to work around a bug which causes uploading of small files to fail.
+
If you are using an older version of CEPH (e.g. 10.2.x Jewel) and a version of rclone before v1.59 then you may need to supply the parameter --s3-upload-cutoff 0 or put this in the config file as upload_cutoff 0 to work around a bug which causes uploading of small files to fail.
Note also that Ceph sometimes puts / in the passwords it gives users. If you read the secret access key using the command line tools you will get a JSON blob with the / escaped as \/. Make sure you only write / in the secret access key.
Eg the dump from Ceph looks something like this (irrelevant keys removed).
{
@@ -12209,6 +14137,86 @@
Ceph
],
}
Because this is a json dump, it is encoding the / as \/, so if you use the secret key as xxxxxx/xxxx it will work fine.
+
Cloudflare R2
+
Cloudflare R2 Storage allows developers to store large amounts of unstructured data without the costly egress bandwidth fees associated with typical cloud storage services.
+
Here is an example of making a Cloudflare R2 configuration. First run:
+
rclone config
+
This will guide you through an interactive setup process.
+
Note that all buckets are private, and all are stored in the same "auto" region. It is necessary to use Cloudflare workers to share the content of a bucket publicly.
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> r2
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+...
+XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS and Wasabi
+ \ (s3)
+...
+Storage> s3
+Option provider.
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+...
+XX / Cloudflare R2 Storage
+ \ (Cloudflare)
+...
+provider> Cloudflare
+Option env_auth.
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth> 1
+Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> ACCESS_KEY
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> SECRET_ACCESS_KEY
+Option region.
+Region to connect to.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / R2 buckets are automatically distributed across Cloudflare's data centers for low latency.
+ \ (auto)
+region> 1
+Option endpoint.
+Endpoint for S3 API.
+Required when using an S3 clone.
+Enter a value. Press Enter to leave empty.
+endpoint> https://ACCOUNT_ID.r2.cloudflarestorage.com
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> n
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
This will leave your config looking something like:
Now run rclone lsf r2: to see your buckets and rclone lsf r2:bucket to look within a bucket.
Dreamhost
Dreamhost DreamObjects is an object storage system based on CEPH.
To use rclone with Dreamhost, configure as above but leave the region blank and set the endpoint. You should end up with something like this in your config:
@@ -12254,42 +14262,162 @@
DigitalOcean Spaces
Once configured, you can create a new Space and begin copying files. For example:
Information stored with IBM Cloud Object Storage is encrypted and dispersed across multiple geographic locations, and accessed through an implementation of the S3 API. This service makes use of the distributed storage technologies provided by IBM’s Cloud Object Storage System (formerly Cleversafe). For more information visit: (http://www.ibm.com/cloud/object-storage)
-
To configure access to IBM COS S3, follow the steps below:
-
-
Run rclone config and select n for a new remote.
-
-
2018/02/14 14:13:11 NOTICE: Config file "C:\\Users\\a\\.config\\rclone\\rclone.conf" not found - using defaults
- No remotes found, make a new one?
- n) New remote
- s) Set configuration password
- q) Quit config
- n/s/q> n
-
-
Enter the name for the configuration
-
-
name> <YOUR NAME>
-
-
Select "s3" storage.
-
-
Choose a number from below, or type in your own value
- 1 / Alias for an existing remote
- \ "alias"
- 2 / Amazon Drive
- \ "amazon cloud drive"
- 3 / Amazon S3 Complaint Storage Providers (Dreamhost, Ceph, Minio, IBM COS)
- \ "s3"
- 4 / Backblaze B2
- \ "b2"
+
Huawei OBS
+
Object Storage Service (OBS) provides stable, secure, efficient, and easy-to-use cloud storage that lets you store virtually any volume of unstructured data in any format and access it from anywhere.
+
OBS provides an S3 interface, you can copy and modify the following configuration and add it to your rclone configuration file.
Or you can also configure via the interactive command line:
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> obs
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
[snip]
- 23 / http Connection
- \ "http"
-Storage> 3
-
-
Select IBM COS as the S3 Storage Provider.
-
-
Choose the S3 provider.
+ 5 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS and Wasabi
+ \ (s3)
+[snip]
+Storage> 5
+Option provider.
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+[snip]
+ 9 / Huawei Object Storage Service
+ \ (HuaweiOBS)
+[snip]
+provider> 9
+Option env_auth.
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth> 1
+Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> your-access-key-id
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> your-secret-access-key
+Option region.
+Region to connect to.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / AF-Johannesburg
+ \ (af-south-1)
+ 2 / AP-Bangkok
+ \ (ap-southeast-2)
+[snip]
+region> 1
+Option endpoint.
+Endpoint for OBS API.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / AF-Johannesburg
+ \ (obs.af-south-1.myhuaweicloud.com)
+ 2 / AP-Bangkok
+ \ (obs.ap-southeast-2.myhuaweicloud.com)
+[snip]
+endpoint> 1
+Option acl.
+Canned ACL used when creating buckets and storing or copying objects.
+This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+[snip]
+acl> 1
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n>
+--------------------
+[obs]
+type = s3
+provider = HuaweiOBS
+access_key_id = your-access-key-id
+secret_access_key = your-secret-access-key
+region = af-south-1
+endpoint = obs.af-south-1.myhuaweicloud.com
+acl = private
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+Current remotes:
+
+Name Type
+==== ====
+obs s3
+
+e) Edit existing remote
+n) New remote
+d) Delete remote
+r) Rename remote
+c) Copy remote
+s) Set configuration password
+q) Quit config
+e/n/d/r/c/s/q> q
+
IBM COS (S3)
+
Information stored with IBM Cloud Object Storage is encrypted and dispersed across multiple geographic locations, and accessed through an implementation of the S3 API. This service makes use of the distributed storage technologies provided by IBM’s Cloud Object Storage System (formerly Cleversafe). For more information visit: (http://www.ibm.com/cloud/object-storage)
+
To configure access to IBM COS S3, follow the steps below:
+
+
Run rclone config and select n for a new remote.
+
+
2018/02/14 14:13:11 NOTICE: Config file "C:\\Users\\a\\.config\\rclone\\rclone.conf" not found - using defaults
+ No remotes found, make a new one?
+ n) New remote
+ s) Set configuration password
+ q) Quit config
+ n/s/q> n
+
+
Enter the name for the configuration
+
+
name> <YOUR NAME>
+
+
Select "s3" storage.
+
+
Choose a number from below, or type in your own value
+ 1 / Alias for an existing remote
+ \ "alias"
+ 2 / Amazon Drive
+ \ "amazon cloud drive"
+ 3 / Amazon S3 Complaint Storage Providers (Dreamhost, Ceph, ChinaMobile, Liara, ArvanCloud, Minio, IBM COS)
+ \ "s3"
+ 4 / Backblaze B2
+ \ "b2"
+[snip]
+ 23 / HTTP
+ \ "http"
+Storage> 3
+
+
Select IBM COS as the S3 Storage Provider.
+
+
Choose the S3 provider.
Choose a number from below, or type in your own value
1 / Choose this option to configure Storage to AWS S3
\ "AWS"
@@ -12411,6 +14539,234 @@
IBM COS (S3)
rclone copy IBM-COS-XREGION:newbucket/file.txt .
6) Delete a file on remote.
rclone delete IBM-COS-XREGION:newbucket/file.txt
+
IDrive e2
+
Here is an example of making an IDrive e2 configuration. First run:
+
rclone config
+
This will guide you through an interactive setup process.
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+
+Enter name for new remote.
+name> e2
+
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+[snip]
+XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS and Wasabi
+ \ (s3)
+[snip]
+Storage> s3
+
+Option provider.
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+[snip]
+XX / IDrive e2
+ \ (IDrive)
+[snip]
+provider> IDrive
+
+Option env_auth.
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth>
+
+Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> YOUR_ACCESS_KEY
+
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> YOUR_SECRET_KEY
+
+Option acl.
+Canned ACL used when creating buckets and storing or copying objects.
+This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+ 2 | The AllUsers group gets READ access.
+ \ (public-read)
+ / Owner gets FULL_CONTROL.
+ 3 | The AllUsers group gets READ and WRITE access.
+ | Granting this on a bucket is generally not recommended.
+ \ (public-read-write)
+ / Owner gets FULL_CONTROL.
+ 4 | The AuthenticatedUsers group gets READ access.
+ \ (authenticated-read)
+ / Object owner gets FULL_CONTROL.
+ 5 | Bucket owner gets READ access.
+ | If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
+ \ (bucket-owner-read)
+ / Both the object owner and the bucket owner get FULL_CONTROL over the object.
+ 6 | If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
+ \ (bucket-owner-full-control)
+acl>
+
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n>
+
+Configuration complete.
+Options:
+- type: s3
+- provider: IDrive
+- access_key_id: YOUR_ACCESS_KEY
+- secret_access_key: YOUR_SECRET_KEY
+- endpoint: q9d9.la12.idrivee2-5.com
+Keep this "e2" remote?
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
IONOS Cloud
+
IONOS S3 Object Storage is a service offered by IONOS for storing and accessing unstructured data. To connect to the service, you will need an access key and a secret key. These can be found in the Data Center Designer, by selecting Manager resources > Object Storage Key Manager.
+
Here is an example of a configuration. First, run rclone config. This will walk you through an interactive setup process. Type n to add the new remote, and then enter a name:
+
Enter name for new remote.
+name> ionos-fra
+
Type s3 to choose the connection type:
+
Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+[snip]
+XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, IONOS Cloud, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS and Wasabi
+ \ (s3)
+[snip]
+Storage> s3
+
Type IONOS:
+
Option provider.
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+[snip]
+XX / IONOS Cloud
+ \ (IONOS)
+[snip]
+provider> IONOS
+
Press Enter to choose the default option Enter AWS credentials in the next step:
+
Option env_auth.
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth>
+
Enter your Access Key and Secret key. These can be retrieved in the Data Center Designer, click on the menu “Manager resources” / "Object Storage Key Manager".
+
Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> YOUR_ACCESS_KEY
+
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> YOUR_SECRET_KEY
+
Choose the region where your bucket is located:
+
Option region.
+Region where your bucket will be created and your data stored.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / Frankfurt, Germany
+ \ (de)
+ 2 / Berlin, Germany
+ \ (eu-central-2)
+ 3 / Logrono, Spain
+ \ (eu-south-2)
+region> 2
+
Choose the endpoint from the same region:
+
Option endpoint.
+Endpoint for IONOS S3 Object Storage.
+Specify the endpoint from the same region.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / Frankfurt, Germany
+ \ (s3-eu-central-1.ionoscloud.com)
+ 2 / Berlin, Germany
+ \ (s3-eu-central-2.ionoscloud.com)
+ 3 / Logrono, Spain
+ \ (s3-eu-south-2.ionoscloud.com)
+endpoint> 1
+
Press Enter to choose the default option or choose the desired ACL setting:
+
Option acl.
+Canned ACL used when creating buckets and storing or copying objects.
+This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+[snip]
+acl>
+
Press Enter to skip the advanced config:
+
Edit advanced config?
+y) Yes
+n) No (default)
+y/n>
+
Press Enter to save the configuration, and then q to quit the configuration process:
+
Configuration complete.
+Options:
+- type: s3
+- provider: IONOS
+- access_key_id: YOUR_ACCESS_KEY
+- secret_access_key: YOUR_SECRET_KEY
+- endpoint: s3-eu-central-1.ionoscloud.com
+Keep this "ionos-fra" remote?
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
Done! Now you can try some commands (for macOS, use ./rclone instead of rclone).
+
+
Create a bucket (the name must be unique within the whole IONOS S3)
+
+
rclone mkdir ionos-fra:my-bucket
+
+
List available buckets
+
+
rclone lsd ionos-fra:
+
+
Copy a file from local to remote
+
+
rclone copy /Users/file.txt ionos-fra:my-bucket
+
+
List contents of a bucket
+
+
rclone ls ionos-fra:my-bucket
+
+
Copy a file from remote to local
+
+
rclone copy ionos-fra:my-bucket/file.txt
Minio
Minio is an object storage server built for cloud application developers and devops.
It is very easy to install and provides an S3 compatible server which can be used by rclone.
@@ -12457,21 +14813,206 @@
Minio
server_side_encryption =
So once set up, for example, to copy files into a bucket
rclone copy /path/to/files minio:bucket
-
RackCorp
-
RackCorp Object Storage is an S3 compatible object storage platform from your friendly cloud provider RackCorp. The service is fast, reliable, well priced and located in many strategic locations unserviced by others, to ensure you can maintain data sovereignty.
-
Before you can use RackCorp Object Storage, you'll need to "sign up" for an account on our "portal". Next you can create an access key, a secret key and buckets, in your location of choice with ease. These details are required for the next steps of configuration, when rclone config asks for your access_key_id and secret_access_key.
-
Your config should end up looking a bit like this:
Scaleway The Object Storage platform allows you to store anything from backups, logs and web assets to documents and photos. Files can be dropped from the Scaleway console or transferred through our API and CLI or using any S3-compatible tool.
+
Qiniu Cloud Object Storage (Kodo)
+
Qiniu Cloud Object Storage (Kodo), a completely independent-researched core technology which is proven by repeated customer experience has occupied absolute leading market leader position. Kodo can be widely applied to mass data management.
+
To configure access to Qiniu Kodo, follow the steps below:
+
+
Run rclone config and select n for a new remote.
+
+
rclone config
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+
+
Give the name of the configuration. For example, name it 'qiniu'.
+
+
name> qiniu
+
+
Select s3 storage.
+
+
Choose a number from below, or type in your own value
+ 1 / 1Fichier
+ \ (fichier)
+ 2 / Akamai NetStorage
+ \ (netstorage)
+ 3 / Alias for an existing remote
+ \ (alias)
+ 4 / Amazon Drive
+ \ (amazon cloud drive)
+ 5 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, Liara, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS, Qiniu and Wasabi
+ \ (s3)
+[snip]
+Storage> s3
+
+
Select Qiniu provider.
+
+
Choose a number from below, or type in your own value
+1 / Amazon Web Services (AWS) S3
+ \ "AWS"
+[snip]
+22 / Qiniu Object Storage (Kodo)
+ \ (Qiniu)
+[snip]
+provider> Qiniu
+
+
Enter your SecretId and SecretKey of Qiniu Kodo.
+
+
Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Enter a boolean value (true or false). Press Enter for the default ("false").
+Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+env_auth> 1
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a string value. Press Enter for the default ("").
+access_key_id> AKIDxxxxxxxxxx
+AWS Secret Access Key (password)
+Leave blank for anonymous access or runtime credentials.
+Enter a string value. Press Enter for the default ("").
+secret_access_key> xxxxxxxxxxx
+
+
Select endpoint for Qiniu Kodo. This is the standard endpoint for different region.
+
+
/ The default endpoint - a good choice if you are unsure.
+ 1 | East China Region 1.
+ | Needs location constraint cn-east-1.
+ \ (cn-east-1)
+ / East China Region 2.
+ 2 | Needs location constraint cn-east-2.
+ \ (cn-east-2)
+ / North China Region 1.
+ 3 | Needs location constraint cn-north-1.
+ \ (cn-north-1)
+ / South China Region 1.
+ 4 | Needs location constraint cn-south-1.
+ \ (cn-south-1)
+ / North America Region.
+ 5 | Needs location constraint us-north-1.
+ \ (us-north-1)
+ / Southeast Asia Region 1.
+ 6 | Needs location constraint ap-southeast-1.
+ \ (ap-southeast-1)
+ / Northeast Asia Region 1.
+ 7 | Needs location constraint ap-northeast-1.
+ \ (ap-northeast-1)
+[snip]
+endpoint> 1
+
+Option endpoint.
+Endpoint for Qiniu Object Storage.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / East China Endpoint 1
+ \ (s3-cn-east-1.qiniucs.com)
+ 2 / East China Endpoint 2
+ \ (s3-cn-east-2.qiniucs.com)
+ 3 / North China Endpoint 1
+ \ (s3-cn-north-1.qiniucs.com)
+ 4 / South China Endpoint 1
+ \ (s3-cn-south-1.qiniucs.com)
+ 5 / North America Endpoint 1
+ \ (s3-us-north-1.qiniucs.com)
+ 6 / Southeast Asia Endpoint 1
+ \ (s3-ap-southeast-1.qiniucs.com)
+ 7 / Northeast Asia Endpoint 1
+ \ (s3-ap-northeast-1.qiniucs.com)
+endpoint> 1
+
+Option location_constraint.
+Location constraint - must be set to match the Region.
+Used when creating buckets only.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / East China Region 1
+ \ (cn-east-1)
+ 2 / East China Region 2
+ \ (cn-east-2)
+ 3 / North China Region 1
+ \ (cn-north-1)
+ 4 / South China Region 1
+ \ (cn-south-1)
+ 5 / North America Region 1
+ \ (us-north-1)
+ 6 / Southeast Asia Region 1
+ \ (ap-southeast-1)
+ 7 / Northeast Asia Region 1
+ \ (ap-northeast-1)
+location_constraint> 1
+
+
Choose acl and storage class.
+
+
Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+ 2 | The AllUsers group gets READ access.
+ \ (public-read)
+[snip]
+acl> 2
+The storage class to use when storing new objects in Tencent COS.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 1 / Standard storage class
+ \ (STANDARD)
+ 2 / Infrequent access storage mode
+ \ (LINE)
+ 3 / Archive storage mode
+ \ (GLACIER)
+ 4 / Deep archive storage mode
+ \ (DEEP_ARCHIVE)
+[snip]
+storage_class> 1
+Edit advanced config? (y/n)
+y) Yes
+n) No (default)
+y/n> n
+Remote config
+--------------------
+[qiniu]
+- type: s3
+- provider: Qiniu
+- access_key_id: xxx
+- secret_access_key: xxx
+- region: cn-east-1
+- endpoint: s3-cn-east-1.qiniucs.com
+- location_constraint: cn-east-1
+- acl: public-read
+- storage_class: STANDARD
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+Current remotes:
+
+Name Type
+==== ====
+qiniu s3
+
RackCorp
+
RackCorp Object Storage is an S3 compatible object storage platform from your friendly cloud provider RackCorp. The service is fast, reliable, well priced and located in many strategic locations unserviced by others, to ensure you can maintain data sovereignty.
+
Before you can use RackCorp Object Storage, you'll need to "sign up" for an account on our "portal". Next you can create an access key, a secret key and buckets, in your location of choice with ease. These details are required for the next steps of configuration, when rclone config asks for your access_key_id and secret_access_key.
+
Your config should end up looking a bit like this:
Scaleway The Object Storage platform allows you to store anything from backups, logs and web assets to documents and photos. Files can be dropped from the Scaleway console or transferred through our API and CLI or using any S3-compatible tool.
Scaleway provides an S3 interface which can be configured for use with rclone like this:
C14 Cold Storage is the low-cost S3 Glacier alternative from Scaleway and it works the same way as on S3 by accepting the "GLACIER" storage_class. So you can configure your remote with the storage_class = GLACIER option to upload directly to C14. Don't forget that in this state you can't read files back after, you will need to restore them to "STANDARD" storage_class first before being able to read them (see "restore" section above)
Seagate Lyve Cloud
Seagate Lyve Cloud is an S3 compatible object storage platform from Seagate intended for enterprise use.
Here is a config run through for a remote called remote - you may choose a different name of course. Note that to create an access key and secret key you will need to create a service account first.
@@ -12499,7 +15041,7 @@
Seagate Lyve Cloud
Type of storage to configure.
Choose a number from below, or type in your own value.
[snip]
-XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, Digital Ocean, Dreamhost, IBM COS, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent COS
+XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Liara, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent COS
\ (s3)
[snip]
Storage> s3
@@ -12624,7 +15166,7 @@
Wasabi
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / Amazon S3 (also Dreamhost, Ceph, Minio)
+XX / Amazon S3 (also Dreamhost, Ceph, ChinaMobile, ArvanCloud, Minio, Liara)
\ "s3"
[snip]
Storage> s3
@@ -12726,7 +15268,7 @@
Alibaba OSS
Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
[snip]
- 4 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, Digital Ocean, Dreamhost, IBM COS, Minio, and Tencent COS
+ 4 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Liara, Minio, and Tencent COS
\ "s3"
[snip]
Storage> s3
@@ -12814,129 +15356,34 @@
Alibaba OSS
e) Edit this remote
d) Delete this remote
y/e/d> y
-
Tencent COS
-
Tencent Cloud Object Storage (COS) is a distributed storage service offered by Tencent Cloud for unstructured data. It is secure, stable, massive, convenient, low-delay and low-cost.
-
To configure access to Tencent COS, follow the steps below:
-
-
Run rclone config and select n for a new remote.
-
-
rclone config
-No remotes found, make a new one?
+
This will guide you through an interactive setup process.
+
No remotes found, make a new one?
n) New remote
s) Set configuration password
q) Quit config
-n/s/q> n
-
-
Give the name of the configuration. For example, name it 'cos'.
-
-
name> cos
-
-
Select s3 storage.
-
-
Choose a number from below, or type in your own value
-1 / 1Fichier
- \ "fichier"
- 2 / Alias for an existing remote
- \ "alias"
- 3 / Amazon Drive
- \ "amazon cloud drive"
- 4 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, Digital Ocean, Dreamhost, IBM COS, Minio, and Tencent COS
- \ "s3"
-[snip]
-Storage> s3
-
-
Select TencentCOS provider.
-
-
Choose a number from below, or type in your own value
-1 / Amazon Web Services (AWS) S3
- \ "AWS"
-[snip]
-11 / Tencent Cloud Object Storage (COS)
- \ "TencentCOS"
-[snip]
-provider> TencentCOS
-
-
Enter your SecretId and SecretKey of Tencent Cloud.
-
-
Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
-Only applies if access_key_id and secret_access_key is blank.
-Enter a boolean value (true or false). Press Enter for the default ("false").
-Choose a number from below, or type in your own value
- 1 / Enter AWS credentials in the next step
- \ "false"
- 2 / Get AWS credentials from the environment (env vars or IAM)
- \ "true"
-env_auth> 1
-AWS Access Key ID.
-Leave blank for anonymous access or runtime credentials.
-Enter a string value. Press Enter for the default ("").
-access_key_id> AKIDxxxxxxxxxx
-AWS Secret Access Key (password)
-Leave blank for anonymous access or runtime credentials.
-Enter a string value. Press Enter for the default ("").
-secret_access_key> xxxxxxxxxxx
-
-
Select endpoint for Tencent COS. This is the standard endpoint for different region.
Note that this ACL is applied when server-side copying objects as S3
-doesn't copy the ACL from the source but rather writes a fresh one.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Owner gets Full_CONTROL. No one else has access rights (default).
- \ "default"
-[snip]
-acl> 1
-The storage class to use when storing new objects in Tencent COS.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Default
- \ ""
-[snip]
-storage_class> 1
-Edit advanced config? (y/n)
-y) Yes
-n) No (default)
-y/n> n
-Remote config
---------------------
-[cos]
-type = s3
-provider = TencentCOS
-env_auth = false
-access_key_id = xxx
-secret_access_key = xxx
-endpoint = cos.ap-guangzhou.myqcloud.com
-acl = default
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Current remotes:
-
-Name Type
-==== ====
-cos s3
-
Netease NOS
-
For Netease NOS configure as per the configurator rclone config setting the provider Netease. This will automatically set force_path_style = false which is necessary for it to run properly.
-
Storj
-
Storj is a decentralized cloud storage which can be used through its native protocol or an S3 compatible gateway.
-
The S3 compatible gateway is configured using rclone config with a type of s3 and with a provider name of Storj. Here is an example run of the configurator.
-
Type of storage to configure.
+n/s/q> n
+name> ChinaMobile
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+ ...
+ 5 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent COS
+ \ (s3)
+ ...
Storage> s3
+Option provider.
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ ...
+ 4 / China Mobile Ecloud Elastic Object Storage (EOS)
+ \ (ChinaMobile)
+ ...
+provider> ChinaMobile
+Option env_auth.
Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
Only applies if access_key_id and secret_access_key is blank.
Choose a number from below, or type in your own boolean value (true or false).
@@ -12945,1521 +15392,1067 @@
Storj
\ (false)
2 / Get AWS credentials from the environment (env vars or IAM).
\ (true)
-env_auth> 1
+env_auth>
Option access_key_id.
AWS Access Key ID.
Leave blank for anonymous access or runtime credentials.
Enter a value. Press Enter to leave empty.
-access_key_id> XXXX (as shown when creating the access grant)
+access_key_id> accesskeyid
Option secret_access_key.
AWS Secret Access Key (password).
Leave blank for anonymous access or runtime credentials.
Enter a value. Press Enter to leave empty.
-secret_access_key> XXXX (as shown when creating the access grant)
+secret_access_key> secretaccesskey
Option endpoint.
-Endpoint of the Shared Gateway.
+Endpoint for China Mobile Ecloud Elastic Object Storage (EOS) API.
Choose a number from below, or type in your own value.
Press Enter to leave empty.
- 1 / EU1 Shared Gateway
- \ (gateway.eu1.storjshare.io)
- 2 / US1 Shared Gateway
- \ (gateway.us1.storjshare.io)
- 3 / Asia-Pacific Shared Gateway
- \ (gateway.ap1.storjshare.io)
-endpoint> 1 (as shown when creating the access grant)
-Edit advanced config?
-y) Yes
-n) No (default)
-y/n> n
--chunk-size is forced to be 64 MiB or greater. This will use more memory than the default of 5 MiB.
-
Server side copy is disabled as it isn't currently supported in the gateway.
-
GetTier and SetTier are not supported.
-
-
Backend bugs
-
Due to issue #39 uploading multipart files via the S3 gateway causes them to lose their metadata. For rclone's purpose this means that the modification time is not stored, nor is any MD5SUM (if one is available from the source).
-
This has the following consequences:
-
-
Using rclone rcat will fail as the medatada doesn't match after upload
-
Uploading files with rclone mount will fail for the same reason
-
-
This can worked around by using --vfs-cache-mode writes or --vfs-cache-mode full or setting --s3-upload-cutoff large
-
-
Files uploaded via a multipart upload won't have their modtimes
-
-
This will mean that rclone sync will likely keep trying to upload files bigger than --s3-upload-cutoff
-
This can be worked around with --checksum or --size-only or setting --s3-upload-cutoff large
-
The maximum value for --s3-upload-cutoff is 5GiB though
-
-
-
One general purpose workaround is to set --s3-upload-cutoff 5G. This means that rclone will upload files smaller than 5GiB as single parts. Note that this can be set in the config file with upload_cutoff = 5G or configured in the advanced settings. If you regularly transfer files larger than 5G then using --checksum or --size-only in rclone sync is the recommended workaround.
-
Comparison with the native protocol
-
Use the the native protocol to take advantage of client-side encryption as well as to achieve the best possible download performance. Uploads will be erasure-coded locally, thus a 1gb upload will result in 2.68gb of data being uploaded to storage nodes across the network.
-
Use this backend and the S3 compatible Hosted Gateway to increase upload performance and reduce the load on your systems and network. Uploads will be encrypted and erasure-coded server-side, thus a 1GB upload will result in only in 1GB of data being uploaded to storage nodes across the network.
-
For more detailed comparison please check the documentation of the storj backend.
-
Limitations
-
rclone about is not supported by the S3 backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
Paths are specified as remote:bucket (or remote: for the lsd command.) You may put subdirectories in too, e.g. remote:bucket/path/to/dir.
-
Configuration
-
Here is an example of making a b2 configuration. First run
+ / The default endpoint - a good choice if you are unsure.
+ 1 | East China (Suzhou)
+ \ (eos-wuxi-1.cmecloud.cn)
+ 2 / East China (Jinan)
+ \ (eos-jinan-1.cmecloud.cn)
+ 3 / East China (Hangzhou)
+ \ (eos-ningbo-1.cmecloud.cn)
+ 4 / East China (Shanghai-1)
+ \ (eos-shanghai-1.cmecloud.cn)
+ 5 / Central China (Zhengzhou)
+ \ (eos-zhengzhou-1.cmecloud.cn)
+ 6 / Central China (Changsha-1)
+ \ (eos-hunan-1.cmecloud.cn)
+ 7 / Central China (Changsha-2)
+ \ (eos-zhuzhou-1.cmecloud.cn)
+ 8 / South China (Guangzhou-2)
+ \ (eos-guangzhou-1.cmecloud.cn)
+ 9 / South China (Guangzhou-3)
+ \ (eos-dongguan-1.cmecloud.cn)
+10 / North China (Beijing-1)
+ \ (eos-beijing-1.cmecloud.cn)
+11 / North China (Beijing-2)
+ \ (eos-beijing-2.cmecloud.cn)
+12 / North China (Beijing-3)
+ \ (eos-beijing-4.cmecloud.cn)
+13 / North China (Huhehaote)
+ \ (eos-huhehaote-1.cmecloud.cn)
+14 / Southwest China (Chengdu)
+ \ (eos-chengdu-1.cmecloud.cn)
+15 / Southwest China (Chongqing)
+ \ (eos-chongqing-1.cmecloud.cn)
+16 / Southwest China (Guiyang)
+ \ (eos-guiyang-1.cmecloud.cn)
+17 / Nouthwest China (Xian)
+ \ (eos-xian-1.cmecloud.cn)
+18 / Yunnan China (Kunming)
+ \ (eos-yunnan.cmecloud.cn)
+19 / Yunnan China (Kunming-2)
+ \ (eos-yunnan-2.cmecloud.cn)
+20 / Tianjin China (Tianjin)
+ \ (eos-tianjin-1.cmecloud.cn)
+21 / Jilin China (Changchun)
+ \ (eos-jilin-1.cmecloud.cn)
+22 / Hubei China (Xiangyan)
+ \ (eos-hubei-1.cmecloud.cn)
+23 / Jiangxi China (Nanchang)
+ \ (eos-jiangxi-1.cmecloud.cn)
+24 / Gansu China (Lanzhou)
+ \ (eos-gansu-1.cmecloud.cn)
+25 / Shanxi China (Taiyuan)
+ \ (eos-shanxi-1.cmecloud.cn)
+26 / Liaoning China (Shenyang)
+ \ (eos-liaoning-1.cmecloud.cn)
+27 / Hebei China (Shijiazhuang)
+ \ (eos-hebei-1.cmecloud.cn)
+28 / Fujian China (Xiamen)
+ \ (eos-fujian-1.cmecloud.cn)
+29 / Guangxi China (Nanning)
+ \ (eos-guangxi-1.cmecloud.cn)
+30 / Anhui China (Huainan)
+ \ (eos-anhui-1.cmecloud.cn)
+endpoint> 1
+Option location_constraint.
+Location constraint - must match endpoint.
+Used when creating buckets only.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / East China (Suzhou)
+ \ (wuxi1)
+ 2 / East China (Jinan)
+ \ (jinan1)
+ 3 / East China (Hangzhou)
+ \ (ningbo1)
+ 4 / East China (Shanghai-1)
+ \ (shanghai1)
+ 5 / Central China (Zhengzhou)
+ \ (zhengzhou1)
+ 6 / Central China (Changsha-1)
+ \ (hunan1)
+ 7 / Central China (Changsha-2)
+ \ (zhuzhou1)
+ 8 / South China (Guangzhou-2)
+ \ (guangzhou1)
+ 9 / South China (Guangzhou-3)
+ \ (dongguan1)
+10 / North China (Beijing-1)
+ \ (beijing1)
+11 / North China (Beijing-2)
+ \ (beijing2)
+12 / North China (Beijing-3)
+ \ (beijing4)
+13 / North China (Huhehaote)
+ \ (huhehaote1)
+14 / Southwest China (Chengdu)
+ \ (chengdu1)
+15 / Southwest China (Chongqing)
+ \ (chongqing1)
+16 / Southwest China (Guiyang)
+ \ (guiyang1)
+17 / Nouthwest China (Xian)
+ \ (xian1)
+18 / Yunnan China (Kunming)
+ \ (yunnan)
+19 / Yunnan China (Kunming-2)
+ \ (yunnan2)
+20 / Tianjin China (Tianjin)
+ \ (tianjin1)
+21 / Jilin China (Changchun)
+ \ (jilin1)
+22 / Hubei China (Xiangyan)
+ \ (hubei1)
+23 / Jiangxi China (Nanchang)
+ \ (jiangxi1)
+24 / Gansu China (Lanzhou)
+ \ (gansu1)
+25 / Shanxi China (Taiyuan)
+ \ (shanxi1)
+26 / Liaoning China (Shenyang)
+ \ (liaoning1)
+27 / Hebei China (Shijiazhuang)
+ \ (hebei1)
+28 / Fujian China (Xiamen)
+ \ (fujian1)
+29 / Guangxi China (Nanning)
+ \ (guangxi1)
+30 / Anhui China (Huainan)
+ \ (anhui1)
+location_constraint> 1
+Option acl.
+Canned ACL used when creating buckets and storing or copying objects.
+This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+ 2 | The AllUsers group gets READ access.
+ \ (public-read)
+ / Owner gets FULL_CONTROL.
+ 3 | The AllUsers group gets READ and WRITE access.
+ | Granting this on a bucket is generally not recommended.
+ \ (public-read-write)
+ / Owner gets FULL_CONTROL.
+ 4 | The AuthenticatedUsers group gets READ access.
+ \ (authenticated-read)
+ / Object owner gets FULL_CONTROL.
+acl> private
+Option server_side_encryption.
+The server-side encryption algorithm used when storing this object in S3.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / None
+ \ ()
+ 2 / AES256
+ \ (AES256)
+server_side_encryption>
+Option storage_class.
+The storage class to use when storing new objects in ChinaMobile.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / Default
+ \ ()
+ 2 / Standard storage class
+ \ (STANDARD)
+ 3 / Archive storage mode
+ \ (GLACIER)
+ 4 / Infrequent access storage mode
+ \ (STANDARD_IA)
+storage_class>
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> n
+--------------------
+[ChinaMobile]
+type = s3
+provider = ChinaMobile
+access_key_id = accesskeyid
+secret_access_key = secretaccesskey
+endpoint = eos-wuxi-1.cmecloud.cn
+location_constraint = wuxi1
+acl = private
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
This will guide you through an interactive setup process. To authenticate you will either need your Account ID (a short hex number) and Master Application Key (a long hex number) OR an Application Key, which is the recommended method. See below for further details on generating and using an Application Key.
+
This will guide you through an interactive setup process.
No remotes found, make a new one?
n) New remote
-q) Quit config
-n/q> n
-name> remote
+s) Set configuration password
+n/s> n
+name> Liara
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / Backblaze B2
- \ "b2"
+XX / Amazon S3 (also Dreamhost, Ceph, ChinaMobile, ArvanCloud, Liara, Minio)
+ \ "s3"
[snip]
-Storage> b2
-Account ID or Application Key ID
-account> 123456789abc
-Application Key
-key> 0123456789abcdef0123456789abcdef0123456789
-Endpoint for the service - leave blank normally.
-endpoint>
+Storage> s3
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars). Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+env_auth> 1
+AWS Access Key ID - leave blank for anonymous access or runtime credentials.
+access_key_id> YOURACCESSKEY
+AWS Secret Access Key (password) - leave blank for anonymous access or runtime credentials.
+secret_access_key> YOURSECRETACCESSKEY
+Region to connect to.
+Choose a number from below, or type in your own value
+ / The default endpoint
+ 1 | US Region, Northern Virginia, or Pacific Northwest.
+ | Leave location constraint empty.
+ \ "us-east-1"
+[snip]
+region>
+Endpoint for S3 API.
+Leave blank if using Liara to use the default endpoint for the region.
+Specify if using an S3 clone such as Ceph.
+endpoint> storage.iran.liara.space
+Canned ACL used when creating buckets and/or storing objects in S3.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Choose a number from below, or type in your own value
+ 1 / Owner gets FULL_CONTROL. No one else has access rights (default).
+ \ "private"
+[snip]
+acl>
+The server-side encryption algorithm used when storing this object in S3.
+Choose a number from below, or type in your own value
+ 1 / None
+ \ ""
+ 2 / AES256
+ \ "AES256"
+server_side_encryption>
+The storage class to use when storing objects in S3.
+Choose a number from below, or type in your own value
+ 1 / Default
+ \ ""
+ 2 / Standard storage class
+ \ "STANDARD"
+storage_class>
Remote config
--------------------
-[remote]
-account = 123456789abc
-key = 0123456789abcdef0123456789abcdef0123456789
-endpoint =
+[Liara]
+env_auth = false
+access_key_id = YOURACCESSKEY
+secret_access_key = YOURSECRETACCESSKEY
+endpoint = storage.iran.liara.space
+location_constraint =
+acl =
+server_side_encryption =
+storage_class =
--------------------
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y
-
This remote is called remote and can now be used like this
-
See all buckets
-
rclone lsd remote:
-
Create a new bucket
-
rclone mkdir remote:bucket
-
List the contents of a bucket
-
rclone ls remote:bucket
-
Sync /home/local/directory to the remote bucket, deleting any excess files in the bucket.
You can use these with rclone too; you will need to use rclone version 1.43 or later.
-
Follow Backblaze's docs to create an Application Key with the required permission and add the applicationKeyId as the account and the Application Key itself as the key.
-
Note that you must put the applicationKeyId as the account – you can't use the master Account ID. If you try then B2 will return 401 errors.
-
--fast-list
-
This remote supports --fast-list which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
-
Modified time
-
The modified time is stored as metadata on the object as X-Bz-Info-src_last_modified_millis as milliseconds since 1970-01-01 in the Backblaze standard. Other tools should be able to use this as a modified time.
-
Modified times are used in syncing and are fully supported. Note that if a modification time needs to be updated on an object then it will create a new version of the object.
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-
Note that in 2020-05 Backblaze started allowing characters in file names. Rclone hasn't changed its encoding as this could cause syncs to re-transfer files. If you want rclone not to replace then see the --b2-encoding flag below and remove the BackSlash from the string. This can be set in the config.
-
SHA1 checksums
-
The SHA1 checksums of the files are checked on upload and download and will be used in the syncing process.
-
Large files (bigger than the limit in --b2-upload-cutoff) which are uploaded in chunks will store their SHA1 on the object as X-Bz-Info-large_file_sha1 as recommended by Backblaze.
-
For a large file to be uploaded with an SHA1 checksum, the source needs to support SHA1 checksums. The local disk supports SHA1 checksums so large file transfers from local disk will have an SHA1. See the overview for exactly which remotes support SHA1.
-
Sources which don't support SHA1, in particular crypt will upload large files without SHA1 checksums. This may be fixed in the future (see #1767).
-
Files sizes below --b2-upload-cutoff will always have an SHA1 regardless of the source.
-
Transfers
-
Backblaze recommends that you do lots of transfers simultaneously for maximum speed. In tests from my SSD equipped laptop the optimum setting is about --transfers 32 though higher numbers may be used for a slight speed improvement. The optimum number for you may vary depending on your hardware, how big the files are, how much you want to load your computer, etc. The default of --transfers 4 is definitely too low for Backblaze B2 though.
-
Note that uploading big files (bigger than 200 MiB by default) will use a 96 MiB RAM buffer by default. There can be at most --transfers of these in use at any moment, so this sets the upper limit on the memory used.
-
Versions
-
When rclone uploads a new version of a file it creates a new version of it. Likewise when you delete a file, the old version will be marked hidden and still be available. Conversely, you may opt in to a "hard delete" of files with the --b2-hard-delete flag which would permanently remove the file instead of hiding it.
-
Old versions of files, where available, are visible using the --b2-versions flag.
-
If you wish to remove all the old versions then you can use the rclone cleanup remote:bucket command which will delete all the old versions of files, leaving the current ones intact. You can also supply a path and only old versions under that path will be deleted, e.g. rclone cleanup remote:bucket/path/to/stuff.
-
Note that cleanup will remove partially uploaded files from the bucket if they are more than a day old.
-
When you purge a bucket, the current and the old versions will be deleted then the bucket will be deleted.
-
However delete will cause the current versions of the files to become hidden old versions.
-
Here is a session showing the listing and retrieval of an old version followed by a cleanup of the old versions.
-
Show current version and all the versions with --b2-versions flag.
The b2_list_file_names request will be sent once for every 1k files in the remote path, providing the checksum and modification time of the listed files. As of version 1.33 issue #818 causes extra requests to be sent when using B2 with Crypt. When a copy operation does not require any files to be uploaded, no more requests will be sent.
-
Uploading files that do not require chunking, will send 2 requests per file upload:
Showing that the current version is unchanged but older versions can be seen. These have the UTC date that they were uploaded to the server to the nearest millisecond appended to them.
-
Note that when using --b2-versions no file write operations are permitted, so you can't upload files or delete them.
-
B2 and rclone link
-
Rclone supports generating file share links for private B2 buckets. They can either be for a file for example:
-
./rclone link B2:bucket/path/to/file.txt
-https://f002.backblazeb2.com/file/bucket/path/to/file.txt?Authorization=xxxxxxxx
-
-
or if run on a directory you will get:
-
./rclone link B2:bucket/path
-https://f002.backblazeb2.com/file/bucket/path?Authorization=xxxxxxxx
-
you can then use the authorization token (the part of the url from the ?Authorization= on) on any file path under that directory. For example:
Here are the standard options specific to b2 (Backblaze B2).
-
--b2-account
-
Account ID or Application Key ID.
-
Properties:
-
-
Config: account
-
Env Var: RCLONE_B2_ACCOUNT
-
Type: string
-
Required: true
-
-
--b2-key
-
Application Key.
-
Properties:
-
-
Config: key
-
Env Var: RCLONE_B2_KEY
-
Type: string
-
Required: true
-
-
--b2-hard-delete
-
Permanently delete files on remote removal, otherwise hide files.
-
Properties:
-
-
Config: hard_delete
-
Env Var: RCLONE_B2_HARD_DELETE
-
Type: bool
-
Default: false
-
-
Advanced options
-
Here are the advanced options specific to b2 (Backblaze B2).
-
--b2-endpoint
-
Endpoint for the service.
-
Leave blank normally.
-
Properties:
-
-
Config: endpoint
-
Env Var: RCLONE_B2_ENDPOINT
-
Type: string
-
Required: false
-
-
--b2-test-mode
-
A flag string for X-Bz-Test-Mode header for debugging.
-
This is for debugging purposes only. Setting it to one of the strings below will cause b2 to return specific errors:
-
-
"fail_some_uploads"
-
"expire_some_account_authorization_tokens"
-
"force_cap_exceeded"
-
-
These will be set in the "X-Bz-Test-Mode" header which is documented in the b2 integrations checklist.
-
Properties:
-
-
Config: test_mode
-
Env Var: RCLONE_B2_TEST_MODE
-
Type: string
-
Required: false
-
-
--b2-versions
-
Include old versions in directory listings.
-
Note that when using this no file write operations are permitted, so you can't upload files or delete them.
-
Properties:
-
-
Config: versions
-
Env Var: RCLONE_B2_VERSIONS
-
Type: bool
-
Default: false
-
-
--b2-upload-cutoff
-
Cutoff for switching to chunked upload.
-
Files above this size will be uploaded in chunks of "--b2-chunk-size".
-
This value should be set no larger than 4.657 GiB (== 5 GB).
-
Properties:
-
-
Config: upload_cutoff
-
Env Var: RCLONE_B2_UPLOAD_CUTOFF
-
Type: SizeSuffix
-
Default: 200Mi
-
-
--b2-copy-cutoff
-
Cutoff for switching to multipart copy.
-
Any files larger than this that need to be server-side copied will be copied in chunks of this size.
-
The minimum is 0 and the maximum is 4.6 GiB.
-
Properties:
-
-
Config: copy_cutoff
-
Env Var: RCLONE_B2_COPY_CUTOFF
-
Type: SizeSuffix
-
Default: 4Gi
-
-
--b2-chunk-size
-
Upload chunk size.
-
When uploading large files, chunk the file into this size.
-
Must fit in memory. These chunks are buffered in memory and there might a maximum of "--transfers" chunks in progress at once.
-
5,000,000 Bytes is the minimum size.
-
Properties:
-
-
Config: chunk_size
-
Env Var: RCLONE_B2_CHUNK_SIZE
-
Type: SizeSuffix
-
Default: 96Mi
-
-
--b2-disable-checksum
-
Disable checksums for large (> upload cutoff) files.
-
Normally rclone will calculate the SHA1 checksum of the input before uploading it so it can add it to metadata on the object. This is great for data integrity checking but can cause long delays for large files to start uploading.
-
Properties:
-
-
Config: disable_checksum
-
Env Var: RCLONE_B2_DISABLE_CHECKSUM
-
Type: bool
-
Default: false
-
-
--b2-download-url
-
Custom endpoint for downloads.
-
This is usually set to a Cloudflare CDN URL as Backblaze offers free egress for data downloaded through the Cloudflare network. Rclone works with private buckets by sending an "Authorization" header. If the custom endpoint rewrites the requests for authentication, e.g., in Cloudflare Workers, this header needs to be handled properly. Leave blank if you want to use the endpoint provided by Backblaze.
-
The URL provided here SHOULD have the protocol and SHOULD NOT have a trailing slash or specify the /file/bucket subpath as rclone will request files with "{download_url}/file/{bucket_name}/{path}".
-
Example: > https://mysubdomain.mydomain.tld (No trailing "/", "file" or "bucket")
-
Properties:
-
-
Config: download_url
-
Env Var: RCLONE_B2_DOWNLOAD_URL
-
Type: string
-
Required: false
-
-
--b2-download-auth-duration
-
Time before the authorization token will expire in s or suffix ms|s|m|h|d.
-
The duration before the download authorization token will expire. The minimum value is 1 second. The maximum value is one week.
-
Properties:
-
-
Config: download_auth_duration
-
Env Var: RCLONE_B2_DOWNLOAD_AUTH_DURATION
-
Type: Duration
-
Default: 1w
-
-
--b2-memory-pool-flush-time
-
How often internal memory buffer pools will be flushed. Uploads which requires additional buffers (f.e multipart) will use memory pool for allocations. This option controls how often unused buffers will be removed from the pool.
-
Properties:
-
-
Config: memory_pool_flush_time
-
Env Var: RCLONE_B2_MEMORY_POOL_FLUSH_TIME
-
Type: Duration
-
Default: 1m0s
-
-
--b2-memory-pool-use-mmap
-
Whether to use mmap buffers in internal memory pool.
rclone about is not supported by the B2 backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
Paths may be as deep as required, e.g. remote:directory/subdirectory.
-
The initial setup for Box involves getting a token from Box which you can do either in your browser, or with a config.json downloaded from Box to use JWT authentication. rclone config walks you through it.
-
Configuration
-
Here is an example of how to make a remote called remote. First run:
-
rclone config
-
This will guide you through an interactive setup process:
+
This will leave the config file looking like this.
ArvanCloud ArvanCloud Object Storage goes beyond the limited traditional file storage. It gives you access to backup and archived files and allows sharing. Files like profile image in the app, images sent by users or scanned documents can be stored securely and easily in our Object Storage service.
+
ArvanCloud provides an S3 interface which can be configured for use with rclone like this.
No remotes found, make a new one?
n) New remote
s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
+n/s> n
+name> ArvanCloud
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / Box
- \ "box"
+XX / Amazon S3 (also Dreamhost, Ceph, ChinaMobile, ArvanCloud, Liara, Minio)
+ \ "s3"
[snip]
-Storage> box
-Box App Client Id - leave blank normally.
-client_id>
-Box App Client Secret - leave blank normally.
-client_secret>
-Box App config.json location
-Leave blank normally.
-Enter a string value. Press Enter for the default ("").
-box_config_file>
-Box App Primary Access Token
-Leave blank normally.
-Enter a string value. Press Enter for the default ("").
-access_token>
-
-Enter a string value. Press Enter for the default ("user").
+Storage> s3
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars). Only applies if access_key_id and secret_access_key is blank.
Choose a number from below, or type in your own value
- 1 / Rclone should act on behalf of a user
- \ "user"
- 2 / Rclone should act on behalf of a service account
- \ "enterprise"
-box_sub_type>
-Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
---------------------
-[remote]
-client_id =
-client_secret =
-token = {"access_token":"XXX","token_type":"bearer","refresh_token":"XXX","expiry":"XXX"}
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-
See the remote setup docs for how to set it up on a machine with no Internet browser available.
-
Note that rclone runs a webserver on your local machine to collect the token as returned from Box. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this it may require you to unblock it temporarily if you are running a host firewall.
-
Once configured you can then use rclone like this,
-
List directories in top level of your Box
-
rclone lsd remote:
-
List all the files in your Box
-
rclone ls remote:
-
To copy a local directory to an Box directory called backup
-
rclone copy /home/source remote:backup
-
Using rclone with an Enterprise account with SSO
-
If you have an "Enterprise" account type with Box with single sign on (SSO), you need to create a password to use Box with rclone. This can be done at your Enterprise Box account by going to Settings, "Account" Tab, and then set the password in the "Authentication" field.
-
Once you have done this, you can setup your Enterprise Box account using the same procedure detailed above in the, using the password you have just set.
Each refresh_token is valid for one use in 60 days.
-
-
This means that if you
-
-
Don't use the box remote for 60 days
-
Copy the config file with a box refresh token in and use it in two places
-
Get an error on a token refresh
-
-
then rclone will return an error which includes the text Invalid refresh token.
-
To fix this you will need to use oauth2 again to update the refresh token. You can use the methods in the remote setup docs, bearing in mind that if you use the copy the config file method, you should not use that remote on the computer you did the authentication on.
-
Here is how to do it.
-
$ rclone config
-Current remotes:
-
-Name Type
-==== ====
-remote box
-
-e) Edit existing remote
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+env_auth> 1
+AWS Access Key ID - leave blank for anonymous access or runtime credentials.
+access_key_id> YOURACCESSKEY
+AWS Secret Access Key (password) - leave blank for anonymous access or runtime credentials.
+secret_access_key> YOURSECRETACCESSKEY
+Region to connect to.
+Choose a number from below, or type in your own value
+ / The default endpoint - a good choice if you are unsure.
+ 1 | US Region, Northern Virginia, or Pacific Northwest.
+ | Leave location constraint empty.
+ \ "us-east-1"
+[snip]
+region>
+Endpoint for S3 API.
+Leave blank if using ArvanCloud to use the default endpoint for the region.
+Specify if using an S3 clone such as Ceph.
+endpoint> s3.arvanstorage.com
+Location constraint - must be set to match the Region. Used when creating buckets only.
+Choose a number from below, or type in your own value
+ 1 / Empty for Iran-Tehran Region.
+ \ ""
+[snip]
+location_constraint>
+Canned ACL used when creating buckets and/or storing objects in S3.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Choose a number from below, or type in your own value
+ 1 / Owner gets FULL_CONTROL. No one else has access rights (default).
+ \ "private"
+[snip]
+acl>
+The server-side encryption algorithm used when storing this object in S3.
+Choose a number from below, or type in your own value
+ 1 / None
+ \ ""
+ 2 / AES256
+ \ "AES256"
+server_side_encryption>
+The storage class to use when storing objects in S3.
+Choose a number from below, or type in your own value
+ 1 / Default
+ \ ""
+ 2 / Standard storage class
+ \ "STANDARD"
+storage_class>
+Remote config
+--------------------
+[ArvanCloud]
+env_auth = false
+access_key_id = YOURACCESSKEY
+secret_access_key = YOURSECRETACCESSKEY
+region = ir-thr-at1
+endpoint = s3.arvanstorage.com
+location_constraint =
+acl =
+server_side_encryption =
+storage_class =
+--------------------
+y) Yes this is OK
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
This will leave the config file looking like this.
Tencent Cloud Object Storage (COS) is a distributed storage service offered by Tencent Cloud for unstructured data. It is secure, stable, massive, convenient, low-delay and low-cost.
+
To configure access to Tencent COS, follow the steps below:
+
+
Run rclone config and select n for a new remote.
+
+
rclone config
+No remotes found, make a new one?
n) New remote
-d) Delete remote
-r) Rename remote
-c) Copy remote
s) Set configuration password
q) Quit config
-e/n/d/r/c/s/q> e
-Choose a number from below, or type in an existing value
- 1 > remote
-remote> remote
---------------------
-[remote]
-type = box
-token = {"access_token":"XXX","token_type":"bearer","refresh_token":"XXX","expiry":"2017-07-08T23:40:08.059167677+01:00"}
---------------------
-Edit remote
-Value "client_id" = ""
-Edit? (y/n)>
-y) Yes
-n) No
-y/n> n
-Value "client_secret" = ""
-Edit? (y/n)>
+n/s/q> n
+
+
Give the name of the configuration. For example, name it 'cos'.
+
+
name> cos
+
+
Select s3 storage.
+
+
Choose a number from below, or type in your own value
+1 / 1Fichier
+ \ "fichier"
+ 2 / Alias for an existing remote
+ \ "alias"
+ 3 / Amazon Drive
+ \ "amazon cloud drive"
+ 4 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Liara, Minio, and Tencent COS
+ \ "s3"
+[snip]
+Storage> s3
+
+
Select TencentCOS provider.
+
+
Choose a number from below, or type in your own value
+1 / Amazon Web Services (AWS) S3
+ \ "AWS"
+[snip]
+11 / Tencent Cloud Object Storage (COS)
+ \ "TencentCOS"
+[snip]
+provider> TencentCOS
+
+
Enter your SecretId and SecretKey of Tencent Cloud.
+
+
Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Enter a boolean value (true or false). Press Enter for the default ("false").
+Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+env_auth> 1
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a string value. Press Enter for the default ("").
+access_key_id> AKIDxxxxxxxxxx
+AWS Secret Access Key (password)
+Leave blank for anonymous access or runtime credentials.
+Enter a string value. Press Enter for the default ("").
+secret_access_key> xxxxxxxxxxx
+
+
Select endpoint for Tencent COS. This is the standard endpoint for different region.
Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 1 / Owner gets Full_CONTROL. No one else has access rights (default).
+ \ "default"
+[snip]
+acl> 1
+The storage class to use when storing new objects in Tencent COS.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 1 / Default
+ \ ""
+[snip]
+storage_class> 1
+Edit advanced config? (y/n)
y) Yes
-n) No
+n) No (default)
y/n> n
Remote config
-Already have a token - refresh?
-y) Yes
-n) No
-y/n> y
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
--------------------
-[remote]
-type = box
-token = {"access_token":"YYY","token_type":"bearer","refresh_token":"YYY","expiry":"2017-07-23T12:22:29.259137901+01:00"}
+[cos]
+type = s3
+provider = TencentCOS
+env_auth = false
+access_key_id = xxx
+secret_access_key = xxx
+endpoint = cos.ap-guangzhou.myqcloud.com
+acl = default
--------------------
-y) Yes this is OK
+y) Yes this is OK (default)
e) Edit this remote
d) Delete this remote
-y/e/d> y
-
Modified time and hashes
-
Box allows modification times to be set on objects accurate to 1 second. These will be used to detect whether objects need syncing or not.
-
Box supports SHA1 type hashes, so you can use the --checksum flag.
File names can also not end with the following characters. These only get replaced if they are the last character in the name:
-
-
-
-
Character
-
Value
-
Replacement
-
-
-
-
-
SP
-
0x20
-
␠
-
-
-
-
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-
Transfers
-
For files above 50 MiB rclone will use a chunked transfer. Rclone will upload up to --transfers chunks at the same time (shared among all the multipart uploads). Chunks are buffered in memory and are normally 8 MiB so increasing --transfers will increase memory use.
-
Deleting files
-
Depending on the enterprise settings for your user, the item will either be actually deleted from Box or moved to the trash.
-
Emptying the trash is supported via the rclone however cleanup command however this deletes every trashed file and folder individually so it may take a very long time. Emptying the trash via the WebUI does not have this limitation so it is advised to empty the trash via the WebUI.
-
Root folder ID
-
You can set the root_folder_id for rclone. This is the directory (identified by its Folder ID) that rclone considers to be the root of your Box drive.
-
Normally you will leave this blank and rclone will determine the correct root to use itself.
-
However you can set this to restrict rclone to a specific folder hierarchy.
-
In order to do this you will have to find the Folder ID of the directory you wish rclone to display. This will be the last segment of the URL when you open the relevant folder in the Box web interface.
-
So if the folder you want rclone to use has a URL which looks like https://app.box.com/folder/11xxxxxxxxx8 in the browser, then you use 11xxxxxxxxx8 as the root_folder_id in the config.
-
Standard options
-
Here are the standard options specific to box (Box).
-
--box-client-id
-
OAuth Client Id.
-
Leave blank normally.
-
Properties:
-
-
Config: client_id
-
Env Var: RCLONE_BOX_CLIENT_ID
-
Type: string
-
Required: false
-
-
--box-client-secret
-
OAuth Client Secret.
-
Leave blank normally.
-
Properties:
-
-
Config: client_secret
-
Env Var: RCLONE_BOX_CLIENT_SECRET
-
Type: string
-
Required: false
-
-
--box-box-config-file
-
Box App config.json location
-
Leave blank normally.
-
Leading ~ will be expanded in the file name as will environment variables such as ${RCLONE_CONFIG_DIR}.
-
Properties:
-
-
Config: box_config_file
-
Env Var: RCLONE_BOX_BOX_CONFIG_FILE
-
Type: string
-
Required: false
-
-
--box-access-token
-
Box App Primary Access Token
-
Leave blank normally.
-
Properties:
+y/e/d> y
+Current remotes:
+
+Name Type
+==== ====
+cos s3
+
Netease NOS
+
For Netease NOS configure as per the configurator rclone config setting the provider Netease. This will automatically set force_path_style = false which is necessary for it to run properly.
+
Storj
+
Storj is a decentralized cloud storage which can be used through its native protocol or an S3 compatible gateway.
+
The S3 compatible gateway is configured using rclone config with a type of s3 and with a provider name of Storj. Here is an example run of the configurator.
+
Type of storage to configure.
+Storage> s3
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth> 1
+Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> XXXX (as shown when creating the access grant)
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> XXXX (as shown when creating the access grant)
+Option endpoint.
+Endpoint of the Shared Gateway.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / EU1 Shared Gateway
+ \ (gateway.eu1.storjshare.io)
+ 2 / US1 Shared Gateway
+ \ (gateway.us1.storjshare.io)
+ 3 / Asia-Pacific Shared Gateway
+ \ (gateway.ap1.storjshare.io)
+endpoint> 1 (as shown when creating the access grant)
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> n
--chunk-size is forced to be 64 MiB or greater. This will use more memory than the default of 5 MiB.
+
Server side copy is disabled as it isn't currently supported in the gateway.
+
GetTier and SetTier are not supported.
-
--box-box-sub-type
-
Properties:
-
-
Config: box_sub_type
-
Env Var: RCLONE_BOX_BOX_SUB_TYPE
-
Type: string
-
Default: "user"
-
Examples:
+
Backend bugs
+
Due to issue #39 uploading multipart files via the S3 gateway causes them to lose their metadata. For rclone's purpose this means that the modification time is not stored, nor is any MD5SUM (if one is available from the source).
+
This has the following consequences:
-
"user"
+
Using rclone rcat will fail as the medatada doesn't match after upload
+
Uploading files with rclone mount will fail for the same reason
-
Rclone should act on behalf of a user.
+
This can worked around by using --vfs-cache-mode writes or --vfs-cache-mode full or setting --s3-upload-cutoff large
-
"enterprise"
+
Files uploaded via a multipart upload won't have their modtimes
-
Rclone should act on behalf of a service account.
-
+
This will mean that rclone sync will likely keep trying to upload files bigger than --s3-upload-cutoff
+
This can be worked around with --checksum or --size-only or setting --s3-upload-cutoff large
+
The maximum value for --s3-upload-cutoff is 5GiB though
-
Advanced options
-
Here are the advanced options specific to box (Box).
-
--box-token
-
OAuth Access Token as a JSON blob.
-
Properties:
-
-
Config: token
-
Env Var: RCLONE_BOX_TOKEN
-
Type: string
-
Required: false
-
-
--box-auth-url
-
Auth server URL.
-
Leave blank to use the provider defaults.
-
Properties:
-
-
Config: auth_url
-
Env Var: RCLONE_BOX_AUTH_URL
-
Type: string
-
Required: false
-
-
--box-token-url
-
Token server url.
-
Leave blank to use the provider defaults.
-
Properties:
-
-
Config: token_url
-
Env Var: RCLONE_BOX_TOKEN_URL
-
Type: string
-
Required: false
-
-
--box-root-folder-id
-
Fill in for rclone to use a non root folder as its starting point.
-
Properties:
-
-
Config: root_folder_id
-
Env Var: RCLONE_BOX_ROOT_FOLDER_ID
-
Type: string
-
Default: "0"
-
-
--box-upload-cutoff
-
Cutoff for switching to multipart upload (>= 50 MiB).
-
Properties:
-
-
Config: upload_cutoff
-
Env Var: RCLONE_BOX_UPLOAD_CUTOFF
-
Type: SizeSuffix
-
Default: 50Mi
-
-
--box-commit-retries
-
Max number of times to try committing a multipart file.
-
Properties:
-
-
Config: commit_retries
-
Env Var: RCLONE_BOX_COMMIT_RETRIES
-
Type: int
-
Default: 100
-
-
--box-list-chunk
-
Size of listing chunk 1-1000.
-
Properties:
-
-
Config: list_chunk
-
Env Var: RCLONE_BOX_LIST_CHUNK
-
Type: int
-
Default: 1000
-
-
--box-owned-by
-
Only show items owned by the login (email address) passed in.
Note that Box is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
-
Box file names can't have the \ character in. rclone maps this to and from an identical looking unicode equivalent \ (U+FF3C Fullwidth Reverse Solidus).
-
Box only supports filenames up to 255 characters in length.
-
rclone about is not supported by the Box backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
The cache remote wraps another existing remote and stores file structure and its data for long running tasks like rclone mount.
-
Status
-
The cache backend code is working but it currently doesn't have a maintainer so there are outstanding bugs which aren't getting fixed.
-
The cache backend is due to be phased out in favour of the VFS caching layer eventually which is more tightly integrated into rclone.
-
Until this happens we recommend only using the cache backend if you find you can't work without it. There are many docs online describing the use of the cache backend to minimize API hits and by-and-large these are out of date and the cache backend isn't needed in those scenarios any more.
-
Configuration
-
To get started you just need to have an existing remote which can be configured with cache.
-
Here is an example of how to make a remote called test-cache. First run:
-
rclone config
-
This will guide you through an interactive setup process:
+
One general purpose workaround is to set --s3-upload-cutoff 5G. This means that rclone will upload files smaller than 5GiB as single parts. Note that this can be set in the config file with upload_cutoff = 5G or configured in the advanced settings. If you regularly transfer files larger than 5G then using --checksum or --size-only in rclone sync is the recommended workaround.
+
Comparison with the native protocol
+
Use the the native protocol to take advantage of client-side encryption as well as to achieve the best possible download performance. Uploads will be erasure-coded locally, thus a 1gb upload will result in 2.68gb of data being uploaded to storage nodes across the network.
+
Use this backend and the S3 compatible Hosted Gateway to increase upload performance and reduce the load on your systems and network. Uploads will be encrypted and erasure-coded server-side, thus a 1GB upload will result in only in 1GB of data being uploaded to storage nodes across the network.
+
For more detailed comparison please check the documentation of the storj backend.
+
Limitations
+
rclone about is not supported by the S3 backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
Paths are specified as remote:bucket (or remote: for the lsd command.) You may put subdirectories in too, e.g. remote:bucket/path/to/dir.
+
Configuration
+
Here is an example of making a b2 configuration. First run
+
rclone config
+
This will guide you through an interactive setup process. To authenticate you will either need your Account ID (a short hex number) and Master Application Key (a long hex number) OR an Application Key, which is the recommended method. See below for further details on generating and using an Application Key.
No remotes found, make a new one?
n) New remote
-r) Rename remote
-c) Copy remote
-s) Set configuration password
q) Quit config
-n/r/c/s/q> n
-name> test-cache
+n/q> n
+name> remote
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / Cache a remote
- \ "cache"
+XX / Backblaze B2
+ \ "b2"
[snip]
-Storage> cache
-Remote to cache.
-Normally should contain a ':' and a path, e.g. "myremote:path/to/dir",
-"myremote:bucket" or maybe "myremote:" (not recommended).
-remote> local:/test
-Optional: The URL of the Plex server
-plex_url> http://127.0.0.1:32400
-Optional: The username of the Plex user
-plex_username> dummyusername
-Optional: The password of the Plex user
-y) Yes type in my own password
-g) Generate random password
-n) No leave this optional password blank
-y/g/n> y
-Enter the password:
-password:
-Confirm the password:
-password:
-The size of a chunk. Lower value good for slow connections but can affect seamless reading.
-Default: 5M
-Choose a number from below, or type in your own value
- 1 / 1 MiB
- \ "1M"
- 2 / 5 MiB
- \ "5M"
- 3 / 10 MiB
- \ "10M"
-chunk_size> 2
-How much time should object info (file size, file hashes, etc.) be stored in cache. Use a very high value if you don't plan on changing the source FS from outside the cache.
-Accepted units are: "s", "m", "h".
-Default: 5m
-Choose a number from below, or type in your own value
- 1 / 1 hour
- \ "1h"
- 2 / 24 hours
- \ "24h"
- 3 / 24 hours
- \ "48h"
-info_age> 2
-The maximum size of stored chunks. When the storage grows beyond this size, the oldest chunks will be deleted.
-Default: 10G
-Choose a number from below, or type in your own value
- 1 / 500 MiB
- \ "500M"
- 2 / 1 GiB
- \ "1G"
- 3 / 10 GiB
- \ "10G"
-chunk_total_size> 3
+Storage> b2
+Account ID or Application Key ID
+account> 123456789abc
+Application Key
+key> 0123456789abcdef0123456789abcdef0123456789
+Endpoint for the service - leave blank normally.
+endpoint>
Remote config
--------------------
-[test-cache]
-remote = local:/test
-plex_url = http://127.0.0.1:32400
-plex_username = dummyusername
-plex_password = *** ENCRYPTED ***
-chunk_size = 5M
-info_age = 48h
-chunk_total_size = 10G
-
You can then use it like this,
-
List directories in top level of your drive
-
rclone lsd test-cache:
-
List all the files in your drive
-
rclone ls test-cache:
-
To start a cached mount
-
rclone mount --allow-other test-cache: /var/tmp/test-cache
-
Write Features
-
Offline uploading
-
In an effort to make writing through cache more reliable, the backend now supports this feature which can be activated by specifying a cache-tmp-upload-path.
-
A files goes through these states when using this feature:
-
-
An upload is started (usually by copying a file on the cache remote)
-
When the copy to the temporary location is complete the file is part of the cached remote and looks and behaves like any other file (reading included)
-
After cache-tmp-wait-time passes and the file is next in line, rclone move is used to move the file to the cloud provider
-
Reading the file still works during the upload but most modifications on it will be prohibited
-
Once the move is complete the file is unlocked for modifications as it becomes as any other regular file
-
If the file is being read through cache when it's actually deleted from the temporary path then cache will simply swap the source to the cloud provider without interrupting the reading (small blip can happen though)
-
-
Files are uploaded in sequence and only one file is uploaded at a time. Uploads will be stored in a queue and be processed based on the order they were added. The queue and the temporary storage is persistent across restarts but can be cleared on startup with the --cache-db-purge flag.
-
Write Support
-
Writes are supported through cache. One caveat is that a mounted cache remote does not add any retry or fallback mechanism to the upload operation. This will depend on the implementation of the wrapped remote. Consider using Offline uploading for reliable writes.
-
One special case is covered with cache-writes which will cache the file data at the same time as the upload when it is enabled making it available from the cache store immediately once the upload is finished.
-
Read Features
-
Multiple connections
-
To counter the high latency between a local PC where rclone is running and cloud providers, the cache remote can split multiple requests to the cloud provider for smaller file chunks and combines them together locally where they can be available almost immediately before the reader usually needs them.
-
This is similar to buffering when media files are played online. Rclone will stay around the current marker but always try its best to stay ahead and prepare the data before.
-
Plex Integration
-
There is a direct integration with Plex which allows cache to detect during reading if the file is in playback or not. This helps cache to adapt how it queries the cloud provider depending on what is needed for.
-
Scans will have a minimum amount of workers (1) while in a confirmed playback cache will deploy the configured number of workers.
-
This integration opens the doorway to additional performance improvements which will be explored in the near future.
-
Note: If Plex options are not configured, cache will function with its configured options without adapting any of its settings.
-
How to enable? Run rclone config and add all the Plex options (endpoint, username and password) in your remote and it will be automatically enabled.
-
Affected settings: - cache-workers: Configured value during confirmed playback or 1 all the other times
-
Certificate Validation
-
When the Plex server is configured to only accept secure connections, it is possible to use .plex.direct URLs to ensure certificate validation succeeds. These URLs are used by Plex internally to connect to the Plex server securely.
This page will list all the available Plex servers for your account with at least one .plex.direct link for each. Copy one URL and replace the IP address with the desired address. This can be used as the plex_url value.
-
Known issues
-
Mount and --dir-cache-time
-
--dir-cache-time controls the first layer of directory caching which works at the mount layer. Being an independent caching mechanism from the cache backend, it will manage its own entries based on the configured time.
-
To avoid getting in a scenario where dir cache has obsolete data and cache would have the correct one, try to set --dir-cache-time to a lower time than --cache-info-age. Default values are already configured in this way.
-
Windows support - Experimental
-
There are a couple of issues with Windows mount functionality that still require some investigations. It should be considered as experimental thus far as fixes come in for this OS.
-
Most of the issues seem to be related to the difference between filesystems on Linux flavors and Windows as cache is heavily dependent on them.
-
Any reports or feedback on how cache behaves on this OS is greatly appreciated.
+[remote]
+account = 123456789abc
+key = 0123456789abcdef0123456789abcdef0123456789
+endpoint =
+--------------------
+y) Yes this is OK
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
This remote is called remote and can now be used like this
+
See all buckets
+
rclone lsd remote:
+
Create a new bucket
+
rclone mkdir remote:bucket
+
List the contents of a bucket
+
rclone ls remote:bucket
+
Sync /home/local/directory to the remote bucket, deleting any excess files in the bucket.
You can use these with rclone too; you will need to use rclone version 1.43 or later.
+
Follow Backblaze's docs to create an Application Key with the required permission and add the applicationKeyId as the account and the Application Key itself as the key.
+
Note that you must put the applicationKeyId as the account – you can't use the master Account ID. If you try then B2 will return 401 errors.
+
--fast-list
+
This remote supports --fast-list which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
+
Modified time
+
The modified time is stored as metadata on the object as X-Bz-Info-src_last_modified_millis as milliseconds since 1970-01-01 in the Backblaze standard. Other tools should be able to use this as a modified time.
+
Modified times are used in syncing and are fully supported. Note that if a modification time needs to be updated on an object then it will create a new version of the object.
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
+
Note that in 2020-05 Backblaze started allowing characters in file names. Rclone hasn't changed its encoding as this could cause syncs to re-transfer files. If you want rclone not to replace then see the --b2-encoding flag below and remove the BackSlash from the string. This can be set in the config.
+
SHA1 checksums
+
The SHA1 checksums of the files are checked on upload and download and will be used in the syncing process.
+
Large files (bigger than the limit in --b2-upload-cutoff) which are uploaded in chunks will store their SHA1 on the object as X-Bz-Info-large_file_sha1 as recommended by Backblaze.
+
For a large file to be uploaded with an SHA1 checksum, the source needs to support SHA1 checksums. The local disk supports SHA1 checksums so large file transfers from local disk will have an SHA1. See the overview for exactly which remotes support SHA1.
+
Sources which don't support SHA1, in particular crypt will upload large files without SHA1 checksums. This may be fixed in the future (see #1767).
+
Files sizes below --b2-upload-cutoff will always have an SHA1 regardless of the source.
+
Transfers
+
Backblaze recommends that you do lots of transfers simultaneously for maximum speed. In tests from my SSD equipped laptop the optimum setting is about --transfers 32 though higher numbers may be used for a slight speed improvement. The optimum number for you may vary depending on your hardware, how big the files are, how much you want to load your computer, etc. The default of --transfers 4 is definitely too low for Backblaze B2 though.
+
Note that uploading big files (bigger than 200 MiB by default) will use a 96 MiB RAM buffer by default. There can be at most --transfers of these in use at any moment, so this sets the upper limit on the memory used.
+
Versions
+
When rclone uploads a new version of a file it creates a new version of it. Likewise when you delete a file, the old version will be marked hidden and still be available. Conversely, you may opt in to a "hard delete" of files with the --b2-hard-delete flag which would permanently remove the file instead of hiding it.
+
Old versions of files, where available, are visible using the --b2-versions flag.
+
It is also possible to view a bucket as it was at a certain point in time, using the --b2-version-at flag. This will show the file versions as they were at that time, showing files that have been deleted afterwards, and hiding files that were created since.
+
If you wish to remove all the old versions then you can use the rclone cleanup remote:bucket command which will delete all the old versions of files, leaving the current ones intact. You can also supply a path and only old versions under that path will be deleted, e.g. rclone cleanup remote:bucket/path/to/stuff.
+
Note that cleanup will remove partially uploaded files from the bucket if they are more than a day old.
+
When you purge a bucket, the current and the old versions will be deleted then the bucket will be deleted.
+
However delete will cause the current versions of the files to become hidden old versions.
+
Here is a session showing the listing and retrieval of an old version followed by a cleanup of the old versions.
+
Show current version and all the versions with --b2-versions flag.
The b2_list_file_names request will be sent once for every 1k files in the remote path, providing the checksum and modification time of the listed files. As of version 1.33 issue #818 causes extra requests to be sent when using B2 with Crypt. When a copy operation does not require any files to be uploaded, no more requests will be sent.
+
Uploading files that do not require chunking, will send 2 requests per file upload:
Showing that the current version is unchanged but older versions can be seen. These have the UTC date that they were uploaded to the server to the nearest millisecond appended to them.
+
Note that when using --b2-versions no file write operations are permitted, so you can't upload files or delete them.
+
B2 and rclone link
+
Rclone supports generating file share links for private B2 buckets. They can either be for a file for example:
+
./rclone link B2:bucket/path/to/file.txt
+https://f002.backblazeb2.com/file/bucket/path/to/file.txt?Authorization=xxxxxxxx
+
+
or if run on a directory you will get:
+
./rclone link B2:bucket/path
+https://f002.backblazeb2.com/file/bucket/path?Authorization=xxxxxxxx
+
you can then use the authorization token (the part of the url from the ?Authorization= on) on any file path under that directory. For example:
Here are the Standard options specific to b2 (Backblaze B2).
+
--b2-account
+
Account ID or Application Key ID.
+
Properties:
-
https://github.com/rclone/rclone/issues/1935
-
https://github.com/rclone/rclone/issues/1907
-
https://github.com/rclone/rclone/issues/1834
+
Config: account
+
Env Var: RCLONE_B2_ACCOUNT
+
Type: string
+
Required: true
-
Risk of throttling
-
Future iterations of the cache backend will make use of the pooling functionality of the cloud provider to synchronize and at the same time make writing through it more tolerant to failures.
-
There are a couple of enhancements in track to add these but in the meantime there is a valid concern that the expiring cache listings can lead to cloud provider throttles or bans due to repeated queries on it for very large mounts.
-
Some recommendations: - don't use a very small interval for entry information (--cache-info-age) - while writes aren't yet optimised, you can still write through cache which gives you the advantage of adding the file in the cache at the same time if configured to do so.
-
Future enhancements:
-
-
https://github.com/rclone/rclone/issues/1937
-
https://github.com/rclone/rclone/issues/1936
-
-
cache and crypt
-
One common scenario is to keep your data encrypted in the cloud provider using the crypt remote. crypt uses a similar technique to wrap around an existing remote and handles this translation in a seamless way.
-
There is an issue with wrapping the remotes in this order: cloud remote -> crypt -> cache
-
During testing, I experienced a lot of bans with the remotes in this order. I suspect it might be related to how crypt opens files on the cloud provider which makes it think we're downloading the full file instead of small chunks. Organizing the remotes in this order yields better results: cloud remote -> cache -> crypt
-
absolute remote paths
-
cache can not differentiate between relative and absolute paths for the wrapped remote. Any path given in the remote config setting and on the command line will be passed to the wrapped remote as is, but for storing the chunks on disk the path will be made relative by removing any leading / character.
-
This behavior is irrelevant for most backend types, but there are backends where a leading / changes the effective directory, e.g. in the sftp backend paths starting with a / are relative to the root of the SSH server and paths without are relative to the user home directory. As a result sftp:bin and sftp:/bin will share the same cache folder, even if they represent a different directory on the SSH server.
-
Cache and Remote Control (--rc)
-
Cache supports the new --rc mode in rclone and can be remote controlled through the following end points: By default, the listener is disabled if you do not add the flag.
-
rc cache/expire
-
Purge a remote from the cache backend. Supports either a directory or a file. It supports both encrypted and unencrypted file names if cache is wrapped by crypt.
-
Params: - remote = path to remote (required) - withData = true/false to delete cached data (chunks) as well (optional, false by default)
-
Standard options
-
Here are the standard options specific to cache (Cache a remote).
-
--cache-remote
-
Remote to cache.
-
Normally should contain a ':' and a path, e.g. "myremote:path/to/dir", "myremote:bucket" or maybe "myremote:" (not recommended).
+
--b2-key
+
Application Key.
Properties:
-
Config: remote
-
Env Var: RCLONE_CACHE_REMOTE
+
Config: key
+
Env Var: RCLONE_B2_KEY
Type: string
Required: true
-
--cache-plex-url
-
The URL of the Plex server.
+
--b2-hard-delete
+
Permanently delete files on remote removal, otherwise hide files.
Properties:
-
Config: plex_url
-
Env Var: RCLONE_CACHE_PLEX_URL
-
Type: string
-
Required: false
+
Config: hard_delete
+
Env Var: RCLONE_B2_HARD_DELETE
+
Type: bool
+
Default: false
-
--cache-plex-username
-
The username of the Plex user.
+
Advanced options
+
Here are the Advanced options specific to b2 (Backblaze B2).
A flag string for X-Bz-Test-Mode header for debugging.
+
This is for debugging purposes only. Setting it to one of the strings below will cause b2 to return specific errors:
+
+
"fail_some_uploads"
+
"expire_some_account_authorization_tokens"
+
"force_cap_exceeded"
+
+
These will be set in the "X-Bz-Test-Mode" header which is documented in the b2 integrations checklist.
Properties:
-
Config: plex_password
-
Env Var: RCLONE_CACHE_PLEX_PASSWORD
+
Config: test_mode
+
Env Var: RCLONE_B2_TEST_MODE
Type: string
Required: false
-
--cache-chunk-size
-
The size of a chunk (partial file data).
-
Use lower numbers for slower connections. If the chunk size is changed, any downloaded chunks will be invalid and cache-chunk-path will need to be cleared or unexpected EOF errors will occur.
+
--b2-versions
+
Include old versions in directory listings.
+
Note that when using this no file write operations are permitted, so you can't upload files or delete them.
Properties:
-
Config: chunk_size
-
Env Var: RCLONE_CACHE_CHUNK_SIZE
-
Type: SizeSuffix
-
Default: 5Mi
-
Examples:
-
-
"1M"
-
-
1 MiB
-
-
"5M"
-
-
5 MiB
-
-
"10M"
-
-
10 MiB
-
-
+
Config: versions
+
Env Var: RCLONE_B2_VERSIONS
+
Type: bool
+
Default: false
-
--cache-info-age
-
How long to cache file structure information (directory listings, file size, times, etc.). If all write operations are done through the cache then you can safely make this value very large as the cache store will also be updated in real time.
+
--b2-version-at
+
Show file versions as they were at the specified time.
+
Note that when using this no file write operations are permitted, so you can't upload files or delete them.
Properties:
-
Config: info_age
-
Env Var: RCLONE_CACHE_INFO_AGE
-
Type: Duration
-
Default: 6h0m0s
-
Examples:
-
-
"1h"
-
-
1 hour
-
-
"24h"
-
-
24 hours
-
-
"48h"
-
-
48 hours
-
-
+
Config: version_at
+
Env Var: RCLONE_B2_VERSION_AT
+
Type: Time
+
Default: off
-
--cache-chunk-total-size
-
The total size that the chunks can take up on the local disk.
-
If the cache exceeds this value then it will start to delete the oldest chunks until it goes under this value.
+
--b2-upload-cutoff
+
Cutoff for switching to chunked upload.
+
Files above this size will be uploaded in chunks of "--b2-chunk-size".
+
This value should be set no larger than 4.657 GiB (== 5 GB).
Properties:
-
Config: chunk_total_size
-
Env Var: RCLONE_CACHE_CHUNK_TOTAL_SIZE
+
Config: upload_cutoff
+
Env Var: RCLONE_B2_UPLOAD_CUTOFF
Type: SizeSuffix
-
Default: 10Gi
-
Examples:
-
-
"500M"
-
-
500 MiB
-
-
"1G"
-
-
1 GiB
-
-
"10G"
-
-
10 GiB
-
-
+
Default: 200Mi
-
Advanced options
-
Here are the advanced options specific to cache (Cache a remote).
-
--cache-plex-token
-
The plex token for authentication - auto set normally.
+
--b2-copy-cutoff
+
Cutoff for switching to multipart copy.
+
Any files larger than this that need to be server-side copied will be copied in chunks of this size.
+
The minimum is 0 and the maximum is 4.6 GiB.
Properties:
-
Config: plex_token
-
Env Var: RCLONE_CACHE_PLEX_TOKEN
-
Type: string
-
Required: false
+
Config: copy_cutoff
+
Env Var: RCLONE_B2_COPY_CUTOFF
+
Type: SizeSuffix
+
Default: 4Gi
-
--cache-plex-insecure
-
Skip all certificate verification when connecting to the Plex server.
+
--b2-chunk-size
+
Upload chunk size.
+
When uploading large files, chunk the file into this size.
+
Must fit in memory. These chunks are buffered in memory and there might a maximum of "--transfers" chunks in progress at once.
+
5,000,000 Bytes is the minimum size.
Properties:
-
Config: plex_insecure
-
Env Var: RCLONE_CACHE_PLEX_INSECURE
-
Type: string
-
Required: false
+
Config: chunk_size
+
Env Var: RCLONE_B2_CHUNK_SIZE
+
Type: SizeSuffix
+
Default: 96Mi
-
--cache-db-path
-
Directory to store file structure metadata DB.
-
The remote name is used as the DB file name.
+
--b2-disable-checksum
+
Disable checksums for large (> upload cutoff) files.
+
Normally rclone will calculate the SHA1 checksum of the input before uploading it so it can add it to metadata on the object. This is great for data integrity checking but can cause long delays for large files to start uploading.
Properties:
-
Config: db_path
-
Env Var: RCLONE_CACHE_DB_PATH
-
Type: string
-
Default: "$HOME/.cache/rclone/cache-backend"
+
Config: disable_checksum
+
Env Var: RCLONE_B2_DISABLE_CHECKSUM
+
Type: bool
+
Default: false
-
--cache-chunk-path
-
Directory to cache chunk files.
-
Path to where partial file data (chunks) are stored locally. The remote name is appended to the final path.
-
This config follows the "--cache-db-path". If you specify a custom location for "--cache-db-path" and don't specify one for "--cache-chunk-path" then "--cache-chunk-path" will use the same path as "--cache-db-path".
+
--b2-download-url
+
Custom endpoint for downloads.
+
This is usually set to a Cloudflare CDN URL as Backblaze offers free egress for data downloaded through the Cloudflare network. Rclone works with private buckets by sending an "Authorization" header. If the custom endpoint rewrites the requests for authentication, e.g., in Cloudflare Workers, this header needs to be handled properly. Leave blank if you want to use the endpoint provided by Backblaze.
+
The URL provided here SHOULD have the protocol and SHOULD NOT have a trailing slash or specify the /file/bucket subpath as rclone will request files with "{download_url}/file/{bucket_name}/{path}".
+
Example: > https://mysubdomain.mydomain.tld (No trailing "/", "file" or "bucket")
Properties:
-
Config: chunk_path
-
Env Var: RCLONE_CACHE_CHUNK_PATH
+
Config: download_url
+
Env Var: RCLONE_B2_DOWNLOAD_URL
Type: string
-
Default: "$HOME/.cache/rclone/cache-backend"
+
Required: false
-
--cache-db-purge
-
Clear all the cached data for this remote on start.
+
--b2-download-auth-duration
+
Time before the authorization token will expire in s or suffix ms|s|m|h|d.
+
The duration before the download authorization token will expire. The minimum value is 1 second. The maximum value is one week.
Properties:
-
Config: db_purge
-
Env Var: RCLONE_CACHE_DB_PURGE
-
Type: bool
-
Default: false
+
Config: download_auth_duration
+
Env Var: RCLONE_B2_DOWNLOAD_AUTH_DURATION
+
Type: Duration
+
Default: 1w
-
--cache-chunk-clean-interval
-
How often should the cache perform cleanups of the chunk storage.
-
The default value should be ok for most people. If you find that the cache goes over "cache-chunk-total-size" too often then try to lower this value to force it to perform cleanups more often.
+
--b2-memory-pool-flush-time
+
How often internal memory buffer pools will be flushed. Uploads which requires additional buffers (f.e multipart) will use memory pool for allocations. This option controls how often unused buffers will be removed from the pool.
Properties:
-
Config: chunk_clean_interval
-
Env Var: RCLONE_CACHE_CHUNK_CLEAN_INTERVAL
+
Config: memory_pool_flush_time
+
Env Var: RCLONE_B2_MEMORY_POOL_FLUSH_TIME
Type: Duration
Default: 1m0s
-
--cache-read-retries
-
How many times to retry a read from a cache storage.
-
Since reading from a cache stream is independent from downloading file data, readers can get to a point where there's no more data in the cache. Most of the times this can indicate a connectivity issue if cache isn't able to provide file data anymore.
-
For really slow connections, increase this to a point where the stream is able to provide data but your experience will be very stuttering.
+
--b2-memory-pool-use-mmap
+
Whether to use mmap buffers in internal memory pool.
Properties:
-
Config: read_retries
-
Env Var: RCLONE_CACHE_READ_RETRIES
-
Type: int
-
Default: 10
+
Config: memory_pool_use_mmap
+
Env Var: RCLONE_B2_MEMORY_POOL_USE_MMAP
+
Type: bool
+
Default: false
-
--cache-workers
-
How many workers should run in parallel to download chunks.
-
Higher values will mean more parallel processing (better CPU needed) and more concurrent requests on the cloud provider. This impacts several aspects like the cloud provider API limits, more stress on the hardware that rclone runs on but it also means that streams will be more fluid and data will be available much more faster to readers.
-
Note: If the optional Plex integration is enabled then this setting will adapt to the type of reading performed and the value specified here will be used as a maximum number of workers to use.
Disable the in-memory cache for storing chunks during streaming.
-
By default, cache will keep file data during streaming in RAM as well to provide it to readers as fast as possible.
-
This transient data is evicted as soon as it is read and the number of chunks stored doesn't exceed the number of workers. However, depending on other settings like "cache-chunk-size" and "cache-workers" this footprint can increase if there are parallel streams too (multiple files being read at the same time).
-
If the hardware permits it, use this feature to provide an overall better performance during streaming but it can also be disabled if RAM is not available on the local machine.
-
Properties:
-
-
Config: chunk_no_memory
-
Env Var: RCLONE_CACHE_CHUNK_NO_MEMORY
-
Type: bool
-
Default: false
-
-
--cache-rps
-
Limits the number of requests per second to the source FS (-1 to disable).
-
This setting places a hard limit on the number of requests per second that cache will be doing to the cloud provider remote and try to respect that value by setting waits between reads.
-
If you find that you're getting banned or limited on the cloud provider through cache and know that a smaller number of requests per second will allow you to work with it then you can use this setting for that.
-
A good balance of all the other settings should make this setting useless but it is available to set for more special cases.
-
NOTE: This will limit the number of requests during streams but other API calls to the cloud provider like directory listings will still pass.
-
Properties:
-
-
Config: rps
-
Env Var: RCLONE_CACHE_RPS
-
Type: int
-
Default: -1
-
-
--cache-writes
-
Cache file data on writes through the FS.
-
If you need to read files immediately after you upload them through cache you can enable this flag to have their data stored in the cache store at the same time during upload.
-
Properties:
-
-
Config: writes
-
Env Var: RCLONE_CACHE_WRITES
-
Type: bool
-
Default: false
-
-
--cache-tmp-upload-path
-
Directory to keep temporary files until they are uploaded.
-
This is the path where cache will use as a temporary storage for new files that need to be uploaded to the cloud provider.
-
Specifying a value will enable this feature. Without it, it is completely disabled and files will be uploaded directly to the cloud provider
-
Properties:
-
-
Config: tmp_upload_path
-
Env Var: RCLONE_CACHE_TMP_UPLOAD_PATH
-
Type: string
-
Required: false
-
-
--cache-tmp-wait-time
-
How long should files be stored in local cache before being uploaded.
-
This is the duration that a file must wait in the temporary location cache-tmp-upload-path before it is selected for upload.
-
Note that only one file is uploaded at a time and it can take longer to start the upload if a queue formed for this purpose.
-
Properties:
-
-
Config: tmp_wait_time
-
Env Var: RCLONE_CACHE_TMP_WAIT_TIME
-
Type: Duration
-
Default: 15s
-
-
--cache-db-wait-time
-
How long to wait for the DB to be available - 0 is unlimited.
-
Only one process can have the DB open at any one time, so rclone waits for this duration for the DB to become available before it gives an error.
-
If you set it to 0 then it will wait forever.
-
Properties:
-
-
Config: db_wait_time
-
Env Var: RCLONE_CACHE_DB_WAIT_TIME
-
Type: Duration
-
Default: 1s
-
-
Backend commands
-
Here are the commands specific to the cache backend.
-
Run them with
-
rclone backend COMMAND remote:
-
The help below will explain what arguments each command takes.
The chunker overlay transparently splits large files into smaller chunks during upload to wrapped remote and transparently assembles them back when the file is downloaded. This allows to effectively overcome size limits imposed by storage providers.
-
Configuration
-
To use it, first set up the underlying remote following the configuration instructions for that remote. You can also use a local pathname instead of a remote.
-
First check your chosen remote is working - we'll call it remote:path here. Note that anything inside remote:path will be chunked and anything outside won't. This means that if you are using a bucket-based remote (e.g. S3, B2, swift) then you should probably put the bucket in the remote s3:bucket.
-
Now configure chunker using rclone config. We will call this one overlay to separate it from the remote itself.
+
Limitations
+
rclone about is not supported by the B2 backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
Paths may be as deep as required, e.g. remote:directory/subdirectory.
+
The initial setup for Box involves getting a token from Box which you can do either in your browser, or with a config.json downloaded from Box to use JWT authentication. rclone config walks you through it.
+
Configuration
+
Here is an example of how to make a remote called remote. First run:
+
rclone config
+
This will guide you through an interactive setup process:
No remotes found, make a new one?
n) New remote
s) Set configuration password
q) Quit config
n/s/q> n
-name> overlay
+name> remote
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / Transparently chunk/split large files
- \ "chunker"
+XX / Box
+ \ "box"
[snip]
-Storage> chunker
-Remote to chunk/unchunk.
-Normally should contain a ':' and a path, e.g. "myremote:path/to/dir",
-"myremote:bucket" or maybe "myremote:" (not recommended).
+Storage> box
+Box App Client Id - leave blank normally.
+client_id>
+Box App Client Secret - leave blank normally.
+client_secret>
+Box App config.json location
+Leave blank normally.
Enter a string value. Press Enter for the default ("").
-remote> remote:path
-Files larger than chunk size will be split in chunks.
-Enter a size with suffix K,M,G,T. Press Enter for the default ("2G").
-chunk_size> 100M
-Choose how chunker handles hash sums. All modes but "none" require metadata.
-Enter a string value. Press Enter for the default ("md5").
+box_config_file>
+Box App Primary Access Token
+Leave blank normally.
+Enter a string value. Press Enter for the default ("").
+access_token>
+
+Enter a string value. Press Enter for the default ("user").
Choose a number from below, or type in your own value
- 1 / Pass any hash supported by wrapped remote for non-chunked files, return nothing otherwise
- \ "none"
- 2 / MD5 for composite files
- \ "md5"
- 3 / SHA1 for composite files
- \ "sha1"
- 4 / MD5 for all files
- \ "md5all"
- 5 / SHA1 for all files
- \ "sha1all"
- 6 / Copying a file to chunker will request MD5 from the source falling back to SHA1 if unsupported
- \ "md5quick"
- 7 / Similar to "md5quick" but prefers SHA1 over MD5
- \ "sha1quick"
-hash_type> md5
-Edit advanced config? (y/n)
+ 1 / Rclone should act on behalf of a user
+ \ "user"
+ 2 / Rclone should act on behalf of a service account
+ \ "enterprise"
+box_sub_type>
+Remote config
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes
n) No
-y/n> n
-Remote config
+y/n> y
+If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
+Log in and authorize rclone for access
+Waiting for code...
+Got code
--------------------
-[overlay]
-type = chunker
-remote = remote:bucket
-chunk_size = 100M
-hash_type = md5
+[remote]
+client_id =
+client_secret =
+token = {"access_token":"XXX","token_type":"bearer","refresh_token":"XXX","expiry":"XXX"}
--------------------
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y
-
Specifying the remote
-
In normal use, make sure the remote has a : in. If you specify the remote without a : then rclone will use a local directory of that name. So if you use a remote of /path/to/secret/files then rclone will chunk stuff in that directory. If you use a remote of name then rclone will put files in a directory called name in the current directory.
-
Chunking
-
When rclone starts a file upload, chunker checks the file size. If it doesn't exceed the configured chunk size, chunker will just pass the file to the wrapped remote. If a file is large, chunker will transparently cut data in pieces with temporary names and stream them one by one, on the fly. Each data chunk will contain the specified number of bytes, except for the last one which may have less data. If file size is unknown in advance (this is called a streaming upload), chunker will internally create a temporary copy, record its size and repeat the above process.
-
When upload completes, temporary chunk files are finally renamed. This scheme guarantees that operations can be run in parallel and look from outside as atomic. A similar method with hidden temporary chunks is used for other operations (copy/move/rename, etc.). If an operation fails, hidden chunks are normally destroyed, and the target composite file stays intact.
-
When a composite file download is requested, chunker transparently assembles it by concatenating data chunks in order. As the split is trivial one could even manually concatenate data chunks together to obtain the original content.
-
When the list rclone command scans a directory on wrapped remote, the potential chunk files are accounted for, grouped and assembled into composite directory entries. Any temporary chunks are hidden.
-
List and other commands can sometimes come across composite files with missing or invalid chunks, e.g. shadowed by like-named directory or another file. This usually means that wrapped file system has been directly tampered with or damaged. If chunker detects a missing chunk it will by default print warning, skip the whole incomplete group of chunks but proceed with current command. You can set the --chunker-fail-hard flag to have commands abort with error message in such cases.
-
Chunk names
-
The default chunk name format is *.rclone_chunk.###, hence by default chunk names are BIG_FILE_NAME.rclone_chunk.001, BIG_FILE_NAME.rclone_chunk.002 etc. You can configure another name format using the name_format configuration file option. The format uses asterisk * as a placeholder for the base file name and one or more consecutive hash characters # as a placeholder for sequential chunk number. There must be one and only one asterisk. The number of consecutive hash characters defines the minimum length of a string representing a chunk number. If decimal chunk number has less digits than the number of hashes, it is left-padded by zeros. If the decimal string is longer, it is left intact. By default numbering starts from 1 but there is another option that allows user to start from 0, e.g. for compatibility with legacy software.
-
For example, if name format is big_*-##.part and original file name is data.txt and numbering starts from 0, then the first chunk will be named big_data.txt-00.part, the 99th chunk will be big_data.txt-98.part and the 302nd chunk will become big_data.txt-301.part.
-
Note that list assembles composite directory entries only when chunk names match the configured format and treats non-conforming file names as normal non-chunked files.
-
When using norename transactions, chunk names will additionally have a unique file version suffix. For example, BIG_FILE_NAME.rclone_chunk.001_bp562k.
-
Metadata
-
Besides data chunks chunker will by default create metadata object for a composite file. The object is named after the original file. Chunker allows user to disable metadata completely (the none format). Note that metadata is normally not created for files smaller than the configured chunk size. This may change in future rclone releases.
-
Simple JSON metadata format
-
This is the default format. It supports hash sums and chunk validation for composite files. Meta objects carry the following fields:
-
-
ver - version of format, currently 1
-
size - total size of composite file
-
nchunks - number of data chunks in file
-
md5 - MD5 hashsum of composite file (if present)
-
sha1 - SHA1 hashsum (if present)
-
txn - identifies current version of the file
-
-
There is no field for composite file name as it's simply equal to the name of meta object on the wrapped remote. Please refer to respective sections for details on hashsums and modified time handling.
-
No metadata
-
You can disable meta objects by setting the meta format option to none. In this mode chunker will scan directory for all files that follow configured chunk name format, group them by detecting chunks with the same base name and show group names as virtual composite files. This method is more prone to missing chunk errors (especially missing last chunk) than format with metadata enabled.
-
Hashsums
-
Chunker supports hashsums only when a compatible metadata is present. Hence, if you choose metadata format of none, chunker will report hashsum as UNSUPPORTED.
-
Please note that by default metadata is stored only for composite files. If a file is smaller than configured chunk size, chunker will transparently redirect hash requests to wrapped remote, so support depends on that. You will see the empty string as a hashsum of requested type for small files if the wrapped remote doesn't support it.
-
Many storage backends support MD5 and SHA1 hash types, so does chunker. With chunker you can choose one or another but not both. MD5 is set by default as the most supported type. Since chunker keeps hashes for composite files and falls back to the wrapped remote hash for non-chunked ones, we advise you to choose the same hash type as supported by wrapped remote so that your file listings look coherent.
-
If your storage backend does not support MD5 or SHA1 but you need consistent file hashing, configure chunker with md5all or sha1all. These two modes guarantee given hash for all files. If wrapped remote doesn't support it, chunker will then add metadata to all files, even small. However, this can double the amount of small files in storage and incur additional service charges. You can even use chunker to force md5/sha1 support in any other remote at expense of sidecar meta objects by setting e.g. chunk_type=sha1all to force hashsums and chunk_size=1P to effectively disable chunking.
-
Normally, when a file is copied to chunker controlled remote, chunker will ask the file source for compatible file hash and revert to on-the-fly calculation if none is found. This involves some CPU overhead but provides a guarantee that given hashsum is available. Also, chunker will reject a server-side copy or move operation if source and destination hashsum types are different resulting in the extra network bandwidth, too. In some rare cases this may be undesired, so chunker provides two optional choices: sha1quick and md5quick. If the source does not support primary hash type and the quick mode is enabled, chunker will try to fall back to the secondary type. This will save CPU and bandwidth but can result in empty hashsums at destination. Beware of consequences: the sync command will revert (sometimes silently) to time/size comparison if compatible hashsums between source and target are not found.
-
Modified time
-
Chunker stores modification times using the wrapped remote so support depends on that. For a small non-chunked file the chunker overlay simply manipulates modification time of the wrapped remote file. For a composite file with metadata chunker will get and set modification time of the metadata object on the wrapped remote. If file is chunked but metadata format is none then chunker will use modification time of the first data chunk.
-
Migrations
-
The idiomatic way to migrate to a different chunk size, hash type, transaction style or chunk naming scheme is to:
-
-
Collect all your chunked files under a directory and have your chunker remote point to it.
-
Create another directory (most probably on the same cloud storage) and configure a new remote with desired metadata format, hash type, chunk naming etc.
-
Now run rclone sync -i oldchunks: newchunks: and all your data will be transparently converted in transfer. This may take some time, yet chunker will try server-side copy if possible.
-
After checking data integrity you may remove configuration section of the old remote.
-
-
If rclone gets killed during a long operation on a big composite file, hidden temporary chunks may stay in the directory. They will not be shown by the list command but will eat up your account quota. Please note that the deletefile command deletes only active chunks of a file. As a workaround, you can use remote of the wrapped file system to see them. An easy way to get rid of hidden garbage is to copy littered directory somewhere using the chunker remote and purge the original directory. The copy command will copy only active chunks while the purge will remove everything including garbage.
-
Caveats and Limitations
-
Chunker requires wrapped remote to support server-side move (or copy + delete) operations, otherwise it will explicitly refuse to start. This is because it internally renames temporary chunk files to their final names when an operation completes successfully.
-
Chunker encodes chunk number in file name, so with default name_format setting it adds 17 characters. Also chunker adds 7 characters of temporary suffix during operations. Many file systems limit base file name without path by 255 characters. Using rclone's crypt remote as a base file system limits file name by 143 characters. Thus, maximum name length is 231 for most files and 119 for chunker-over-crypt. A user in need can change name format to e.g. *.rcc## and save 10 characters (provided at most 99 chunks per file).
-
Note that a move implemented using the copy-and-delete method may incur double charging with some cloud storage providers.
-
Chunker will not automatically rename existing chunks when you run rclone config on a live remote and change the chunk name format. Beware that in result of this some files which have been treated as chunks before the change can pop up in directory listings as normal files and vice versa. The same warning holds for the chunk size. If you desperately need to change critical chunking settings, you should run data migration as described above.
-
If wrapped remote is case insensitive, the chunker overlay will inherit that property (so you can't have a file called "Hello.doc" and "hello.doc" in the same directory).
-
Chunker included in rclone releases up to v1.54 can sometimes fail to detect metadata produced by recent versions of rclone. We recommend users to keep rclone up-to-date to avoid data corruption.
-
Changing transactions is dangerous and requires explicit migration.
-
Standard options
-
Here are the standard options specific to chunker (Transparently chunk/split large files).
-
--chunker-remote
-
Remote to chunk/unchunk.
-
Normally should contain a ':' and a path, e.g. "myremote:path/to/dir", "myremote:bucket" or maybe "myremote:" (not recommended).
-
Properties:
-
-
Config: remote
-
Env Var: RCLONE_CHUNKER_REMOTE
-
Type: string
-
Required: true
-
-
--chunker-chunk-size
-
Files larger than chunk size will be split in chunks.
-
Properties:
+
See the remote setup docs for how to set it up on a machine with no Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the token as returned from Box. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this it may require you to unblock it temporarily if you are running a host firewall.
+
Once configured you can then use rclone like this,
+
List directories in top level of your Box
+
rclone lsd remote:
+
List all the files in your Box
+
rclone ls remote:
+
To copy a local directory to an Box directory called backup
+
rclone copy /home/source remote:backup
+
Using rclone with an Enterprise account with SSO
+
If you have an "Enterprise" account type with Box with single sign on (SSO), you need to create a password to use Box with rclone. This can be done at your Enterprise Box account by going to Settings, "Account" Tab, and then set the password in the "Authentication" field.
+
Once you have done this, you can setup your Enterprise Box account using the same procedure detailed above in the, using the password you have just set.
Each refresh_token is valid for one use in 60 days.
+
+
This means that if you
-
Config: chunk_size
-
Env Var: RCLONE_CHUNKER_CHUNK_SIZE
-
Type: SizeSuffix
-
Default: 2Gi
+
Don't use the box remote for 60 days
+
Copy the config file with a box refresh token in and use it in two places
+
Get an error on a token refresh
-
--chunker-hash-type
-
Choose how chunker handles hash sums.
-
All modes but "none" require metadata.
-
Properties:
-
-
Config: hash_type
-
Env Var: RCLONE_CHUNKER_HASH_TYPE
-
Type: string
-
Default: "md5"
-
Examples:
-
-
"none"
-
-
Pass any hash supported by wrapped remote for non-chunked files.
-
Return nothing otherwise.
-
-
"md5"
-
-
MD5 for composite files.
-
-
"sha1"
-
-
SHA1 for composite files.
-
-
"md5all"
-
-
MD5 for all files.
-
-
"sha1all"
-
-
SHA1 for all files.
-
-
"md5quick"
-
-
Copying a file to chunker will request MD5 from the source.
-
Falling back to SHA1 if unsupported.
-
-
"sha1quick"
-
-
Similar to "md5quick" but prefers SHA1 over MD5.
-
-
-
-
Advanced options
-
Here are the advanced options specific to chunker (Transparently chunk/split large files).
-
--chunker-name-format
-
String format of chunk file names.
-
The two placeholders are: base file name (*) and chunk number (#...). There must be one and only one asterisk and one or more consecutive hash characters. If chunk number has less digits than the number of hashes, it is left-padded by zeros. If there are more digits in the number, they are left as is. Possible chunk files are ignored if their name does not match given format.
-
Properties:
-
-
Config: name_format
-
Env Var: RCLONE_CHUNKER_NAME_FORMAT
-
Type: string
-
Default: "*.rclone_chunk.###"
-
-
--chunker-start-from
-
Minimum valid chunk number. Usually 0 or 1.
-
By default chunk numbers start from 1.
-
Properties:
-
-
Config: start_from
-
Env Var: RCLONE_CHUNKER_START_FROM
-
Type: int
-
Default: 1
-
-
--chunker-meta-format
-
Format of the metadata object or "none".
-
By default "simplejson". Metadata is a small JSON file named after the composite file.
-
Properties:
-
-
Config: meta_format
-
Env Var: RCLONE_CHUNKER_META_FORMAT
-
Type: string
-
Default: "simplejson"
-
Examples:
-
-
"none"
-
-
Do not use metadata files at all.
-
Requires hash type "none".
-
-
"simplejson"
-
-
Simple JSON supports hash sums and chunk validation.
-
-
It has the following fields: ver, size, nchunks, md5, sha1.
-
-
-
-
--chunker-fail-hard
-
Choose how chunker should handle files with missing or invalid chunks.
-
Properties:
-
-
Config: fail_hard
-
Env Var: RCLONE_CHUNKER_FAIL_HARD
-
Type: bool
-
Default: false
-
Examples:
-
-
"true"
-
-
Report errors and abort current command.
-
-
"false"
-
-
Warn user, skip incomplete file and proceed.
-
-
-
-
--chunker-transactions
-
Choose how chunker should handle temporary files during transactions.
-
Properties:
-
-
Config: transactions
-
Env Var: RCLONE_CHUNKER_TRANSACTIONS
-
Type: string
-
Default: "rename"
-
Examples:
-
-
"rename"
-
-
Rename temporary files after a successful transaction.
-
-
"norename"
-
-
Leave temporary file names and write transaction ID to metadata file.
-
Metadata is required for no rename transactions (meta format cannot be "none").
-
If you are using norename transactions you should be careful not to downgrade Rclone
-
as older versions of Rclone don't support this transaction style and will misinterpret
-
files manipulated by norename transactions.
-
This method is EXPERIMENTAL, don't use on production systems.
-
-
"auto"
-
-
Rename or norename will be used depending on capabilities of the backend.
-
If meta format is set to "none", rename transactions will always be used.
-
This method is EXPERIMENTAL, don't use on production systems.
-
-
-
-
Citrix ShareFile
-
Citrix ShareFile is a secure file sharing and transfer service aimed as business.
-
Configuration
-
The initial setup for Citrix ShareFile involves getting a token from Citrix ShareFile which you can in your browser. rclone config walks you through it.
-
Here is an example of how to make a remote called remote. First run:
-
rclone config
-
This will guide you through an interactive setup process:
-
No remotes found, make a new one?
+
then rclone will return an error which includes the text Invalid refresh token.
+
To fix this you will need to use oauth2 again to update the refresh token. You can use the methods in the remote setup docs, bearing in mind that if you use the copy the config file method, you should not use that remote on the computer you did the authentication on.
+
Here is how to do it.
+
$ rclone config
+Current remotes:
+
+Name Type
+==== ====
+remote box
+
+e) Edit existing remote
n) New remote
+d) Delete remote
+r) Rename remote
+c) Copy remote
s) Set configuration password
q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-XX / Citrix Sharefile
- \ "sharefile"
-Storage> sharefile
-** See help for sharefile backend at: https://rclone.org/sharefile/ **
-
-ID of the root folder
-
-Leave blank to access "Personal Folders". You can use one of the
-standard values here or any folder ID (long hex number ID).
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Access the Personal Folders. (Default)
- \ ""
- 2 / Access the Favorites folder.
- \ "favorites"
- 3 / Access all the shared folders.
- \ "allshared"
- 4 / Access all the individual connectors.
- \ "connectors"
- 5 / Access the home, favorites, and shared folders as well as the connectors.
- \ "top"
-root_folder_id>
-Edit advanced config? (y/n)
+e/n/d/r/c/s/q> e
+Choose a number from below, or type in an existing value
+ 1 > remote
+remote> remote
+--------------------
+[remote]
+type = box
+token = {"access_token":"XXX","token_type":"bearer","refresh_token":"XXX","expiry":"2017-07-08T23:40:08.059167677+01:00"}
+--------------------
+Edit remote
+Value "client_id" = ""
+Edit? (y/n)>
+y) Yes
+n) No
+y/n> n
+Value "client_secret" = ""
+Edit? (y/n)>
y) Yes
n) No
y/n> n
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+Already have a token - refresh?
y) Yes
n) No
y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth?state=XXX
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
+y) Yes
+n) No
+y/n> y
+If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
Log in and authorize rclone for access
Waiting for code...
Got code
--------------------
[remote]
-type = sharefile
-endpoint = https://XXX.sharefile.com
-token = {"access_token":"XXX","token_type":"bearer","refresh_token":"XXX","expiry":"2019-09-30T19:41:45.878561877+01:00"}
+type = box
+token = {"access_token":"YYY","token_type":"bearer","refresh_token":"YYY","expiry":"2017-07-23T12:22:29.259137901+01:00"}
--------------------
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y
-
See the remote setup docs for how to set it up on a machine with no Internet browser available.
-
Note that rclone runs a webserver on your local machine to collect the token as returned from Citrix ShareFile. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this it may require you to unblock it temporarily if you are running a host firewall.
-
Once configured you can then use rclone like this,
-
List directories in top level of your ShareFile
-
rclone lsd remote:
-
List all the files in your ShareFile
-
rclone ls remote:
-
To copy a local directory to an ShareFile directory called backup
-
rclone copy /home/source remote:backup
-
Paths may be as deep as required, e.g. remote:directory/subdirectory.
-
Modified time and hashes
-
ShareFile allows modification times to be set on objects accurate to 1 second. These will be used to detect whether objects need syncing or not.
-
ShareFile supports MD5 type hashes, so you can use the --checksum flag.
-
Transfers
-
For files above 128 MiB rclone will use a chunked transfer. Rclone will upload up to --transfers chunks at the same time (shared among all the multipart uploads). Chunks are buffered in memory and are normally 64 MiB so increasing --transfers will increase memory use.
-
Restricted filename characters
+
Modified time and hashes
+
Box allows modification times to be set on objects accurate to 1 second. These will be used to detect whether objects need syncing or not.
+
Box supports SHA1 type hashes, so you can use the --checksum flag.
File names can also not end with the following characters. These only get replaced if they are the last character in the name:
+
+
+
+
Character
+
Value
+
Replacement
+
+
-
<
-
0x3C
-
<
-
-
-
>
-
0x3E
-
>
-
-
-
?
-
0x3F
-
?
-
-
-
:
-
0x3A
-
:
-
-
-
|
-
0x7C
-
|
-
-
-
"
-
0x22
-
"
-
-
-
-
File names can also not start or end with the following characters. These only get replaced if they are the first or last character in the name:
-
-
-
-
Character
-
Value
-
Replacement
-
-
-
-
-
SP
-
0x20
-
␠
-
-
-
.
-
0x2E
-
.
+
SP
+
0x20
+
␠
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-
Standard options
-
Here are the standard options specific to sharefile (Citrix Sharefile).
-
--sharefile-root-folder-id
-
ID of the root folder.
-
Leave blank to access "Personal Folders". You can use one of the standard values here or any folder ID (long hex number ID).
+
Transfers
+
For files above 50 MiB rclone will use a chunked transfer. Rclone will upload up to --transfers chunks at the same time (shared among all the multipart uploads). Chunks are buffered in memory and are normally 8 MiB so increasing --transfers will increase memory use.
+
Deleting files
+
Depending on the enterprise settings for your user, the item will either be actually deleted from Box or moved to the trash.
+
Emptying the trash is supported via the rclone however cleanup command however this deletes every trashed file and folder individually so it may take a very long time. Emptying the trash via the WebUI does not have this limitation so it is advised to empty the trash via the WebUI.
+
Root folder ID
+
You can set the root_folder_id for rclone. This is the directory (identified by its Folder ID) that rclone considers to be the root of your Box drive.
+
Normally you will leave this blank and rclone will determine the correct root to use itself.
+
However you can set this to restrict rclone to a specific folder hierarchy.
+
In order to do this you will have to find the Folder ID of the directory you wish rclone to display. This will be the last segment of the URL when you open the relevant folder in the Box web interface.
+
So if the folder you want rclone to use has a URL which looks like https://app.box.com/folder/11xxxxxxxxx8 in the browser, then you use 11xxxxxxxxx8 as the root_folder_id in the config.
+
Standard options
+
Here are the Standard options specific to box (Box).
+
--box-client-id
+
OAuth Client Id.
+
Leave blank normally.
Properties:
-
Config: root_folder_id
-
Env Var: RCLONE_SHAREFILE_ROOT_FOLDER_ID
+
Config: client_id
+
Env Var: RCLONE_BOX_CLIENT_ID
Type: string
Required: false
-
Examples:
+
+
--box-client-secret
+
OAuth Client Secret.
+
Leave blank normally.
+
Properties:
-
""
+
Config: client_secret
+
Env Var: RCLONE_BOX_CLIENT_SECRET
+
Type: string
+
Required: false
+
+
--box-box-config-file
+
Box App config.json location
+
Leave blank normally.
+
Leading ~ will be expanded in the file name as will environment variables such as ${RCLONE_CONFIG_DIR}.
+
Properties:
-
Access the Personal Folders (default).
-
-
"favorites"
+
Config: box_config_file
+
Env Var: RCLONE_BOX_BOX_CONFIG_FILE
+
Type: string
+
Required: false
+
+
--box-access-token
+
Box App Primary Access Token
+
Leave blank normally.
+
Properties:
-
Access the Favorites folder.
-
-
"allshared"
+
Config: access_token
+
Env Var: RCLONE_BOX_ACCESS_TOKEN
+
Type: string
+
Required: false
+
+
--box-box-sub-type
+
Properties:
-
Access all the shared folders.
-
-
"connectors"
+
Config: box_sub_type
+
Env Var: RCLONE_BOX_BOX_SUB_TYPE
+
Type: string
+
Default: "user"
+
Examples:
-
Access all the individual connectors.
+
"user"
+
+
Rclone should act on behalf of a user.
-
"top"
+
"enterprise"
-
Access the home, favorites, and shared folders as well as the connectors.
+
Rclone should act on behalf of a service account.
-
Advanced options
-
Here are the advanced options specific to sharefile (Citrix Sharefile).
-
--sharefile-upload-cutoff
-
Cutoff for switching to multipart upload.
+
Advanced options
+
Here are the Advanced options specific to box (Box).
+
--box-token
+
OAuth Access Token as a JSON blob.
+
Properties:
+
+
Config: token
+
Env Var: RCLONE_BOX_TOKEN
+
Type: string
+
Required: false
+
+
--box-auth-url
+
Auth server URL.
+
Leave blank to use the provider defaults.
+
Properties:
+
+
Config: auth_url
+
Env Var: RCLONE_BOX_AUTH_URL
+
Type: string
+
Required: false
+
+
--box-token-url
+
Token server url.
+
Leave blank to use the provider defaults.
+
Properties:
+
+
Config: token_url
+
Env Var: RCLONE_BOX_TOKEN_URL
+
Type: string
+
Required: false
+
+
--box-root-folder-id
+
Fill in for rclone to use a non root folder as its starting point.
+
Properties:
+
+
Config: root_folder_id
+
Env Var: RCLONE_BOX_ROOT_FOLDER_ID
+
Type: string
+
Default: "0"
+
+
--box-upload-cutoff
+
Cutoff for switching to multipart upload (>= 50 MiB).
Properties:
Config: upload_cutoff
-
Env Var: RCLONE_SHAREFILE_UPLOAD_CUTOFF
+
Env Var: RCLONE_BOX_UPLOAD_CUTOFF
Type: SizeSuffix
-
Default: 128Mi
+
Default: 50Mi
-
--sharefile-chunk-size
-
Upload chunk size.
-
Must a power of 2 >= 256k.
-
Making this larger will improve performance, but note that each chunk is buffered in memory one per transfer.
-
Reducing this will reduce memory usage but decrease performance.
+
--box-commit-retries
+
Max number of times to try committing a multipart file.
Properties:
-
Config: chunk_size
-
Env Var: RCLONE_SHAREFILE_CHUNK_SIZE
-
Type: SizeSuffix
-
Default: 64Mi
+
Config: commit_retries
+
Env Var: RCLONE_BOX_COMMIT_RETRIES
+
Type: int
+
Default: 100
-
--sharefile-endpoint
-
Endpoint for API calls.
-
This is usually auto discovered as part of the oauth process, but can be set manually to something like: https://XXX.sharefile.com
+
--box-list-chunk
+
Size of listing chunk 1-1000.
Properties:
-
Config: endpoint
-
Env Var: RCLONE_SHAREFILE_ENDPOINT
+
Config: list_chunk
+
Env Var: RCLONE_BOX_LIST_CHUNK
+
Type: int
+
Default: 1000
+
+
--box-owned-by
+
Only show items owned by the login (email address) passed in.
Note that ShareFile is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
-
ShareFile only supports filenames up to 256 characters in length.
-
rclone about is not supported by the Citrix ShareFile backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
Rclone crypt remotes encrypt and decrypt other remotes.
-
A remote of type crypt does not access a storage system directly, but instead wraps another remote, which in turn accesses the storage system. This is similar to how alias, union, chunker and a few others work. It makes the usage very flexible, as you can add a layer, in this case an encryption layer, on top of any other backend, even in multiple layers. Rclone's functionality can be used as with any other remote, for example you can mount a crypt remote.
-
Accessing a storage system through a crypt remote realizes client-side encryption, which makes it safe to keep your data in a location you do not trust will not get compromised. When working against the crypt remote, rclone will automatically encrypt (before uploading) and decrypt (after downloading) on your local system as needed on the fly, leaving the data encrypted at rest in the wrapped remote. If you access the storage system using an application other than rclone, or access the wrapped remote directly using rclone, there will not be any encryption/decryption: Downloading existing content will just give you the encrypted (scrambled) format, and anything you upload will not become encrypted.
-
The encryption is a secret-key encryption (also called symmetric key encryption) algorithm, where a password (or pass phrase) is used to generate real encryption key. The password can be supplied by user, or you may chose to let rclone generate one. It will be stored in the configuration file, in a lightly obscured form. If you are in an environment where you are not able to keep your configuration secured, you should add configuration encryption as protection. As long as you have this configuration file, you will be able to decrypt your data. Without the configuration file, as long as you remember the password (or keep it in a safe place), you can re-create the configuration and gain access to the existing data. You may also configure a corresponding remote in a different installation to access the same data. See below for guidance to changing password.
-
Encryption uses cryptographic salt, to permute the encryption key so that the same string may be encrypted in different ways. When configuring the crypt remote it is optional to enter a salt, or to let rclone generate a unique salt. If omitted, rclone uses a built-in unique string. Normally in cryptography, the salt is stored together with the encrypted content, and do not have to be memorized by the user. This is not the case in rclone, because rclone does not store any additional information on the remotes. Use of custom salt is effectively a second password that must be memorized.
-
File content encryption is performed using NaCl SecretBox, based on XSalsa20 cipher and Poly1305 for integrity. Names (file- and directory names) are also encrypted by default, but this has some implications and is therefore possible to turned off.
-
Configuration
-
Here is an example of how to make a remote called secret.
-
To use crypt, first set up the underlying remote. Follow the rclone config instructions for the specific backend.
-
Before configuring the crypt remote, check the underlying remote is working. In this example the underlying remote is called remote. We will configure a path path within this remote to contain the encrypted content. Anything inside remote:path will be encrypted and anything outside will not.
-
Configure crypt using rclone config. In this example the crypt remote is called secret, to differentiate it from the underlying remote.
-
When you are done you can use the crypt remote named secret just as you would with any other remote, e.g. rclone copy D:\docs secret:\docs, and rclone will encrypt and decrypt as needed on the fly. If you access the wrapped remote remote:path directly you will bypass the encryption, and anything you read will be in encrypted form, and anything you write will be unencrypted. To avoid issues it is best to configure a dedicated path for encrypted content, and access it exclusively through a crypt remote.
+
Limitations
+
Note that Box is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
+
Box file names can't have the \ character in. rclone maps this to and from an identical looking unicode equivalent \ (U+FF3C Fullwidth Reverse Solidus).
+
Box only supports filenames up to 255 characters in length.
+
Box has API rate limits that sometimes reduce the speed of rclone.
+
rclone about is not supported by the Box backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
The cache remote wraps another existing remote and stores file structure and its data for long running tasks like rclone mount.
+
Status
+
The cache backend code is working but it currently doesn't have a maintainer so there are outstanding bugs which aren't getting fixed.
+
The cache backend is due to be phased out in favour of the VFS caching layer eventually which is more tightly integrated into rclone.
+
Until this happens we recommend only using the cache backend if you find you can't work without it. There are many docs online describing the use of the cache backend to minimize API hits and by-and-large these are out of date and the cache backend isn't needed in those scenarios any more.
+
Configuration
+
To get started you just need to have an existing remote which can be configured with cache.
+
Here is an example of how to make a remote called test-cache. First run:
+
rclone config
+
This will guide you through an interactive setup process:
No remotes found, make a new one?
n) New remote
+r) Rename remote
+c) Copy remote
s) Set configuration password
q) Quit config
-n/s/q> n
-name> secret
+n/r/c/s/q> n
+name> test-cache
Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
[snip]
-XX / Encrypt/Decrypt a remote
- \ "crypt"
+XX / Cache a remote
+ \ "cache"
[snip]
-Storage> crypt
-** See help for crypt backend at: https://rclone.org/crypt/ **
-
-Remote to encrypt/decrypt.
-Normally should contain a ':' and a path, eg "myremote:path/to/dir",
-"myremote:bucket" or maybe "myremote:" (not recommended).
-Enter a string value. Press Enter for the default ("").
-remote> remote:path
-How to encrypt the filenames.
-Enter a string value. Press Enter for the default ("standard").
-Choose a number from below, or type in your own value.
- / Encrypt the filenames.
- 1 | See the docs for the details.
- \ "standard"
- 2 / Very simple filename obfuscation.
- \ "obfuscate"
- / Don't encrypt the file names.
- 3 | Adds a ".bin" extension only.
- \ "off"
-filename_encryption>
-Option to either encrypt directory names or leave them intact.
-
-NB If filename_encryption is "off" then this option will do nothing.
-Enter a boolean value (true or false). Press Enter for the default ("true").
-Choose a number from below, or type in your own value
- 1 / Encrypt directory names.
- \ "true"
- 2 / Don't encrypt directory names, leave them intact.
- \ "false"
-directory_name_encryption>
-Password or pass phrase for encryption.
+Storage> cache
+Remote to cache.
+Normally should contain a ':' and a path, e.g. "myremote:path/to/dir",
+"myremote:bucket" or maybe "myremote:" (not recommended).
+remote> local:/test
+Optional: The URL of the Plex server
+plex_url> http://127.0.0.1:32400
+Optional: The username of the Plex user
+plex_username> dummyusername
+Optional: The password of the Plex user
y) Yes type in my own password
g) Generate random password
-y/g> y
+n) No leave this optional password blank
+y/g/n> y
Enter the password:
password:
Confirm the password:
password:
-Password or pass phrase for salt. Optional but recommended.
-Should be different to the previous password.
-y) Yes type in my own password
-g) Generate random password
-n) No leave this optional password blank (default)
-y/g/n> g
-Password strength in bits.
-64 is just about memorable
-128 is secure
-1024 is the maximum
-Bits> 128
-Your password is: JAsJvRcgR-_veXNfy_sGmQ
-Use this password? Please note that an obscured version of this
-password (and not the password itself) will be stored under your
-configuration file, so keep this generated password in a safe place.
-y) Yes (default)
-n) No
-y/n>
-Edit advanced config? (y/n)
-y) Yes
-n) No (default)
-y/n>
+The size of a chunk. Lower value good for slow connections but can affect seamless reading.
+Default: 5M
+Choose a number from below, or type in your own value
+ 1 / 1 MiB
+ \ "1M"
+ 2 / 5 MiB
+ \ "5M"
+ 3 / 10 MiB
+ \ "10M"
+chunk_size> 2
+How much time should object info (file size, file hashes, etc.) be stored in cache. Use a very high value if you don't plan on changing the source FS from outside the cache.
+Accepted units are: "s", "m", "h".
+Default: 5m
+Choose a number from below, or type in your own value
+ 1 / 1 hour
+ \ "1h"
+ 2 / 24 hours
+ \ "24h"
+ 3 / 24 hours
+ \ "48h"
+info_age> 2
+The maximum size of stored chunks. When the storage grows beyond this size, the oldest chunks will be deleted.
+Default: 10G
+Choose a number from below, or type in your own value
+ 1 / 500 MiB
+ \ "500M"
+ 2 / 1 GiB
+ \ "1G"
+ 3 / 10 GiB
+ \ "10G"
+chunk_total_size> 3
Remote config
--------------------
-[secret]
-type = crypt
-remote = remote:path
-password = *** ENCRYPTED ***
-password2 = *** ENCRYPTED ***
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d>
-
Important The crypt password stored in rclone.conf is lightly obscured. That only protects it from cursory inspection. It is not secure unless configuration encryption of rclone.conf is specified.
-
A long passphrase is recommended, or rclone config can generate a random one.
-
The obscured password is created using AES-CTR with a static key. The salt is stored verbatim at the beginning of the obscured password. This static key is shared between all versions of rclone.
-
If you reconfigure rclone with the same passwords/passphrases elsewhere it will be compatible, but the obscured version will be different due to the different salt.
rclone mount --allow-other test-cache: /var/tmp/test-cache
+
Write Features
+
Offline uploading
+
In an effort to make writing through cache more reliable, the backend now supports this feature which can be activated by specifying a cache-tmp-upload-path.
+
A files goes through these states when using this feature:
+
+
An upload is started (usually by copying a file on the cache remote)
+
When the copy to the temporary location is complete the file is part of the cached remote and looks and behaves like any other file (reading included)
+
After cache-tmp-wait-time passes and the file is next in line, rclone move is used to move the file to the cloud provider
+
Reading the file still works during the upload but most modifications on it will be prohibited
+
Once the move is complete the file is unlocked for modifications as it becomes as any other regular file
+
If the file is being read through cache when it's actually deleted from the temporary path then cache will simply swap the source to the cloud provider without interrupting the reading (small blip can happen though)
+
+
Files are uploaded in sequence and only one file is uploaded at a time. Uploads will be stored in a queue and be processed based on the order they were added. The queue and the temporary storage is persistent across restarts but can be cleared on startup with the --cache-db-purge flag.
+
Write Support
+
Writes are supported through cache. One caveat is that a mounted cache remote does not add any retry or fallback mechanism to the upload operation. This will depend on the implementation of the wrapped remote. Consider using Offline uploading for reliable writes.
+
One special case is covered with cache-writes which will cache the file data at the same time as the upload when it is enabled making it available from the cache store immediately once the upload is finished.
+
Read Features
+
Multiple connections
+
To counter the high latency between a local PC where rclone is running and cloud providers, the cache remote can split multiple requests to the cloud provider for smaller file chunks and combines them together locally where they can be available almost immediately before the reader usually needs them.
+
This is similar to buffering when media files are played online. Rclone will stay around the current marker but always try its best to stay ahead and prepare the data before.
+
Plex Integration
+
There is a direct integration with Plex which allows cache to detect during reading if the file is in playback or not. This helps cache to adapt how it queries the cloud provider depending on what is needed for.
+
Scans will have a minimum amount of workers (1) while in a confirmed playback cache will deploy the configured number of workers.
+
This integration opens the doorway to additional performance improvements which will be explored in the near future.
+
Note: If Plex options are not configured, cache will function with its configured options without adapting any of its settings.
+
How to enable? Run rclone config and add all the Plex options (endpoint, username and password) in your remote and it will be automatically enabled.
+
Affected settings: - cache-workers: Configured value during confirmed playback or 1 all the other times
+
Certificate Validation
+
When the Plex server is configured to only accept secure connections, it is possible to use .plex.direct URLs to ensure certificate validation succeeds. These URLs are used by Plex internally to connect to the Plex server securely.
This page will list all the available Plex servers for your account with at least one .plex.direct link for each. Copy one URL and replace the IP address with the desired address. This can be used as the plex_url value.
+
Known issues
+
Mount and --dir-cache-time
+
--dir-cache-time controls the first layer of directory caching which works at the mount layer. Being an independent caching mechanism from the cache backend, it will manage its own entries based on the configured time.
+
To avoid getting in a scenario where dir cache has obsolete data and cache would have the correct one, try to set --dir-cache-time to a lower time than --cache-info-age. Default values are already configured in this way.
+
Windows support - Experimental
+
There are a couple of issues with Windows mount functionality that still require some investigations. It should be considered as experimental thus far as fixes come in for this OS.
+
Most of the issues seem to be related to the difference between filesystems on Linux flavors and Windows as cache is heavily dependent on them.
+
Any reports or feedback on how cache behaves on this OS is greatly appreciated.
-
file length - this can be calculated within 16 bytes
-
modification time - used for syncing
+
https://github.com/rclone/rclone/issues/1935
+
https://github.com/rclone/rclone/issues/1907
+
https://github.com/rclone/rclone/issues/1834
-
Specifying the remote
-
When configuring the remote to encrypt/decrypt, you may specify any string that rclone accepts as a source/destination of other commands.
-
The primary use case is to specify the path into an already configured remote (e.g. remote:path/to/dir or remote:bucket), such that data in a remote untrusted location can be stored encrypted.
-
You may also specify a local filesystem path, such as /path/to/dir on Linux, C:\path\to\dir on Windows. By creating a crypt remote pointing to such a local filesystem path, you can use rclone as a utility for pure local file encryption, for example to keep encrypted files on a removable USB drive.
-
Note: A string which do not contain a : will by rclone be treated as a relative path in the local filesystem. For example, if you enter the name remote without the trailing :, it will be treated as a subdirectory of the current directory with name "remote".
-
If a path remote:path/to/dir is specified, rclone stores encrypted files in path/to/dir on the remote. With file name encryption, files saved to secret:subdir/subfile are stored in the unencrypted path path/to/dir but the subdir/subpath element is encrypted.
-
The path you specify does not have to exist, rclone will create it when needed.
-
If you intend to use the wrapped remote both directly for keeping unencrypted content, as well as through a crypt remote for encrypted content, it is recommended to point the crypt remote to a separate directory within the wrapped remote. If you use a bucket-based storage system (e.g. Swift, S3, Google Compute Storage, B2, Hubic) it is generally advisable to wrap the crypt remote around a specific bucket (s3:bucket). If wrapping around the entire root of the storage (s3:), and use the optional file name encryption, rclone will encrypt the bucket name.
-
Changing password
-
Should the password, or the configuration file containing a lightly obscured form of the password, be compromised, you need to re-encrypt your data with a new password. Since rclone uses secret-key encryption, where the encryption key is generated directly from the password kept on the client, it is not possible to change the password/key of already encrypted content. Just changing the password configured for an existing crypt remote means you will no longer able to decrypt any of the previously encrypted content. The only possibility is to re-upload everything via a crypt remote configured with your new password.
-
Depending on the size of your data, your bandwith, storage quota etc, there are different approaches you can take: - If you have everything in a different location, for example on your local system, you could remove all of the prior encrypted files, change the password for your configured crypt remote (or delete and re-create the crypt configuration), and then re-upload everything from the alternative location. - If you have enough space on the storage system you can create a new crypt remote pointing to a separate directory on the same backend, and then use rclone to copy everything from the original crypt remote to the new, effectively decrypting everything on the fly using the old password and re-encrypting using the new password. When done, delete the original crypt remote directory and finally the rclone crypt configuration with the old password. All data will be streamed from the storage system and back, so you will get half the bandwith and be charged twice if you have upload and download quota on the storage system.
-
Note: A security problem related to the random password generator was fixed in rclone version 1.53.3 (released 2020-11-19). Passwords generated by rclone config in version 1.49.0 (released 2019-08-26) to 1.53.2 (released 2020-10-26) are not considered secure and should be changed. If you made up your own password, or used rclone version older than 1.49.0 or newer than 1.53.2 to generate it, you are not affected by this issue. See issue #4783 for more details, and a tool you can use to check if you are affected.
-
Example
-
Create the following file structure using "standard" file name encryption.
Future iterations of the cache backend will make use of the pooling functionality of the cloud provider to synchronize and at the same time make writing through it more tolerant to failures.
+
There are a couple of enhancements in track to add these but in the meantime there is a valid concern that the expiring cache listings can lead to cloud provider throttles or bans due to repeated queries on it for very large mounts.
+
Some recommendations: - don't use a very small interval for entry information (--cache-info-age) - while writes aren't yet optimised, you can still write through cache which gives you the advantage of adding the file in the cache at the same time if configured to do so.
+
Future enhancements:
-
doesn't hide file names or directory structure
-
allows for longer file names (~246 characters)
-
can use sub paths and copy single files
+
https://github.com/rclone/rclone/issues/1937
+
https://github.com/rclone/rclone/issues/1936
-
Standard
+
cache and crypt
+
One common scenario is to keep your data encrypted in the cloud provider using the crypt remote. crypt uses a similar technique to wrap around an existing remote and handles this translation in a seamless way.
+
There is an issue with wrapping the remotes in this order: cloud remote -> crypt -> cache
+
During testing, I experienced a lot of bans with the remotes in this order. I suspect it might be related to how crypt opens files on the cloud provider which makes it think we're downloading the full file instead of small chunks. Organizing the remotes in this order yields better results: cloud remote -> cache -> crypt
+
absolute remote paths
+
cache can not differentiate between relative and absolute paths for the wrapped remote. Any path given in the remote config setting and on the command line will be passed to the wrapped remote as is, but for storing the chunks on disk the path will be made relative by removing any leading / character.
+
This behavior is irrelevant for most backend types, but there are backends where a leading / changes the effective directory, e.g. in the sftp backend paths starting with a / are relative to the root of the SSH server and paths without are relative to the user home directory. As a result sftp:bin and sftp:/bin will share the same cache folder, even if they represent a different directory on the SSH server.
+
Cache and Remote Control (--rc)
+
Cache supports the new --rc mode in rclone and can be remote controlled through the following end points: By default, the listener is disabled if you do not add the flag.
+
rc cache/expire
+
Purge a remote from the cache backend. Supports either a directory or a file. It supports both encrypted and unencrypted file names if cache is wrapped by crypt.
+
Params: - remote = path to remote (required) - withData = true/false to delete cached data (chunks) as well (optional, false by default)
+
Standard options
+
Here are the Standard options specific to cache (Cache a remote).
+
--cache-remote
+
Remote to cache.
+
Normally should contain a ':' and a path, e.g. "myremote:path/to/dir", "myremote:bucket" or maybe "myremote:" (not recommended).
+
Properties:
-
file names encrypted
-
file names can't be as long (~143 characters)
-
can use sub paths and copy single files
-
directory structure visible
-
identical files names will have identical uploaded names
-
can use shortcuts to shorten the directory recursion
+
Config: remote
+
Env Var: RCLONE_CACHE_REMOTE
+
Type: string
+
Required: true
-
Obfuscation
-
This is a simple "rotate" of the filename, with each file having a rot distance based on the filename. Rclone stores the distance at the beginning of the filename. A file called "hello" may become "53.jgnnq".
-
Obfuscation is not a strong encryption of filenames, but hinders automated scanning tools picking up on filename patterns. It is an intermediate between "off" and "standard" which allows for longer path segment names.
-
There is a possibility with some unicode based filenames that the obfuscation is weak and may map lower case characters to upper case equivalents.
-
Obfuscation cannot be relied upon for strong protection.
+
--cache-plex-url
+
The URL of the Plex server.
+
Properties:
-
file names very lightly obfuscated
-
file names can be longer than standard encryption
-
can use sub paths and copy single files
-
directory structure visible
-
identical files names will have identical uploaded names
+
Config: plex_url
+
Env Var: RCLONE_CACHE_PLEX_URL
+
Type: string
+
Required: false
-
Cloud storage systems have limits on file name length and total path length which rclone is more likely to breach using "Standard" file name encryption. Where file names are less than 156 characters in length issues should not be encountered, irrespective of cloud storage provider.
-
An experimental advanced option filename_encoding is now provided to address this problem to a certain degree. For cloud storage systems with case sensitive file names (e.g. Google Drive), base64 can be used to reduce file name length. For cloud storage systems using UTF-16 to store file names internally (e.g. OneDrive), base32768 can be used to drastically reduce file name length.
-
An alternative, future rclone file name encryption mode may tolerate backend provider path length limits.
-
Directory name encryption
-
Crypt offers the option of encrypting dir names or leaving them intact. There are two options:
-
True
-
Encrypts the whole file path including directory names Example: 1/12/123.txt is encrypted to p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng/qgm4avr35m5loi1th53ato71v0
-
False
-
Only encrypts file names, skips directory names Example: 1/12/123.txt is encrypted to 1/12/qgm4avr35m5loi1th53ato71v0
-
Modified time and hashes
-
Crypt stores modification times using the underlying remote so support depends on that.
-
Hashes are not stored for crypt. However the data integrity is protected by an extremely strong crypto authenticator.
-
Use the rclone cryptcheck command to check the integrity of a crypted remote instead of rclone check which can't check the checksums properly.
-
Standard options
-
Here are the standard options specific to crypt (Encrypt/Decrypt a remote).
-
--crypt-remote
-
Remote to encrypt/decrypt.
-
Normally should contain a ':' and a path, e.g. "myremote:path/to/dir", "myremote:bucket" or maybe "myremote:" (not recommended).
Use lower numbers for slower connections. If the chunk size is changed, any downloaded chunks will be invalid and cache-chunk-path will need to be cleared or unexpected EOF errors will occur.
+
Properties:
+
+
Config: chunk_size
+
Env Var: RCLONE_CACHE_CHUNK_SIZE
+
Type: SizeSuffix
+
Default: 5Mi
Examples:
-
"standard"
+
"1M"
-
Encrypt the filenames.
-
See the docs for the details.
+
1 MiB
-
"obfuscate"
+
"5M"
-
Very simple filename obfuscation.
+
5 MiB
-
"off"
+
"10M"
-
Don't encrypt the file names.
-
Adds a ".bin" extension only.
+
10 MiB
-
--crypt-directory-name-encryption
-
Option to either encrypt directory names or leave them intact.
-
NB If filename_encryption is "off" then this option will do nothing.
+
--cache-info-age
+
How long to cache file structure information (directory listings, file size, times, etc.). If all write operations are done through the cache then you can safely make this value very large as the cache store will also be updated in real time.
Skip all certificate verification when connecting to the Plex server.
Properties:
-
Config: password2
-
Env Var: RCLONE_CRYPT_PASSWORD2
+
Config: plex_insecure
+
Env Var: RCLONE_CACHE_PLEX_INSECURE
Type: string
Required: false
-
Advanced options
-
Here are the advanced options specific to crypt (Encrypt/Decrypt a remote).
-
--crypt-server-side-across-configs
-
Allow server-side operations (e.g. copy) to work across different crypt configs.
-
Normally this option is not what you want, but if you have two crypts pointing to the same backend you can use it.
-
This can be used, for example, to change file name encryption type without re-uploading all the data. Just make two crypt backends pointing to two different directories with the single changed parameter and use rclone move to move the files between the crypt remotes.
+
--cache-db-path
+
Directory to store file structure metadata DB.
+
The remote name is used as the DB file name.
Properties:
-
Config: server_side_across_configs
-
Env Var: RCLONE_CRYPT_SERVER_SIDE_ACROSS_CONFIGS
-
Type: bool
-
Default: false
+
Config: db_path
+
Env Var: RCLONE_CACHE_DB_PATH
+
Type: string
+
Default: "$HOME/.cache/rclone/cache-backend"
-
--crypt-show-mapping
-
For all files listed show how the names encrypt.
-
If this flag is set then for each file that the remote is asked to list, it will log (at level INFO) a line stating the decrypted file name and the encrypted file name.
-
This is so you can work out which encrypted names are which decrypted names just in case you need to do something with the encrypted file names, or for debugging purposes.
+
--cache-chunk-path
+
Directory to cache chunk files.
+
Path to where partial file data (chunks) are stored locally. The remote name is appended to the final path.
+
This config follows the "--cache-db-path". If you specify a custom location for "--cache-db-path" and don't specify one for "--cache-chunk-path" then "--cache-chunk-path" will use the same path as "--cache-db-path".
Properties:
-
Config: show_mapping
-
Env Var: RCLONE_CRYPT_SHOW_MAPPING
-
Type: bool
-
Default: false
+
Config: chunk_path
+
Env Var: RCLONE_CACHE_CHUNK_PATH
+
Type: string
+
Default: "$HOME/.cache/rclone/cache-backend"
-
--crypt-no-data-encryption
-
Option to either encrypt file data or leave it unencrypted.
+
--cache-db-purge
+
Clear all the cached data for this remote on start.
Properties:
-
Config: no_data_encryption
-
Env Var: RCLONE_CRYPT_NO_DATA_ENCRYPTION
+
Config: db_purge
+
Env Var: RCLONE_CACHE_DB_PURGE
Type: bool
Default: false
-
Examples:
-
-
"true"
-
-
Don't encrypt file data, leave it unencrypted.
-
-
"false"
-
-
Encrypt file data.
-
-
-
--crypt-filename-encoding
-
How to encode the encrypted filename to text string.
-
This option could help with shortening the encrypted filename. The suitable option would depend on the way your remote count the filename length and if it's case sensitve.
+
--cache-chunk-clean-interval
+
How often should the cache perform cleanups of the chunk storage.
+
The default value should be ok for most people. If you find that the cache goes over "cache-chunk-total-size" too often then try to lower this value to force it to perform cleanups more often.
Properties:
-
Config: filename_encoding
-
Env Var: RCLONE_CRYPT_FILENAME_ENCODING
-
Type: string
-
Default: "base32"
-
Examples:
-
-
"base32"
+
Config: chunk_clean_interval
+
Env Var: RCLONE_CACHE_CHUNK_CLEAN_INTERVAL
+
Type: Duration
+
Default: 1m0s
+
+
--cache-read-retries
+
How many times to retry a read from a cache storage.
+
Since reading from a cache stream is independent from downloading file data, readers can get to a point where there's no more data in the cache. Most of the times this can indicate a connectivity issue if cache isn't able to provide file data anymore.
+
For really slow connections, increase this to a point where the stream is able to provide data but your experience will be very stuttering.
+
Properties:
-
Encode using base32. Suitable for all remote.
-
-
"base64"
+
Config: read_retries
+
Env Var: RCLONE_CACHE_READ_RETRIES
+
Type: int
+
Default: 10
+
+
--cache-workers
+
How many workers should run in parallel to download chunks.
+
Higher values will mean more parallel processing (better CPU needed) and more concurrent requests on the cloud provider. This impacts several aspects like the cloud provider API limits, more stress on the hardware that rclone runs on but it also means that streams will be more fluid and data will be available much more faster to readers.
+
Note: If the optional Plex integration is enabled then this setting will adapt to the type of reading performed and the value specified here will be used as a maximum number of workers to use.
+
Properties:
-
Encode using base64. Suitable for case sensitive remote.
-
-
"base32768"
+
Config: workers
+
Env Var: RCLONE_CACHE_WORKERS
+
Type: int
+
Default: 4
+
+
--cache-chunk-no-memory
+
Disable the in-memory cache for storing chunks during streaming.
+
By default, cache will keep file data during streaming in RAM as well to provide it to readers as fast as possible.
+
This transient data is evicted as soon as it is read and the number of chunks stored doesn't exceed the number of workers. However, depending on other settings like "cache-chunk-size" and "cache-workers" this footprint can increase if there are parallel streams too (multiple files being read at the same time).
+
If the hardware permits it, use this feature to provide an overall better performance during streaming but it can also be disabled if RAM is not available on the local machine.
+
Properties:
-
Encode using base32768. Suitable if your remote counts UTF-16 or
-
Unicode codepoint instead of UTF-8 byte length. (Eg. Onedrive)
-
-
+
Config: chunk_no_memory
+
Env Var: RCLONE_CACHE_CHUNK_NO_MEMORY
+
Type: bool
+
Default: false
-
Backend commands
-
Here are the commands specific to the crypt backend.
-
Run them with
-
rclone backend COMMAND remote:
-
The help below will explain what arguments each command takes.
This decodes the filenames given as arguments returning a list of strings of the decoded results. It will return an error if any of the inputs are invalid.
If you wish to backup a crypted remote, it is recommended that you use rclone sync on the encrypted files, and make sure the passwords are the same in the new encrypted remote.
-
This will have the following advantages
-
-
rclone sync will check the checksums while copying
-
you can use rclone check between the encrypted remotes
-
you don't decrypt and encrypt unnecessarily
-
-
For example, let's say you have your original remote at remote: with the encrypted version at eremote: with path remote:crypt. You would then set up the new remote remote2: and then the encrypted version eremote2: with path remote2:crypt using the same passwords as eremote:.
-
To sync the two remotes you would do
-
rclone sync -i remote:crypt remote2:crypt
-
And to check the integrity you would do
-
rclone check remote:crypt remote2:crypt
-
File formats
-
File encryption
-
Files are encrypted 1:1 source file to destination object. The file has a header and is divided into chunks.
-
Header
-
-
8 bytes magic string RCLONE\x00\x00
-
24 bytes Nonce (IV)
-
-
The initial nonce is generated from the operating systems crypto strong random number generator. The nonce is incremented for each chunk read making sure each nonce is unique for each block written. The chance of a nonce being re-used is minuscule. If you wrote an exabyte of data (10¹⁸ bytes) you would have a probability of approximately 2×10⁻³² of re-using a nonce.
-
Chunk
-
Each chunk will contain 64 KiB of data, except for the last one which may have less data. The data chunk is in standard NaCl SecretBox format. SecretBox uses XSalsa20 and Poly1305 to encrypt and authenticate messages.
-
Each chunk contains:
-
-
16 Bytes of Poly1305 authenticator
-
1 - 65536 bytes XSalsa20 encrypted data
-
-
64k chunk size was chosen as the best performing chunk size (the authenticator takes too much time below this and the performance drops off due to cache effects above this). Note that these chunks are buffered in memory so they can't be too big.
-
This uses a 32 byte (256 bit key) key derived from the user password.
-
Examples
-
1 byte file will encrypt to
+
--cache-rps
+
Limits the number of requests per second to the source FS (-1 to disable).
+
This setting places a hard limit on the number of requests per second that cache will be doing to the cloud provider remote and try to respect that value by setting waits between reads.
+
If you find that you're getting banned or limited on the cloud provider through cache and know that a smaller number of requests per second will allow you to work with it then you can use this setting for that.
+
A good balance of all the other settings should make this setting useless but it is available to set for more special cases.
+
NOTE: This will limit the number of requests during streams but other API calls to the cloud provider like directory listings will still pass.
+
Properties:
-
32 bytes header
-
17 bytes data chunk
+
Config: rps
+
Env Var: RCLONE_CACHE_RPS
+
Type: int
+
Default: -1
-
49 bytes total
-
1 MiB (1048576 bytes) file will encrypt to
+
--cache-writes
+
Cache file data on writes through the FS.
+
If you need to read files immediately after you upload them through cache you can enable this flag to have their data stored in the cache store at the same time during upload.
+
Properties:
-
32 bytes header
-
16 chunks of 65568 bytes
+
Config: writes
+
Env Var: RCLONE_CACHE_WRITES
+
Type: bool
+
Default: false
-
1049120 bytes total (a 0.05% overhead). This is the overhead for big files.
-
Name encryption
-
File names are encrypted segment by segment - the path is broken up into / separated strings and these are encrypted individually.
-
File segments are padded using PKCS#7 to a multiple of 16 bytes before encryption.
-
They are then encrypted with EME using AES with 256 bit key. EME (ECB-Mix-ECB) is a wide-block encryption mode presented in the 2003 paper "A Parallelizable Enciphering Mode" by Halevi and Rogaway.
-
This makes for deterministic encryption which is what we want - the same filename must encrypt to the same thing otherwise we can't find it on the cloud storage system.
-
This means that
+
--cache-tmp-upload-path
+
Directory to keep temporary files until they are uploaded.
+
This is the path where cache will use as a temporary storage for new files that need to be uploaded to the cloud provider.
+
Specifying a value will enable this feature. Without it, it is completely disabled and files will be uploaded directly to the cloud provider
+
Properties:
-
filenames with the same name will encrypt the same
-
filenames which start the same won't have a common prefix
+
Config: tmp_upload_path
+
Env Var: RCLONE_CACHE_TMP_UPLOAD_PATH
+
Type: string
+
Required: false
-
This uses a 32 byte key (256 bits) and a 16 byte (128 bits) IV both of which are derived from the user password.
-
After encryption they are written out using a modified version of standard base32 encoding as described in RFC4648. The standard encoding is modified in two ways:
+
--cache-tmp-wait-time
+
How long should files be stored in local cache before being uploaded.
+
This is the duration that a file must wait in the temporary location cache-tmp-upload-path before it is selected for upload.
+
Note that only one file is uploaded at a time and it can take longer to start the upload if a queue formed for this purpose.
+
Properties:
-
it becomes lower case (no-one likes upper case filenames!)
-
we strip the padding character =
+
Config: tmp_wait_time
+
Env Var: RCLONE_CACHE_TMP_WAIT_TIME
+
Type: Duration
+
Default: 15s
-
base32 is used rather than the more efficient base64 so rclone can be used on case insensitive remotes (e.g. Windows, Amazon Drive).
-
Key derivation
-
Rclone uses scrypt with parameters N=16384, r=8, p=1 with an optional user supplied salt (password2) to derive the 32+32+16 = 80 bytes of key material required. If the user doesn't supply a salt then rclone uses an internal one.
-
scrypt makes it impractical to mount a dictionary attack on rclone encrypted data. For full protection against this you should always use a salt.
-
SEE ALSO
+
--cache-db-wait-time
+
How long to wait for the DB to be available - 0 is unlimited.
+
Only one process can have the DB open at any one time, so rclone waits for this duration for the DB to become available before it gives an error.
+
If you set it to 0 then it will wait forever.
+
Properties:
-
rclone cryptdecode - Show forward/reverse mapping of encrypted filenames
+
Config: db_wait_time
+
Env Var: RCLONE_CACHE_DB_WAIT_TIME
+
Type: Duration
+
Default: 1s
-
Compress (Experimental)
-
Warning
-
This remote is currently experimental. Things may break and data may be lost. Anything you do with this remote is at your own risk. Please understand the risks associated with using experimental code and don't use this remote in critical applications.
-
The Compress remote adds compression to another remote. It is best used with remotes containing many large compressible files.
-
Configuration
-
To use this remote, all you need to do is specify another remote and a compression mode to use:
-
Current remotes:
-
-Name Type
-==== ====
-remote_to_press sometype
-
-e) Edit existing remote
-$ rclone config
+
Backend commands
+
Here are the commands specific to the cache backend.
+
Run them with
+
rclone backend COMMAND remote:
+
The help below will explain what arguments each command takes.
+
See the backend command for more info on how to pass options and arguments.
+
These can be run on a running backend using the rc command backend/command.
The chunker overlay transparently splits large files into smaller chunks during upload to wrapped remote and transparently assembles them back when the file is downloaded. This allows to effectively overcome size limits imposed by storage providers.
+
Configuration
+
To use it, first set up the underlying remote following the configuration instructions for that remote. You can also use a local pathname instead of a remote.
+
First check your chosen remote is working - we'll call it remote:path here. Note that anything inside remote:path will be chunked and anything outside won't. This means that if you are using a bucket-based remote (e.g. S3, B2, swift) then you should probably put the bucket in the remote s3:bucket.
+
Now configure chunker using rclone config. We will call this one overlay to separate it from the remote itself.
+
No remotes found, make a new one?
n) New remote
-d) Delete remote
-r) Rename remote
-c) Copy remote
s) Set configuration password
q) Quit config
-e/n/d/r/c/s/q> n
-name> compress
-...
- 8 / Compress a remote
- \ "compress"
-...
-Storage> compress
-** See help for compress backend at: https://rclone.org/compress/ **
-
-Remote to compress.
+n/s/q> n
+name> overlay
+Type of storage to configure.
+Choose a number from below, or type in your own value
+[snip]
+XX / Transparently chunk/split large files
+ \ "chunker"
+[snip]
+Storage> chunker
+Remote to chunk/unchunk.
+Normally should contain a ':' and a path, e.g. "myremote:path/to/dir",
+"myremote:bucket" or maybe "myremote:" (not recommended).
Enter a string value. Press Enter for the default ("").
-remote> remote_to_press:subdir
-Compression mode.
-Enter a string value. Press Enter for the default ("gzip").
+remote> remote:path
+Files larger than chunk size will be split in chunks.
+Enter a size with suffix K,M,G,T. Press Enter for the default ("2G").
+chunk_size> 100M
+Choose how chunker handles hash sums. All modes but "none" require metadata.
+Enter a string value. Press Enter for the default ("md5").
Choose a number from below, or type in your own value
- 1 / Gzip compression balanced for speed and compression strength.
- \ "gzip"
-compression_mode> gzip
+ 1 / Pass any hash supported by wrapped remote for non-chunked files, return nothing otherwise
+ \ "none"
+ 2 / MD5 for composite files
+ \ "md5"
+ 3 / SHA1 for composite files
+ \ "sha1"
+ 4 / MD5 for all files
+ \ "md5all"
+ 5 / SHA1 for all files
+ \ "sha1all"
+ 6 / Copying a file to chunker will request MD5 from the source falling back to SHA1 if unsupported
+ \ "md5quick"
+ 7 / Similar to "md5quick" but prefers SHA1 over MD5
+ \ "sha1quick"
+hash_type> md5
Edit advanced config? (y/n)
y) Yes
-n) No (default)
+n) No
y/n> n
Remote config
--------------------
-[compress]
-type = compress
-remote = remote_to_press:subdir
-compression_mode = gzip
+[overlay]
+type = chunker
+remote = remote:bucket
+chunk_size = 100M
+hash_type = md5
--------------------
-y) Yes this is OK (default)
+y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y
-
Compression Modes
-
Currently only gzip compression is supported. It provides a decent balance between speed and size and is well supported by other applications. Compression strength can further be configured via an advanced setting where 0 is no compression and 9 is strongest compression.
-
File types
-
If you open a remote wrapped by compress, you will see that there are many files with an extension corresponding to the compression algorithm you chose. These files are standard files that can be opened by various archive programs, but they have some hidden metadata that allows them to be used by rclone. While you may download and decompress these files at will, do not manually delete or rename files. Files without correct metadata files will not be recognized by rclone.
-
File names
-
The compressed files will be named *.###########.gz where * is the base file and the # part is base64 encoded size of the uncompressed file. The file names should not be changed by anything other than the rclone compression backend.
-
Standard options
-
Here are the standard options specific to compress (Compress a remote).
-
--compress-remote
-
Remote to compress.
-
Properties:
+
Specifying the remote
+
In normal use, make sure the remote has a : in. If you specify the remote without a : then rclone will use a local directory of that name. So if you use a remote of /path/to/secret/files then rclone will chunk stuff in that directory. If you use a remote of name then rclone will put files in a directory called name in the current directory.
+
Chunking
+
When rclone starts a file upload, chunker checks the file size. If it doesn't exceed the configured chunk size, chunker will just pass the file to the wrapped remote. If a file is large, chunker will transparently cut data in pieces with temporary names and stream them one by one, on the fly. Each data chunk will contain the specified number of bytes, except for the last one which may have less data. If file size is unknown in advance (this is called a streaming upload), chunker will internally create a temporary copy, record its size and repeat the above process.
+
When upload completes, temporary chunk files are finally renamed. This scheme guarantees that operations can be run in parallel and look from outside as atomic. A similar method with hidden temporary chunks is used for other operations (copy/move/rename, etc.). If an operation fails, hidden chunks are normally destroyed, and the target composite file stays intact.
+
When a composite file download is requested, chunker transparently assembles it by concatenating data chunks in order. As the split is trivial one could even manually concatenate data chunks together to obtain the original content.
+
When the list rclone command scans a directory on wrapped remote, the potential chunk files are accounted for, grouped and assembled into composite directory entries. Any temporary chunks are hidden.
+
List and other commands can sometimes come across composite files with missing or invalid chunks, e.g. shadowed by like-named directory or another file. This usually means that wrapped file system has been directly tampered with or damaged. If chunker detects a missing chunk it will by default print warning, skip the whole incomplete group of chunks but proceed with current command. You can set the --chunker-fail-hard flag to have commands abort with error message in such cases.
+
Chunk names
+
The default chunk name format is *.rclone_chunk.###, hence by default chunk names are BIG_FILE_NAME.rclone_chunk.001, BIG_FILE_NAME.rclone_chunk.002 etc. You can configure another name format using the name_format configuration file option. The format uses asterisk * as a placeholder for the base file name and one or more consecutive hash characters # as a placeholder for sequential chunk number. There must be one and only one asterisk. The number of consecutive hash characters defines the minimum length of a string representing a chunk number. If decimal chunk number has less digits than the number of hashes, it is left-padded by zeros. If the decimal string is longer, it is left intact. By default numbering starts from 1 but there is another option that allows user to start from 0, e.g. for compatibility with legacy software.
+
For example, if name format is big_*-##.part and original file name is data.txt and numbering starts from 0, then the first chunk will be named big_data.txt-00.part, the 99th chunk will be big_data.txt-98.part and the 302nd chunk will become big_data.txt-301.part.
+
Note that list assembles composite directory entries only when chunk names match the configured format and treats non-conforming file names as normal non-chunked files.
+
When using norename transactions, chunk names will additionally have a unique file version suffix. For example, BIG_FILE_NAME.rclone_chunk.001_bp562k.
+
Metadata
+
Besides data chunks chunker will by default create metadata object for a composite file. The object is named after the original file. Chunker allows user to disable metadata completely (the none format). Note that metadata is normally not created for files smaller than the configured chunk size. This may change in future rclone releases.
+
Simple JSON metadata format
+
This is the default format. It supports hash sums and chunk validation for composite files. Meta objects carry the following fields:
-
Config: remote
-
Env Var: RCLONE_COMPRESS_REMOTE
-
Type: string
-
Required: true
+
ver - version of format, currently 1
+
size - total size of composite file
+
nchunks - number of data chunks in file
+
md5 - MD5 hashsum of composite file (if present)
+
sha1 - SHA1 hashsum (if present)
+
txn - identifies current version of the file
-
--compress-mode
-
Compression mode.
-
Properties:
+
There is no field for composite file name as it's simply equal to the name of meta object on the wrapped remote. Please refer to respective sections for details on hashsums and modified time handling.
+
No metadata
+
You can disable meta objects by setting the meta format option to none. In this mode chunker will scan directory for all files that follow configured chunk name format, group them by detecting chunks with the same base name and show group names as virtual composite files. This method is more prone to missing chunk errors (especially missing last chunk) than format with metadata enabled.
+
Hashsums
+
Chunker supports hashsums only when a compatible metadata is present. Hence, if you choose metadata format of none, chunker will report hashsum as UNSUPPORTED.
+
Please note that by default metadata is stored only for composite files. If a file is smaller than configured chunk size, chunker will transparently redirect hash requests to wrapped remote, so support depends on that. You will see the empty string as a hashsum of requested type for small files if the wrapped remote doesn't support it.
+
Many storage backends support MD5 and SHA1 hash types, so does chunker. With chunker you can choose one or another but not both. MD5 is set by default as the most supported type. Since chunker keeps hashes for composite files and falls back to the wrapped remote hash for non-chunked ones, we advise you to choose the same hash type as supported by wrapped remote so that your file listings look coherent.
+
If your storage backend does not support MD5 or SHA1 but you need consistent file hashing, configure chunker with md5all or sha1all. These two modes guarantee given hash for all files. If wrapped remote doesn't support it, chunker will then add metadata to all files, even small. However, this can double the amount of small files in storage and incur additional service charges. You can even use chunker to force md5/sha1 support in any other remote at expense of sidecar meta objects by setting e.g. chunk_type=sha1all to force hashsums and chunk_size=1P to effectively disable chunking.
+
Normally, when a file is copied to chunker controlled remote, chunker will ask the file source for compatible file hash and revert to on-the-fly calculation if none is found. This involves some CPU overhead but provides a guarantee that given hashsum is available. Also, chunker will reject a server-side copy or move operation if source and destination hashsum types are different resulting in the extra network bandwidth, too. In some rare cases this may be undesired, so chunker provides two optional choices: sha1quick and md5quick. If the source does not support primary hash type and the quick mode is enabled, chunker will try to fall back to the secondary type. This will save CPU and bandwidth but can result in empty hashsums at destination. Beware of consequences: the sync command will revert (sometimes silently) to time/size comparison if compatible hashsums between source and target are not found.
+
Modified time
+
Chunker stores modification times using the wrapped remote so support depends on that. For a small non-chunked file the chunker overlay simply manipulates modification time of the wrapped remote file. For a composite file with metadata chunker will get and set modification time of the metadata object on the wrapped remote. If file is chunked but metadata format is none then chunker will use modification time of the first data chunk.
+
Migrations
+
The idiomatic way to migrate to a different chunk size, hash type, transaction style or chunk naming scheme is to:
-
Config: mode
-
Env Var: RCLONE_COMPRESS_MODE
+
Collect all your chunked files under a directory and have your chunker remote point to it.
+
Create another directory (most probably on the same cloud storage) and configure a new remote with desired metadata format, hash type, chunk naming etc.
+
Now run rclone sync -i oldchunks: newchunks: and all your data will be transparently converted in transfer. This may take some time, yet chunker will try server-side copy if possible.
+
After checking data integrity you may remove configuration section of the old remote.
+
+
If rclone gets killed during a long operation on a big composite file, hidden temporary chunks may stay in the directory. They will not be shown by the list command but will eat up your account quota. Please note that the deletefile command deletes only active chunks of a file. As a workaround, you can use remote of the wrapped file system to see them. An easy way to get rid of hidden garbage is to copy littered directory somewhere using the chunker remote and purge the original directory. The copy command will copy only active chunks while the purge will remove everything including garbage.
+
Caveats and Limitations
+
Chunker requires wrapped remote to support server-side move (or copy + delete) operations, otherwise it will explicitly refuse to start. This is because it internally renames temporary chunk files to their final names when an operation completes successfully.
+
Chunker encodes chunk number in file name, so with default name_format setting it adds 17 characters. Also chunker adds 7 characters of temporary suffix during operations. Many file systems limit base file name without path by 255 characters. Using rclone's crypt remote as a base file system limits file name by 143 characters. Thus, maximum name length is 231 for most files and 119 for chunker-over-crypt. A user in need can change name format to e.g. *.rcc## and save 10 characters (provided at most 99 chunks per file).
+
Note that a move implemented using the copy-and-delete method may incur double charging with some cloud storage providers.
+
Chunker will not automatically rename existing chunks when you run rclone config on a live remote and change the chunk name format. Beware that in result of this some files which have been treated as chunks before the change can pop up in directory listings as normal files and vice versa. The same warning holds for the chunk size. If you desperately need to change critical chunking settings, you should run data migration as described above.
+
If wrapped remote is case insensitive, the chunker overlay will inherit that property (so you can't have a file called "Hello.doc" and "hello.doc" in the same directory).
+
Chunker included in rclone releases up to v1.54 can sometimes fail to detect metadata produced by recent versions of rclone. We recommend users to keep rclone up-to-date to avoid data corruption.
+
Changing transactions is dangerous and requires explicit migration.
+
Standard options
+
Here are the Standard options specific to chunker (Transparently chunk/split large files).
+
--chunker-remote
+
Remote to chunk/unchunk.
+
Normally should contain a ':' and a path, e.g. "myremote:path/to/dir", "myremote:bucket" or maybe "myremote:" (not recommended).
+
Properties:
+
+
Config: remote
+
Env Var: RCLONE_CHUNKER_REMOTE
Type: string
-
Default: "gzip"
+
Required: true
+
+
--chunker-chunk-size
+
Files larger than chunk size will be split in chunks.
+
Properties:
+
+
Config: chunk_size
+
Env Var: RCLONE_CHUNKER_CHUNK_SIZE
+
Type: SizeSuffix
+
Default: 2Gi
+
+
--chunker-hash-type
+
Choose how chunker handles hash sums.
+
All modes but "none" require metadata.
+
Properties:
+
+
Config: hash_type
+
Env Var: RCLONE_CHUNKER_HASH_TYPE
+
Type: string
+
Default: "md5"
Examples:
-
"gzip"
+
"none"
-
Standard gzip compression with fastest parameters.
+
Pass any hash supported by wrapped remote for non-chunked files.
+
Return nothing otherwise.
+
+
"md5"
+
+
MD5 for composite files.
+
+
"sha1"
+
+
SHA1 for composite files.
+
+
"md5all"
+
+
MD5 for all files.
+
+
"sha1all"
+
+
SHA1 for all files.
+
+
"md5quick"
+
+
Copying a file to chunker will request MD5 from the source.
+
Falling back to SHA1 if unsupported.
+
+
"sha1quick"
+
+
Similar to "md5quick" but prefers SHA1 over MD5.
-
Advanced options
-
Here are the advanced options specific to compress (Compress a remote).
-
--compress-level
-
GZIP compression level (-2 to 9).
-
Generally -1 (default, equivalent to 5) is recommended. Levels 1 to 9 increase compression at the cost of speed. Going past 6 generally offers very little return.
-
Level -2 uses Huffmann encoding only. Only use if you know what you are doing. Level 0 turns off compression.
+
Advanced options
+
Here are the Advanced options specific to chunker (Transparently chunk/split large files).
+
--chunker-name-format
+
String format of chunk file names.
+
The two placeholders are: base file name (*) and chunk number (#...). There must be one and only one asterisk and one or more consecutive hash characters. If chunk number has less digits than the number of hashes, it is left-padded by zeros. If there are more digits in the number, they are left as is. Possible chunk files are ignored if their name does not match given format.
Properties:
-
Config: level
-
Env Var: RCLONE_COMPRESS_LEVEL
+
Config: name_format
+
Env Var: RCLONE_CHUNKER_NAME_FORMAT
+
Type: string
+
Default: "*.rclone_chunk.###"
+
+
--chunker-start-from
+
Minimum valid chunk number. Usually 0 or 1.
+
By default chunk numbers start from 1.
+
Properties:
+
+
Config: start_from
+
Env Var: RCLONE_CHUNKER_START_FROM
Type: int
-
Default: -1
+
Default: 1
-
--compress-ram-cache-limit
-
Some remotes don't allow the upload of files with unknown size. In this case the compressed file will need to be cached to determine it's size.
-
Files smaller than this limit will be cached in RAM, files larger than this limit will be cached on disk.
+
--chunker-meta-format
+
Format of the metadata object or "none".
+
By default "simplejson". Metadata is a small JSON file named after the composite file.
Properties:
-
Config: ram_cache_limit
-
Env Var: RCLONE_COMPRESS_RAM_CACHE_LIMIT
-
Type: SizeSuffix
-
Default: 20Mi
+
Config: meta_format
+
Env Var: RCLONE_CHUNKER_META_FORMAT
+
Type: string
+
Default: "simplejson"
+
Examples:
+
+
"none"
+
+
Do not use metadata files at all.
+
Requires hash type "none".
+
+
"simplejson"
+
+
Simple JSON supports hash sums and chunk validation.
+
+
It has the following fields: ver, size, nchunks, md5, sha1.
+
+
-
Dropbox
-
Paths are specified as remote:path
-
Dropbox paths may be as deep as required, e.g. remote:directory/subdirectory.
-
Configuration
-
The initial setup for dropbox involves getting a token from Dropbox which you need to do in your browser. rclone config walks you through it.
+
--chunker-fail-hard
+
Choose how chunker should handle files with missing or invalid chunks.
+
Properties:
+
+
Config: fail_hard
+
Env Var: RCLONE_CHUNKER_FAIL_HARD
+
Type: bool
+
Default: false
+
Examples:
+
+
"true"
+
+
Report errors and abort current command.
+
+
"false"
+
+
Warn user, skip incomplete file and proceed.
+
+
+
+
--chunker-transactions
+
Choose how chunker should handle temporary files during transactions.
+
Properties:
+
+
Config: transactions
+
Env Var: RCLONE_CHUNKER_TRANSACTIONS
+
Type: string
+
Default: "rename"
+
Examples:
+
+
"rename"
+
+
Rename temporary files after a successful transaction.
+
+
"norename"
+
+
Leave temporary file names and write transaction ID to metadata file.
+
Metadata is required for no rename transactions (meta format cannot be "none").
+
If you are using norename transactions you should be careful not to downgrade Rclone
+
as older versions of Rclone don't support this transaction style and will misinterpret
+
files manipulated by norename transactions.
+
This method is EXPERIMENTAL, don't use on production systems.
+
+
"auto"
+
+
Rename or norename will be used depending on capabilities of the backend.
+
If meta format is set to "none", rename transactions will always be used.
+
This method is EXPERIMENTAL, don't use on production systems.
+
+
+
+
Citrix ShareFile
+
Citrix ShareFile is a secure file sharing and transfer service aimed as business.
+
Configuration
+
The initial setup for Citrix ShareFile involves getting a token from Citrix ShareFile which you can in your browser. rclone config walks you through it.
Here is an example of how to make a remote called remote. First run:
rclone config
This will guide you through an interactive setup process:
-
n) New remote
-d) Delete remote
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
q) Quit config
-e/n/d/q> n
+n/s/q> n
name> remote
Type of storage to configure.
+Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
-[snip]
-XX / Dropbox
- \ "dropbox"
-[snip]
-Storage> dropbox
-Dropbox App Key - leave blank normally.
-app_key>
-Dropbox App Secret - leave blank normally.
-app_secret>
+XX / Citrix Sharefile
+ \ "sharefile"
+Storage> sharefile
+** See help for sharefile backend at: https://rclone.org/sharefile/ **
+
+ID of the root folder
+
+Leave blank to access "Personal Folders". You can use one of the
+standard values here or any folder ID (long hex number ID).
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 1 / Access the Personal Folders. (Default)
+ \ ""
+ 2 / Access the Favorites folder.
+ \ "favorites"
+ 3 / Access all the shared folders.
+ \ "allshared"
+ 4 / Access all the individual connectors.
+ \ "connectors"
+ 5 / Access the home, favorites, and shared folders as well as the connectors.
+ \ "top"
+root_folder_id>
+Edit advanced config? (y/n)
+y) Yes
+n) No
+y/n> n
Remote config
-Please visit:
-https://www.dropbox.com/1/oauth2/authorize?client_id=XXXXXXXXXXXXXXX&response_type=code
-Enter the code: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX_XXXXXXXXXX
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
+y) Yes
+n) No
+y/n> y
+If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth?state=XXX
+Log in and authorize rclone for access
+Waiting for code...
+Got code
--------------------
[remote]
-app_key =
-app_secret =
-token = XXXXXXXXXXXXXXXXXXXXXXXXXXXXX_XXXX_XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+type = sharefile
+endpoint = https://XXX.sharefile.com
+token = {"access_token":"XXX","token_type":"bearer","refresh_token":"XXX","expiry":"2019-09-30T19:41:45.878561877+01:00"}
--------------------
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y
-
You can then use it like this,
-
List directories in top level of your dropbox
+
See the remote setup docs for how to set it up on a machine with no Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the token as returned from Citrix ShareFile. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this it may require you to unblock it temporarily if you are running a host firewall.
+
Once configured you can then use rclone like this,
+
List directories in top level of your ShareFile
rclone lsd remote:
-
List all the files in your dropbox
+
List all the files in your ShareFile
rclone ls remote:
-
To copy a local directory to a dropbox directory called backup
+
To copy a local directory to an ShareFile directory called backup
rclone copy /home/source remote:backup
-
Dropbox for business
-
Rclone supports Dropbox for business and Team Folders.
-
When using Dropbox for business remote: and remote:path/to/file will refer to your personal folder.
-
If you wish to see Team Folders you must use a leading / in the path, so rclone lsd remote:/ will refer to the root and show you all Team Folders and your User Folder.
-
You can then use team folders like this remote:/TeamFolder and remote:/TeamFolder/path/to/file.
-
A leading / for a Dropbox personal account will do nothing, but it will take an extra HTTP transaction so it should be avoided.
-
Modified time and Hashes
-
Dropbox supports modified times, but the only way to set a modification time is to re-upload the file.
-
This means that if you uploaded your data with an older version of rclone which didn't support the v2 API and modified times, rclone will decide to upload all your old data to fix the modification times. If you don't want this to happen use --size-only or --checksum flag to stop it.
-
Dropbox supports its own hash type which is checked for all transfers.
-
Restricted filename characters
+
Paths may be as deep as required, e.g. remote:directory/subdirectory.
+
Modified time and hashes
+
ShareFile allows modification times to be set on objects accurate to 1 second. These will be used to detect whether objects need syncing or not.
+
ShareFile supports MD5 type hashes, so you can use the --checksum flag.
+
Transfers
+
For files above 128 MiB rclone will use a chunked transfer. Rclone will upload up to --transfers chunks at the same time (shared among all the multipart uploads). Chunks are buffered in memory and are normally 64 MiB so increasing --transfers will increase memory use.
File names can also not end with the following characters. These only get replaced if they are the last character in the name:
+
File names can also not start or end with the following characters. These only get replaced if they are the first or last character in the name:
@@ -15265,725 +17510,751 @@
Restricted filename characters
0x20
␠
+
+
.
+
0x2E
+
.
+
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-
Batch mode uploads
-
Using batch mode uploads is very important for performance when using the Dropbox API. See the dropbox performance guide for more info.
-
There are 3 modes rclone can use for uploads.
-
--dropbox-batch-mode off
-
In this mode rclone will not use upload batching. This was the default before rclone v1.55. It has the disadvantage that it is very likely to encounter too_many_requests errors like this
-
NOTICE: too_many_requests/.: Too many requests or write operations. Trying again in 15 seconds.
-
When rclone receives these it has to wait for 15s or sometimes 300s before continuing which really slows down transfers.
-
This will happen especially if --transfers is large, so this mode isn't recommended except for compatibility or investigating problems.
-
--dropbox-batch-mode sync
-
In this mode rclone will batch up uploads to the size specified by --dropbox-batch-size and commit them together.
-
Using this mode means you can use a much higher --transfers parameter (32 or 64 works fine) without receiving too_many_requests errors.
-
This mode ensures full data integrity.
-
Note that there may be a pause when quitting rclone while rclone finishes up the last batch using this mode.
-
--dropbox-batch-mode async
-
In this mode rclone will batch up uploads to the size specified by --dropbox-batch-size and commit them together.
-
However it will not wait for the status of the batch to be returned to the caller. This means rclone can use a much bigger batch size (much bigger than --transfers), at the cost of not being able to check the status of the upload.
-
This provides the maximum possible upload speed especially with lots of small files, however rclone can't check the file got uploaded properly using this mode.
-
If you are using this mode then using "rclone check" after the transfer completes is recommended. Or you could do an initial transfer with --dropbox-batch-mode async then do a final transfer with --dropbox-batch-mode sync (the default).
-
Note that there may be a pause when quitting rclone while rclone finishes up the last batch using this mode.
-
Standard options
-
Here are the standard options specific to dropbox (Dropbox).
-
--dropbox-client-id
-
OAuth Client Id.
-
Leave blank normally.
+
Standard options
+
Here are the Standard options specific to sharefile (Citrix Sharefile).
+
--sharefile-root-folder-id
+
ID of the root folder.
+
Leave blank to access "Personal Folders". You can use one of the standard values here or any folder ID (long hex number ID).
Properties:
-
Config: client_id
-
Env Var: RCLONE_DROPBOX_CLIENT_ID
+
Config: root_folder_id
+
Env Var: RCLONE_SHAREFILE_ROOT_FOLDER_ID
Type: string
Required: false
-
-
--dropbox-client-secret
-
OAuth Client Secret.
-
Leave blank normally.
-
Properties:
+
Examples:
-
Config: client_secret
-
Env Var: RCLONE_DROPBOX_CLIENT_SECRET
-
Type: string
-
Required: false
-
-
Advanced options
-
Here are the advanced options specific to dropbox (Dropbox).
-
--dropbox-token
-
OAuth Access Token as a JSON blob.
-
Properties:
+
""
-
Config: token
-
Env Var: RCLONE_DROPBOX_TOKEN
-
Type: string
-
Required: false
-
-
--dropbox-auth-url
-
Auth server URL.
-
Leave blank to use the provider defaults.
-
Properties:
+
Access the Personal Folders (default).
+
+
"favorites"
-
Config: auth_url
-
Env Var: RCLONE_DROPBOX_AUTH_URL
-
Type: string
-
Required: false
+
Access the Favorites folder.
+
+
"allshared"
+
+
Access all the shared folders.
+
+
"connectors"
+
+
Access all the individual connectors.
+
+
"top"
+
+
Access the home, favorites, and shared folders as well as the connectors.
+
+
-
--dropbox-token-url
-
Token server url.
-
Leave blank to use the provider defaults.
+
Advanced options
+
Here are the Advanced options specific to sharefile (Citrix Sharefile).
+
--sharefile-upload-cutoff
+
Cutoff for switching to multipart upload.
Properties:
-
Config: token_url
-
Env Var: RCLONE_DROPBOX_TOKEN_URL
-
Type: string
-
Required: false
+
Config: upload_cutoff
+
Env Var: RCLONE_SHAREFILE_UPLOAD_CUTOFF
+
Type: SizeSuffix
+
Default: 128Mi
-
--dropbox-chunk-size
-
Upload chunk size (< 150Mi).
-
Any files larger than this will be uploaded in chunks of this size.
-
Note that chunks are buffered in memory (one at a time) so rclone can deal with retries. Setting this larger will increase the speed slightly (at most 10% for 128 MiB in tests) at the cost of using more memory. It can be set smaller if you are tight on memory.
+
--sharefile-chunk-size
+
Upload chunk size.
+
Must a power of 2 >= 256k.
+
Making this larger will improve performance, but note that each chunk is buffered in memory one per transfer.
+
Reducing this will reduce memory usage but decrease performance.
Properties:
Config: chunk_size
-
Env Var: RCLONE_DROPBOX_CHUNK_SIZE
+
Env Var: RCLONE_SHAREFILE_CHUNK_SIZE
Type: SizeSuffix
-
Default: 48Mi
+
Default: 64Mi
-
--dropbox-impersonate
-
Impersonate this user when using a business account.
-
Note that if you want to use impersonate, you should make sure this flag is set when running "rclone config" as this will cause rclone to request the "members.read" scope which it won't normally. This is needed to lookup a members email address into the internal ID that dropbox uses in the API.
-
Using the "members.read" scope will require a Dropbox Team Admin to approve during the OAuth flow.
-
You will have to use your own App (setting your own client_id and client_secret) to use this option as currently rclone's default set of permissions doesn't include "members.read". This can be added once v1.55 or later is in use everywhere.
+
--sharefile-endpoint
+
Endpoint for API calls.
+
This is usually auto discovered as part of the oauth process, but can be set manually to something like: https://XXX.sharefile.com
Properties:
-
Config: impersonate
-
Env Var: RCLONE_DROPBOX_IMPERSONATE
+
Config: endpoint
+
Env Var: RCLONE_SHAREFILE_ENDPOINT
Type: string
Required: false
-
--dropbox-shared-files
-
Instructs rclone to work on individual shared files.
-
In this mode rclone's features are extremely limited - only list (ls, lsl, etc.) operations and read operations (e.g. downloading) are supported in this mode. All other operations will be disabled.
-
Properties:
-
-
Config: shared_files
-
Env Var: RCLONE_DROPBOX_SHARED_FILES
-
Type: bool
-
Default: false
-
-
--dropbox-shared-folders
-
Instructs rclone to work on shared folders.
-
When this flag is used with no path only the List operation is supported and all available shared folders will be listed. If you specify a path the first part will be interpreted as the name of shared folder. Rclone will then try to mount this shared to the root namespace. On success shared folder rclone proceeds normally. The shared folder is now pretty much a normal folder and all normal operations are supported.
-
Note that we don't unmount the shared folder afterwards so the --dropbox-shared-folders can be omitted after the first use of a particular shared folder.
Rclone will close any outstanding batches when it exits which may make a delay on quit.
-
Setting this is a great idea if you are uploading lots of small files as it will make them a lot quicker. You can use --transfers 32 to maximise throughput.
-
Properties:
-
-
Config: batch_size
-
Env Var: RCLONE_DROPBOX_BATCH_SIZE
-
Type: int
-
Default: 0
-
-
--dropbox-batch-timeout
-
Max time to allow an idle upload batch before uploading.
-
If an upload batch is idle for more than this long then it will be uploaded.
-
The default for this is 0 which means rclone will choose a sensible default based on the batch_mode in use.
-
-
batch_mode: async - default batch_timeout is 500ms
Note that Dropbox is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
-
There are some file names such as thumbs.db which Dropbox can't store. There is a full list of them in the "Ignored Files" section of this document. Rclone will issue an error message File name disallowed - not uploading if it attempts to upload one of those file names, but the sync won't fail.
-
Some errors may occur if you try to sync copyright-protected files because Dropbox has its own copyright detector that prevents this sort of file being downloaded. This will return the error ERROR : /path/to/your/file: Failed to copy: failed to open source object: path/restricted_content/.
-
If you have more than 10,000 files in a directory then rclone purge dropbox:dir will return the error Failed to purge: There are too many files involved in this operation. As a work-around do an rclone delete dropbox:dir followed by an rclone rmdir dropbox:dir.
-
When using rclone link you'll need to set --expire if using a non-personal account otherwise the visibility may not be correct. (Note that --expire isn't supported on personal accounts). See the forum discussion and the dropbox SDK issue.
-
Get your own Dropbox App ID
-
When you use rclone with Dropbox in its default configuration you are using rclone's App ID. This is shared between all the rclone users.
-
Here is how to create your own Dropbox App ID for rclone:
-
-
Log into the Dropbox App console with your Dropbox Account (It need not to be the same account as the Dropbox you want to access)
-
Choose an API => Usually this should be Dropbox API
-
Choose the type of access you want to use => Full Dropbox or App Folder
-
Name your App. The app name is global, so you can't use rclone for example
-
Click the button Create App
-
Switch to the Permissions tab. Enable at least the following permissions: account_info.read, files.metadata.write, files.content.write, files.content.read, sharing.write. The files.metadata.read and sharing.read checkboxes will be marked too. Click Submit
-
Switch to the Settings tab. Fill OAuth2 - Redirect URIs as http://localhost:53682/
-
Find the App key and App secret values on the Settings tab. Use these values in rclone config to add a new remote or edit an existing remote. The App key setting corresponds to client_id in rclone config, the App secret corresponds to client_secret
-
-
Enterprise File Fabric
-
This backend supports Storage Made Easy's Enterprise File Fabric™ which provides a software solution to integrate and unify File and Object Storage accessible through a global file system.
-
Configuration
-
The initial setup for the Enterprise File Fabric backend involves getting a token from the the Enterprise File Fabric which you need to do in your browser. rclone config walks you through it.
-
Here is an example of how to make a remote called remote. First run:
-
rclone config
-
This will guide you through an interactive setup process:
+
Limitations
+
Note that ShareFile is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
+
ShareFile only supports filenames up to 256 characters in length.
+
rclone about is not supported by the Citrix ShareFile backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
Rclone crypt remotes encrypt and decrypt other remotes.
+
A remote of type crypt does not access a storage system directly, but instead wraps another remote, which in turn accesses the storage system. This is similar to how alias, union, chunker and a few others work. It makes the usage very flexible, as you can add a layer, in this case an encryption layer, on top of any other backend, even in multiple layers. Rclone's functionality can be used as with any other remote, for example you can mount a crypt remote.
+
Accessing a storage system through a crypt remote realizes client-side encryption, which makes it safe to keep your data in a location you do not trust will not get compromised. When working against the crypt remote, rclone will automatically encrypt (before uploading) and decrypt (after downloading) on your local system as needed on the fly, leaving the data encrypted at rest in the wrapped remote. If you access the storage system using an application other than rclone, or access the wrapped remote directly using rclone, there will not be any encryption/decryption: Downloading existing content will just give you the encrypted (scrambled) format, and anything you upload will not become encrypted.
+
The encryption is a secret-key encryption (also called symmetric key encryption) algorithm, where a password (or pass phrase) is used to generate real encryption key. The password can be supplied by user, or you may chose to let rclone generate one. It will be stored in the configuration file, in a lightly obscured form. If you are in an environment where you are not able to keep your configuration secured, you should add configuration encryption as protection. As long as you have this configuration file, you will be able to decrypt your data. Without the configuration file, as long as you remember the password (or keep it in a safe place), you can re-create the configuration and gain access to the existing data. You may also configure a corresponding remote in a different installation to access the same data. See below for guidance to changing password.
+
Encryption uses cryptographic salt, to permute the encryption key so that the same string may be encrypted in different ways. When configuring the crypt remote it is optional to enter a salt, or to let rclone generate a unique salt. If omitted, rclone uses a built-in unique string. Normally in cryptography, the salt is stored together with the encrypted content, and do not have to be memorized by the user. This is not the case in rclone, because rclone does not store any additional information on the remotes. Use of custom salt is effectively a second password that must be memorized.
+
File content encryption is performed using NaCl SecretBox, based on XSalsa20 cipher and Poly1305 for integrity. Names (file- and directory names) are also encrypted by default, but this has some implications and is therefore possible to turned off.
+
Configuration
+
Here is an example of how to make a remote called secret.
+
To use crypt, first set up the underlying remote. Follow the rclone config instructions for the specific backend.
+
Before configuring the crypt remote, check the underlying remote is working. In this example the underlying remote is called remote. We will configure a path path within this remote to contain the encrypted content. Anything inside remote:path will be encrypted and anything outside will not.
+
Configure crypt using rclone config. In this example the crypt remote is called secret, to differentiate it from the underlying remote.
+
When you are done you can use the crypt remote named secret just as you would with any other remote, e.g. rclone copy D:\docs secret:\docs, and rclone will encrypt and decrypt as needed on the fly. If you access the wrapped remote remote:path directly you will bypass the encryption, and anything you read will be in encrypted form, and anything you write will be unencrypted. To avoid issues it is best to configure a dedicated path for encrypted content, and access it exclusively through a crypt remote.
No remotes found, make a new one?
n) New remote
s) Set configuration password
q) Quit config
n/s/q> n
-name> remote
+name> secret
Type of storage to configure.
Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
[snip]
-XX / Enterprise File Fabric
- \ "filefabric"
+XX / Encrypt/Decrypt a remote
+ \ "crypt"
[snip]
-Storage> filefabric
-** See help for filefabric backend at: https://rclone.org/filefabric/ **
-
-URL of the Enterprise File Fabric to connect to
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Storage Made Easy US
- \ "https://storagemadeeasy.com"
- 2 / Storage Made Easy EU
- \ "https://eu.storagemadeeasy.com"
- 3 / Connect to your Enterprise File Fabric
- \ "https://yourfabric.smestorage.com"
-url> https://yourfabric.smestorage.com/
-ID of the root folder
-Leave blank normally.
-
-Fill in to make rclone start with directory of a given ID.
+Storage> crypt
+** See help for crypt backend at: https://rclone.org/crypt/ **
+Remote to encrypt/decrypt.
+Normally should contain a ':' and a path, eg "myremote:path/to/dir",
+"myremote:bucket" or maybe "myremote:" (not recommended).
Enter a string value. Press Enter for the default ("").
-root_folder_id>
-Permanent Authentication Token
-
-A Permanent Authentication Token can be created in the Enterprise File
-Fabric, on the users Dashboard under Security, there is an entry
-you'll see called "My Authentication Tokens". Click the Manage button
-to create one.
-
-These tokens are normally valid for several years.
-
-For more info see: https://docs.storagemadeeasy.com/organisationcloud/api-tokens
+remote> remote:path
+How to encrypt the filenames.
+Enter a string value. Press Enter for the default ("standard").
+Choose a number from below, or type in your own value.
+ / Encrypt the filenames.
+ 1 | See the docs for the details.
+ \ "standard"
+ 2 / Very simple filename obfuscation.
+ \ "obfuscate"
+ / Don't encrypt the file names.
+ 3 | Adds a ".bin" extension only.
+ \ "off"
+filename_encryption>
+Option to either encrypt directory names or leave them intact.
-Enter a string value. Press Enter for the default ("").
-permanent_token> xxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx
+NB If filename_encryption is "off" then this option will do nothing.
+Enter a boolean value (true or false). Press Enter for the default ("true").
+Choose a number from below, or type in your own value
+ 1 / Encrypt directory names.
+ \ "true"
+ 2 / Don't encrypt directory names, leave them intact.
+ \ "false"
+directory_name_encryption>
+Password or pass phrase for encryption.
+y) Yes type in my own password
+g) Generate random password
+y/g> y
+Enter the password:
+password:
+Confirm the password:
+password:
+Password or pass phrase for salt. Optional but recommended.
+Should be different to the previous password.
+y) Yes type in my own password
+g) Generate random password
+n) No leave this optional password blank (default)
+y/g/n> g
+Password strength in bits.
+64 is just about memorable
+128 is secure
+1024 is the maximum
+Bits> 128
+Your password is: JAsJvRcgR-_veXNfy_sGmQ
+Use this password? Please note that an obscured version of this
+password (and not the password itself) will be stored under your
+configuration file, so keep this generated password in a safe place.
+y) Yes (default)
+n) No
+y/n>
Edit advanced config? (y/n)
y) Yes
n) No (default)
-y/n> n
+y/n>
Remote config
--------------------
-[remote]
-type = filefabric
-url = https://yourfabric.smestorage.com/
-permanent_token = xxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx
+[secret]
+type = crypt
+remote = remote:path
+password = *** ENCRYPTED ***
+password2 = *** ENCRYPTED ***
--------------------
y) Yes this is OK (default)
e) Edit this remote
d) Delete this remote
-y/e/d> y
-
Once configured you can then use rclone like this,
-
List directories in top level of your Enterprise File Fabric
-
rclone lsd remote:
-
List all the files in your Enterprise File Fabric
-
rclone ls remote:
-
To copy a local directory to an Enterprise File Fabric directory called backup
-
rclone copy /home/source remote:backup
-
Modified time and hashes
-
The Enterprise File Fabric allows modification times to be set on files accurate to 1 second. These will be used to detect whether objects need syncing or not.
-
The Enterprise File Fabric does not support any data hashes at this time.
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-
Empty files
-
Empty files aren't supported by the Enterprise File Fabric. Rclone will therefore upload an empty file as a single space with a mime type of application/vnd.rclone.empty.file and files with that mime type are treated as empty.
-
Root folder ID
-
You can set the root_folder_id for rclone. This is the directory (identified by its Folder ID) that rclone considers to be the root of your Enterprise File Fabric.
-
Normally you will leave this blank and rclone will determine the correct root to use itself.
-
However you can set this to restrict rclone to a specific folder hierarchy.
-
In order to do this you will have to find the Folder ID of the directory you wish rclone to display. These aren't displayed in the web interface, but you can use rclone lsf to find them, for example
Here are the standard options specific to filefabric (Enterprise File Fabric).
-
--filefabric-url
-
URL of the Enterprise File Fabric to connect to.
-
Properties:
-
-
Config: url
-
Env Var: RCLONE_FILEFABRIC_URL
-
Type: string
-
Required: true
-
Examples:
-
-
"https://storagemadeeasy.com"
-
-
Storage Made Easy US
-
-
"https://eu.storagemadeeasy.com"
-
-
Storage Made Easy EU
-
-
"https://yourfabric.smestorage.com"
-
-
Connect to your Enterprise File Fabric
-
-
-
-
--filefabric-root-folder-id
-
ID of the root folder.
-
Leave blank normally.
-
Fill in to make rclone start with directory of a given ID.
-
Properties:
+y/e/d>
+
Important The crypt password stored in rclone.conf is lightly obscured. That only protects it from cursory inspection. It is not secure unless configuration encryption of rclone.conf is specified.
+
A long passphrase is recommended, or rclone config can generate a random one.
+
The obscured password is created using AES-CTR with a static key. The salt is stored verbatim at the beginning of the obscured password. This static key is shared between all versions of rclone.
+
If you reconfigure rclone with the same passwords/passphrases elsewhere it will be compatible, but the obscured version will be different due to the different salt.
+
Rclone does not encrypt
-
Config: root_folder_id
-
Env Var: RCLONE_FILEFABRIC_ROOT_FOLDER_ID
-
Type: string
-
Required: false
+
file length - this can be calculated within 16 bytes
+
modification time - used for syncing
-
--filefabric-permanent-token
-
Permanent Authentication Token.
-
A Permanent Authentication Token can be created in the Enterprise File Fabric, on the users Dashboard under Security, there is an entry you'll see called "My Authentication Tokens". Click the Manage button to create one.
-
These tokens are normally valid for several years.
-
For more info see: https://docs.storagemadeeasy.com/organisationcloud/api-tokens
+
Specifying the remote
+
When configuring the remote to encrypt/decrypt, you may specify any string that rclone accepts as a source/destination of other commands.
+
The primary use case is to specify the path into an already configured remote (e.g. remote:path/to/dir or remote:bucket), such that data in a remote untrusted location can be stored encrypted.
+
You may also specify a local filesystem path, such as /path/to/dir on Linux, C:\path\to\dir on Windows. By creating a crypt remote pointing to such a local filesystem path, you can use rclone as a utility for pure local file encryption, for example to keep encrypted files on a removable USB drive.
+
Note: A string which do not contain a : will by rclone be treated as a relative path in the local filesystem. For example, if you enter the name remote without the trailing :, it will be treated as a subdirectory of the current directory with name "remote".
+
If a path remote:path/to/dir is specified, rclone stores encrypted files in path/to/dir on the remote. With file name encryption, files saved to secret:subdir/subfile are stored in the unencrypted path path/to/dir but the subdir/subpath element is encrypted.
+
The path you specify does not have to exist, rclone will create it when needed.
+
If you intend to use the wrapped remote both directly for keeping unencrypted content, as well as through a crypt remote for encrypted content, it is recommended to point the crypt remote to a separate directory within the wrapped remote. If you use a bucket-based storage system (e.g. Swift, S3, Google Compute Storage, B2) it is generally advisable to wrap the crypt remote around a specific bucket (s3:bucket). If wrapping around the entire root of the storage (s3:), and use the optional file name encryption, rclone will encrypt the bucket name.
+
Changing password
+
Should the password, or the configuration file containing a lightly obscured form of the password, be compromised, you need to re-encrypt your data with a new password. Since rclone uses secret-key encryption, where the encryption key is generated directly from the password kept on the client, it is not possible to change the password/key of already encrypted content. Just changing the password configured for an existing crypt remote means you will no longer able to decrypt any of the previously encrypted content. The only possibility is to re-upload everything via a crypt remote configured with your new password.
+
Depending on the size of your data, your bandwidth, storage quota etc, there are different approaches you can take: - If you have everything in a different location, for example on your local system, you could remove all of the prior encrypted files, change the password for your configured crypt remote (or delete and re-create the crypt configuration), and then re-upload everything from the alternative location. - If you have enough space on the storage system you can create a new crypt remote pointing to a separate directory on the same backend, and then use rclone to copy everything from the original crypt remote to the new, effectively decrypting everything on the fly using the old password and re-encrypting using the new password. When done, delete the original crypt remote directory and finally the rclone crypt configuration with the old password. All data will be streamed from the storage system and back, so you will get half the bandwidth and be charged twice if you have upload and download quota on the storage system.
+
Note: A security problem related to the random password generator was fixed in rclone version 1.53.3 (released 2020-11-19). Passwords generated by rclone config in version 1.49.0 (released 2019-08-26) to 1.53.2 (released 2020-10-26) are not considered secure and should be changed. If you made up your own password, or used rclone version older than 1.49.0 or newer than 1.53.2 to generate it, you are not affected by this issue. See issue #4783 for more details, and a tool you can use to check if you are affected.
+
Example
+
Create the following file structure using "standard" file name encryption.
identical files names will have identical uploaded names
+
can use shortcuts to shorten the directory recursion
+
+
Obfuscation
+
This is a simple "rotate" of the filename, with each file having a rot distance based on the filename. Rclone stores the distance at the beginning of the filename. A file called "hello" may become "53.jgnnq".
+
Obfuscation is not a strong encryption of filenames, but hinders automated scanning tools picking up on filename patterns. It is an intermediate between "off" and "standard" which allows for longer path segment names.
+
There is a possibility with some unicode based filenames that the obfuscation is weak and may map lower case characters to upper case equivalents.
+
Obfuscation cannot be relied upon for strong protection.
+
+
file names very lightly obfuscated
+
file names can be longer than standard encryption
+
can use sub paths and copy single files
+
directory structure visible
+
identical files names will have identical uploaded names
+
+
Cloud storage systems have limits on file name length and total path length which rclone is more likely to breach using "Standard" file name encryption. Where file names are less than 156 characters in length issues should not be encountered, irrespective of cloud storage provider.
+
An experimental advanced option filename_encoding is now provided to address this problem to a certain degree. For cloud storage systems with case sensitive file names (e.g. Google Drive), base64 can be used to reduce file name length. For cloud storage systems using UTF-16 to store file names internally (e.g. OneDrive), base32768 can be used to drastically reduce file name length.
+
An alternative, future rclone file name encryption mode may tolerate backend provider path length limits.
+
Directory name encryption
+
Crypt offers the option of encrypting dir names or leaving them intact. There are two options:
+
True
+
Encrypts the whole file path including directory names Example: 1/12/123.txt is encrypted to p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng/qgm4avr35m5loi1th53ato71v0
+
False
+
Only encrypts file names, skips directory names Example: 1/12/123.txt is encrypted to 1/12/qgm4avr35m5loi1th53ato71v0
+
Modified time and hashes
+
Crypt stores modification times using the underlying remote so support depends on that.
+
Hashes are not stored for crypt. However the data integrity is protected by an extremely strong crypto authenticator.
+
Use the rclone cryptcheck command to check the integrity of a crypted remote instead of rclone check which can't check the checksums properly.
+
Standard options
+
Here are the Standard options specific to crypt (Encrypt/Decrypt a remote).
+
--crypt-remote
+
Remote to encrypt/decrypt.
+
Normally should contain a ':' and a path, e.g. "myremote:path/to/dir", "myremote:bucket" or maybe "myremote:" (not recommended).
Properties:
-
Config: permanent_token
-
Env Var: RCLONE_FILEFABRIC_PERMANENT_TOKEN
+
Config: remote
+
Env Var: RCLONE_CRYPT_REMOTE
Type: string
-
Required: false
+
Required: true
-
Advanced options
-
Here are the advanced options specific to filefabric (Enterprise File Fabric).
-
--filefabric-token
-
Session Token.
-
This is a session token which rclone caches in the config file. It is usually valid for 1 hour.
-
Don't set this value - rclone will set it automatically.
+
--crypt-filename-encryption
+
How to encrypt the filenames.
Properties:
-
Config: token
-
Env Var: RCLONE_FILEFABRIC_TOKEN
+
Config: filename_encryption
+
Env Var: RCLONE_CRYPT_FILENAME_ENCRYPTION
Type: string
-
Required: false
+
Default: "standard"
+
Examples:
+
+
"standard"
+
+
Encrypt the filenames.
+
See the docs for the details.
+
+
"obfuscate"
+
+
Very simple filename obfuscation.
+
+
"off"
+
+
Don't encrypt the file names.
+
Adds a ".bin" extension only.
+
+
-
--filefabric-token-expiry
-
Token expiry time.
-
Don't set this value - rclone will set it automatically.
+
--crypt-directory-name-encryption
+
Option to either encrypt directory names or leave them intact.
+
NB If filename_encryption is "off" then this option will do nothing.
Here are the Advanced options specific to crypt (Encrypt/Decrypt a remote).
+
--crypt-server-side-across-configs
+
Allow server-side operations (e.g. copy) to work across different crypt configs.
+
Normally this option is not what you want, but if you have two crypts pointing to the same backend you can use it.
+
This can be used, for example, to change file name encryption type without re-uploading all the data. Just make two crypt backends pointing to two different directories with the single changed parameter and use rclone move to move the files between the crypt remotes.
Properties:
-
Config: encoding
-
Env Var: RCLONE_FILEFABRIC_ENCODING
-
Type: MultiEncoder
-
Default: Slash,Del,Ctl,InvalidUtf8,Dot
+
Config: server_side_across_configs
+
Env Var: RCLONE_CRYPT_SERVER_SIDE_ACROSS_CONFIGS
+
Type: bool
+
Default: false
-
FTP
-
FTP is the File Transfer Protocol. Rclone FTP support is provided using the github.com/jlaffaye/ftp package.
Paths are specified as remote:path. If the path does not begin with a / it is relative to the home directory of the user. An empty path remote: refers to the user's home directory.
-
Configuration
-
To create an FTP configuration named remote, run
-
rclone config
-
Rclone config guides you through an interactive setup process. A minimal rclone FTP remote definition only requires host, username and password. For an anonymous FTP server, use anonymous as username and your email address as password.
-
No remotes found, make a new one?
-n) New remote
-r) Rename remote
-c) Copy remote
-s) Set configuration password
-q) Quit config
-n/r/c/s/q> n
-name> remote
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / FTP Connection
- \ "ftp"
-[snip]
-Storage> ftp
-** See help for ftp backend at: https://rclone.org/ftp/ **
-
-FTP host to connect to
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Connect to ftp.example.com
- \ "ftp.example.com"
-host> ftp.example.com
-FTP username
-Enter a string value. Press Enter for the default ("$USER").
-user>
-FTP port number
-Enter a signed integer. Press Enter for the default (21).
-port>
-FTP password
-y) Yes type in my own password
-g) Generate random password
-y/g> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Use FTP over TLS (Implicit)
-Enter a boolean value (true or false). Press Enter for the default ("false").
-tls>
-Use FTP over TLS (Explicit)
-Enter a boolean value (true or false). Press Enter for the default ("false").
-explicit_tls>
-Remote config
---------------------
-[remote]
-type = ftp
-host = ftp.example.com
-pass = *** ENCRYPTED ***
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-
To see all directories in the home directory of remote
-
rclone lsd remote:
-
Make a new directory
-
rclone mkdir remote:path/to/directory
-
List the contents of a directory
-
rclone ls remote:path/to/directory
-
Sync /home/local/directory to the remote directory, deleting any excess files in the directory.
Rlone FTP supports implicit FTP over TLS servers (FTPS). This has to be enabled in the FTP backend config for the remote, or with --ftp-tls. The default FTPS port is 990, not 21 and can be set with --ftp-port.
File names cannot end with the following characters. Repacement is limited to the last character in a file name:
-
-
-
-
Character
-
Value
-
Replacement
-
-
-
-
-
SP
-
0x20
-
␠
-
-
-
-
Not all FTP servers can have all characters in file names, for example:
-
-
-
-
FTP Server
-
Forbidden characters
-
-
-
-
-
proftpd
-
*
-
-
-
pureftpd
-
\ [ ]
-
-
-
-
This backend's interactive configuration wizard provides a selection of sensible encoding settings for major FTP servers: ProFTPd, PureFTPd, VsFTPd. Just hit a selection number when prompted.
-
Standard options
-
Here are the standard options specific to ftp (FTP Connection).
-
--ftp-host
-
FTP host to connect to.
-
E.g. "ftp.example.com".
+
--crypt-show-mapping
+
For all files listed show how the names encrypt.
+
If this flag is set then for each file that the remote is asked to list, it will log (at level INFO) a line stating the decrypted file name and the encrypted file name.
+
This is so you can work out which encrypted names are which decrypted names just in case you need to do something with the encrypted file names, or for debugging purposes.
Properties:
-
Config: host
-
Env Var: RCLONE_FTP_HOST
-
Type: string
-
Required: true
+
Config: show_mapping
+
Env Var: RCLONE_CRYPT_SHOW_MAPPING
+
Type: bool
+
Default: false
-
--ftp-user
-
FTP username.
+
--crypt-no-data-encryption
+
Option to either encrypt file data or leave it unencrypted.
How to encode the encrypted filename to text string.
+
This option could help with shortening the encrypted filename. The suitable option would depend on the way your remote count the filename length and if it's case sensitive.
Properties:
-
Config: pass
-
Env Var: RCLONE_FTP_PASS
+
Config: filename_encoding
+
Env Var: RCLONE_CRYPT_FILENAME_ENCODING
Type: string
-
Required: false
-
-
--ftp-tls
-
Use Implicit FTPS (FTP over TLS).
-
When using implicit FTP over TLS the client connects using TLS right from the start which breaks compatibility with non-TLS-aware servers. This is usually served over port 990 rather than port 21. Cannot be used in combination with explicit FTP.
-
Properties:
+
Default: "base32"
+
Examples:
-
Config: tls
-
Env Var: RCLONE_FTP_TLS
-
Type: bool
-
Default: false
-
-
--ftp-explicit-tls
-
Use Explicit FTPS (FTP over TLS).
-
When using explicit FTP over TLS the client explicitly requests security from the server in order to upgrade a plain text connection to an encrypted one. Cannot be used in combination with implicit FTP.
-
Properties:
+
"base32"
-
Config: explicit_tls
-
Env Var: RCLONE_FTP_EXPLICIT_TLS
-
Type: bool
-
Default: false
-
-
Advanced options
-
Here are the advanced options specific to ftp (FTP Connection).
-
--ftp-concurrency
-
Maximum number of FTP simultaneous connections, 0 for unlimited.
-
Properties:
+
Encode using base32. Suitable for all remote.
+
+
"base64"
-
Config: concurrency
-
Env Var: RCLONE_FTP_CONCURRENCY
-
Type: int
-
Default: 0
-
-
--ftp-no-check-certificate
-
Do not verify the TLS certificate of the server.
-
Properties:
+
Encode using base64. Suitable for case sensitive remote.
+
+
"base32768"
-
Config: no_check_certificate
-
Env Var: RCLONE_FTP_NO_CHECK_CERTIFICATE
-
Type: bool
-
Default: false
+
Encode using base32768. Suitable if your remote counts UTF-16 or
+
Unicode codepoint instead of UTF-8 byte length. (Eg. Onedrive)
+
+
-
--ftp-disable-epsv
-
Disable using EPSV even if server advertises support.
-
Properties:
+
Metadata
+
Any metadata supported by the underlying remote is read and written.
This decodes the filenames given as arguments returning a list of strings of the decoded results. It will return an error if any of the inputs are invalid.
If you wish to backup a crypted remote, it is recommended that you use rclone sync on the encrypted files, and make sure the passwords are the same in the new encrypted remote.
+
This will have the following advantages
-
Config: disable_epsv
-
Env Var: RCLONE_FTP_DISABLE_EPSV
-
Type: bool
-
Default: false
+
rclone sync will check the checksums while copying
+
you can use rclone check between the encrypted remotes
+
you don't decrypt and encrypt unnecessarily
-
--ftp-disable-mlsd
-
Disable using MLSD even if server advertises support.
-
Properties:
+
For example, let's say you have your original remote at remote: with the encrypted version at eremote: with path remote:crypt. You would then set up the new remote remote2: and then the encrypted version eremote2: with path remote2:crypt using the same passwords as eremote:.
+
To sync the two remotes you would do
+
rclone sync -i remote:crypt remote2:crypt
+
And to check the integrity you would do
+
rclone check remote:crypt remote2:crypt
+
File formats
+
File encryption
+
Files are encrypted 1:1 source file to destination object. The file has a header and is divided into chunks.
+
Header
-
Config: disable_mlsd
-
Env Var: RCLONE_FTP_DISABLE_MLSD
-
Type: bool
-
Default: false
+
8 bytes magic string RCLONE\x00\x00
+
24 bytes Nonce (IV)
-
--ftp-writing-mdtm
-
Use MDTM to set modification time (VsFtpd quirk)
-
Properties:
+
The initial nonce is generated from the operating systems crypto strong random number generator. The nonce is incremented for each chunk read making sure each nonce is unique for each block written. The chance of a nonce being re-used is minuscule. If you wrote an exabyte of data (10¹⁸ bytes) you would have a probability of approximately 2×10⁻³² of re-using a nonce.
+
Chunk
+
Each chunk will contain 64 KiB of data, except for the last one which may have less data. The data chunk is in standard NaCl SecretBox format. SecretBox uses XSalsa20 and Poly1305 to encrypt and authenticate messages.
+
Each chunk contains:
-
Config: writing_mdtm
-
Env Var: RCLONE_FTP_WRITING_MDTM
-
Type: bool
-
Default: false
+
16 Bytes of Poly1305 authenticator
+
1 - 65536 bytes XSalsa20 encrypted data
-
--ftp-idle-timeout
-
Max time before closing idle connections.
-
If no connections have been returned to the connection pool in the time given, rclone will empty the connection pool.
-
Set to 0 to keep connections indefinitely.
-
Properties:
+
64k chunk size was chosen as the best performing chunk size (the authenticator takes too much time below this and the performance drops off due to cache effects above this). Note that these chunks are buffered in memory so they can't be too big.
+
This uses a 32 byte (256 bit key) key derived from the user password.
+
Examples
+
1 byte file will encrypt to
-
Config: idle_timeout
-
Env Var: RCLONE_FTP_IDLE_TIMEOUT
-
Type: Duration
-
Default: 1m0s
+
32 bytes header
+
17 bytes data chunk
-
--ftp-close-timeout
-
Maximum time to wait for a response to close.
-
Properties:
+
49 bytes total
+
1 MiB (1048576 bytes) file will encrypt to
-
Config: close_timeout
-
Env Var: RCLONE_FTP_CLOSE_TIMEOUT
-
Type: Duration
-
Default: 1m0s
+
32 bytes header
+
16 chunks of 65568 bytes
-
--ftp-tls-cache-size
-
Size of TLS session cache for all control and data connections.
-
TLS cache allows to resume TLS sessions and reuse PSK between connections. Increase if default size is not enough resulting in TLS resumption errors. Enabled by default. Use 0 to disable.
-
Properties:
+
1049120 bytes total (a 0.05% overhead). This is the overhead for big files.
+
Name encryption
+
File names are encrypted segment by segment - the path is broken up into / separated strings and these are encrypted individually.
+
File segments are padded using PKCS#7 to a multiple of 16 bytes before encryption.
+
They are then encrypted with EME using AES with 256 bit key. EME (ECB-Mix-ECB) is a wide-block encryption mode presented in the 2003 paper "A Parallelizable Enciphering Mode" by Halevi and Rogaway.
+
This makes for deterministic encryption which is what we want - the same filename must encrypt to the same thing otherwise we can't find it on the cloud storage system.
+
This means that
-
Config: tls_cache_size
-
Env Var: RCLONE_FTP_TLS_CACHE_SIZE
-
Type: int
-
Default: 32
+
filenames with the same name will encrypt the same
+
filenames which start the same won't have a common prefix
-
--ftp-disable-tls13
-
Disable TLS 1.3 (workaround for FTP servers with buggy TLS)
-
Properties:
+
This uses a 32 byte key (256 bits) and a 16 byte (128 bits) IV both of which are derived from the user password.
+
After encryption they are written out using a modified version of standard base32 encoding as described in RFC4648. The standard encoding is modified in two ways:
-
Config: disable_tls13
-
Env Var: RCLONE_FTP_DISABLE_TLS13
-
Type: bool
-
Default: false
+
it becomes lower case (no-one likes upper case filenames!)
+
we strip the padding character =
-
--ftp-shut-timeout
-
Maximum time to wait for data connection closing status.
-
Properties:
+
base32 is used rather than the more efficient base64 so rclone can be used on case insensitive remotes (e.g. Windows, Amazon Drive).
+
Key derivation
+
Rclone uses scrypt with parameters N=16384, r=8, p=1 with an optional user supplied salt (password2) to derive the 32+32+16 = 80 bytes of key material required. If the user doesn't supply a salt then rclone uses an internal one.
+
scrypt makes it impractical to mount a dictionary attack on rclone encrypted data. For full protection against this you should always use a salt.
+
SEE ALSO
-
Config: shut_timeout
-
Env Var: RCLONE_FTP_SHUT_TIMEOUT
-
Type: Duration
-
Default: 1m0s
+
rclone cryptdecode - Show forward/reverse mapping of encrypted filenames
-
--ftp-ask-password
-
Allow asking for FTP password when needed.
-
If this is set and no password is supplied then rclone will ask for a password
+
Compress
+
Warning
+
This remote is currently experimental. Things may break and data may be lost. Anything you do with this remote is at your own risk. Please understand the risks associated with using experimental code and don't use this remote in critical applications.
+
The Compress remote adds compression to another remote. It is best used with remotes containing many large compressible files.
+
Configuration
+
To use this remote, all you need to do is specify another remote and a compression mode to use:
+
Current remotes:
+
+Name Type
+==== ====
+remote_to_press sometype
+
+e) Edit existing remote
+$ rclone config
+n) New remote
+d) Delete remote
+r) Rename remote
+c) Copy remote
+s) Set configuration password
+q) Quit config
+e/n/d/r/c/s/q> n
+name> compress
+...
+ 8 / Compress a remote
+ \ "compress"
+...
+Storage> compress
+** See help for compress backend at: https://rclone.org/compress/ **
+
+Remote to compress.
+Enter a string value. Press Enter for the default ("").
+remote> remote_to_press:subdir
+Compression mode.
+Enter a string value. Press Enter for the default ("gzip").
+Choose a number from below, or type in your own value
+ 1 / Gzip compression balanced for speed and compression strength.
+ \ "gzip"
+compression_mode> gzip
+Edit advanced config? (y/n)
+y) Yes
+n) No (default)
+y/n> n
+Remote config
+--------------------
+[compress]
+type = compress
+remote = remote_to_press:subdir
+compression_mode = gzip
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
Compression Modes
+
Currently only gzip compression is supported. It provides a decent balance between speed and size and is well supported by other applications. Compression strength can further be configured via an advanced setting where 0 is no compression and 9 is strongest compression.
+
File types
+
If you open a remote wrapped by compress, you will see that there are many files with an extension corresponding to the compression algorithm you chose. These files are standard files that can be opened by various archive programs, but they have some hidden metadata that allows them to be used by rclone. While you may download and decompress these files at will, do not manually delete or rename files. Files without correct metadata files will not be recognized by rclone.
+
File names
+
The compressed files will be named *.###########.gz where * is the base file and the # part is base64 encoded size of the uncompressed file. The file names should not be changed by anything other than the rclone compression backend.
+
Standard options
+
Here are the Standard options specific to compress (Compress a remote).
Here are the Advanced options specific to compress (Compress a remote).
+
--compress-level
+
GZIP compression level (-2 to 9).
+
Generally -1 (default, equivalent to 5) is recommended. Levels 1 to 9 increase compression at the cost of speed. Going past 6 generally offers very little return.
+
Level -2 uses Huffman encoding only. Only use if you know what you are doing. Level 0 turns off compression.
+
Properties:
-
VsFTPd can't handle file names starting with dot
-
-
+
Config: level
+
Env Var: RCLONE_COMPRESS_LEVEL
+
Type: int
+
Default: -1
-
Limitations
-
FTP servers acting as rclone remotes must support passive mode. The mode cannot be configured as passive is the only supported one. Rclone's FTP implementation is not compatible with active mode as the library it uses doesn't support it. This will likely never be supported due to security concerns.
-
Rclone's FTP backend does not support any checksums but can compare file sizes.
-
rclone about is not supported by the FTP backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
The implementation of : --dump headers, --dump bodies, --dump auth for debugging isn't the same as for rclone HTTP based backends - it has less fine grained control.
-
--timeout isn't supported (but --contimeout is).
-
--bind isn't supported.
-
Rclone's FTP backend could support server-side move but does not at present.
-
The ftp_proxy environment variable is not currently supported.
-
Modified time
-
File modification time (timestamps) is supported to 1 second resolution for major FTP servers: ProFTPd, PureFTPd, VsFTPd, and FileZilla FTP server. The VsFTPd server has non-standard implementation of time related protocol commands and needs a special configuration setting: writing_mdtm = true.
-
Support for precise file time with other FTP servers varies depending on what protocol extensions they advertise. If all the MLSD, MDTM and MFTM extensions are present, rclone will use them together to provide precise time. Otherwise the times you see on the FTP server through rclone are those of the last file upload.
-
You can use the following command to check whether rclone can use precise time with your FTP server: rclone backend features your_ftp_remote: (the trailing colon is important). Look for the number in the line tagged by Precision designating the remote time precision expressed as nanoseconds. A value of 1000000000 means that file time precision of 1 second is available. A value of 3153600000000000000 (or another large number) means "unsupported".
-
Google Cloud Storage
-
Paths are specified as remote:bucket (or remote: for the lsd command.) You may put subdirectories in too, e.g. remote:bucket/path/to/dir.
-
Configuration
-
The initial setup for google cloud storage involves getting a token from Google Cloud Storage which you need to do in your browser. rclone config walks you through it.
+
--compress-ram-cache-limit
+
Some remotes don't allow the upload of files with unknown size. In this case the compressed file will need to be cached to determine it's size.
+
Files smaller than this limit will be cached in RAM, files larger than this limit will be cached on disk.
+
Properties:
+
+
Config: ram_cache_limit
+
Env Var: RCLONE_COMPRESS_RAM_CACHE_LIMIT
+
Type: SizeSuffix
+
Default: 20Mi
+
+
Metadata
+
Any metadata supported by the underlying remote is read and written.
During the initial setup with rclone config you will specify the upstreams remotes as a space separated list. The upstream remotes can either be a local paths or other remotes.
+
Configuration
+
Here is an example of how to make a combine called remote for the example above. First run:
+
rclone config
+
This will guide you through an interactive setup process:
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> remote
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+...
+XX / Combine several remotes into one
+ \ (combine)
+...
+Storage> combine
+Option upstreams.
+Upstreams for combining
+These should be in the form
+ dir=remote:path dir2=remote2:path
+Where before the = is specified the root directory and after is the remote to
+put there.
+Embedded spaces can be added using quotes
+ "dir=remote:path with space" "dir2=remote2:path with space"
+Enter a fs.SpaceSepList value.
+upstreams> images=s3:imagesbucket files=drive:important/files
+--------------------
+[remote]
+type = combine
+upstreams = images=s3:imagesbucket files=drive:important/files
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
Configuring for Google Drive Shared Drives
+
Rclone has a convenience feature for making a combine backend for all the shared drives you have access to.
+
Assuming your main (non shared drive) Google drive remote is called drive: you would run
+
rclone backend -o config drives drive:
+
This would produce something like this:
+
[My Drive]
+type = alias
+remote = drive,team_drive=0ABCDEF-01234567890,root_folder_id=:
+
+[Test Drive]
+type = alias
+remote = drive,team_drive=0ABCDEFabcdefghijkl,root_folder_id=:
+
+[AllDrives]
+type = combine
+upstreams = "My Drive=My Drive:" "Test Drive=Test Drive:"
+
If you then add that config to your config file (find it with rclone config file) then you can access all the shared drives in one place with the AllDrives: remote.
Dropbox paths may be as deep as required, e.g. remote:directory/subdirectory.
+
Configuration
+
The initial setup for dropbox involves getting a token from Dropbox which you need to do in your browser. rclone config walks you through it.
Here is an example of how to make a remote called remote. First run:
rclone config
This will guide you through an interactive setup process:
@@ -15995,156 +18266,48 @@
Configuration
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / Google Cloud Storage (this is not Google Drive)
- \ "google cloud storage"
+XX / Dropbox
+ \ "dropbox"
[snip]
-Storage> google cloud storage
-Google Application Client Id - leave blank normally.
-client_id>
-Google Application Client Secret - leave blank normally.
-client_secret>
-Project number optional - needed only for list/create/delete buckets - see your developer console.
-project_number> 12345678
-Service Account Credentials JSON file path - needed only if you want use SA instead of interactive login.
-service_account_file>
-Access Control List for new objects.
-Choose a number from below, or type in your own value
- 1 / Object owner gets OWNER access, and all Authenticated Users get READER access.
- \ "authenticatedRead"
- 2 / Object owner gets OWNER access, and project team owners get OWNER access.
- \ "bucketOwnerFullControl"
- 3 / Object owner gets OWNER access, and project team owners get READER access.
- \ "bucketOwnerRead"
- 4 / Object owner gets OWNER access [default if left blank].
- \ "private"
- 5 / Object owner gets OWNER access, and project team members get access according to their roles.
- \ "projectPrivate"
- 6 / Object owner gets OWNER access, and all Users get READER access.
- \ "publicRead"
-object_acl> 4
-Access Control List for new buckets.
-Choose a number from below, or type in your own value
- 1 / Project team owners get OWNER access, and all Authenticated Users get READER access.
- \ "authenticatedRead"
- 2 / Project team owners get OWNER access [default if left blank].
- \ "private"
- 3 / Project team members get access according to their roles.
- \ "projectPrivate"
- 4 / Project team owners get OWNER access, and all Users get READER access.
- \ "publicRead"
- 5 / Project team owners get OWNER access, and all Users get WRITER access.
- \ "publicReadWrite"
-bucket_acl> 2
-Location for the newly created buckets.
-Choose a number from below, or type in your own value
- 1 / Empty for default location (US).
- \ ""
- 2 / Multi-regional location for Asia.
- \ "asia"
- 3 / Multi-regional location for Europe.
- \ "eu"
- 4 / Multi-regional location for United States.
- \ "us"
- 5 / Taiwan.
- \ "asia-east1"
- 6 / Tokyo.
- \ "asia-northeast1"
- 7 / Singapore.
- \ "asia-southeast1"
- 8 / Sydney.
- \ "australia-southeast1"
- 9 / Belgium.
- \ "europe-west1"
-10 / London.
- \ "europe-west2"
-11 / Iowa.
- \ "us-central1"
-12 / South Carolina.
- \ "us-east1"
-13 / Northern Virginia.
- \ "us-east4"
-14 / Oregon.
- \ "us-west1"
-location> 12
-The storage class to use when storing objects in Google Cloud Storage.
-Choose a number from below, or type in your own value
- 1 / Default
- \ ""
- 2 / Multi-regional storage class
- \ "MULTI_REGIONAL"
- 3 / Regional storage class
- \ "REGIONAL"
- 4 / Nearline storage class
- \ "NEARLINE"
- 5 / Coldline storage class
- \ "COLDLINE"
- 6 / Durable reduced availability storage class
- \ "DURABLE_REDUCED_AVAILABILITY"
-storage_class> 5
+Storage> dropbox
+Dropbox App Key - leave blank normally.
+app_key>
+Dropbox App Secret - leave blank normally.
+app_secret>
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine or Y didn't work
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
+Please visit:
+https://www.dropbox.com/1/oauth2/authorize?client_id=XXXXXXXXXXXXXXX&response_type=code
+Enter the code: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX_XXXXXXXXXX
--------------------
[remote]
-type = google cloud storage
-client_id =
-client_secret =
-token = {"AccessToken":"xxxx.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","RefreshToken":"x/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx_xxxxxxxxx","Expiry":"2014-07-17T20:49:14.929208288+01:00","Extra":null}
-project_number = 12345678
-object_acl = private
-bucket_acl = private
+app_key =
+app_secret =
+token = XXXXXXXXXXXXXXXXXXXXXXXXXXXXX_XXXX_XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
--------------------
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y
-
Note that rclone runs a webserver on your local machine to collect the token as returned from Google if you use auto config mode. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this it may require you to unblock it temporarily if you are running a host firewall, or use manual mode.
-
This remote is called remote and can now be used like this
-
See all the buckets in your project
+
See the remote setup docs for how to set it up on a machine with no Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the token as returned from Dropbox. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and it may require you to unblock it temporarily if you are running a host firewall, or use manual mode.
+
You can then use it like this,
+
List directories in top level of your dropbox
rclone lsd remote:
-
Make a new bucket
-
rclone mkdir remote:bucket
-
List the contents of a bucket
-
rclone ls remote:bucket
-
Sync /home/local/directory to the remote bucket, deleting any excess files in the bucket.
You can set up rclone with Google Cloud Storage in an unattended mode, i.e. not tied to a specific end-user Google account. This is useful when you want to synchronise files onto machines that don't have actively logged-in users, for example build machines.
-
To get credentials for Google Cloud Platform IAM Service Accounts, please head to the Service Account section of the Google Developer Console. Service Accounts behave just like normal User permissions in Google Cloud Storage ACLs, so you can limit their access (e.g. make them read only). After creating an account, a JSON file containing the Service Account's credentials will be downloaded onto your machines. These credentials are what rclone will use for authentication.
-
To use a Service Account instead of OAuth2 token flow, enter the path to your Service Account credentials at the service_account_file prompt and rclone won't use the browser based authentication flow. If you'd rather stuff the contents of the credentials file into the rclone config file, you can set service_account_credentials with the actual contents of the file instead, or set the equivalent environment variable.
-
Anonymous Access
-
For downloads of objects that permit public access you can configure rclone to use anonymous access by setting anonymous to true. With unauthorized access you can't write or create files but only read or list those buckets and objects that have public read access.
-
Application Default Credentials
-
If no other source of credentials is provided, rclone will fall back to Application Default Credentials this is useful both when you already have configured authentication for your developer account, or in production when running on a google compute host. Note that if running in docker, you may need to run additional commands on your google compute machine - see this page.
-
Note that in the case application default credentials are used, there is no need to explicitly configure a project number.
-
--fast-list
-
This remote supports --fast-list which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
-
Custom upload headers
-
You can set custom upload headers with the --header-upload flag. Google Cloud Storage supports the headers as described in the working with metadata documentation
-
-
Cache-Control
-
Content-Disposition
-
Content-Encoding
-
Content-Language
-
Content-Type
-
X-Goog-Storage-Class
-
X-Goog-Meta-
-
-
Eg --header-upload "Content-Type text/potato"
-
Note that the last of these is for setting custom metadata in the form --header-upload "x-goog-meta-key: value"
-
Modification time
-
Google Cloud Storage stores md5sum natively. Google's gsutil tool stores modification time with one-second precision as goog-reserved-file-mtime in file metadata.
-
To ensure compatibility with gsutil, rclone stores modification time in 2 separate metadata entries. mtime uses RFC3339 format with one-nanosecond precision. goog-reserved-file-mtime uses Unix timestamp format with one-second precision. To get modification time from object metadata, rclone reads the metadata in the following order: mtime, goog-reserved-file-mtime, object updated time.
-
Note that rclone's default modify window is 1ns. Files uploaded by gsutil only contain timestamps with one-second precision. If you use rclone to sync files previously uploaded by gsutil, rclone will attempt to update modification time for all these files. To avoid these possibly unnecessary updates, use --modify-window 1s.
-
Restricted filename characters
+
List all the files in your dropbox
+
rclone ls remote:
+
To copy a local directory to a dropbox directory called backup
+
rclone copy /home/source remote:backup
+
Dropbox for business
+
Rclone supports Dropbox for business and Team Folders.
+
When using Dropbox for business remote: and remote:path/to/file will refer to your personal folder.
+
If you wish to see Team Folders you must use a leading / in the path, so rclone lsd remote:/ will refer to the root and show you all Team Folders and your User Folder.
+
You can then use team folders like this remote:/TeamFolder and remote:/TeamFolder/path/to/file.
+
A leading / for a Dropbox personal account will do nothing, but it will take an extra HTTP transaction so it should be avoided.
+
Modified time and Hashes
+
Dropbox supports modified times, but the only way to set a modification time is to re-upload the file.
+
This means that if you uploaded your data with an older version of rclone which didn't support the v2 API and modified times, rclone will decide to upload all your old data to fix the modification times. If you don't want this to happen use --size-only or --checksum flag to stop it.
+
Dropbox supports its own hash type which is checked for all transfers.
+
Restricted filename characters
@@ -16160,429 +18323,442 @@
Restricted filename characters
␀
-
LF
-
0x0A
-
␊
+
/
+
0x2F
+
/
-
CR
-
0x0D
-
␍
+
DEL
+
0x7F
+
␡
-
/
-
0x2F
-
/
+
\
+
0x5C
+
\
+
+
+
+
File names can also not end with the following characters. These only get replaced if they are the last character in the name:
+
+
+
+
Character
+
Value
+
Replacement
+
+
+
+
+
SP
+
0x20
+
␠
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-
Standard options
-
Here are the standard options specific to google cloud storage (Google Cloud Storage (this is not Google Drive)).
-
--gcs-client-id
+
Batch mode uploads
+
Using batch mode uploads is very important for performance when using the Dropbox API. See the dropbox performance guide for more info.
+
There are 3 modes rclone can use for uploads.
+
--dropbox-batch-mode off
+
In this mode rclone will not use upload batching. This was the default before rclone v1.55. It has the disadvantage that it is very likely to encounter too_many_requests errors like this
+
NOTICE: too_many_requests/.: Too many requests or write operations. Trying again in 15 seconds.
+
When rclone receives these it has to wait for 15s or sometimes 300s before continuing which really slows down transfers.
+
This will happen especially if --transfers is large, so this mode isn't recommended except for compatibility or investigating problems.
+
--dropbox-batch-mode sync
+
In this mode rclone will batch up uploads to the size specified by --dropbox-batch-size and commit them together.
+
Using this mode means you can use a much higher --transfers parameter (32 or 64 works fine) without receiving too_many_requests errors.
+
This mode ensures full data integrity.
+
Note that there may be a pause when quitting rclone while rclone finishes up the last batch using this mode.
+
--dropbox-batch-mode async
+
In this mode rclone will batch up uploads to the size specified by --dropbox-batch-size and commit them together.
+
However it will not wait for the status of the batch to be returned to the caller. This means rclone can use a much bigger batch size (much bigger than --transfers), at the cost of not being able to check the status of the upload.
+
This provides the maximum possible upload speed especially with lots of small files, however rclone can't check the file got uploaded properly using this mode.
+
If you are using this mode then using "rclone check" after the transfer completes is recommended. Or you could do an initial transfer with --dropbox-batch-mode async then do a final transfer with --dropbox-batch-mode sync (the default).
+
Note that there may be a pause when quitting rclone while rclone finishes up the last batch using this mode.
+
Standard options
+
Here are the Standard options specific to dropbox (Dropbox).
+
--dropbox-client-id
OAuth Client Id.
Leave blank normally.
Properties:
Config: client_id
-
Env Var: RCLONE_GCS_CLIENT_ID
+
Env Var: RCLONE_DROPBOX_CLIENT_ID
Type: string
Required: false
-
--gcs-client-secret
+
--dropbox-client-secret
OAuth Client Secret.
Leave blank normally.
Properties:
Config: client_secret
-
Env Var: RCLONE_GCS_CLIENT_SECRET
+
Env Var: RCLONE_DROPBOX_CLIENT_SECRET
Type: string
Required: false
-
--gcs-project-number
-
Project number.
-
Optional - needed only for list/create/delete buckets - see your developer console.
+
Advanced options
+
Here are the Advanced options specific to dropbox (Dropbox).
+
--dropbox-token
+
OAuth Access Token as a JSON blob.
Properties:
-
Config: project_number
-
Env Var: RCLONE_GCS_PROJECT_NUMBER
+
Config: token
+
Env Var: RCLONE_DROPBOX_TOKEN
Type: string
Required: false
-
--gcs-service-account-file
-
Service Account Credentials JSON file path.
-
Leave blank normally. Needed only if you want use SA instead of interactive login.
-
Leading ~ will be expanded in the file name as will environment variables such as ${RCLONE_CONFIG_DIR}.
+
--dropbox-auth-url
+
Auth server URL.
+
Leave blank to use the provider defaults.
Properties:
-
Config: service_account_file
-
Env Var: RCLONE_GCS_SERVICE_ACCOUNT_FILE
+
Config: auth_url
+
Env Var: RCLONE_DROPBOX_AUTH_URL
Type: string
Required: false
-
--gcs-service-account-credentials
-
Service Account Credentials JSON blob.
-
Leave blank normally. Needed only if you want use SA instead of interactive login.
+
--dropbox-token-url
+
Token server url.
+
Leave blank to use the provider defaults.
Properties:
-
Config: service_account_credentials
-
Env Var: RCLONE_GCS_SERVICE_ACCOUNT_CREDENTIALS
+
Config: token_url
+
Env Var: RCLONE_DROPBOX_TOKEN_URL
Type: string
Required: false
-
--gcs-anonymous
-
Access public buckets and objects without credentials.
-
Set to 'true' if you just want to download files and don't configure credentials.
+
--dropbox-chunk-size
+
Upload chunk size (< 150Mi).
+
Any files larger than this will be uploaded in chunks of this size.
+
Note that chunks are buffered in memory (one at a time) so rclone can deal with retries. Setting this larger will increase the speed slightly (at most 10% for 128 MiB in tests) at the cost of using more memory. It can be set smaller if you are tight on memory.
Properties:
-
Config: anonymous
-
Env Var: RCLONE_GCS_ANONYMOUS
-
Type: bool
-
Default: false
+
Config: chunk_size
+
Env Var: RCLONE_DROPBOX_CHUNK_SIZE
+
Type: SizeSuffix
+
Default: 48Mi
-
--gcs-object-acl
-
Access Control List for new objects.
+
--dropbox-impersonate
+
Impersonate this user when using a business account.
+
Note that if you want to use impersonate, you should make sure this flag is set when running "rclone config" as this will cause rclone to request the "members.read" scope which it won't normally. This is needed to lookup a members email address into the internal ID that dropbox uses in the API.
+
Using the "members.read" scope will require a Dropbox Team Admin to approve during the OAuth flow.
+
You will have to use your own App (setting your own client_id and client_secret) to use this option as currently rclone's default set of permissions doesn't include "members.read". This can be added once v1.55 or later is in use everywhere.
Properties:
-
Config: object_acl
-
Env Var: RCLONE_GCS_OBJECT_ACL
+
Config: impersonate
+
Env Var: RCLONE_DROPBOX_IMPERSONATE
Type: string
Required: false
-
Examples:
-
-
"authenticatedRead"
-
-
Object owner gets OWNER access.
-
All Authenticated Users get READER access.
-
-
"bucketOwnerFullControl"
+
+
--dropbox-shared-files
+
Instructs rclone to work on individual shared files.
+
In this mode rclone's features are extremely limited - only list (ls, lsl, etc.) operations and read operations (e.g. downloading) are supported in this mode. All other operations will be disabled.
+
Properties:
-
Object owner gets OWNER access.
-
Project team owners get OWNER access.
-
-
"bucketOwnerRead"
+
Config: shared_files
+
Env Var: RCLONE_DROPBOX_SHARED_FILES
+
Type: bool
+
Default: false
+
+
--dropbox-shared-folders
+
Instructs rclone to work on shared folders.
+
When this flag is used with no path only the List operation is supported and all available shared folders will be listed. If you specify a path the first part will be interpreted as the name of shared folder. Rclone will then try to mount this shared to the root namespace. On success shared folder rclone proceeds normally. The shared folder is now pretty much a normal folder and all normal operations are supported.
+
Note that we don't unmount the shared folder afterwards so the --dropbox-shared-folders can be omitted after the first use of a particular shared folder.
+
Properties:
-
Object owner gets OWNER access.
-
Project team owners get READER access.
-
-
"private"
-
-
Object owner gets OWNER access.
-
Default if left blank.
-
-
"projectPrivate"
-
-
Object owner gets OWNER access.
-
Project team members get access according to their roles.
sync - batch uploads and check completion (default)
+
async - batch upload and don't check completion
-
--gcs-bucket-acl
-
Access Control List for new buckets.
+
Rclone will close any outstanding batches when it exits which may make a delay on quit.
Properties:
-
Config: bucket_acl
-
Env Var: RCLONE_GCS_BUCKET_ACL
+
Config: batch_mode
+
Env Var: RCLONE_DROPBOX_BATCH_MODE
Type: string
-
Required: false
-
Examples:
-
-
"authenticatedRead"
-
-
Project team owners get OWNER access.
-
All Authenticated Users get READER access.
-
-
"private"
+
Default: "sync"
+
+
--dropbox-batch-size
+
Max number of files in upload batch.
+
This sets the batch size of files to upload. It has to be less than 1000.
+
By default this is 0 which means rclone which calculate the batch size depending on the setting of batch_mode.
-
Project team owners get OWNER access.
-
Default if left blank.
-
-
"projectPrivate"
+
batch_mode: async - default batch_size is 100
+
batch_mode: sync - default batch_size is the same as --transfers
+
batch_mode: off - not in use
+
+
Rclone will close any outstanding batches when it exits which may make a delay on quit.
+
Setting this is a great idea if you are uploading lots of small files as it will make them a lot quicker. You can use --transfers 32 to maximise throughput.
+
Properties:
-
Project team members get access according to their roles.
-
-
"publicRead"
+
Config: batch_size
+
Env Var: RCLONE_DROPBOX_BATCH_SIZE
+
Type: int
+
Default: 0
+
+
--dropbox-batch-timeout
+
Max time to allow an idle upload batch before uploading.
+
If an upload batch is idle for more than this long then it will be uploaded.
+
The default for this is 0 which means rclone will choose a sensible default based on the batch_mode in use.
-
Project team owners get OWNER access.
-
All Users get READER access.
-
-
"publicReadWrite"
+
batch_mode: async - default batch_timeout is 500ms
+
batch_mode: sync - default batch_timeout is 10s
+
batch_mode: off - not in use
+
+
Properties:
-
Project team owners get OWNER access.
-
All Users get WRITER access.
-
-
+
Config: batch_timeout
+
Env Var: RCLONE_DROPBOX_BATCH_TIMEOUT
+
Type: Duration
+
Default: 0s
-
--gcs-bucket-policy-only
-
Access checks should use bucket-level IAM policies.
-
If you want to upload objects to a bucket with Bucket Policy Only set then you will need to set this.
Note that Dropbox is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
+
There are some file names such as thumbs.db which Dropbox can't store. There is a full list of them in the "Ignored Files" section of this document. Rclone will issue an error message File name disallowed - not uploading if it attempts to upload one of those file names, but the sync won't fail.
+
Some errors may occur if you try to sync copyright-protected files because Dropbox has its own copyright detector that prevents this sort of file being downloaded. This will return the error ERROR : /path/to/your/file: Failed to copy: failed to open source object: path/restricted_content/.
+
If you have more than 10,000 files in a directory then rclone purge dropbox:dir will return the error Failed to purge: There are too many files involved in this operation. As a work-around do an rclone delete dropbox:dir followed by an rclone rmdir dropbox:dir.
+
When using rclone link you'll need to set --expire if using a non-personal account otherwise the visibility may not be correct. (Note that --expire isn't supported on personal accounts). See the forum discussion and the dropbox SDK issue.
+
Get your own Dropbox App ID
+
When you use rclone with Dropbox in its default configuration you are using rclone's App ID. This is shared between all the rclone users.
+
Here is how to create your own Dropbox App ID for rclone:
+
+
Log into the Dropbox App console with your Dropbox Account (It need not to be the same account as the Dropbox you want to access)
+
Choose an API => Usually this should be Dropbox API
+
Choose the type of access you want to use => Full Dropbox or App Folder
+
Name your App. The app name is global, so you can't use rclone for example
+
Click the button Create App
+
Switch to the Permissions tab. Enable at least the following permissions: account_info.read, files.metadata.write, files.content.write, files.content.read, sharing.write. The files.metadata.read and sharing.read checkboxes will be marked too. Click Submit
+
Switch to the Settings tab. Fill OAuth2 - Redirect URIs as http://localhost:53682/
+
Find the App key and App secret values on the Settings tab. Use these values in rclone config to add a new remote or edit an existing remote. The App key setting corresponds to client_id in rclone config, the App secret corresponds to client_secret
+
+
Enterprise File Fabric
+
This backend supports Storage Made Easy's Enterprise File Fabric™ which provides a software solution to integrate and unify File and Object Storage accessible through a global file system.
+
Configuration
+
The initial setup for the Enterprise File Fabric backend involves getting a token from the Enterprise File Fabric which you need to do in your browser. rclone config walks you through it.
+
Here is an example of how to make a remote called remote. First run:
+
rclone config
+
This will guide you through an interactive setup process:
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> remote
+Type of storage to configure.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+[snip]
+XX / Enterprise File Fabric
+ \ "filefabric"
+[snip]
+Storage> filefabric
+** See help for filefabric backend at: https://rclone.org/filefabric/ **
+
+URL of the Enterprise File Fabric to connect to
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 1 / Storage Made Easy US
+ \ "https://storagemadeeasy.com"
+ 2 / Storage Made Easy EU
+ \ "https://eu.storagemadeeasy.com"
+ 3 / Connect to your Enterprise File Fabric
+ \ "https://yourfabric.smestorage.com"
+url> https://yourfabric.smestorage.com/
+ID of the root folder
+Leave blank normally.
+
+Fill in to make rclone start with directory of a given ID.
+
+Enter a string value. Press Enter for the default ("").
+root_folder_id>
+Permanent Authentication Token
+
+A Permanent Authentication Token can be created in the Enterprise File
+Fabric, on the users Dashboard under Security, there is an entry
+you'll see called "My Authentication Tokens". Click the Manage button
+to create one.
+
+These tokens are normally valid for several years.
+
+For more info see: https://docs.storagemadeeasy.com/organisationcloud/api-tokens
+
+Enter a string value. Press Enter for the default ("").
+permanent_token> xxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx
+Edit advanced config? (y/n)
+y) Yes
+n) No (default)
+y/n> n
+Remote config
+--------------------
+[remote]
+type = filefabric
+url = https://yourfabric.smestorage.com/
+permanent_token = xxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
Once configured you can then use rclone like this,
+
List directories in top level of your Enterprise File Fabric
+
rclone lsd remote:
+
List all the files in your Enterprise File Fabric
+
rclone ls remote:
+
To copy a local directory to an Enterprise File Fabric directory called backup
+
rclone copy /home/source remote:backup
+
Modified time and hashes
+
The Enterprise File Fabric allows modification times to be set on files accurate to 1 second. These will be used to detect whether objects need syncing or not.
+
The Enterprise File Fabric does not support any data hashes at this time.
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
+
Empty files
+
Empty files aren't supported by the Enterprise File Fabric. Rclone will therefore upload an empty file as a single space with a mime type of application/vnd.rclone.empty.file and files with that mime type are treated as empty.
+
Root folder ID
+
You can set the root_folder_id for rclone. This is the directory (identified by its Folder ID) that rclone considers to be the root of your Enterprise File Fabric.
+
Normally you will leave this blank and rclone will determine the correct root to use itself.
+
However you can set this to restrict rclone to a specific folder hierarchy.
+
In order to do this you will have to find the Folder ID of the directory you wish rclone to display. These aren't displayed in the web interface, but you can use rclone lsf to find them, for example
Here are the Standard options specific to filefabric (Enterprise File Fabric).
+
--filefabric-url
+
URL of the Enterprise File Fabric to connect to.
Properties:
-
Config: location
-
Env Var: RCLONE_GCS_LOCATION
+
Config: url
+
Env Var: RCLONE_FILEFABRIC_URL
Type: string
-
Required: false
+
Required: true
Examples:
-
""
+
"https://storagemadeeasy.com"
-
Empty for default location (US)
+
Storage Made Easy US
-
"asia"
+
"https://eu.storagemadeeasy.com"
-
Multi-regional location for Asia
+
Storage Made Easy EU
-
"eu"
+
"https://yourfabric.smestorage.com"
-
Multi-regional location for Europe
-
-
"us"
-
-
Multi-regional location for United States
-
-
"asia-east1"
-
-
Taiwan
-
-
"asia-east2"
-
-
Hong Kong
-
-
"asia-northeast1"
-
-
Tokyo
-
-
"asia-northeast2"
-
-
Osaka
-
-
"asia-northeast3"
-
-
Seoul
-
-
"asia-south1"
-
-
Mumbai
-
-
"asia-south2"
-
-
Delhi
-
-
"asia-southeast1"
-
-
Singapore
-
-
"asia-southeast2"
-
-
Jakarta
-
-
"australia-southeast1"
-
-
Sydney
-
-
"australia-southeast2"
-
-
Melbourne
-
-
"europe-north1"
-
-
Finland
-
-
"europe-west1"
-
-
Belgium
-
-
"europe-west2"
-
-
London
-
-
"europe-west3"
-
-
Frankfurt
-
-
"europe-west4"
-
-
Netherlands
-
-
"europe-west6"
-
-
Zürich
-
-
"europe-central2"
-
-
Warsaw
-
-
"us-central1"
-
-
Iowa
-
-
"us-east1"
-
-
South Carolina
-
-
"us-east4"
-
-
Northern Virginia
-
-
"us-west1"
-
-
Oregon
-
-
"us-west2"
-
-
California
-
-
"us-west3"
-
-
Salt Lake City
-
-
"us-west4"
-
-
Las Vegas
-
-
"northamerica-northeast1"
-
-
Montréal
-
-
"northamerica-northeast2"
-
-
Toronto
-
-
"southamerica-east1"
-
-
São Paulo
-
-
"southamerica-west1"
-
-
Santiago
-
-
"asia1"
-
-
Dual region: asia-northeast1 and asia-northeast2.
-
-
"eur4"
-
-
Dual region: europe-north1 and europe-west4.
-
-
"nam4"
-
-
Dual region: us-central1 and us-east1.
+
Connect to your Enterprise File Fabric
-
--gcs-storage-class
-
The storage class to use when storing objects in Google Cloud Storage.
+
--filefabric-root-folder-id
+
ID of the root folder.
+
Leave blank normally.
+
Fill in to make rclone start with directory of a given ID.
Properties:
-
Config: storage_class
-
Env Var: RCLONE_GCS_STORAGE_CLASS
+
Config: root_folder_id
+
Env Var: RCLONE_FILEFABRIC_ROOT_FOLDER_ID
Type: string
Required: false
-
Examples:
-
-
""
-
-
Default
-
-
"MULTI_REGIONAL"
-
-
Multi-regional storage class
-
-
"REGIONAL"
-
-
Regional storage class
-
-
"NEARLINE"
-
-
Nearline storage class
-
-
"COLDLINE"
-
-
Coldline storage class
-
-
"ARCHIVE"
-
-
Archive storage class
-
-
"DURABLE_REDUCED_AVAILABILITY"
+
+
--filefabric-permanent-token
+
Permanent Authentication Token.
+
A Permanent Authentication Token can be created in the Enterprise File Fabric, on the users Dashboard under Security, there is an entry you'll see called "My Authentication Tokens". Click the Manage button to create one.
+
These tokens are normally valid for several years.
+
For more info see: https://docs.storagemadeeasy.com/organisationcloud/api-tokens
+
Properties:
-
Durable reduced availability storage class
-
-
+
Config: permanent_token
+
Env Var: RCLONE_FILEFABRIC_PERMANENT_TOKEN
+
Type: string
+
Required: false
-
Advanced options
-
Here are the advanced options specific to google cloud storage (Google Cloud Storage (this is not Google Drive)).
-
--gcs-token
-
OAuth Access Token as a JSON blob.
+
Advanced options
+
Here are the Advanced options specific to filefabric (Enterprise File Fabric).
+
--filefabric-token
+
Session Token.
+
This is a session token which rclone caches in the config file. It is usually valid for 1 hour.
+
Don't set this value - rclone will set it automatically.
Properties:
Config: token
-
Env Var: RCLONE_GCS_TOKEN
+
Env Var: RCLONE_FILEFABRIC_TOKEN
Type: string
Required: false
-
--gcs-auth-url
-
Auth server URL.
-
Leave blank to use the provider defaults.
+
--filefabric-token-expiry
+
Token expiry time.
+
Don't set this value - rclone will set it automatically.
Properties:
-
Config: auth_url
-
Env Var: RCLONE_GCS_AUTH_URL
+
Config: token_expiry
+
Env Var: RCLONE_FILEFABRIC_TOKEN_EXPIRY
Type: string
Required: false
-
--gcs-token-url
-
Token server url.
-
Leave blank to use the provider defaults.
+
--filefabric-version
+
Version read from the file fabric.
+
Don't set this value - rclone will set it automatically.
rclone about is not supported by the Google Cloud Storage backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
Paths are specified as remote:path. If the path does not begin with a / it is relative to the home directory of the user. An empty path remote: refers to the user's home directory.
+
Configuration
+
To create an FTP configuration named remote, run
+
rclone config
+
Rclone config guides you through an interactive setup process. A minimal rclone FTP remote definition only requires host, username and password. For an anonymous FTP server, see below.
No remotes found, make a new one?
n) New remote
r) Rename remote
@@ -16592,1097 +18768,1014 @@
Configuration
n/r/c/s/q> n
name> remote
Type of storage to configure.
+Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
[snip]
-XX / Google Drive
- \ "drive"
+XX / FTP
+ \ "ftp"
[snip]
-Storage> drive
-Google Application Client Id - leave blank normally.
-client_id>
-Google Application Client Secret - leave blank normally.
-client_secret>
-Scope that rclone should use when requesting access from drive.
+Storage> ftp
+** See help for ftp backend at: https://rclone.org/ftp/ **
+
+FTP host to connect to
+Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
- 1 / Full access all files, excluding Application Data Folder.
- \ "drive"
- 2 / Read-only access to file metadata and file contents.
- \ "drive.readonly"
- / Access to files created by rclone only.
- 3 | These are visible in the drive website.
- | File authorization is revoked when the user deauthorizes the app.
- \ "drive.file"
- / Allows read and write access to the Application Data folder.
- 4 | This is not visible in the drive website.
- \ "drive.appfolder"
- / Allows read-only access to file metadata but
- 5 | does not allow any access to read or download file content.
- \ "drive.metadata.readonly"
-scope> 1
-ID of the root folder - leave blank normally. Fill in to access "Computers" folders. (see docs).
-root_folder_id>
-Service Account Credentials JSON file path - needed only if you want use SA instead of interactive login.
-service_account_file>
+ 1 / Connect to ftp.example.com
+ \ "ftp.example.com"
+host> ftp.example.com
+FTP username
+Enter a string value. Press Enter for the default ("$USER").
+user>
+FTP port number
+Enter a signed integer. Press Enter for the default (21).
+port>
+FTP password
+y) Yes type in my own password
+g) Generate random password
+y/g> y
+Enter the password:
+password:
+Confirm the password:
+password:
+Use FTP over TLS (Implicit)
+Enter a boolean value (true or false). Press Enter for the default ("false").
+tls>
+Use FTP over TLS (Explicit)
+Enter a boolean value (true or false). Press Enter for the default ("false").
+explicit_tls>
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine or Y didn't work
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
-Configure this as a Shared Drive (Team Drive)?
-y) Yes
-n) No
-y/n> n
--------------------
[remote]
-client_id =
-client_secret =
-scope = drive
-root_folder_id =
-service_account_file =
-token = {"access_token":"XXX","token_type":"Bearer","refresh_token":"XXX","expiry":"2014-03-16T13:57:58.955387075Z"}
+type = ftp
+host = ftp.example.com
+pass = *** ENCRYPTED ***
--------------------
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y
-
Note that rclone runs a webserver on your local machine to collect the token as returned from Google if you use auto config mode. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and it may require you to unblock it temporarily if you are running a host firewall, or use manual mode.
-
You can then use it like this,
-
List directories in top level of your drive
+
To see all directories in the home directory of remote
rclone lsd remote:
-
List all the files in your drive
-
rclone ls remote:
-
To copy a local directory to a drive directory called backup
-
rclone copy /home/source remote:backup
-
Scopes
-
Rclone allows you to select which scope you would like for rclone to use. This changes what type of token is granted to rclone. The scopes are defined here.
-
The scope are
-
drive
-
This is the default scope and allows full access to all files, except for the Application Data Folder (see below).
-
Choose this one if you aren't sure.
-
drive.readonly
-
This allows read only access to all files. Files may be listed and downloaded but not uploaded, renamed or deleted.
-
drive.file
-
With this scope rclone can read/view/modify only those files and folders it creates.
-
So if you uploaded files to drive via the web interface (or any other means) they will not be visible to rclone.
-
This can be useful if you are using rclone to backup data and you want to be sure confidential data on your drive is not visible to rclone.
-
Files created with this scope are visible in the web interface.
-
drive.appfolder
-
This gives rclone its own private area to store files. Rclone will not be able to see any other files on your drive and you won't be able to see rclone's files from the web interface either.
-
drive.metadata.readonly
-
This allows read only access to file names only. It does not allow rclone to download or upload data, or rename or delete files or directories.
-
Root folder ID
-
You can set the root_folder_id for rclone. This is the directory (identified by its Folder ID) that rclone considers to be the root of your drive.
-
Normally you will leave this blank and rclone will determine the correct root to use itself.
-
However you can set this to restrict rclone to a specific folder hierarchy or to access data within the "Computers" tab on the drive web interface (where files from Google's Backup and Sync desktop program go).
-
In order to do this you will have to find the Folder ID of the directory you wish rclone to display. This will be the last segment of the URL when you open the relevant folder in the drive web interface.
-
So if the folder you want rclone to use has a URL which looks like https://drive.google.com/drive/folders/1XyfxxxxxxxxxxxxxxxxxxxxxxxxxKHCh in the browser, then you use 1XyfxxxxxxxxxxxxxxxxxxxxxxxxxKHCh as the root_folder_id in the config.
-
NB folders under the "Computers" tab seem to be read only (drive gives a 500 error) when using rclone.
-
There doesn't appear to be an API to discover the folder IDs of the "Computers" tab - please contact us if you know otherwise!
-
Note also that rclone can't access any data under the "Backups" tab on the google drive web interface yet.
-
Service Account support
-
You can set up rclone with Google Drive in an unattended mode, i.e. not tied to a specific end-user Google account. This is useful when you want to synchronise files onto machines that don't have actively logged-in users, for example build machines.
-
To use a Service Account instead of OAuth2 token flow, enter the path to your Service Account credentials at the service_account_file prompt during rclone config and rclone won't use the browser based authentication flow. If you'd rather stuff the contents of the credentials file into the rclone config file, you can set service_account_credentials with the actual contents of the file instead, or set the equivalent environment variable.
-
Use case - Google Apps/G-suite account and individual Drive
-
Let's say that you are the administrator of a Google Apps (old) or G-suite account. The goal is to store data on an individual's Drive account, who IS a member of the domain. We'll call the domain example.com, and the user foo@example.com.
-
There's a few steps we need to go through to accomplish this:
-
1. Create a service account for example.com
+
Make a new directory
+
rclone mkdir remote:path/to/directory
+
List the contents of a directory
+
rclone ls remote:path/to/directory
+
Sync /home/local/directory to the remote directory, deleting any excess files in the directory.
When connecting to a FTP server that allows anonymous login, you can use the special "anonymous" username. Traditionally, this user account accepts any string as a password, although it is common to use either the password "anonymous" or "guest". Some servers require the use of a valid e-mail address as password.
+
Using on-the-fly or connection string remotes makes it easy to access such servers, without requiring any configuration in advance. The following are examples of that:
The above examples work in Linux shells and in PowerShell, but not Windows Command Prompt. They execute the rclone obscure command to create a password string in the format required by the pass option. The following examples are exactly the same, except use an already obscured string representation of the same password "dummy", and therefore works even in Windows Command Prompt:
Rlone FTP supports implicit FTP over TLS servers (FTPS). This has to be enabled in the FTP backend config for the remote, or with --ftp-tls. The default FTPS port is 990, not 21 and can be set with --ftp-port.
File names cannot end with the following characters. Replacement is limited to the last character in a file name:
+
+
+
+
Character
+
Value
+
Replacement
+
+
+
+
+
SP
+
0x20
+
␠
+
+
+
+
Not all FTP servers can have all characters in file names, for example:
+
+
+
+
FTP Server
+
Forbidden characters
+
+
+
+
+
proftpd
+
*
+
+
+
pureftpd
+
\ [ ]
+
+
+
+
This backend's interactive configuration wizard provides a selection of sensible encoding settings for major FTP servers: ProFTPd, PureFTPd, VsFTPd. Just hit a selection number when prompted.
+
Standard options
+
Here are the Standard options specific to ftp (FTP).
These credentials are what rclone will use for authentication. If you ever need to remove access, press the "Delete service account key" button.
+
Config: host
+
Env Var: RCLONE_FTP_HOST
+
Type: string
+
Required: true
-
2. Allowing API access to example.com Google Drive
+
--ftp-user
+
FTP username.
+
Properties:
-
Go to example.com's admin console
-
Go into "Security" (or use the search bar)
-
Select "Show more" and then "Advanced settings"
-
Select "Manage API client access" in the "Authentication" section
-
In the "Client Name" field enter the service account's "Client ID" - this can be found in the Developer Console under "IAM & Admin" -> "Service Accounts", then "View Client ID" for the newly created service account. It is a ~21 character numerical string.
-
In the next field, "One or More API Scopes", enter https://www.googleapis.com/auth/drive to grant access to Google Drive specifically.
+
Config: user
+
Env Var: RCLONE_FTP_USER
+
Type: string
+
Default: "$USER"
-
3. Configure rclone, assuming a new install
-
rclone config
-
-n/s/q> n # New
-name>gdrive # Gdrive is an example name
-Storage> # Select the number shown for Google Drive
-client_id> # Can be left blank
-client_secret> # Can be left blank
-scope> # Select your scope, 1 for example
-root_folder_id> # Can be left blank
-service_account_file> /home/foo/myJSONfile.json # This is where the JSON file goes!
-y/n> # Auto config, n
-
--drive-impersonate foo@example.com - this is what does the magic, pretending to be user foo.
-
lsf - list files in a parsing friendly way
-
gdrive:backup - use the remote called gdrive, work in the folder named backup.
-
+
Config: port
+
Env Var: RCLONE_FTP_PORT
+
Type: int
+
Default: 21
-
Note: in case you configured a specific root folder on gdrive and rclone is unable to access the contents of that folder when using --drive-impersonate, do this instead: - in the gdrive web interface, share your root folder with the user/email of the new Service Account you created/selected at step #1 - use rclone without specifying the --drive-impersonate option, like this: rclone -v lsf gdrive:backup
-
Shared drives (team drives)
-
If you want to configure the remote to point to a Google Shared Drive (previously known as Team Drives) then answer y to the question Configure this as a Shared Drive (Team Drive)?.
-
This will fetch the list of Shared Drives from google and allow you to configure which one you want to use. You can also type in a Shared Drive ID if you prefer.
-
For example:
-
Configure this as a Shared Drive (Team Drive)?
-y) Yes
-n) No
-y/n> y
-Fetching Shared Drive list...
-Choose a number from below, or type in your own value
- 1 / Rclone Test
- \ "xxxxxxxxxxxxxxxxxxxx"
- 2 / Rclone Test 2
- \ "yyyyyyyyyyyyyyyyyyyy"
- 3 / Rclone Test 3
- \ "zzzzzzzzzzzzzzzzzzzz"
-Enter a Shared Drive ID> 1
---------------------
-[remote]
-client_id =
-client_secret =
-token = {"AccessToken":"xxxx.x.xxxxx_xxxxxxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","RefreshToken":"1/xxxxxxxxxxxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxx","Expiry":"2014-03-16T13:57:58.955387075Z","Extra":null}
-team_drive = xxxxxxxxxxxxxxxxxxxx
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-
--fast-list
-
This remote supports --fast-list which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
-
It does this by combining multiple list calls into a single API request.
-
This works by combining many '%s' in parents filters into one expression. To list the contents of directories a, b and c, the following requests will be send by the regular List function:
-
trashed=false and 'a' in parents
-trashed=false and 'b' in parents
-trashed=false and 'c' in parents
-
These can now be combined into a single request:
-
trashed=false and ('a' in parents or 'b' in parents or 'c' in parents)
-
The implementation of ListR will put up to 50 parents filters into one request. It will use the --checkers value to specify the number of requests to run in parallel.
-
In tests, these batch requests were up to 20x faster than the regular method. Running the following command against different sized folders gives:
When using implicit FTP over TLS the client connects using TLS right from the start which breaks compatibility with non-TLS-aware servers. This is usually served over port 990 rather than port 21. Cannot be used in combination with explicit FTPS.
+
Properties:
-
without --fast-list: 22:05 min
-
with --fast-list: 58s
+
Config: tls
+
Env Var: RCLONE_FTP_TLS
+
Type: bool
+
Default: false
-
Modified time
-
Google drive stores modification times accurate to 1 ms.
-
Restricted filename characters
-
Only Invalid UTF-8 bytes will be replaced, as they can't be used in JSON strings.
-
In contrast to other backends, / can also be used in names and . or .. are valid names.
-
Revisions
-
Google drive stores revisions of files. When you upload a change to an existing file to google drive using rclone it will create a new revision of that file.
-
Revisions follow the standard google policy which at time of writing was
+
--ftp-explicit-tls
+
Use Explicit FTPS (FTP over TLS).
+
When using explicit FTP over TLS the client explicitly requests security from the server in order to upgrade a plain text connection to an encrypted one. Cannot be used in combination with implicit FTPS.
+
Properties:
-
They are deleted after 30 days or 100 revisions (whatever comes first).
-
They do not count towards a user storage quota.
+
Config: explicit_tls
+
Env Var: RCLONE_FTP_EXPLICIT_TLS
+
Type: bool
+
Default: false
-
Deleting files
-
By default rclone will send all files to the trash when deleting files. If deleting them permanently is required then use the --drive-use-trash=false flag, or set the equivalent environment variable.
Shortcuts are files that link to other files on Google Drive somewhat like a symlink in unix, except they point to the underlying file data (e.g. the inode in unix terms) so they don't break if the source is renamed or moved about.
-
Be default rclone treats these as follows.
-
For shortcuts pointing to files:
+
Advanced options
+
Here are the Advanced options specific to ftp (FTP).
+
--ftp-concurrency
+
Maximum number of FTP simultaneous connections, 0 for unlimited.
+
Note that setting this is very likely to cause deadlocks so it should be used with care.
+
If you are doing a sync or copy then make sure concurrency is one more than the sum of --transfers and --checkers.
+
If you use --check-first then it just needs to be one more than the maximum of --checkers and --transfers.
+
So for concurrency 3 you'd use --checkers 2 --transfers 2 --check-first or --checkers 1 --transfers 1.
+
Properties:
-
When listing a file shortcut appears as the destination file.
-
When downloading the contents of the destination file is downloaded.
-
When updating shortcut file with a non shortcut file, the shortcut is removed then a new file is uploaded in place of the shortcut.
-
When server-side moving (renaming) the shortcut is renamed, not the destination file.
-
When server-side copying the shortcut is copied, not the contents of the shortcut. (unless --drive-copy-shortcut-content is in use in which case the contents of the shortcut gets copied).
-
When deleting the shortcut is deleted not the linked file.
-
When setting the modification time, the modification time of the linked file will be set.
+
Config: concurrency
+
Env Var: RCLONE_FTP_CONCURRENCY
+
Type: int
+
Default: 0
-
For shortcuts pointing to folders:
+
--ftp-no-check-certificate
+
Do not verify the TLS certificate of the server.
+
Properties:
-
When listing the shortcut appears as a folder and that folder will contain the contents of the linked folder appear (including any sub folders)
-
When downloading the contents of the linked folder and sub contents are downloaded
-
When uploading to a shortcut folder the file will be placed in the linked folder
-
When server-side moving (renaming) the shortcut is renamed, not the destination folder
-
When server-side copying the contents of the linked folder is copied, not the shortcut.
-
When deleting with rclone rmdir or rclone purge the shortcut is deleted not the linked folder.
-
NB When deleting with rclone remove or rclone mount the contents of the linked folder will be deleted.
+
Config: no_check_certificate
+
Env Var: RCLONE_FTP_NO_CHECK_CERTIFICATE
+
Type: bool
+
Default: false
-
The rclone backend command can be used to create shortcuts.
-
Shortcuts can be completely ignored with the --drive-skip-shortcuts flag or the corresponding skip_shortcuts configuration setting.
-
Emptying trash
-
If you wish to empty your trash you can use the rclone cleanup remote: command which will permanently delete all your trashed files. This command does not take any path arguments.
-
Note that Google Drive takes some time (minutes to days) to empty the trash even though the command returns within a few seconds. No output is echoed, so there will be no confirmation even using -v or -vv.
-
Quota information
-
To view your current quota you can use the rclone about remote: command which will display your usage limit (quota), the usage in Google Drive, the size of all files in the Trash and the space used by other Google services such as Gmail. This command does not take any path arguments.
-
Import/Export of google documents
-
Google documents can be exported from and uploaded to Google Drive.
-
When rclone downloads a Google doc it chooses a format to download depending upon the --drive-export-formats setting. By default the export formats are docx,xlsx,pptx,svg which are a sensible default for an editable document.
-
When choosing a format, rclone runs down the list provided in order and chooses the first file format the doc can be exported as from the list. If the file can't be exported to a format on the formats list, then rclone will choose a format from the default list.
-
If you prefer an archive copy then you might use --drive-export-formats pdf, or if you prefer openoffice/libreoffice formats you might use --drive-export-formats ods,odt,odp.
-
Note that rclone adds the extension to the google doc, so if it is called My Spreadsheet on google docs, it will be exported as My Spreadsheet.xlsx or My Spreadsheet.pdf etc.
-
When importing files into Google Drive, rclone will convert all files with an extension in --drive-import-formats to their associated document type. rclone will not convert any files by default, since the conversion is lossy process.
-
The conversion must result in a file with the same extension when the --drive-export-formats rules are applied to the uploaded document.
-
Here are some examples for allowed and prohibited conversions.
-
-
-
-
export-formats
-
import-formats
-
Upload Ext
-
Document Ext
-
Allowed
-
-
-
-
-
odt
-
odt
-
odt
-
odt
-
Yes
-
-
-
odt
-
docx,odt
-
odt
-
odt
-
Yes
-
-
-
-
docx
-
docx
-
docx
-
Yes
-
-
-
-
odt
-
odt
-
docx
-
No
-
-
-
odt,docx
-
docx,odt
-
docx
-
odt
-
No
-
-
-
docx,odt
-
docx,odt
-
docx
-
docx
-
Yes
-
-
-
docx,odt
-
docx,odt
-
odt
-
docx
-
No
-
-
-
-
This limitation can be disabled by specifying --drive-allow-import-name-change. When using this flag, rclone can convert multiple files types resulting in the same document type at once, e.g. with --drive-import-formats docx,odt,txt, all files having these extension would result in a document represented as a docx file. This brings the additional risk of overwriting a document, if multiple files have the same stem. Many rclone operations will not handle this name change in any way. They assume an equal name when copying files and might copy the file again or delete them when the name changes.
-
Here are the possible export extensions with their corresponding mime types. Most of these can also be used for importing, but there more that are not listed here. Some of these additional ones might only be available when the operating system provides the correct MIME type entries.
-
This list can be changed by Google Drive at any time and might not represent the currently available conversions.
Google documents can also be exported as link files. These files will open a browser window for the Google Docs website of that document when opened. The link file extension has to be specified as a --drive-export-formats parameter. They will match all available Google Documents.
-
-
-
-
Extension
-
Description
-
OS Support
-
-
-
-
-
desktop
-
freedesktop.org specified desktop entry
-
Linux
-
-
-
link.html
-
An HTML Document with a redirect
-
All
-
-
-
url
-
INI style link file
-
macOS, Windows
-
-
-
webloc
-
macOS specific XML format
-
macOS
-
-
-
-
Standard options
-
Here are the standard options specific to drive (Google Drive).
-
--drive-client-id
-
Google Application Client Id Setting your own is recommended. See https://rclone.org/drive/#making-your-own-client-id for how to create your own. If you leave this blank, it will use an internal key which is low performance.
-
Properties:
-
-
Config: client_id
-
Env Var: RCLONE_DRIVE_CLIENT_ID
-
Type: string
-
Required: false
-
-
--drive-client-secret
-
OAuth Client Secret.
-
Leave blank normally.
-
Properties:
-
-
Config: client_secret
-
Env Var: RCLONE_DRIVE_CLIENT_SECRET
-
Type: string
-
Required: false
-
-
--drive-scope
-
Scope that rclone should use when requesting access from drive.
-
Properties:
-
-
Config: scope
-
Env Var: RCLONE_DRIVE_SCOPE
-
Type: string
-
Required: false
-
Examples:
-
-
"drive"
-
-
Full access all files, excluding Application Data Folder.
-
-
"drive.readonly"
-
-
Read-only access to file metadata and file contents.
-
-
"drive.file"
-
-
Access to files created by rclone only.
-
These are visible in the drive website.
-
File authorization is revoked when the user deauthorizes the app.
-
-
"drive.appfolder"
-
-
Allows read and write access to the Application Data folder.
-
This is not visible in the drive website.
-
-
"drive.metadata.readonly"
-
-
Allows read-only access to file metadata but
-
does not allow any access to read or download file content.
-
-
-
-
--drive-root-folder-id
-
ID of the root folder. Leave blank normally.
-
Fill in to access "Computers" folders (see docs), or for rclone to use a non root folder as its starting point.
+
--ftp-disable-epsv
+
Disable using EPSV even if server advertises support.
Properties:
-
Config: root_folder_id
-
Env Var: RCLONE_DRIVE_ROOT_FOLDER_ID
-
Type: string
-
Required: false
+
Config: disable_epsv
+
Env Var: RCLONE_FTP_DISABLE_EPSV
+
Type: bool
+
Default: false
-
--drive-service-account-file
-
Service Account Credentials JSON file path.
-
Leave blank normally. Needed only if you want use SA instead of interactive login.
-
Leading ~ will be expanded in the file name as will environment variables such as ${RCLONE_CONFIG_DIR}.
+
--ftp-disable-mlsd
+
Disable using MLSD even if server advertises support.
Properties:
-
Config: service_account_file
-
Env Var: RCLONE_DRIVE_SERVICE_ACCOUNT_FILE
-
Type: string
-
Required: false
+
Config: disable_mlsd
+
Env Var: RCLONE_FTP_DISABLE_MLSD
+
Type: bool
+
Default: false
-
--drive-alternate-export
-
Deprecated: No longer needed.
+
--ftp-disable-utf8
+
Disable using UTF-8 even if server advertises support.
Properties:
-
Config: alternate_export
-
Env Var: RCLONE_DRIVE_ALTERNATE_EXPORT
+
Config: disable_utf8
+
Env Var: RCLONE_FTP_DISABLE_UTF8
Type: bool
Default: false
-
Advanced options
-
Here are the advanced options specific to drive (Google Drive).
-
--drive-token
-
OAuth Access Token as a JSON blob.
+
--ftp-writing-mdtm
+
Use MDTM to set modification time (VsFtpd quirk)
Properties:
-
Config: token
-
Env Var: RCLONE_DRIVE_TOKEN
-
Type: string
-
Required: false
+
Config: writing_mdtm
+
Env Var: RCLONE_FTP_WRITING_MDTM
+
Type: bool
+
Default: false
-
--drive-auth-url
-
Auth server URL.
-
Leave blank to use the provider defaults.
+
--ftp-force-list-hidden
+
Use LIST -a to force listing of hidden files and folders. This will disable the use of MLSD.
Properties:
-
Config: auth_url
-
Env Var: RCLONE_DRIVE_AUTH_URL
-
Type: string
-
Required: false
+
Config: force_list_hidden
+
Env Var: RCLONE_FTP_FORCE_LIST_HIDDEN
+
Type: bool
+
Default: false
-
--drive-token-url
-
Token server url.
-
Leave blank to use the provider defaults.
+
--ftp-idle-timeout
+
Max time before closing idle connections.
+
If no connections have been returned to the connection pool in the time given, rclone will empty the connection pool.
+
Set to 0 to keep connections indefinitely.
Properties:
-
Config: token_url
-
Env Var: RCLONE_DRIVE_TOKEN_URL
-
Type: string
-
Required: false
+
Config: idle_timeout
+
Env Var: RCLONE_FTP_IDLE_TIMEOUT
+
Type: Duration
+
Default: 1m0s
-
--drive-service-account-credentials
-
Service Account Credentials JSON blob.
-
Leave blank normally. Needed only if you want use SA instead of interactive login.
+
--ftp-close-timeout
+
Maximum time to wait for a response to close.
Properties:
-
Config: service_account_credentials
-
Env Var: RCLONE_DRIVE_SERVICE_ACCOUNT_CREDENTIALS
-
Type: string
-
Required: false
+
Config: close_timeout
+
Env Var: RCLONE_FTP_CLOSE_TIMEOUT
+
Type: Duration
+
Default: 1m0s
-
--drive-team-drive
-
ID of the Shared Drive (Team Drive).
+
--ftp-tls-cache-size
+
Size of TLS session cache for all control and data connections.
+
TLS cache allows to resume TLS sessions and reuse PSK between connections. Increase if default size is not enough resulting in TLS resumption errors. Enabled by default. Use 0 to disable.
Properties:
-
Config: team_drive
-
Env Var: RCLONE_DRIVE_TEAM_DRIVE
-
Type: string
-
Required: false
+
Config: tls_cache_size
+
Env Var: RCLONE_FTP_TLS_CACHE_SIZE
+
Type: int
+
Default: 32
-
--drive-auth-owner-only
-
Only consider files owned by the authenticated user.
+
--ftp-disable-tls13
+
Disable TLS 1.3 (workaround for FTP servers with buggy TLS)
Properties:
-
Config: auth_owner_only
-
Env Var: RCLONE_DRIVE_AUTH_OWNER_ONLY
+
Config: disable_tls13
+
Env Var: RCLONE_FTP_DISABLE_TLS13
Type: bool
Default: false
-
--drive-use-trash
-
Send files to the trash instead of deleting permanently.
-
Defaults to true, namely sending files to the trash. Use --drive-use-trash=false to delete files permanently instead.
+
--ftp-shut-timeout
+
Maximum time to wait for data connection closing status.
Properties:
-
Config: use_trash
-
Env Var: RCLONE_DRIVE_USE_TRASH
-
Type: bool
-
Default: true
+
Config: shut_timeout
+
Env Var: RCLONE_FTP_SHUT_TIMEOUT
+
Type: Duration
+
Default: 1m0s
-
--drive-copy-shortcut-content
-
Server side copy contents of shortcuts instead of the shortcut.
-
When doing server side copies, normally rclone will copy shortcuts as shortcuts.
-
If this flag is used then rclone will copy the contents of shortcuts rather than shortcuts themselves when doing server side copies.
+
--ftp-ask-password
+
Allow asking for FTP password when needed.
+
If this is set and no password is supplied then rclone will ask for a password
Properties:
-
Config: copy_shortcut_content
-
Env Var: RCLONE_DRIVE_COPY_SHORTCUT_CONTENT
+
Config: ask_password
+
Env Var: RCLONE_FTP_ASK_PASSWORD
Type: bool
Default: false
-
--drive-skip-gdocs
-
Skip google documents in all listings.
-
If given, gdocs practically become invisible to rclone.
FTP servers acting as rclone remotes must support passive mode. The mode cannot be configured as passive is the only supported one. Rclone's FTP implementation is not compatible with active mode as the library it uses doesn't support it. This will likely never be supported due to security concerns.
+
Rclone's FTP backend does not support any checksums but can compare file sizes.
+
rclone about is not supported by the FTP backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
The implementation of : --dump headers, --dump bodies, --dump auth for debugging isn't the same as for rclone HTTP based backends - it has less fine grained control.
+
--timeout isn't supported (but --contimeout is).
+
--bind isn't supported.
+
Rclone's FTP backend could support server-side move but does not at present.
+
The ftp_proxy environment variable is not currently supported.
+
Modified time
+
File modification time (timestamps) is supported to 1 second resolution for major FTP servers: ProFTPd, PureFTPd, VsFTPd, and FileZilla FTP server. The VsFTPd server has non-standard implementation of time related protocol commands and needs a special configuration setting: writing_mdtm = true.
+
Support for precise file time with other FTP servers varies depending on what protocol extensions they advertise. If all the MLSD, MDTM and MFTM extensions are present, rclone will use them together to provide precise time. Otherwise the times you see on the FTP server through rclone are those of the last file upload.
+
You can use the following command to check whether rclone can use precise time with your FTP server: rclone backend features your_ftp_remote: (the trailing colon is important). Look for the number in the line tagged by Precision designating the remote time precision expressed as nanoseconds. A value of 1000000000 means that file time precision of 1 second is available. A value of 3153600000000000000 (or another large number) means "unsupported".
+
Google Cloud Storage
+
Paths are specified as remote:bucket (or remote: for the lsd command.) You may put subdirectories in too, e.g. remote:bucket/path/to/dir.
+
Configuration
+
The initial setup for google cloud storage involves getting a token from Google Cloud Storage which you need to do in your browser. rclone config walks you through it.
+
Here is an example of how to make a remote called remote. First run:
+
rclone config
+
This will guide you through an interactive setup process:
+
n) New remote
+d) Delete remote
+q) Quit config
+e/n/d/q> n
+name> remote
+Type of storage to configure.
+Choose a number from below, or type in your own value
+[snip]
+XX / Google Cloud Storage (this is not Google Drive)
+ \ "google cloud storage"
+[snip]
+Storage> google cloud storage
+Google Application Client Id - leave blank normally.
+client_id>
+Google Application Client Secret - leave blank normally.
+client_secret>
+Project number optional - needed only for list/create/delete buckets - see your developer console.
+project_number> 12345678
+Service Account Credentials JSON file path - needed only if you want use SA instead of interactive login.
+service_account_file>
+Access Control List for new objects.
+Choose a number from below, or type in your own value
+ 1 / Object owner gets OWNER access, and all Authenticated Users get READER access.
+ \ "authenticatedRead"
+ 2 / Object owner gets OWNER access, and project team owners get OWNER access.
+ \ "bucketOwnerFullControl"
+ 3 / Object owner gets OWNER access, and project team owners get READER access.
+ \ "bucketOwnerRead"
+ 4 / Object owner gets OWNER access [default if left blank].
+ \ "private"
+ 5 / Object owner gets OWNER access, and project team members get access according to their roles.
+ \ "projectPrivate"
+ 6 / Object owner gets OWNER access, and all Users get READER access.
+ \ "publicRead"
+object_acl> 4
+Access Control List for new buckets.
+Choose a number from below, or type in your own value
+ 1 / Project team owners get OWNER access, and all Authenticated Users get READER access.
+ \ "authenticatedRead"
+ 2 / Project team owners get OWNER access [default if left blank].
+ \ "private"
+ 3 / Project team members get access according to their roles.
+ \ "projectPrivate"
+ 4 / Project team owners get OWNER access, and all Users get READER access.
+ \ "publicRead"
+ 5 / Project team owners get OWNER access, and all Users get WRITER access.
+ \ "publicReadWrite"
+bucket_acl> 2
+Location for the newly created buckets.
+Choose a number from below, or type in your own value
+ 1 / Empty for default location (US).
+ \ ""
+ 2 / Multi-regional location for Asia.
+ \ "asia"
+ 3 / Multi-regional location for Europe.
+ \ "eu"
+ 4 / Multi-regional location for United States.
+ \ "us"
+ 5 / Taiwan.
+ \ "asia-east1"
+ 6 / Tokyo.
+ \ "asia-northeast1"
+ 7 / Singapore.
+ \ "asia-southeast1"
+ 8 / Sydney.
+ \ "australia-southeast1"
+ 9 / Belgium.
+ \ "europe-west1"
+10 / London.
+ \ "europe-west2"
+11 / Iowa.
+ \ "us-central1"
+12 / South Carolina.
+ \ "us-east1"
+13 / Northern Virginia.
+ \ "us-east4"
+14 / Oregon.
+ \ "us-west1"
+location> 12
+The storage class to use when storing objects in Google Cloud Storage.
+Choose a number from below, or type in your own value
+ 1 / Default
+ \ ""
+ 2 / Multi-regional storage class
+ \ "MULTI_REGIONAL"
+ 3 / Regional storage class
+ \ "REGIONAL"
+ 4 / Nearline storage class
+ \ "NEARLINE"
+ 5 / Coldline storage class
+ \ "COLDLINE"
+ 6 / Durable reduced availability storage class
+ \ "DURABLE_REDUCED_AVAILABILITY"
+storage_class> 5
+Remote config
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
+y) Yes
+n) No
+y/n> y
+If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
+Log in and authorize rclone for access
+Waiting for code...
+Got code
+--------------------
+[remote]
+type = google cloud storage
+client_id =
+client_secret =
+token = {"AccessToken":"xxxx.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","RefreshToken":"x/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx_xxxxxxxxx","Expiry":"2014-07-17T20:49:14.929208288+01:00","Extra":null}
+project_number = 12345678
+object_acl = private
+bucket_acl = private
+--------------------
+y) Yes this is OK
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
See the remote setup docs for how to set it up on a machine with no Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the token as returned from Google if using web browser to automatically authenticate. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this it may require you to unblock it temporarily if you are running a host firewall, or use manual mode.
+
This remote is called remote and can now be used like this
+
See all the buckets in your project
+
rclone lsd remote:
+
Make a new bucket
+
rclone mkdir remote:bucket
+
List the contents of a bucket
+
rclone ls remote:bucket
+
Sync /home/local/directory to the remote bucket, deleting any excess files in the bucket.
You can set up rclone with Google Cloud Storage in an unattended mode, i.e. not tied to a specific end-user Google account. This is useful when you want to synchronise files onto machines that don't have actively logged-in users, for example build machines.
+
To get credentials for Google Cloud Platform IAM Service Accounts, please head to the Service Account section of the Google Developer Console. Service Accounts behave just like normal User permissions in Google Cloud Storage ACLs, so you can limit their access (e.g. make them read only). After creating an account, a JSON file containing the Service Account's credentials will be downloaded onto your machines. These credentials are what rclone will use for authentication.
+
To use a Service Account instead of OAuth2 token flow, enter the path to your Service Account credentials at the service_account_file prompt and rclone won't use the browser based authentication flow. If you'd rather stuff the contents of the credentials file into the rclone config file, you can set service_account_credentials with the actual contents of the file instead, or set the equivalent environment variable.
+
Anonymous Access
+
For downloads of objects that permit public access you can configure rclone to use anonymous access by setting anonymous to true. With unauthorized access you can't write or create files but only read or list those buckets and objects that have public read access.
+
Application Default Credentials
+
If no other source of credentials is provided, rclone will fall back to Application Default Credentials this is useful both when you already have configured authentication for your developer account, or in production when running on a google compute host. Note that if running in docker, you may need to run additional commands on your google compute machine - see this page.
+
Note that in the case application default credentials are used, there is no need to explicitly configure a project number.
+
--fast-list
+
This remote supports --fast-list which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
+
Custom upload headers
+
You can set custom upload headers with the --header-upload flag. Google Cloud Storage supports the headers as described in the working with metadata documentation
-
Config: starred_only
-
Env Var: RCLONE_DRIVE_STARRED_ONLY
-
Type: bool
-
Default: false
+
Cache-Control
+
Content-Disposition
+
Content-Encoding
+
Content-Language
+
Content-Type
+
X-Goog-Storage-Class
+
X-Goog-Meta-
-
--drive-formats
-
Deprecated: See export_formats.
+
Eg --header-upload "Content-Type text/potato"
+
Note that the last of these is for setting custom metadata in the form --header-upload "x-goog-meta-key: value"
+
Modification time
+
Google Cloud Storage stores md5sum natively. Google's gsutil tool stores modification time with one-second precision as goog-reserved-file-mtime in file metadata.
+
To ensure compatibility with gsutil, rclone stores modification time in 2 separate metadata entries. mtime uses RFC3339 format with one-nanosecond precision. goog-reserved-file-mtime uses Unix timestamp format with one-second precision. To get modification time from object metadata, rclone reads the metadata in the following order: mtime, goog-reserved-file-mtime, object updated time.
+
Note that rclone's default modify window is 1ns. Files uploaded by gsutil only contain timestamps with one-second precision. If you use rclone to sync files previously uploaded by gsutil, rclone will attempt to update modification time for all these files. To avoid these possibly unnecessary updates, use --modify-window 1s.
+
Restricted filename characters
+
+
+
+
Character
+
Value
+
Replacement
+
+
+
+
+
NUL
+
0x00
+
␀
+
+
+
LF
+
0x0A
+
␊
+
+
+
CR
+
0x0D
+
␍
+
+
+
/
+
0x2F
+
/
+
+
+
+
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
+
Standard options
+
Here are the Standard options specific to google cloud storage (Google Cloud Storage (this is not Google Drive)).
+
--gcs-client-id
+
OAuth Client Id.
+
Leave blank normally.
Properties:
-
Config: formats
-
Env Var: RCLONE_DRIVE_FORMATS
+
Config: client_id
+
Env Var: RCLONE_GCS_CLIENT_ID
Type: string
Required: false
-
--drive-export-formats
-
Comma separated list of preferred formats for downloading Google docs.
+
--gcs-client-secret
+
OAuth Client Secret.
+
Leave blank normally.
Properties:
-
Config: export_formats
-
Env Var: RCLONE_DRIVE_EXPORT_FORMATS
+
Config: client_secret
+
Env Var: RCLONE_GCS_CLIENT_SECRET
Type: string
-
Default: "docx,xlsx,pptx,svg"
+
Required: false
-
--drive-import-formats
-
Comma separated list of preferred formats for uploading Google docs.
+
--gcs-project-number
+
Project number.
+
Optional - needed only for list/create/delete buckets - see your developer console.
Properties:
-
Config: import_formats
-
Env Var: RCLONE_DRIVE_IMPORT_FORMATS
+
Config: project_number
+
Env Var: RCLONE_GCS_PROJECT_NUMBER
Type: string
Required: false
-
--drive-allow-import-name-change
-
Allow the filetype to change when uploading Google docs.
-
E.g. file.doc to file.docx. This will confuse sync and reupload every time.
-
Properties:
-
-
Config: allow_import_name_change
-
Env Var: RCLONE_DRIVE_ALLOW_IMPORT_NAME_CHANGE
-
Type: bool
-
Default: false
-
-
--drive-use-created-date
-
Use file created date instead of modified date.
-
Useful when downloading data and you want the creation date used in place of the last modified date.
-
WARNING: This flag may have some unexpected consequences.
-
When uploading to your drive all files will be overwritten unless they haven't been modified since their creation. And the inverse will occur while downloading. This side effect can be avoided by using the "--checksum" flag.
-
This feature was implemented to retain photos capture date as recorded by google photos. You will first need to check the "Create a Google Photos folder" option in your google drive settings. You can then copy or move the photos locally and use the date the image was taken (created) set as the modification date.
+
--gcs-service-account-file
+
Service Account Credentials JSON file path.
+
Leave blank normally. Needed only if you want use SA instead of interactive login.
+
Leading ~ will be expanded in the file name as will environment variables such as ${RCLONE_CONFIG_DIR}.
Properties:
-
Config: use_created_date
-
Env Var: RCLONE_DRIVE_USE_CREATED_DATE
-
Type: bool
-
Default: false
+
Config: service_account_file
+
Env Var: RCLONE_GCS_SERVICE_ACCOUNT_FILE
+
Type: string
+
Required: false
-
--drive-use-shared-date
-
Use date file was shared instead of modified date.
-
Note that, as with "--drive-use-created-date", this flag may have unexpected consequences when uploading/downloading files.
-
If both this flag and "--drive-use-created-date" are set, the created date is used.
+
--gcs-service-account-credentials
+
Service Account Credentials JSON blob.
+
Leave blank normally. Needed only if you want use SA instead of interactive login.
Properties:
-
Config: use_shared_date
-
Env Var: RCLONE_DRIVE_USE_SHARED_DATE
-
Type: bool
-
Default: false
+
Config: service_account_credentials
+
Env Var: RCLONE_GCS_SERVICE_ACCOUNT_CREDENTIALS
+
Type: string
+
Required: false
-
--drive-list-chunk
-
Size of listing chunk 100-1000, 0 to disable.
+
--gcs-anonymous
+
Access public buckets and objects without credentials.
+
Set to 'true' if you just want to download files and don't configure credentials.
Properties:
-
Config: list_chunk
-
Env Var: RCLONE_DRIVE_LIST_CHUNK
-
Type: int
-
Default: 1000
+
Config: anonymous
+
Env Var: RCLONE_GCS_ANONYMOUS
+
Type: bool
+
Default: false
-
--drive-impersonate
-
Impersonate this user when using a service account.
+
--gcs-object-acl
+
Access Control List for new objects.
Properties:
-
Config: impersonate
-
Env Var: RCLONE_DRIVE_IMPERSONATE
+
Config: object_acl
+
Env Var: RCLONE_GCS_OBJECT_ACL
Type: string
Required: false
-
-
--drive-upload-cutoff
-
Cutoff for switching to chunked upload.
-
Properties:
+
Examples:
-
Config: upload_cutoff
-
Env Var: RCLONE_DRIVE_UPLOAD_CUTOFF
-
Type: SizeSuffix
-
Default: 8Mi
-
-
--drive-chunk-size
-
Upload chunk size.
-
Must a power of 2 >= 256k.
-
Making this larger will improve performance, but note that each chunk is buffered in memory one per transfer.
-
Reducing this will reduce memory usage but decrease performance.
-
Properties:
+
"authenticatedRead"
-
Config: chunk_size
-
Env Var: RCLONE_DRIVE_CHUNK_SIZE
-
Type: SizeSuffix
-
Default: 8Mi
-
-
--drive-acknowledge-abuse
-
Set to allow files which return cannotDownloadAbusiveFile to be downloaded.
-
If downloading a file returns the error "This file has been identified as malware or spam and cannot be downloaded" with the error code "cannotDownloadAbusiveFile" then supply this flag to rclone to indicate you acknowledge the risks of downloading the file and rclone will download it anyway.
-
Properties:
+
Object owner gets OWNER access.
+
All Authenticated Users get READER access.
+
+
"bucketOwnerFullControl"
-
Config: acknowledge_abuse
-
Env Var: RCLONE_DRIVE_ACKNOWLEDGE_ABUSE
-
Type: bool
-
Default: false
-
-
--drive-keep-revision-forever
-
Keep new head revision of each file forever.
-
Properties:
+
Object owner gets OWNER access.
+
Project team owners get OWNER access.
+
+
"bucketOwnerRead"
-
Config: keep_revision_forever
-
Env Var: RCLONE_DRIVE_KEEP_REVISION_FOREVER
-
Type: bool
-
Default: false
-
-
--drive-size-as-quota
-
Show sizes as storage quota usage, not actual size.
-
Show the size of a file as the storage quota used. This is the current version plus any older versions that have been set to keep forever.
-
WARNING: This flag may have some unexpected consequences.
-
It is not recommended to set this flag in your config - the recommended usage is using the flag form --drive-size-as-quota when doing rclone ls/lsl/lsf/lsjson/etc only.
-
If you do use this flag for syncing (not recommended) then you will need to use --ignore size also.
-
Properties:
+
Object owner gets OWNER access.
+
Project team owners get READER access.
+
+
"private"
-
Config: size_as_quota
-
Env Var: RCLONE_DRIVE_SIZE_AS_QUOTA
-
Type: bool
-
Default: false
-
-
--drive-v2-download-min-size
-
If Object's are greater, use drive v2 API to download.
-
Properties:
+
Object owner gets OWNER access.
+
Default if left blank.
+
+
"projectPrivate"
-
Config: v2_download_min_size
-
Env Var: RCLONE_DRIVE_V2_DOWNLOAD_MIN_SIZE
-
Type: SizeSuffix
-
Default: off
-
-
--drive-pacer-min-sleep
-
Minimum time to sleep between API calls.
-
Properties:
+
Object owner gets OWNER access.
+
Project team members get access according to their roles.
+
+
"publicRead"
-
Config: pacer_min_sleep
-
Env Var: RCLONE_DRIVE_PACER_MIN_SLEEP
-
Type: Duration
-
Default: 100ms
+
Object owner gets OWNER access.
+
All Users get READER access.
+
+
-
--drive-pacer-burst
-
Number of API calls to allow without sleeping.
+
--gcs-bucket-acl
+
Access Control List for new buckets.
Properties:
-
Config: pacer_burst
-
Env Var: RCLONE_DRIVE_PACER_BURST
-
Type: int
-
Default: 100
-
-
--drive-server-side-across-configs
-
Allow server-side operations (e.g. copy) to work across different drive configs.
-
This can be useful if you wish to do a server-side copy between two different Google drives. Note that this isn't enabled by default because it isn't easy to tell if it will work between any two configurations.
-
Properties:
+
Config: bucket_acl
+
Env Var: RCLONE_GCS_BUCKET_ACL
+
Type: string
+
Required: false
+
Examples:
-
Config: server_side_across_configs
-
Env Var: RCLONE_DRIVE_SERVER_SIDE_ACROSS_CONFIGS
-
Type: bool
-
Default: false
-
-
--drive-disable-http2
-
Disable drive using http2.
-
There is currently an unsolved issue with the google drive backend and HTTP/2. HTTP/2 is therefore disabled by default for the drive backend but can be re-enabled here. When the issue is solved this flag will be removed.
-
See: https://github.com/rclone/rclone/issues/3631
-
Properties:
+
"authenticatedRead"
-
Config: disable_http2
-
Env Var: RCLONE_DRIVE_DISABLE_HTTP2
-
Type: bool
-
Default: true
-
-
--drive-stop-on-upload-limit
-
Make upload limit errors be fatal.
-
At the time of writing it is only possible to upload 750 GiB of data to Google Drive a day (this is an undocumented limit). When this limit is reached Google Drive produces a slightly different error message. When this flag is set it causes these errors to be fatal. These will stop the in-progress sync.
-
Note that this detection is relying on error message strings which Google don't document so it may break in the future.
-
See: https://github.com/rclone/rclone/issues/3857
-
Properties:
+
Project team owners get OWNER access.
+
All Authenticated Users get READER access.
+
+
"private"
-
Config: stop_on_upload_limit
-
Env Var: RCLONE_DRIVE_STOP_ON_UPLOAD_LIMIT
-
Type: bool
-
Default: false
-
-
--drive-stop-on-download-limit
-
Make download limit errors be fatal.
-
At the time of writing it is only possible to download 10 TiB of data from Google Drive a day (this is an undocumented limit). When this limit is reached Google Drive produces a slightly different error message. When this flag is set it causes these errors to be fatal. These will stop the in-progress sync.
-
Note that this detection is relying on error message strings which Google don't document so it may break in the future.
-
Properties:
+
Project team owners get OWNER access.
+
Default if left blank.
+
+
"projectPrivate"
-
Config: stop_on_download_limit
-
Env Var: RCLONE_DRIVE_STOP_ON_DOWNLOAD_LIMIT
-
Type: bool
-
Default: false
+
Project team members get access according to their roles.
+
+
"publicRead"
+
+
Project team owners get OWNER access.
+
All Users get READER access.
+
+
"publicReadWrite"
+
+
Project team owners get OWNER access.
+
All Users get WRITER access.
+
+
-
--drive-skip-shortcuts
-
If set skip shortcut files.
-
Normally rclone dereferences shortcut files making them appear as if they are the original file (see the shortcuts section). If this flag is set then rclone will ignore shortcut files completely.
-
Properties:
+
--gcs-bucket-policy-only
+
Access checks should use bucket-level IAM policies.
+
If you want to upload objects to a bucket with Bucket Policy Only set then you will need to set this.
+
When it is set, rclone:
-
Config: skip_shortcuts
-
Env Var: RCLONE_DRIVE_SKIP_SHORTCUTS
-
Type: bool
-
Default: false
+
ignores ACLs set on buckets
+
ignores ACLs set on objects
+
creates buckets with Bucket Policy Only set
-
--drive-skip-dangling-shortcuts
-
If set skip dangling shortcut files.
-
If this is set then rclone will not show any dangling shortcuts in listings.
In the first example this creates a shortcut from the "source_item" which can be a file or a directory to the "destination_shortcut". The "source_item" and the "destination_shortcut" should be relative paths from "drive:"
-
In the second example this creates a shortcut from the "source_item" relative to "drive:" to the "destination_shortcut" relative to "drive2:". This may fail with a permission error if the user authenticated with "drive2:" can't read files from "drive:".
-
Options:
+
Advanced options
+
Here are the Advanced options specific to google cloud storage (Google Cloud Storage (this is not Google Drive)).
+
--gcs-token
+
OAuth Access Token as a JSON blob.
+
Properties:
-
"target": optional target remote for the shortcut destination
With the -o config parameter it will output the list in a format suitable for adding to a config file to make aliases for all the drives found.
-
[My Drive]
-type = alias
-remote = drive,team_drive=0ABCDEF-01234567890,root_folder_id=:
-
-[Test Drive]
-type = alias
-remote = drive,team_drive=0ABCDEFabcdefghijkl,root_folder_id=:
-
Adding this to the rclone config file will cause those team drives to be accessible with the aliases shown. This may require manual editing of the names.
It copies the drive file with ID given to the path (an rclone path which will be passed internally to rclone copyto). The ID and path pairs can be repeated.
-
The path should end with a / to indicate copy the file as named to this directory. If it doesn't end with a / then the last path component will be used as the file name.
-
If the destination is a drive backend then server-side copying will be attempted if possible.
-
Use the -i flag to see what would be copied before copying.
-
Limitations
-
Drive has quite a lot of rate limiting. This causes rclone to be limited to transferring about 2 files per second only. Individual files may be transferred much faster at 100s of MiB/s but lots of small files can take a long time.
-
Server side copies are also subject to a separate rate limit. If you see User rate limit exceeded errors, wait at least 24 hours and retry. You can disable server-side copies with --disable copy to download and upload the files if you prefer.
-
Limitations of Google Docs
-
Google docs will appear as size -1 in rclone ls and as size 0 in anything which uses the VFS layer, e.g. rclone mount, rclone serve.
-
This is because rclone can't find out the size of the Google docs without downloading them.
-
Google docs will transfer correctly with rclone sync, rclone copy etc as rclone knows to ignore the size when doing the transfer.
-
However an unfortunate consequence of this is that you may not be able to download Google docs using rclone mount. If it doesn't work you will get a 0 sized file. If you try again the doc may gain its correct size and be downloadable. Whether it will work on not depends on the application accessing the mount and the OS you are running - experiment to find out if it does work for you!
-
Duplicated files
-
Sometimes, for no reason I've been able to track down, drive will duplicate a file that rclone uploads. Drive unlike all the other remotes can have duplicated files.
-
Duplicated files cause problems with the syncing and you will see messages in the log about duplicates.
-
Use rclone dedupe to fix duplicated files.
-
Note that this isn't just a problem with rclone, even Google Photos on Android duplicates files on drive sometimes.
-
Rclone appears to be re-copying files it shouldn't
-
The most likely cause of this is the duplicated file issue above - run rclone dedupe and check your logs for duplicate object or directory messages.
-
This can also be caused by a delay/caching on google drive's end when comparing directory listings. Specifically with team drives used in combination with --fast-list. Files that were uploaded recently may not appear on the directory list sent to rclone when using --fast-list.
-
Waiting a moderate period of time between attempts (estimated to be approximately 1 hour) and/or not using --fast-list both seem to be effective in preventing the problem.
-
Making your own client_id
-
When you use rclone with Google drive in its default configuration you are using rclone's client_id. This is shared between all the rclone users. There is a global rate limit on the number of queries per second that each client_id can do set by Google. rclone already has a high quota and I will continue to make sure it is high enough by contacting Google.
-
It is strongly recommended to use your own client ID as the default rclone ID is heavily used. If you have multiple services running, it is recommended to use an API key for each service. The default Google quota is 10 transactions per second so it is recommended to stay under that number as if you use more than that, it will cause rclone to rate limit and make things slower.
-
Here is how to create your own Google Drive client ID for rclone:
-
-
Log into the Google API Console with your Google account. It doesn't matter what Google account you use. (It need not be the same account as the Google Drive you want to access)
-
Select a project or create a new project.
-
Under "ENABLE APIS AND SERVICES" search for "Drive", and enable the "Google Drive API".
-
Click "Credentials" in the left-side panel (not "Create credentials", which opens the wizard), then "Create credentials"
-
If you already configured an "Oauth Consent Screen", then skip to the next step; if not, click on "CONFIGURE CONSENT SCREEN" button (near the top right corner of the right panel), then select "External" and click on "CREATE"; on the next screen, enter an "Application name" ("rclone" is OK); enter "User Support Email" (your own email is OK); enter "Developer Contact Email" (your own email is OK); then click on "Save" (all other data is optional). Click again on "Credentials" on the left panel to go back to the "Credentials" screen.
-
-
(PS: if you are a GSuite user, you could also select "Internal" instead of "External" above, but this has not been tested/documented so far).
-
-
Click on the "+ CREATE CREDENTIALS" button at the top of the screen, then select "OAuth client ID".
-
Choose an application type of "Desktop app" and click "Create". (the default name is fine)
-
It will show you a client ID and client secret. Make a note of these.
-
Go to "Oauth consent screen" and press "Publish App"
-
Provide the noted client ID and client secret to rclone.
-
Click "OAuth consent screen", then click "PUBLISH APP" button and confirm, or add your account under "Test users".
-
-
Be aware that, due to the "enhanced security" recently introduced by Google, you are theoretically expected to "submit your app for verification" and then wait a few weeks(!) for their response; in practice, you can go right ahead and use the client ID and client secret with rclone, the only issue will be a very scary confirmation screen shown when you connect via your browser for rclone to be able to get its token-id (but as this only happens during the remote configuration, it's not such a big deal).
-
(Thanks to @balazer on github for these instructions.)
-
Sometimes, creation of an OAuth consent in Google API Console fails due to an error message “The request failed because changes to one of the field of the resource is not supported”. As a convenient workaround, the necessary Google Drive API key can be created on the Python Quickstart page. Just push the Enable the Drive API button to receive the Client ID and Secret. Note that it will automatically create a new project in the API Console.
-
Google Photos
-
The rclone backend for Google Photos is a specialized backend for transferring photos and videos to and from Google Photos.
-
NB The Google Photos API which rclone uses has quite a few limitations, so please read the limitations section carefully to make sure it is suitable for your use.
+
--gcs-auth-url
+
Auth server URL.
+
Leave blank to use the provider defaults.
+
Properties:
+
+
Config: auth_url
+
Env Var: RCLONE_GCS_AUTH_URL
+
Type: string
+
Required: false
+
+
--gcs-token-url
+
Token server url.
+
Leave blank to use the provider defaults.
+
Properties:
+
+
Config: token_url
+
Env Var: RCLONE_GCS_TOKEN_URL
+
Type: string
+
Required: false
+
+
--gcs-no-check-bucket
+
If set, don't attempt to check the bucket exists or create it.
+
This can be useful when trying to minimise the number of transactions rclone does if you know the bucket exists already.
+
Properties:
+
+
Config: no_check_bucket
+
Env Var: RCLONE_GCS_NO_CHECK_BUCKET
+
Type: bool
+
Default: false
+
+
--gcs-decompress
+
If set this will decompress gzip encoded objects.
+
It is possible to upload objects to GCS with "Content-Encoding: gzip" set. Normally rclone will download these files as compressed objects.
+
If this flag is set then rclone will decompress these files with "Content-Encoding: gzip" as they are received. This means that rclone can't check the size and hash but the file contents will be decompressed.
rclone about is not supported by the Google Cloud Storage backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
Drive paths may be as deep as required, e.g. drive:directory/subdirectory.
Configuration
-
The initial setup for google cloud storage involves getting a token from Google Photos which you need to do in your browser. rclone config walks you through it.
+
The initial setup for drive involves getting a token from Google drive which you need to do in your browser. rclone config walks you through it.
Here is an example of how to make a remote called remote. First run:
rclone config
This will guide you through an interactive setup process:
No remotes found, make a new one?
n) New remote
+r) Rename remote
+c) Copy remote
s) Set configuration password
q) Quit config
-n/s/q> n
+n/r/c/s/q> n
name> remote
Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
[snip]
-XX / Google Photos
- \ "google photos"
+XX / Google Drive
+ \ "drive"
[snip]
-Storage> google photos
-** See help for google photos backend at: https://rclone.org/googlephotos/ **
-
-Google Application Client Id
-Leave blank normally.
-Enter a string value. Press Enter for the default ("").
-client_id>
-Google Application Client Secret
-Leave blank normally.
-Enter a string value. Press Enter for the default ("").
-client_secret>
-Set to make the Google Photos backend read only.
-
-If you choose read only then rclone will only request read only access
-to your photos, otherwise rclone will request full access.
-Enter a boolean value (true or false). Press Enter for the default ("false").
-read_only>
-Edit advanced config? (y/n)
-y) Yes
-n) No
-y/n> n
+Storage> drive
+Google Application Client Id - leave blank normally.
+client_id>
+Google Application Client Secret - leave blank normally.
+client_secret>
+Scope that rclone should use when requesting access from drive.
+Choose a number from below, or type in your own value
+ 1 / Full access all files, excluding Application Data Folder.
+ \ "drive"
+ 2 / Read-only access to file metadata and file contents.
+ \ "drive.readonly"
+ / Access to files created by rclone only.
+ 3 | These are visible in the drive website.
+ | File authorization is revoked when the user deauthorizes the app.
+ \ "drive.file"
+ / Allows read and write access to the Application Data folder.
+ 4 | This is not visible in the drive website.
+ \ "drive.appfolder"
+ / Allows read-only access to file metadata but
+ 5 | does not allow any access to read or download file content.
+ \ "drive.metadata.readonly"
+scope> 1
+Service Account Credentials JSON file path - needed only if you want use SA instead of interactive login.
+service_account_file>
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -17690,1357 +19783,1530 @@
Configuration
Log in and authorize rclone for access
Waiting for code...
Got code
-
-*** IMPORTANT: All media items uploaded to Google Photos with rclone
-*** are stored in full resolution at original quality. These uploads
-*** will count towards storage in your Google Account.
-
+Configure this as a Shared Drive (Team Drive)?
+y) Yes
+n) No
+y/n> n
--------------------
[remote]
-type = google photos
-token = {"access_token":"XXX","token_type":"Bearer","refresh_token":"XXX","expiry":"2019-06-28T17:38:04.644930156+01:00"}
+client_id =
+client_secret =
+scope = drive
+root_folder_id =
+service_account_file =
+token = {"access_token":"XXX","token_type":"Bearer","refresh_token":"XXX","expiry":"2014-03-16T13:57:58.955387075Z"}
--------------------
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y
-
Note that rclone runs a webserver on your local machine to collect the token as returned from Google if you use auto config mode. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this may require you to unblock it temporarily if you are running a host firewall, or use manual mode.
-
This remote is called remote and can now be used like this
-
See all the albums in your photos
-
rclone lsd remote:album
-
Make a new album
-
rclone mkdir remote:album/newAlbum
-
List the contents of an album
-
rclone ls remote:album/newAlbum
-
Sync /home/local/images to the Google Photos, removing any excess files in the album.
As Google Photos is not a general purpose cloud storage system the backend is laid out to help you navigate it.
-
The directories under media show different ways of categorizing the media. Each file will appear multiple times. So if you want to make a backup of your google photos you might choose to backup remote:media/by-month. (NBremote:media/by-day is rather slow at the moment so avoid for syncing.)
-
Note that all your photos and videos will appear somewhere under media, but they may not appear under album unless you've put them into albums.
There are two writable parts of the tree, the upload directory and sub directories of the album directory.
-
The upload directory is for uploading files you don't want to put into albums. This will be empty to start with and will contain the files you've uploaded for one rclone session only, becoming empty again when you restart rclone. The use case for this would be if you have a load of files you just want to once off dump into Google Photos. For repeated syncing, uploading to album will work better.
-
Directories within the album directory are also writeable and you may create new directories (albums) under album. If you copy files with a directory hierarchy in there then rclone will create albums with the / character in them. For example if you do
Then rclone will create the following albums with the following files in
-
-
images
-
-
file1.jpg
-
-
images/dir
-
-
file2.jpg
-
-
images/dir2/dir3
+
See the remote setup docs for how to set it up on a machine with no Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the token as returned from Google if using web browser to automatically authenticate. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and it may require you to unblock it temporarily if you are running a host firewall, or use manual mode.
+
You can then use it like this,
+
List directories in top level of your drive
+
rclone lsd remote:
+
List all the files in your drive
+
rclone ls remote:
+
To copy a local directory to a drive directory called backup
+
rclone copy /home/source remote:backup
+
Scopes
+
Rclone allows you to select which scope you would like for rclone to use. This changes what type of token is granted to rclone. The scopes are defined here.
+
The scope are
+
drive
+
This is the default scope and allows full access to all files, except for the Application Data Folder (see below).
+
Choose this one if you aren't sure.
+
drive.readonly
+
This allows read only access to all files. Files may be listed and downloaded but not uploaded, renamed or deleted.
+
drive.file
+
With this scope rclone can read/view/modify only those files and folders it creates.
+
So if you uploaded files to drive via the web interface (or any other means) they will not be visible to rclone.
+
This can be useful if you are using rclone to backup data and you want to be sure confidential data on your drive is not visible to rclone.
+
Files created with this scope are visible in the web interface.
+
drive.appfolder
+
This gives rclone its own private area to store files. Rclone will not be able to see any other files on your drive and you won't be able to see rclone's files from the web interface either.
+
drive.metadata.readonly
+
This allows read only access to file names only. It does not allow rclone to download or upload data, or rename or delete files or directories.
+
Root folder ID
+
This option has been moved to the advanced section. You can set the root_folder_id for rclone. This is the directory (identified by its Folder ID) that rclone considers to be the root of your drive.
+
Normally you will leave this blank and rclone will determine the correct root to use itself.
+
However you can set this to restrict rclone to a specific folder hierarchy or to access data within the "Computers" tab on the drive web interface (where files from Google's Backup and Sync desktop program go).
+
In order to do this you will have to find the Folder ID of the directory you wish rclone to display. This will be the last segment of the URL when you open the relevant folder in the drive web interface.
+
So if the folder you want rclone to use has a URL which looks like https://drive.google.com/drive/folders/1XyfxxxxxxxxxxxxxxxxxxxxxxxxxKHCh in the browser, then you use 1XyfxxxxxxxxxxxxxxxxxxxxxxxxxKHCh as the root_folder_id in the config.
+
NB folders under the "Computers" tab seem to be read only (drive gives a 500 error) when using rclone.
+
There doesn't appear to be an API to discover the folder IDs of the "Computers" tab - please contact us if you know otherwise!
+
Note also that rclone can't access any data under the "Backups" tab on the google drive web interface yet.
+
Service Account support
+
You can set up rclone with Google Drive in an unattended mode, i.e. not tied to a specific end-user Google account. This is useful when you want to synchronise files onto machines that don't have actively logged-in users, for example build machines.
+
To use a Service Account instead of OAuth2 token flow, enter the path to your Service Account credentials at the service_account_file prompt during rclone config and rclone won't use the browser based authentication flow. If you'd rather stuff the contents of the credentials file into the rclone config file, you can set service_account_credentials with the actual contents of the file instead, or set the equivalent environment variable.
+
Use case - Google Apps/G-suite account and individual Drive
+
Let's say that you are the administrator of a Google Apps (old) or G-suite account. The goal is to store data on an individual's Drive account, who IS a member of the domain. We'll call the domain example.com, and the user foo@example.com.
+
There's a few steps we need to go through to accomplish this:
These credentials are what rclone will use for authentication. If you ever need to remove access, press the "Delete service account key" button.
-
This means that you can use the album path pretty much like a normal filesystem and it is a good target for repeated syncing.
-
The shared-album directory shows albums shared with you or by you. This is similar to the Sharing tab in the Google Photos web interface.
-
Standard options
-
Here are the standard options specific to google photos (Google Photos).
-
--gphotos-client-id
-
OAuth Client Id.
-
Leave blank normally.
-
Properties:
+
2. Allowing API access to example.com Google Drive
-
Config: client_id
-
Env Var: RCLONE_GPHOTOS_CLIENT_ID
-
Type: string
-
Required: false
+
Go to example.com's admin console
+
Go into "Security" (or use the search bar)
+
Select "Show more" and then "Advanced settings"
+
Select "Manage API client access" in the "Authentication" section
+
In the "Client Name" field enter the service account's "Client ID" - this can be found in the Developer Console under "IAM & Admin" -> "Service Accounts", then "View Client ID" for the newly created service account. It is a ~21 character numerical string.
+
In the next field, "One or More API Scopes", enter https://www.googleapis.com/auth/drive to grant access to Google Drive specifically.
-
--gphotos-client-secret
-
OAuth Client Secret.
-
Leave blank normally.
-
Properties:
+
3. Configure rclone, assuming a new install
+
rclone config
+
+n/s/q> n # New
+name>gdrive # Gdrive is an example name
+Storage> # Select the number shown for Google Drive
+client_id> # Can be left blank
+client_secret> # Can be left blank
+scope> # Select your scope, 1 for example
+root_folder_id> # Can be left blank
+service_account_file> /home/foo/myJSONfile.json # This is where the JSON file goes!
+y/n> # Auto config, n
+
+
4. Verify that it's working
-
Config: client_secret
-
Env Var: RCLONE_GPHOTOS_CLIENT_SECRET
-
Type: string
-
Required: false
-
-
--gphotos-read-only
-
Set to make the Google Photos backend read only.
-
If you choose read only then rclone will only request read only access to your photos, otherwise rclone will request full access.
--drive-impersonate foo@example.com - this is what does the magic, pretending to be user foo.
+
lsf - list files in a parsing friendly way
+
gdrive:backup - use the remote called gdrive, work in the folder named backup.
+
-
Advanced options
-
Here are the advanced options specific to google photos (Google Photos).
-
--gphotos-token
-
OAuth Access Token as a JSON blob.
-
Properties:
+
Note: in case you configured a specific root folder on gdrive and rclone is unable to access the contents of that folder when using --drive-impersonate, do this instead: - in the gdrive web interface, share your root folder with the user/email of the new Service Account you created/selected at step #1 - use rclone without specifying the --drive-impersonate option, like this: rclone -v lsf gdrive:backup
+
Shared drives (team drives)
+
If you want to configure the remote to point to a Google Shared Drive (previously known as Team Drives) then answer y to the question Configure this as a Shared Drive (Team Drive)?.
+
This will fetch the list of Shared Drives from google and allow you to configure which one you want to use. You can also type in a Shared Drive ID if you prefer.
+
For example:
+
Configure this as a Shared Drive (Team Drive)?
+y) Yes
+n) No
+y/n> y
+Fetching Shared Drive list...
+Choose a number from below, or type in your own value
+ 1 / Rclone Test
+ \ "xxxxxxxxxxxxxxxxxxxx"
+ 2 / Rclone Test 2
+ \ "yyyyyyyyyyyyyyyyyyyy"
+ 3 / Rclone Test 3
+ \ "zzzzzzzzzzzzzzzzzzzz"
+Enter a Shared Drive ID> 1
+--------------------
+[remote]
+client_id =
+client_secret =
+token = {"AccessToken":"xxxx.x.xxxxx_xxxxxxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","RefreshToken":"1/xxxxxxxxxxxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxx","Expiry":"2014-03-16T13:57:58.955387075Z","Extra":null}
+team_drive = xxxxxxxxxxxxxxxxxxxx
+--------------------
+y) Yes this is OK
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
--fast-list
+
This remote supports --fast-list which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
+
It does this by combining multiple list calls into a single API request.
+
This works by combining many '%s' in parents filters into one expression. To list the contents of directories a, b and c, the following requests will be send by the regular List function:
+
trashed=false and 'a' in parents
+trashed=false and 'b' in parents
+trashed=false and 'c' in parents
+
These can now be combined into a single request:
+
trashed=false and ('a' in parents or 'b' in parents or 'c' in parents)
+
The implementation of ListR will put up to 50 parents filters into one request. It will use the --checkers value to specify the number of requests to run in parallel.
+
In tests, these batch requests were up to 20x faster than the regular method. Running the following command against different sized folders gives:
+
rclone lsjson -vv -R --checkers=6 gdrive:folder
+
small folder (220 directories, 700 files):
-
Config: token
-
Env Var: RCLONE_GPHOTOS_TOKEN
-
Type: string
-
Required: false
+
without --fast-list: 38s
+
with --fast-list: 10s
-
--gphotos-auth-url
-
Auth server URL.
-
Leave blank to use the provider defaults.
-
Properties:
+
large folder (10600 directories, 39000 files):
-
Config: auth_url
-
Env Var: RCLONE_GPHOTOS_AUTH_URL
-
Type: string
-
Required: false
+
without --fast-list: 22:05 min
+
with --fast-list: 58s
-
--gphotos-token-url
-
Token server url.
-
Leave blank to use the provider defaults.
-
Properties:
+
Modified time
+
Google drive stores modification times accurate to 1 ms.
+
Restricted filename characters
+
Only Invalid UTF-8 bytes will be replaced, as they can't be used in JSON strings.
+
In contrast to other backends, / can also be used in names and . or .. are valid names.
+
Revisions
+
Google drive stores revisions of files. When you upload a change to an existing file to google drive using rclone it will create a new revision of that file.
+
Revisions follow the standard google policy which at time of writing was
-
Config: token_url
-
Env Var: RCLONE_GPHOTOS_TOKEN_URL
-
Type: string
-
Required: false
+
They are deleted after 30 days or 100 revisions (whatever comes first).
+
They do not count towards a user storage quota.
-
--gphotos-read-size
-
Set to read the size of media items.
-
Normally rclone does not read the size of media items since this takes another transaction. This isn't necessary for syncing. However rclone mount needs to know the size of files in advance of reading them, so setting this flag when using rclone mount is recommended if you want to read the media.
-
Properties:
+
Deleting files
+
By default rclone will send all files to the trash when deleting files. If deleting them permanently is required then use the --drive-use-trash=false flag, or set the equivalent environment variable.
Shortcuts are files that link to other files on Google Drive somewhat like a symlink in unix, except they point to the underlying file data (e.g. the inode in unix terms) so they don't break if the source is renamed or moved about.
+
Be default rclone treats these as follows.
+
For shortcuts pointing to files:
-
Config: read_size
-
Env Var: RCLONE_GPHOTOS_READ_SIZE
-
Type: bool
-
Default: false
+
When listing a file shortcut appears as the destination file.
+
When downloading the contents of the destination file is downloaded.
+
When updating shortcut file with a non shortcut file, the shortcut is removed then a new file is uploaded in place of the shortcut.
+
When server-side moving (renaming) the shortcut is renamed, not the destination file.
+
When server-side copying the shortcut is copied, not the contents of the shortcut. (unless --drive-copy-shortcut-content is in use in which case the contents of the shortcut gets copied).
+
When deleting the shortcut is deleted not the linked file.
+
When setting the modification time, the modification time of the linked file will be set.
-
--gphotos-start-year
-
Year limits the photos to be downloaded to those which are uploaded after the given year.
-
Properties:
+
For shortcuts pointing to folders:
-
Config: start_year
-
Env Var: RCLONE_GPHOTOS_START_YEAR
-
Type: int
-
Default: 2000
+
When listing the shortcut appears as a folder and that folder will contain the contents of the linked folder appear (including any sub folders)
+
When downloading the contents of the linked folder and sub contents are downloaded
+
When uploading to a shortcut folder the file will be placed in the linked folder
+
When server-side moving (renaming) the shortcut is renamed, not the destination folder
+
When server-side copying the contents of the linked folder is copied, not the shortcut.
+
When deleting with rclone rmdir or rclone purge the shortcut is deleted not the linked folder.
+
NB When deleting with rclone remove or rclone mount the contents of the linked folder will be deleted.
-
--gphotos-include-archived
-
Also view and download archived media.
-
By default, rclone does not request archived media. Thus, when syncing, archived media is not visible in directory listings or transferred.
-
Note that media in albums is always visible and synced, no matter their archive status.
-
With this flag, archived media are always visible in directory listings and transferred.
-
Without this flag, archived media will not be visible in directory listings and won't be transferred.
-
Properties:
-
-
Config: include_archived
-
Env Var: RCLONE_GPHOTOS_INCLUDE_ARCHIVED
-
Type: bool
-
Default: false
+
The rclone backend command can be used to create shortcuts.
+
Shortcuts can be completely ignored with the --drive-skip-shortcuts flag or the corresponding skip_shortcuts configuration setting.
+
Emptying trash
+
If you wish to empty your trash you can use the rclone cleanup remote: command which will permanently delete all your trashed files. This command does not take any path arguments.
+
Note that Google Drive takes some time (minutes to days) to empty the trash even though the command returns within a few seconds. No output is echoed, so there will be no confirmation even using -v or -vv.
+
Quota information
+
To view your current quota you can use the rclone about remote: command which will display your usage limit (quota), the usage in Google Drive, the size of all files in the Trash and the space used by other Google services such as Gmail. This command does not take any path arguments.
+
Import/Export of google documents
+
Google documents can be exported from and uploaded to Google Drive.
+
When rclone downloads a Google doc it chooses a format to download depending upon the --drive-export-formats setting. By default the export formats are docx,xlsx,pptx,svg which are a sensible default for an editable document.
+
When choosing a format, rclone runs down the list provided in order and chooses the first file format the doc can be exported as from the list. If the file can't be exported to a format on the formats list, then rclone will choose a format from the default list.
+
If you prefer an archive copy then you might use --drive-export-formats pdf, or if you prefer openoffice/libreoffice formats you might use --drive-export-formats ods,odt,odp.
+
Note that rclone adds the extension to the google doc, so if it is called My Spreadsheet on google docs, it will be exported as My Spreadsheet.xlsx or My Spreadsheet.pdf etc.
+
When importing files into Google Drive, rclone will convert all files with an extension in --drive-import-formats to their associated document type. rclone will not convert any files by default, since the conversion is lossy process.
+
The conversion must result in a file with the same extension when the --drive-export-formats rules are applied to the uploaded document.
+
Here are some examples for allowed and prohibited conversions.
+
+
+
+
export-formats
+
import-formats
+
Upload Ext
+
Document Ext
+
Allowed
+
+
+
+
+
odt
+
odt
+
odt
+
odt
+
Yes
+
+
+
odt
+
docx,odt
+
odt
+
odt
+
Yes
+
+
+
+
docx
+
docx
+
docx
+
Yes
+
+
+
+
odt
+
odt
+
docx
+
No
+
+
+
odt,docx
+
docx,odt
+
docx
+
odt
+
No
+
+
+
docx,odt
+
docx,odt
+
docx
+
docx
+
Yes
+
+
+
docx,odt
+
docx,odt
+
odt
+
docx
+
No
+
+
+
+
This limitation can be disabled by specifying --drive-allow-import-name-change. When using this flag, rclone can convert multiple files types resulting in the same document type at once, e.g. with --drive-import-formats docx,odt,txt, all files having these extension would result in a document represented as a docx file. This brings the additional risk of overwriting a document, if multiple files have the same stem. Many rclone operations will not handle this name change in any way. They assume an equal name when copying files and might copy the file again or delete them when the name changes.
+
Here are the possible export extensions with their corresponding mime types. Most of these can also be used for importing, but there more that are not listed here. Some of these additional ones might only be available when the operating system provides the correct MIME type entries.
+
This list can be changed by Google Drive at any time and might not represent the currently available conversions.
Google documents can also be exported as link files. These files will open a browser window for the Google Docs website of that document when opened. The link file extension has to be specified as a --drive-export-formats parameter. They will match all available Google Documents.
+
+
+
+
Extension
+
Description
+
OS Support
+
+
+
+
+
desktop
+
freedesktop.org specified desktop entry
+
Linux
+
+
+
link.html
+
An HTML Document with a redirect
+
All
+
+
+
url
+
INI style link file
+
macOS, Windows
+
+
+
webloc
+
macOS specific XML format
+
macOS
+
+
+
+
Standard options
+
Here are the Standard options specific to drive (Google Drive).
+
--drive-client-id
+
Google Application Client Id Setting your own is recommended. See https://rclone.org/drive/#making-your-own-client-id for how to create your own. If you leave this blank, it will use an internal key which is low performance.
Only images and videos can be uploaded. If you attempt to upload non videos or images or formats that Google Photos doesn't understand, rclone will upload the file, then Google Photos will give an error when it is put turned into a media item.
-
Note that all media items uploaded to Google Photos through the API are stored in full resolution at "original quality" and will count towards your storage quota in your Google Account. The API does not offer a way to upload in "high quality" mode..
-
rclone about is not supported by the Google Photos backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
When Images are downloaded this strips EXIF location (according to the docs and my tests). This is a limitation of the Google Photos API and is covered by bug #112096115.
-
The current google API does not allow photos to be downloaded at original resolution. This is very important if you are, for example, relying on "Google Photos" as a backup of your photos. You will not be able to use rclone to redownload original images. You could use 'google takeout' to recover the original photos as a last resort
-
Downloading Videos
-
When videos are downloaded they are downloaded in a really compressed version of the video compared to downloading it via the Google Photos web interface. This is covered by bug #113672044.
-
Duplicates
-
If a file name is duplicated in a directory then rclone will add the file ID into its name. So two files called file.jpg would then appear as file {123456}.jpg and file {ABCDEF}.jpg (the actual IDs are a lot longer alas!).
-
If you upload the same image (with the same binary data) twice then Google Photos will deduplicate it. However it will retain the filename from the first upload which may confuse rclone. For example if you uploaded an image to upload then uploaded the same image to album/my_album the filename of the image in album/my_album will be what it was uploaded with initially, not what you uploaded it with to album. In practise this shouldn't cause too many problems.
-
Modified time
-
The date shown of media in Google Photos is the creation date as determined by the EXIF information, or the upload date if that is not known.
-
This is not changeable by rclone and is not the modification date of the media on local disk. This means that rclone cannot use the dates from Google Photos for syncing purposes.
-
Size
-
The Google Photos API does not return the size of media. This means that when syncing to Google Photos, rclone can only do a file existence check.
-
It is possible to read the size of the media, but this needs an extra HTTP HEAD request per media item so is very slow and uses up a lot of transactions. This can be enabled with the --gphotos-read-size option or the read_size = true config parameter.
-
If you want to use the backend with rclone mount you may need to enable this flag (depending on your OS and application using the photos) otherwise you may not be able to read media off the mount. You'll need to experiment to see if it works for you without the flag.
Rclone can remove files it uploaded from albums it created only.
-
Deleting files
-
Rclone can remove files from albums it created, but note that the Google Photos API does not allow media to be deleted permanently so this media will still remain. See bug #109759781.
-
Rclone cannot delete files anywhere except under album.
-
Deleting albums
-
The Google Photos API does not support deleting albums - see bug #135714733.
-
Hasher (EXPERIMENTAL)
-
Hasher is a special overlay backend to create remotes which handle checksums for other remotes. It's main functions include: - Emulate hash types unimplemented by backends - Cache checksums to help with slow hashing of large local or (S)FTP files - Warm up checksum cache from external SUM files
-
Getting started
-
To use Hasher, first set up the underlying remote following the configuration instructions for that remote. You can also use a local pathname instead of a remote. Check that your base remote is working.
-
Let's call the base remote myRemote:path here. Note that anything inside myRemote:path will be handled by hasher and anything outside won't. This means that if you are using a bucket based remote (S3, B2, Swift) then you should put the bucket in the remote s3:bucket.
-
Now proceed to interactive or manual configuration.
-
Interactive configuration
-
Run rclone config:
-
No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> Hasher1
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Handle checksums for other remotes
- \ "hasher"
-[snip]
-Storage> hasher
-Remote to cache checksums for, like myremote:mypath.
-Enter a string value. Press Enter for the default ("").
-remote> myRemote:path
-Comma separated list of supported checksum types.
-Enter a string value. Press Enter for the default ("md5,sha1").
-hashsums> md5
-Maximum time to keep checksums in cache. 0 = no cache, off = cache forever.
-max_age> off
-Edit advanced config? (y/n)
-y) Yes
-n) No
-y/n> n
-Remote config
---------------------
-[Hasher1]
-type = hasher
-remote = myRemote:path
-hashsums = md5
-max_age = off
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-
Manual configuration
-
Run rclone config path to see the path of current active config file, usually YOURHOME/.config/rclone/rclone.conf. Open it in your favorite text editor, find section for the base remote and create new section for hasher like in the following examples:
Hasher takes basically the following parameters: - remote is required, - hashes is a comma separated list of supported checksums (by default md5,sha1), - max_age - maximum time to keep a checksum value in the cache, 0 will disable caching completely, off will cache "forever" (that is until the files get changed).
-
Make sure the remote has : (colon) in. If you specify the remote without a colon then rclone will use a local directory of that name. So if you use a remote of /local/path then rclone will handle hashes for that directory. If you use remote = name literally then rclone will put files in a directory called name located under current directory.
-
Usage
-
Basic operations
-
Now you can use it as Hasher2:subdir/file instead of base remote. Hasher will transparently update cache with new checksums when a file is fully read or overwritten, like:
The way to refresh all cached checksums (even unsupported by the base backend) for a subtree is to re-download all files in the subtree. For example, use hashsum --download using any supported hashsum on the command line (we just care to re-read):
Instead of SHA1 it can be any hash supported by the remote. The last argument can point to either a local or an other-remote:path text file in SUM format. The command will parse the SUM file, then walk down the path given by the first argument, snapshot current fingerprints and fill in the cache entries correspondingly. - Paths in the SUM file are treated as relative to hasher:dir/subdir. - The command will not check that supplied values are correct. You must know what you are doing. - This is a one-time action. The SUM file will not get "attached" to the remote. Cache entries can still be overwritten later, should the object's fingerprint change. - The tree walk can take long depending on the tree size. You can increase --checkers to make it faster. Or use stickyimport if you don't care about fingerprints and consistency.
stickyimport is similar to import but works much faster because it does not need to stat existing files and skips initial tree walk. Instead of binding cache entries to file fingerprints it creates sticky entries bound to the file name alone ignoring size, modification time etc. Such hash entries can be replaced only by purge, delete, backend drop or by full re-read/re-write of the files.
-
Configuration reference
-
Standard options
-
Here are the standard options specific to hasher (Better checksums for other remotes).
-
--hasher-remote
-
Remote to cache checksums for (e.g. myRemote:path).
+
--drive-scope
+
Scope that rclone should use when requesting access from drive.
Properties:
-
Config: remote
-
Env Var: RCLONE_HASHER_REMOTE
+
Config: scope
+
Env Var: RCLONE_DRIVE_SCOPE
Type: string
-
Required: true
+
Required: false
+
Examples:
+
+
"drive"
+
+
Full access all files, excluding Application Data Folder.
+
+
"drive.readonly"
+
+
Read-only access to file metadata and file contents.
+
+
"drive.file"
+
+
Access to files created by rclone only.
+
These are visible in the drive website.
+
File authorization is revoked when the user deauthorizes the app.
+
+
"drive.appfolder"
+
+
Allows read and write access to the Application Data folder.
+
This is not visible in the drive website.
+
+
"drive.metadata.readonly"
+
+
Allows read-only access to file metadata but
+
does not allow any access to read or download file content.
+
+
-
--hasher-hashes
-
Comma separated list of supported checksum types.
+
--drive-service-account-file
+
Service Account Credentials JSON file path.
+
Leave blank normally. Needed only if you want use SA instead of interactive login.
+
Leading ~ will be expanded in the file name as will environment variables such as ${RCLONE_CONFIG_DIR}.
Properties:
-
Config: hashes
-
Env Var: RCLONE_HASHER_HASHES
-
Type: CommaSepList
-
Default: md5,sha1
+
Config: service_account_file
+
Env Var: RCLONE_DRIVE_SERVICE_ACCOUNT_FILE
+
Type: string
+
Required: false
-
--hasher-max-age
-
Maximum time to keep checksums in cache (0 = no cache, off = cache forever).
+
--drive-alternate-export
+
Deprecated: No longer needed.
Properties:
-
Config: max_age
-
Env Var: RCLONE_HASHER_MAX_AGE
-
Type: Duration
-
Default: off
+
Config: alternate_export
+
Env Var: RCLONE_DRIVE_ALTERNATE_EXPORT
+
Type: bool
+
Default: false
-
Advanced options
-
Here are the advanced options specific to hasher (Better checksums for other remotes).
-
--hasher-auto-size
-
Auto-update checksum for files smaller than this size (disabled by default).
+
Advanced options
+
Here are the Advanced options specific to drive (Google Drive).
+
--drive-token
+
OAuth Access Token as a JSON blob.
Properties:
-
Config: auto_size
-
Env Var: RCLONE_HASHER_AUTO_SIZE
-
Type: SizeSuffix
-
Default: 0
+
Config: token
+
Env Var: RCLONE_DRIVE_TOKEN
+
Type: string
+
Required: false
-
Backend commands
-
Here are the commands specific to the hasher backend.
-
Run them with
-
rclone backend COMMAND remote:
-
The help below will explain what arguments each command takes.
Fill hash cache from a SUM file without verifying file fingerprints. Usage Example: rclone backend stickyimport hasher:subdir md5 remote:path/to/sum.md5
-
Implementation details (advanced)
-
This section explains how various rclone operations work on a hasher remote.
-
Disclaimer. This section describes current implementation which can change in future rclone versions!.
-
Hashsum command
-
The rclone hashsum (or md5sum or sha1sum) command will:
-
-
if requested hash is supported by lower level, just pass it.
-
if object size is below auto_size then download object and calculate requested hashes on the fly.
-
if unsupported and the size is big enough, build object fingerprint (including size, modtime if supported, first-found other hash if any).
-
if the strict match is found in cache for the requested remote, return the stored hash.
-
if remote found but fingerprint mismatched, then purge the entry and proceed to step 6.
-
if remote not found or had no requested hash type or after step 5: download object, calculate all supported hashes on the fly and store in cache; return requested hash.
-
-
Other operations
+
--drive-auth-url
+
Auth server URL.
+
Leave blank to use the provider defaults.
+
Properties:
-
whenever a file is uploaded or downloaded in full, capture the stream to calculate all supported hashes on the fly and update database
-
server-side move will update keys of existing cache entries
-
deletefile will remove a single cache entry
-
purge will remove all cache entries under the purged path
+
Config: auth_url
+
Env Var: RCLONE_DRIVE_AUTH_URL
+
Type: string
+
Required: false
-
Note that setting max_age = 0 will disable checksum caching completely.
-
If you set max_age = off, checksums in cache will never age, unless you fully rewrite or delete the file.
-
Cache storage
-
Cached checksums are stored as bolt database files under rclone cache directory, usually ~/.cache/rclone/kv/. Databases are maintained one per base backend, named like BaseRemote~hasher.bolt. Checksums for multiple alias-es into a single base backend will be stored in the single database. All local paths are treated as aliases into the local backend (unless crypted or chunked) and stored in ~/.cache/rclone/kv/local~hasher.bolt. Databases can be shared between multiple rclone processes.
-
HDFS
-
HDFS is a distributed file-system, part of the Apache Hadoop framework.
-
Paths are specified as remote: or remote:path/to/dir.
-
Configuration
-
Here is an example of how to make a remote called remote. First run:
-
rclone config
-
This will guide you through an interactive setup process:
-
No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[skip]
-XX / Hadoop distributed file system
- \ "hdfs"
-[skip]
-Storage> hdfs
-** See help for hdfs backend at: https://rclone.org/hdfs/ **
-
-hadoop name node and port
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Connect to host namenode at port 8020
- \ "namenode:8020"
-namenode> namenode.hadoop:8020
-hadoop user name
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Connect to hdfs as root
- \ "root"
-username> root
-Edit advanced config? (y/n)
-y) Yes
-n) No (default)
-y/n> n
-Remote config
---------------------
-[remote]
-type = hdfs
-namenode = namenode.hadoop:8020
-username = root
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Current remotes:
-
-Name Type
-==== ====
-hadoop hdfs
-
-e) Edit existing remote
-n) New remote
-d) Delete remote
-r) Rename remote
-c) Copy remote
-s) Set configuration password
-q) Quit config
-e/n/d/r/c/s/q> q
-
This remote is called remote and can now be used like this
-
See all the top level directories
-
rclone lsd remote:
-
List the contents of a directory
-
rclone ls remote:directory
-
Sync the remote directory to /home/local/directory, deleting any excess files.
Here are the standard options specific to hdfs (Hadoop distributed file system).
-
--hdfs-namenode
-
Hadoop name node and port.
-
E.g. "namenode:8020" to connect to host namenode at port 8020.
+
--drive-token-url
+
Token server url.
+
Leave blank to use the provider defaults.
Properties:
-
Config: namenode
-
Env Var: RCLONE_HDFS_NAMENODE
+
Config: token_url
+
Env Var: RCLONE_DRIVE_TOKEN_URL
Type: string
-
Required: true
+
Required: false
-
--hdfs-username
-
Hadoop user name.
+
--drive-root-folder-id
+
ID of the root folder. Leave blank normally.
+
Fill in to access "Computers" folders (see docs), or for rclone to use a non root folder as its starting point.
Properties:
-
Config: username
-
Env Var: RCLONE_HDFS_USERNAME
+
Config: root_folder_id
+
Env Var: RCLONE_DRIVE_ROOT_FOLDER_ID
Type: string
Required: false
-
Examples:
-
-
"root"
-
-
Connect to hdfs as root.
-
-
-
Advanced options
-
Here are the advanced options specific to hdfs (Hadoop distributed file system).
-
--hdfs-service-principal-name
-
Kerberos service principal name for the namenode.
-
Enables KERBEROS authentication. Specifies the Service Principal Name (SERVICE/FQDN) for the namenode. E.g. "hdfs/namenode.hadoop.docker" for namenode running as service 'hdfs' with FQDN 'namenode.hadoop.docker'.
+
--drive-service-account-credentials
+
Service Account Credentials JSON blob.
+
Leave blank normally. Needed only if you want use SA instead of interactive login.
Properties:
-
Config: service_principal_name
-
Env Var: RCLONE_HDFS_SERVICE_PRINCIPAL_NAME
+
Config: service_account_credentials
+
Env Var: RCLONE_DRIVE_SERVICE_ACCOUNT_CREDENTIALS
Type: string
Required: false
-
--hdfs-data-transfer-protection
-
Kerberos data transfer protection: authentication|integrity|privacy.
-
Specifies whether or not authentication, data signature integrity checks, and wire encryption is required when communicating the the datanodes. Possible values are 'authentication', 'integrity' and 'privacy'. Used only with KERBEROS enabled.
+
--drive-team-drive
+
ID of the Shared Drive (Team Drive).
Properties:
-
Config: data_transfer_protection
-
Env Var: RCLONE_HDFS_DATA_TRANSFER_PROTECTION
+
Config: team_drive
+
Env Var: RCLONE_DRIVE_TEAM_DRIVE
Type: string
Required: false
-
Examples:
-
-
"privacy"
-
-
Ensure authentication, integrity and encryption enabled.
Only consider files owned by the authenticated user.
Properties:
-
Config: encoding
-
Env Var: RCLONE_HDFS_ENCODING
-
Type: MultiEncoder
-
Default: Slash,Colon,Del,Ctl,InvalidUtf8,Dot
+
Config: auth_owner_only
+
Env Var: RCLONE_DRIVE_AUTH_OWNER_ONLY
+
Type: bool
+
Default: false
-
Limitations
+
--drive-use-trash
+
Send files to the trash instead of deleting permanently.
+
Defaults to true, namely sending files to the trash. Use --drive-use-trash=false to delete files permanently instead.
+
Properties:
-
No server-side Move or DirMove.
-
Checksums not implemented.
+
Config: use_trash
+
Env Var: RCLONE_DRIVE_USE_TRASH
+
Type: bool
+
Default: true
-
HTTP
-
The HTTP remote is a read only remote for reading files of a webserver. The webserver should provide file listings which rclone will read and turn into a remote. This has been tested with common webservers such as Apache/Nginx/Caddy and will likely work with file listings from most web servers. (If it doesn't then please file an issue, or send a pull request!)
-
Paths are specified as remote: or remote:path.
-
The remote: represents the configured url, and any path following it will be resolved relative to this url, according to the URL standard. This means with remote url https://beta.rclone.org/branch and path fix, the resolved URL will be https://beta.rclone.org/branch/fix, while with path /fix the resolved URL will be https://beta.rclone.org/fix as the absolute path is resolved from the root of the domain.
-
If the path following the remote: ends with / it will be assumed to point to a directory. If the path does not end with /, then a HEAD request is sent and the response used to decide if it it is treated as a file or a directory (run with -vv to see details). When --http-no-head is specified, a path without ending / is always assumed to be a file. If rclone incorrectly assumes the path is a file, the solution is to specify the path with ending /. When you know the path is a directory, ending it with / is always better as it avoids the initial HEAD request.
-
To just download a single file it is easier to use copyurl.
-
Configuration
-
Here is an example of how to make a remote called remote. First run:
-
rclone config
-
This will guide you through an interactive setup process:
-
No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / http Connection
- \ "http"
-[snip]
-Storage> http
-URL of http host to connect to
-Choose a number from below, or type in your own value
- 1 / Connect to example.com
- \ "https://example.com"
-url> https://beta.rclone.org
-Remote config
---------------------
-[remote]
-url = https://beta.rclone.org
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-Current remotes:
-
-Name Type
-==== ====
-remote http
-
-e) Edit existing remote
-n) New remote
-d) Delete remote
-r) Rename remote
-c) Copy remote
-s) Set configuration password
-q) Quit config
-e/n/d/r/c/s/q> q
-
This remote is called remote and can now be used like this
-
See all the top level directories
-
rclone lsd remote:
-
List the contents of a directory
-
rclone ls remote:directory
-
Sync the remote directory to /home/local/directory, deleting any excess files.
Here are the standard options specific to http (http Connection).
-
--http-url
-
URL of http host to connect to.
-
E.g. "https://example.com", or "https://user:pass@example.com" to use a username and password.
+
--drive-copy-shortcut-content
+
Server side copy contents of shortcuts instead of the shortcut.
+
When doing server side copies, normally rclone will copy shortcuts as shortcuts.
+
If this flag is used then rclone will copy the contents of shortcuts rather than shortcuts themselves when doing server side copies.
Properties:
-
Config: url
-
Env Var: RCLONE_HTTP_URL
-
Type: string
-
Required: true
+
Config: copy_shortcut_content
+
Env Var: RCLONE_DRIVE_COPY_SHORTCUT_CONTENT
+
Type: bool
+
Default: false
-
Advanced options
-
Here are the advanced options specific to http (http Connection).
-
--http-headers
-
Set HTTP headers for all transactions.
-
Use this to set additional HTTP headers for all transactions.
-
The input format is comma separated list of key,value pairs. Standard CSV encoding may be used.
-
For example, to set a Cookie use 'Cookie,name=value', or '"Cookie","name=value"'.
-
You can set multiple headers, e.g. '"Cookie","name=value","Authorization","xxx"'.
+
--drive-skip-gdocs
+
Skip google documents in all listings.
+
If given, gdocs practically become invisible to rclone.
Properties:
-
Config: headers
-
Env Var: RCLONE_HTTP_HEADERS
-
Type: CommaSepList
-
Default:
+
Config: skip_gdocs
+
Env Var: RCLONE_DRIVE_SKIP_GDOCS
+
Type: bool
+
Default: false
-
--http-no-slash
-
Set this if the site doesn't end directories with /.
-
Use this if your target website does not use / on the end of directories.
-
A / on the end of a path is how rclone normally tells the difference between files and directories. If this flag is set, then rclone will treat all files with Content-Type: text/html as directories and read URLs from them rather than downloading them.
-
Note that this may cause rclone to confuse genuine HTML files with directories.
+
--drive-skip-checksum-gphotos
+
Skip MD5 checksum on Google photos and videos only.
+
Use this if you get checksum errors when transferring Google photos or videos.
+
Setting this flag will cause Google photos and videos to return a blank MD5 checksum.
+
Google photos are identified by being in the "photos" space.
+
Corrupted checksums are caused by Google modifying the image/video but not updating the checksum.
Properties:
-
Config: no_slash
-
Env Var: RCLONE_HTTP_NO_SLASH
+
Config: skip_checksum_gphotos
+
Env Var: RCLONE_DRIVE_SKIP_CHECKSUM_GPHOTOS
Type: bool
Default: false
-
--http-no-head
-
Don't use HEAD requests.
-
HEAD requests are mainly used to find file sizes in dir listing. If your site is being very slow to load then you can try this option. Normally rclone does a HEAD request for each potential file in a directory listing to:
+
--drive-shared-with-me
+
Only show files that are shared with me.
+
Instructs rclone to operate on your "Shared with me" folder (where Google Drive lets you access the files and folders others have shared with you).
+
This works both with the "list" (lsd, lsl, etc.) and the "copy" commands (copy, sync, etc.), and with all other commands too.
+
Properties:
-
find its size
-
check it really exists
-
check to see if it is a directory
+
Config: shared_with_me
+
Env Var: RCLONE_DRIVE_SHARED_WITH_ME
+
Type: bool
+
Default: false
-
If you set this option, rclone will not do the HEAD request. This will mean that directory listings are much quicker, but rclone won't have the times or sizes of any files, and some files that don't exist may be in the listing.
+
--drive-trashed-only
+
Only show files that are in the trash.
+
This will show trashed files in their original directory structure.
Properties:
-
Config: no_head
-
Env Var: RCLONE_HTTP_NO_HEAD
+
Config: trashed_only
+
Env Var: RCLONE_DRIVE_TRASHED_ONLY
Type: bool
Default: false
-
Limitations
-
rclone about is not supported by the HTTP backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
Paths are specified as remote:container (or remote: for the lsd command.) You may put subdirectories in too, e.g. remote:container/path/to/dir.
-
Configuration
-
The initial setup for Hubic involves getting a token from Hubic which you need to do in your browser. rclone config walks you through it.
-
Here is an example of how to make a remote called remote. First run:
-
rclone config
-
This will guide you through an interactive setup process:
-
n) New remote
-s) Set configuration password
-n/s> n
-name> remote
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Hubic
- \ "hubic"
-[snip]
-Storage> hubic
-Hubic Client Id - leave blank normally.
-client_id>
-Hubic Client Secret - leave blank normally.
-client_secret>
-Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
---------------------
-[remote]
-client_id =
-client_secret =
-token = {"access_token":"XXXXXX"}
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-
See the remote setup docs for how to set it up on a machine with no Internet browser available.
-
Note that rclone runs a webserver on your local machine to collect the token as returned from Hubic. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this it may require you to unblock it temporarily if you are running a host firewall.
-
Once configured you can then use rclone like this,
-
List containers in the top level of your Hubic
-
rclone lsd remote:
-
List all the files in your Hubic
-
rclone ls remote:
-
To copy a local directory to an Hubic directory called backup
-
rclone copy /home/source remote:backup
-
If you want the directory to be visible in the official Hubic browser, you need to copy your files to the default directory
-
rclone copy /home/source remote:default/backup
-
--fast-list
-
This remote supports --fast-list which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
-
Modified time
-
The modified time is stored as metadata on the object as X-Object-Meta-Mtime as floating point since the epoch accurate to 1 ns.
-
This is a de facto standard (used in the official python-swiftclient amongst others) for storing the modification time for an object.
-
Note that Hubic wraps the Swift backend, so most of the properties of are the same.
-
Standard options
-
Here are the standard options specific to hubic (Hubic).
-
--hubic-client-id
-
OAuth Client Id.
-
Leave blank normally.
+
--drive-starred-only
+
Only show files that are starred.
Properties:
-
Config: client_id
-
Env Var: RCLONE_HUBIC_CLIENT_ID
-
Type: string
-
Required: false
+
Config: starred_only
+
Env Var: RCLONE_DRIVE_STARRED_ONLY
+
Type: bool
+
Default: false
-
--hubic-client-secret
-
OAuth Client Secret.
-
Leave blank normally.
+
--drive-formats
+
Deprecated: See export_formats.
Properties:
-
Config: client_secret
-
Env Var: RCLONE_HUBIC_CLIENT_SECRET
+
Config: formats
+
Env Var: RCLONE_DRIVE_FORMATS
Type: string
Required: false
-
Advanced options
-
Here are the advanced options specific to hubic (Hubic).
-
--hubic-token
-
OAuth Access Token as a JSON blob.
+
--drive-export-formats
+
Comma separated list of preferred formats for downloading Google docs.
Properties:
-
Config: token
-
Env Var: RCLONE_HUBIC_TOKEN
+
Config: export_formats
+
Env Var: RCLONE_DRIVE_EXPORT_FORMATS
Type: string
-
Required: false
+
Default: "docx,xlsx,pptx,svg"
-
--hubic-auth-url
-
Auth server URL.
-
Leave blank to use the provider defaults.
+
--drive-import-formats
+
Comma separated list of preferred formats for uploading Google docs.
Properties:
-
Config: auth_url
-
Env Var: RCLONE_HUBIC_AUTH_URL
+
Config: import_formats
+
Env Var: RCLONE_DRIVE_IMPORT_FORMATS
Type: string
Required: false
-
--hubic-token-url
-
Token server url.
-
Leave blank to use the provider defaults.
+
--drive-allow-import-name-change
+
Allow the filetype to change when uploading Google docs.
+
E.g. file.doc to file.docx. This will confuse sync and reupload every time.
Properties:
-
Config: token_url
-
Env Var: RCLONE_HUBIC_TOKEN_URL
+
Config: allow_import_name_change
+
Env Var: RCLONE_DRIVE_ALLOW_IMPORT_NAME_CHANGE
+
Type: bool
+
Default: false
+
+
--drive-use-created-date
+
Use file created date instead of modified date.
+
Useful when downloading data and you want the creation date used in place of the last modified date.
+
WARNING: This flag may have some unexpected consequences.
+
When uploading to your drive all files will be overwritten unless they haven't been modified since their creation. And the inverse will occur while downloading. This side effect can be avoided by using the "--checksum" flag.
+
This feature was implemented to retain photos capture date as recorded by google photos. You will first need to check the "Create a Google Photos folder" option in your google drive settings. You can then copy or move the photos locally and use the date the image was taken (created) set as the modification date.
+
Properties:
+
+
Config: use_created_date
+
Env Var: RCLONE_DRIVE_USE_CREATED_DATE
+
Type: bool
+
Default: false
+
+
--drive-use-shared-date
+
Use date file was shared instead of modified date.
+
Note that, as with "--drive-use-created-date", this flag may have unexpected consequences when uploading/downloading files.
+
If both this flag and "--drive-use-created-date" are set, the created date is used.
+
Properties:
+
+
Config: use_shared_date
+
Env Var: RCLONE_DRIVE_USE_SHARED_DATE
+
Type: bool
+
Default: false
+
+
--drive-list-chunk
+
Size of listing chunk 100-1000, 0 to disable.
+
Properties:
+
+
Config: list_chunk
+
Env Var: RCLONE_DRIVE_LIST_CHUNK
+
Type: int
+
Default: 1000
+
+
--drive-impersonate
+
Impersonate this user when using a service account.
+
Properties:
+
+
Config: impersonate
+
Env Var: RCLONE_DRIVE_IMPERSONATE
Type: string
Required: false
-
--hubic-chunk-size
-
Above this size files will be chunked into a _segments container.
-
Above this size files will be chunked into a _segments container. The default for this is 5 GiB which is its maximum value.
+
--drive-upload-cutoff
+
Cutoff for switching to chunked upload.
+
Properties:
+
+
Config: upload_cutoff
+
Env Var: RCLONE_DRIVE_UPLOAD_CUTOFF
+
Type: SizeSuffix
+
Default: 8Mi
+
+
--drive-chunk-size
+
Upload chunk size.
+
Must a power of 2 >= 256k.
+
Making this larger will improve performance, but note that each chunk is buffered in memory one per transfer.
+
Reducing this will reduce memory usage but decrease performance.
Properties:
Config: chunk_size
-
Env Var: RCLONE_HUBIC_CHUNK_SIZE
+
Env Var: RCLONE_DRIVE_CHUNK_SIZE
Type: SizeSuffix
-
Default: 5Gi
+
Default: 8Mi
-
--hubic-no-chunk
-
Don't chunk files during streaming upload.
-
When doing streaming uploads (e.g. using rcat or mount) setting this flag will cause the swift backend to not upload chunked files.
-
This will limit the maximum upload size to 5 GiB. However non chunked files are easier to deal with and have an MD5SUM.
-
Rclone will still chunk files bigger than chunk_size when doing normal copy operations.
+
--drive-acknowledge-abuse
+
Set to allow files which return cannotDownloadAbusiveFile to be downloaded.
+
If downloading a file returns the error "This file has been identified as malware or spam and cannot be downloaded" with the error code "cannotDownloadAbusiveFile" then supply this flag to rclone to indicate you acknowledge the risks of downloading the file and rclone will download it anyway.
This uses the normal OpenStack Swift mechanism to refresh the Swift API credentials and ignores the expires field returned by the Hubic API.
-
The Swift API doesn't return a correct MD5SUM for segmented files (Dynamic or Static Large Objects) so rclone won't check or use the MD5SUM for these.
-
Jottacloud
-
Jottacloud is a cloud storage service provider from a Norwegian company, using its own datacenters in Norway. In addition to the official service at jottacloud.com, it also provides white-label solutions to different companies, such as: * Telia * Telia Cloud (cloud.telia.se) * Telia Sky (sky.telia.no) * Tele2 * Tele2 Cloud (mittcloud.tele2.se) * Elkjøp (with subsidiaries): * Elkjøp Cloud (cloud.elkjop.no) * Elgiganten Sweden (cloud.elgiganten.se) * Elgiganten Denmark (cloud.elgiganten.dk) * Giganti Cloud (cloud.gigantti.fi) * ELKO Clouud (cloud.elko.is)
-
Most of the white-label versions are supported by this backend, although may require different authentication setup - described below.
-
Paths are specified as remote:path
-
Paths may be as deep as required, e.g. remote:directory/subdirectory.
-
Authentication types
-
Some of the whitelabel versions uses a different authentication method than the official service, and you have to choose the correct one when setting up the remote.
-
Standard authentication
-
To configure Jottacloud you will need to generate a personal security token in the Jottacloud web interface. You will the option to do in your account security settings (for whitelabel version you need to find this page in its web interface). Note that the web interface may refer to this token as a JottaCli token.
-
Legacy authentication
-
If you are using one of the whitelabel versions (e.g. from Elkjøp) you may not have the option to generate a CLI token. In this case you'll have to use the legacy authentication. To do this select yes when the setup asks for legacy authentication and enter your username and password. The rest of the setup is identical to the default setup.
-
Telia Cloud authentication
-
Similar to other whitelabel versions Telia Cloud doesn't offer the option of creating a CLI token, and additionally uses a separate authentication flow where the username is generated internally. To setup rclone to use Telia Cloud, choose Telia Cloud authentication in the setup. The rest of the setup is identical to the default setup.
-
Tele2 Cloud authentication
-
As Tele2-Com Hem merger was completed this authentication can be used for former Com Hem Cloud and Tele2 Cloud customers as no support for creating a CLI token exists, and additionally uses a separate authentication flow where the username is generated internally. To setup rclone to use Tele2 Cloud, choose Tele2 Cloud authentication in the setup. The rest of the setup is identical to the default setup.
-
Configuration
-
Here is an example of how to make a remote called remote with the default setup. First run:
-
rclone config
-
This will guide you through an interactive setup process:
-
No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / Jottacloud
- \ "jottacloud"
-[snip]
-Storage> jottacloud
-** See help for jottacloud backend at: https://rclone.org/jottacloud/ **
-
-Edit advanced config? (y/n)
-y) Yes
-n) No
-y/n> n
-Remote config
-Use legacy authentication?.
-This is only required for certain whitelabel versions of Jottacloud and not recommended for normal users.
-y) Yes
-n) No (default)
-y/n> n
-
-Generate a personal login token here: https://www.jottacloud.com/web/secure
-Login Token> <your token here>
-
-Do you want to use a non standard device/mountpoint e.g. for accessing files uploaded using the official Jottacloud client?
-
-y) Yes
-n) No
-y/n> y
-Please select the device to use. Normally this will be Jotta
-Choose a number from below, or type in an existing value
- 1 > DESKTOP-3H31129
- 2 > Jotta
-Devices> 2
-Please select the mountpoint to user. Normally this will be Archive
-Choose a number from below, or type in an existing value
- 1 > Archive
- 2 > Links
- 3 > Sync
-
-Mountpoints> 1
---------------------
-[jotta]
-type = jottacloud
-token = {........}
-device = Jotta
-mountpoint = Archive
-configVersion = 1
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-
Once configured you can then use rclone like this,
-
List directories in top level of your Jottacloud
-
rclone lsd remote:
-
List all the files in your Jottacloud
-
rclone ls remote:
-
To copy a local directory to an Jottacloud directory called backup
-
rclone copy /home/source remote:backup
-
Devices and Mountpoints
-
The official Jottacloud client registers a device for each computer you install it on, and then creates a mountpoint for each folder you select for Backup. The web interface uses a special device called Jotta for the Archive and Sync mountpoints.
-
With rclone you'll want to use the Jotta/Archive device/mountpoint in most cases, however if you want to access files uploaded by any of the official clients rclone provides the option to select other devices and mountpoints during config. Note that uploading files is currently not supported to other devices than Jotta.
-
The built-in Jotta device may also contain several other mountpoints, such as: Latest, Links, Shared and Trash. These are special mountpoints with a different internal representation than the "regular" mountpoints. Rclone will only to a very limited degree support them. Generally you should avoid these, unless you know what you are doing.
-
--fast-list
-
This remote supports --fast-list which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
-
Note that the implementation in Jottacloud always uses only a single API request to get the entire list, so for large folders this could lead to long wait time before the first results are shown.
-
Note also that with rclone version 1.58 and newer information about MIME types are not available when using --fast-list.
-
Modified time and hashes
-
Jottacloud allows modification times to be set on objects accurate to 1 second. These will be used to detect whether objects need syncing or not.
-
Jottacloud supports MD5 type hashes, so you can use the --checksum flag.
-
Note that Jottacloud requires the MD5 hash before upload so if the source does not have an MD5 checksum then the file will be cached temporarily on disk (in location given by --temp-dir) before it is uploaded. Small files will be cached in memory - see the --jottacloud-md5-memory-limit flag. When uploading from local disk the source checksum is always available, so this does not apply. Starting with rclone version 1.52 the same is true for crypted remotes (in older versions the crypt backend would not calculate hashes for uploads from local disk, so the Jottacloud backend had to do it as described above).
Invalid UTF-8 bytes will also be replaced, as they can't be used in XML strings.
-
Deleting files
-
By default, rclone will send all files to the trash when deleting files. They will be permanently deleted automatically after 30 days. You may bypass the trash and permanently delete files immediately by using the --jottacloud-hard-delete flag, or set the equivalent environment variable. Emptying the trash is supported by the cleanup command.
-
Versions
-
Jottacloud supports file versioning. When rclone uploads a new version of a file it creates a new version of it. Currently rclone only supports retrieving the current version but older versions can be accessed via the Jottacloud Website.
-
Versioning can be disabled by --jottacloud-no-versions option. This is achieved by deleting the remote file prior to uploading a new version. If the upload the fails no version of the file will be available in the remote.
-
Quota information
-
To view your current quota you can use the rclone about remote: command which will display your usage limit (unless it is unlimited) and the current usage.
-
Advanced options
-
Here are the advanced options specific to jottacloud (Jottacloud).
-
--jottacloud-md5-memory-limit
-
Files bigger than this will be cached on disk to calculate the MD5 if required.
+
--drive-size-as-quota
+
Show sizes as storage quota usage, not actual size.
+
Show the size of a file as the storage quota used. This is the current version plus any older versions that have been set to keep forever.
+
WARNING: This flag may have some unexpected consequences.
+
It is not recommended to set this flag in your config - the recommended usage is using the flag form --drive-size-as-quota when doing rclone ls/lsl/lsf/lsjson/etc only.
+
If you do use this flag for syncing (not recommended) then you will need to use --ignore size also.
Properties:
-
Config: md5_memory_limit
-
Env Var: RCLONE_JOTTACLOUD_MD5_MEMORY_LIMIT
+
Config: size_as_quota
+
Env Var: RCLONE_DRIVE_SIZE_AS_QUOTA
+
Type: bool
+
Default: false
+
+
--drive-v2-download-min-size
+
If Object's are greater, use drive v2 API to download.
+
Properties:
+
+
Config: v2_download_min_size
+
Env Var: RCLONE_DRIVE_V2_DOWNLOAD_MIN_SIZE
Type: SizeSuffix
-
Default: 10Mi
+
Default: off
-
--jottacloud-trashed-only
-
Only show files that are in the trash.
-
This will show trashed files in their original directory structure.
+
--drive-pacer-min-sleep
+
Minimum time to sleep between API calls.
Properties:
-
Config: trashed_only
-
Env Var: RCLONE_JOTTACLOUD_TRASHED_ONLY
+
Config: pacer_min_sleep
+
Env Var: RCLONE_DRIVE_PACER_MIN_SLEEP
+
Type: Duration
+
Default: 100ms
+
+
--drive-pacer-burst
+
Number of API calls to allow without sleeping.
+
Properties:
+
+
Config: pacer_burst
+
Env Var: RCLONE_DRIVE_PACER_BURST
+
Type: int
+
Default: 100
+
+
--drive-server-side-across-configs
+
Allow server-side operations (e.g. copy) to work across different drive configs.
+
This can be useful if you wish to do a server-side copy between two different Google drives. Note that this isn't enabled by default because it isn't easy to tell if it will work between any two configurations.
+
Properties:
+
+
Config: server_side_across_configs
+
Env Var: RCLONE_DRIVE_SERVER_SIDE_ACROSS_CONFIGS
Type: bool
Default: false
-
--jottacloud-hard-delete
-
Delete files permanently rather than putting them into the trash.
+
--drive-disable-http2
+
Disable drive using http2.
+
There is currently an unsolved issue with the google drive backend and HTTP/2. HTTP/2 is therefore disabled by default for the drive backend but can be re-enabled here. When the issue is solved this flag will be removed.
+
See: https://github.com/rclone/rclone/issues/3631
Properties:
-
Config: hard_delete
-
Env Var: RCLONE_JOTTACLOUD_HARD_DELETE
+
Config: disable_http2
+
Env Var: RCLONE_DRIVE_DISABLE_HTTP2
+
Type: bool
+
Default: true
+
+
--drive-stop-on-upload-limit
+
Make upload limit errors be fatal.
+
At the time of writing it is only possible to upload 750 GiB of data to Google Drive a day (this is an undocumented limit). When this limit is reached Google Drive produces a slightly different error message. When this flag is set it causes these errors to be fatal. These will stop the in-progress sync.
+
Note that this detection is relying on error message strings which Google don't document so it may break in the future.
+
See: https://github.com/rclone/rclone/issues/3857
+
Properties:
+
+
Config: stop_on_upload_limit
+
Env Var: RCLONE_DRIVE_STOP_ON_UPLOAD_LIMIT
Type: bool
Default: false
-
--jottacloud-upload-resume-limit
-
Files bigger than this can be resumed if the upload fail's.
+
--drive-stop-on-download-limit
+
Make download limit errors be fatal.
+
At the time of writing it is only possible to download 10 TiB of data from Google Drive a day (this is an undocumented limit). When this limit is reached Google Drive produces a slightly different error message. When this flag is set it causes these errors to be fatal. These will stop the in-progress sync.
+
Note that this detection is relying on error message strings which Google don't document so it may break in the future.
Properties:
-
Config: upload_resume_limit
-
Env Var: RCLONE_JOTTACLOUD_UPLOAD_RESUME_LIMIT
-
Type: SizeSuffix
-
Default: 10Mi
+
Config: stop_on_download_limit
+
Env Var: RCLONE_DRIVE_STOP_ON_DOWNLOAD_LIMIT
+
Type: bool
+
Default: false
-
--jottacloud-no-versions
-
Avoid server side versioning by deleting files and recreating files instead of overwriting them.
+
--drive-skip-shortcuts
+
If set skip shortcut files.
+
Normally rclone dereferences shortcut files making them appear as if they are the original file (see the shortcuts section). If this flag is set then rclone will ignore shortcut files completely.
Properties:
-
Config: no_versions
-
Env Var: RCLONE_JOTTACLOUD_NO_VERSIONS
+
Config: skip_shortcuts
+
Env Var: RCLONE_DRIVE_SKIP_SHORTCUTS
Type: bool
Default: false
-
--jottacloud-encoding
+
--drive-skip-dangling-shortcuts
+
If set skip dangling shortcut files.
+
If this is set then rclone will not show any dangling shortcuts in listings.
+
Properties:
+
+
Config: skip_dangling_shortcuts
+
Env Var: RCLONE_DRIVE_SKIP_DANGLING_SHORTCUTS
+
Type: bool
+
Default: false
+
+
--drive-resource-key
+
Resource key for accessing a link-shared file.
+
If you need to access files shared with a link like this
Then you will need to use the first part "XXX" as the "root_folder_id" and the second part "YYY" as the "resource_key" otherwise you will get 404 not found errors when trying to access the directory.
This resource key requirement only applies to a subset of old files.
+
Note also that opening the folder once in the web interface (with the user you've authenticated rclone with) seems to be enough so that the resource key is no needed.
Note that Jottacloud is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
-
There are quite a few characters that can't be in Jottacloud file names. Rclone will map these names to and from an identical looking unicode equivalent. For example if a file has a ? in it will be mapped to ? instead.
-
Jottacloud only supports filenames up to 255 characters in length.
-
Troubleshooting
-
Jottacloud exhibits some inconsistent behaviours regarding deleted files and folders which may cause Copy, Move and DirMove operations to previously deleted paths to fail. Emptying the trash should help in such cases.
-
Koofr
-
Paths are specified as remote:path
-
Paths may be as deep as required, e.g. remote:directory/subdirectory.
-
Configuration
-
The initial setup for Koofr involves creating an application password for rclone. You can do that by opening the Koofr web application, giving the password a nice name like rclone and clicking on generate.
-
Here is an example of how to make a remote called koofr. First run:
-
rclone config
-
This will guide you through an interactive setup process:
-
No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> koofr
-Option Storage.
-Type of storage to configure.
-Choose a number from below, or type in your own value.
-[snip]
-22 / Koofr, Digi Storage and other Koofr-compatible storage providers
- \ (koofr)
+
Backend commands
+
Here are the commands specific to the drive backend.
+
Run them with
+
rclone backend COMMAND remote:
+
The help below will explain what arguments each command takes.
+
See the backend command for more info on how to pass options and arguments.
+
These can be run on a running backend using the rc command backend/command.
+
get
+
Get command for fetching the drive config parameters
+
rclone backend get remote: [options] [<arguments>+]
+
This is a get command which will be used to fetch the various drive config parameters
In the first example this creates a shortcut from the "source_item" which can be a file or a directory to the "destination_shortcut". The "source_item" and the "destination_shortcut" should be relative paths from "drive:"
+
In the second example this creates a shortcut from the "source_item" relative to "drive:" to the "destination_shortcut" relative to "drive2:". This may fail with a permission error if the user authenticated with "drive2:" can't read files from "drive:".
+
Options:
+
+
"target": optional target remote for the shortcut destination
With the -o config parameter it will output the list in a format suitable for adding to a config file to make aliases for all the drives found and a combined drive.
+
[My Drive]
+type = alias
+remote = drive,team_drive=0ABCDEF-01234567890,root_folder_id=:
+
+[Test Drive]
+type = alias
+remote = drive,team_drive=0ABCDEFabcdefghijkl,root_folder_id=:
+
+[AllDrives]
+type = combine
+upstreams = "My Drive=My Drive:" "Test Drive=Test Drive:"
+
Adding this to the rclone config file will cause those team drives to be accessible with the aliases shown. Any illegal characters will be substituted with "_" and duplicate names will have numbers suffixed. It will also add a remote called AllDrives which shows all the shared drives combined into one directory tree.
It copies the drive file with ID given to the path (an rclone path which will be passed internally to rclone copyto). The ID and path pairs can be repeated.
+
The path should end with a / to indicate copy the file as named to this directory. If it doesn't end with a / then the last path component will be used as the file name.
+
If the destination is a drive backend then server-side copying will be attempted if possible.
+
Use the -i flag to see what would be copied before copying.
Drive has quite a lot of rate limiting. This causes rclone to be limited to transferring about 2 files per second only. Individual files may be transferred much faster at 100s of MiB/s but lots of small files can take a long time.
+
Server side copies are also subject to a separate rate limit. If you see User rate limit exceeded errors, wait at least 24 hours and retry. You can disable server-side copies with --disable copy to download and upload the files if you prefer.
+
Limitations of Google Docs
+
Google docs will appear as size -1 in rclone ls, rclone ncdu etc, and as size 0 in anything which uses the VFS layer, e.g. rclone mount and rclone serve. When calculating directory totals, e.g. in rclone size and rclone ncdu, they will be counted in as empty files.
+
This is because rclone can't find out the size of the Google docs without downloading them.
+
Google docs will transfer correctly with rclone sync, rclone copy etc as rclone knows to ignore the size when doing the transfer.
+
However an unfortunate consequence of this is that you may not be able to download Google docs using rclone mount. If it doesn't work you will get a 0 sized file. If you try again the doc may gain its correct size and be downloadable. Whether it will work on not depends on the application accessing the mount and the OS you are running - experiment to find out if it does work for you!
+
Duplicated files
+
Sometimes, for no reason I've been able to track down, drive will duplicate a file that rclone uploads. Drive unlike all the other remotes can have duplicated files.
+
Duplicated files cause problems with the syncing and you will see messages in the log about duplicates.
+
Use rclone dedupe to fix duplicated files.
+
Note that this isn't just a problem with rclone, even Google Photos on Android duplicates files on drive sometimes.
+
Rclone appears to be re-copying files it shouldn't
+
The most likely cause of this is the duplicated file issue above - run rclone dedupe and check your logs for duplicate object or directory messages.
+
This can also be caused by a delay/caching on google drive's end when comparing directory listings. Specifically with team drives used in combination with --fast-list. Files that were uploaded recently may not appear on the directory list sent to rclone when using --fast-list.
+
Waiting a moderate period of time between attempts (estimated to be approximately 1 hour) and/or not using --fast-list both seem to be effective in preventing the problem.
+
Making your own client_id
+
When you use rclone with Google drive in its default configuration you are using rclone's client_id. This is shared between all the rclone users. There is a global rate limit on the number of queries per second that each client_id can do set by Google. rclone already has a high quota and I will continue to make sure it is high enough by contacting Google.
+
It is strongly recommended to use your own client ID as the default rclone ID is heavily used. If you have multiple services running, it is recommended to use an API key for each service. The default Google quota is 10 transactions per second so it is recommended to stay under that number as if you use more than that, it will cause rclone to rate limit and make things slower.
+
Here is how to create your own Google Drive client ID for rclone:
+
+
Log into the Google API Console with your Google account. It doesn't matter what Google account you use. (It need not be the same account as the Google Drive you want to access)
+
Select a project or create a new project.
+
Under "ENABLE APIS AND SERVICES" search for "Drive", and enable the "Google Drive API".
+
Click "Credentials" in the left-side panel (not "Create credentials", which opens the wizard), then "Create credentials"
+
If you already configured an "Oauth Consent Screen", then skip to the next step; if not, click on "CONFIGURE CONSENT SCREEN" button (near the top right corner of the right panel), then select "External" and click on "CREATE"; on the next screen, enter an "Application name" ("rclone" is OK); enter "User Support Email" (your own email is OK); enter "Developer Contact Email" (your own email is OK); then click on "Save" (all other data is optional). Click again on "Credentials" on the left panel to go back to the "Credentials" screen.
+
(PS: if you are a GSuite user, you could also select "Internal" instead of "External" above, but this will restrict API use to Google Workspace users in your organisation).
+
Click on the "+ CREATE CREDENTIALS" button at the top of the screen, then select "OAuth client ID".
+
Choose an application type of "Desktop app" and click "Create". (the default name is fine)
+
It will show you a client ID and client secret. Make a note of these.
+
(If you selected "External" at Step 5 continue to "Publish App" in the Steps 9 and 10. If you chose "Internal" you don't need to publish and can skip straight to Step 11.)
+
Go to "Oauth consent screen" and press "Publish App"
+
Click "OAuth consent screen", then click "PUBLISH APP" button and confirm, or add your account under "Test users".
+
Provide the noted client ID and client secret to rclone.
+
+
Be aware that, due to the "enhanced security" recently introduced by Google, you are theoretically expected to "submit your app for verification" and then wait a few weeks(!) for their response; in practice, you can go right ahead and use the client ID and client secret with rclone, the only issue will be a very scary confirmation screen shown when you connect via your browser for rclone to be able to get its token-id (but as this only happens during the remote configuration, it's not such a big deal).
+
(Thanks to @balazer on github for these instructions.)
+
Sometimes, creation of an OAuth consent in Google API Console fails due to an error message “The request failed because changes to one of the field of the resource is not supported”. As a convenient workaround, the necessary Google Drive API key can be created on the Python Quickstart page. Just push the Enable the Drive API button to receive the Client ID and Secret. Note that it will automatically create a new project in the API Console.
+
Google Photos
+
The rclone backend for Google Photos is a specialized backend for transferring photos and videos to and from Google Photos.
+
NB The Google Photos API which rclone uses has quite a few limitations, so please read the limitations section carefully to make sure it is suitable for your use.
+
Configuration
+
The initial setup for google cloud storage involves getting a token from Google Photos which you need to do in your browser. rclone config walks you through it.
+
Here is an example of how to make a remote called remote. First run:
+
rclone config
+
This will guide you through an interactive setup process:
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> remote
+Type of storage to configure.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
[snip]
-Storage> koofr
-Option provider.
-Choose your storage provider.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / Koofr, https://app.koofr.net/
- \ (koofr)
- 2 / Digi Storage, https://storage.rcs-rds.ro/
- \ (digistorage)
- 3 / Any other Koofr API compatible storage service
- \ (other)
-provider> 1
-Option user.
-Your user name.
-Enter a value.
-user> USERNAME
-Option password.
-Your password for rclone (generate one at https://app.koofr.net/app/admin/preferences/password).
-Choose an alternative below.
-y) Yes, type in my own password
-g) Generate random password
-y/g> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Edit advanced config?
+XX / Google Photos
+ \ "google photos"
+[snip]
+Storage> google photos
+** See help for google photos backend at: https://rclone.org/googlephotos/ **
+
+Google Application Client Id
+Leave blank normally.
+Enter a string value. Press Enter for the default ("").
+client_id>
+Google Application Client Secret
+Leave blank normally.
+Enter a string value. Press Enter for the default ("").
+client_secret>
+Set to make the Google Photos backend read only.
+
+If you choose read only then rclone will only request read only access
+to your photos, otherwise rclone will request full access.
+Enter a boolean value (true or false). Press Enter for the default ("false").
+read_only>
+Edit advanced config? (y/n)
y) Yes
-n) No (default)
+n) No
y/n> n
Remote config
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
+y) Yes
+n) No
+y/n> y
+If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
+Log in and authorize rclone for access
+Waiting for code...
+Got code
+
+*** IMPORTANT: All media items uploaded to Google Photos with rclone
+*** are stored in full resolution at original quality. These uploads
+*** will count towards storage in your Google Account.
+
--------------------
-[koofr]
-type = koofr
-provider = koofr
-user = USERNAME
-password = *** ENCRYPTED ***
+[remote]
+type = google photos
+token = {"access_token":"XXX","token_type":"Bearer","refresh_token":"XXX","expiry":"2019-06-28T17:38:04.644930156+01:00"}
--------------------
-y) Yes this is OK (default)
+y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y
-
You can choose to edit advanced config in order to enter your own service URL if you use an on-premise or white label Koofr instance, or choose an alternative mount instead of your primary storage.
-
Once configured you can then use rclone like this,
-
List directories in top level of your Koofr
-
rclone lsd koofr:
-
List all the files in your Koofr
-
rclone ls koofr:
-
To copy a local directory to an Koofr directory called backup
Invalid UTF-8 bytes will also be replaced, as they can't be used in XML strings.
-
Standard options
-
Here are the standard options specific to koofr (Koofr, Digi Storage and other Koofr-compatible storage providers).
-
--koofr-provider
-
Choose your storage provider.
-
Properties:
-
-
Config: provider
-
Env Var: RCLONE_KOOFR_PROVIDER
-
Type: string
-
Required: false
-
Examples:
-
-
"koofr"
+
See the remote setup docs for how to set it up on a machine with no Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the token as returned from Google if using web browser to automatically authenticate. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this may require you to unblock it temporarily if you are running a host firewall, or use manual mode.
+
This remote is called remote and can now be used like this
+
See all the albums in your photos
+
rclone lsd remote:album
+
Make a new album
+
rclone mkdir remote:album/newAlbum
+
List the contents of an album
+
rclone ls remote:album/newAlbum
+
Sync /home/local/images to the Google Photos, removing any excess files in the album.
As Google Photos is not a general purpose cloud storage system the backend is laid out to help you navigate it.
+
The directories under media show different ways of categorizing the media. Each file will appear multiple times. So if you want to make a backup of your google photos you might choose to backup remote:media/by-month. (NBremote:media/by-day is rather slow at the moment so avoid for syncing.)
+
Note that all your photos and videos will appear somewhere under media, but they may not appear under album unless you've put them into albums.
There are two writable parts of the tree, the upload directory and sub directories of the album directory.
+
The upload directory is for uploading files you don't want to put into albums. This will be empty to start with and will contain the files you've uploaded for one rclone session only, becoming empty again when you restart rclone. The use case for this would be if you have a load of files you just want to once off dump into Google Photos. For repeated syncing, uploading to album will work better.
+
Directories within the album directory are also writeable and you may create new directories (albums) under album. If you copy files with a directory hierarchy in there then rclone will create albums with the / character in them. For example if you do
Here are the advanced options specific to koofr (Koofr, Digi Storage and other Koofr-compatible storage providers).
-
--koofr-mountid
-
Mount ID of the mount to use.
-
If omitted, the primary mount is used.
+
--gphotos-token-url
+
Token server url.
+
Leave blank to use the provider defaults.
Properties:
-
Config: mountid
-
Env Var: RCLONE_KOOFR_MOUNTID
+
Config: token_url
+
Env Var: RCLONE_GPHOTOS_TOKEN_URL
Type: string
Required: false
-
--koofr-setmtime
-
Does the backend support setting modification time.
-
Set this to false if you use a mount ID that points to a Dropbox or Amazon Drive backend.
+
--gphotos-read-size
+
Set to read the size of media items.
+
Normally rclone does not read the size of media items since this takes another transaction. This isn't necessary for syncing. However rclone mount needs to know the size of files in advance of reading them, so setting this flag when using rclone mount is recommended if you want to read the media.
Properties:
-
Config: setmtime
-
Env Var: RCLONE_KOOFR_SETMTIME
+
Config: read_size
+
Env Var: RCLONE_GPHOTOS_READ_SIZE
Type: bool
-
Default: true
+
Default: false
-
--koofr-encoding
+
--gphotos-start-year
+
Year limits the photos to be downloaded to those which are uploaded after the given year.
+
Properties:
+
+
Config: start_year
+
Env Var: RCLONE_GPHOTOS_START_YEAR
+
Type: int
+
Default: 2000
+
+
--gphotos-include-archived
+
Also view and download archived media.
+
By default, rclone does not request archived media. Thus, when syncing, archived media is not visible in directory listings or transferred.
+
Note that media in albums is always visible and synced, no matter their archive status.
+
With this flag, archived media are always visible in directory listings and transferred.
+
Without this flag, archived media will not be visible in directory listings and won't be transferred.
Note that Koofr is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
-
Providers
-
Koofr
-
This is the original Koofr storage provider used as main example and described in the configuration section above.
-
Digi Storage
-
Digi Storage is a cloud storage service run by Digi.ro that provides a Koofr API.
-
Here is an example of how to make a remote called ds. First run:
-
rclone config
-
This will guide you through an interactive setup process:
+
Limitations
+
Only images and videos can be uploaded. If you attempt to upload non videos or images or formats that Google Photos doesn't understand, rclone will upload the file, then Google Photos will give an error when it is put turned into a media item.
+
Note that all media items uploaded to Google Photos through the API are stored in full resolution at "original quality" and will count towards your storage quota in your Google Account. The API does not offer a way to upload in "high quality" mode..
+
rclone about is not supported by the Google Photos backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
When Images are downloaded this strips EXIF location (according to the docs and my tests). This is a limitation of the Google Photos API and is covered by bug #112096115.
+
The current google API does not allow photos to be downloaded at original resolution. This is very important if you are, for example, relying on "Google Photos" as a backup of your photos. You will not be able to use rclone to redownload original images. You could use 'google takeout' to recover the original photos as a last resort
+
Downloading Videos
+
When videos are downloaded they are downloaded in a really compressed version of the video compared to downloading it via the Google Photos web interface. This is covered by bug #113672044.
+
Duplicates
+
If a file name is duplicated in a directory then rclone will add the file ID into its name. So two files called file.jpg would then appear as file {123456}.jpg and file {ABCDEF}.jpg (the actual IDs are a lot longer alas!).
+
If you upload the same image (with the same binary data) twice then Google Photos will deduplicate it. However it will retain the filename from the first upload which may confuse rclone. For example if you uploaded an image to upload then uploaded the same image to album/my_album the filename of the image in album/my_album will be what it was uploaded with initially, not what you uploaded it with to album. In practise this shouldn't cause too many problems.
+
Modified time
+
The date shown of media in Google Photos is the creation date as determined by the EXIF information, or the upload date if that is not known.
+
This is not changeable by rclone and is not the modification date of the media on local disk. This means that rclone cannot use the dates from Google Photos for syncing purposes.
+
Size
+
The Google Photos API does not return the size of media. This means that when syncing to Google Photos, rclone can only do a file existence check.
+
It is possible to read the size of the media, but this needs an extra HTTP HEAD request per media item so is very slow and uses up a lot of transactions. This can be enabled with the --gphotos-read-size option or the read_size = true config parameter.
+
If you want to use the backend with rclone mount you may need to enable this flag (depending on your OS and application using the photos) otherwise you may not be able to read media off the mount. You'll need to experiment to see if it works for you without the flag.
Rclone can remove files it uploaded from albums it created only.
+
Deleting files
+
Rclone can remove files from albums it created, but note that the Google Photos API does not allow media to be deleted permanently so this media will still remain. See bug #109759781.
+
Rclone cannot delete files anywhere except under album.
+
Deleting albums
+
The Google Photos API does not support deleting albums - see bug #135714733.
+
Hasher
+
Hasher is a special overlay backend to create remotes which handle checksums for other remotes. It's main functions include: - Emulate hash types unimplemented by backends - Cache checksums to help with slow hashing of large local or (S)FTP files - Warm up checksum cache from external SUM files
+
Getting started
+
To use Hasher, first set up the underlying remote following the configuration instructions for that remote. You can also use a local pathname instead of a remote. Check that your base remote is working.
+
Let's call the base remote myRemote:path here. Note that anything inside myRemote:path will be handled by hasher and anything outside won't. This means that if you are using a bucket based remote (S3, B2, Swift) then you should put the bucket in the remote s3:bucket.
+
Now proceed to interactive or manual configuration.
+
Interactive configuration
+
Run rclone config:
No remotes found, make a new one?
n) New remote
s) Set configuration password
q) Quit config
n/s/q> n
-name> ds
-Option Storage.
+name> Hasher1
Type of storage to configure.
-Choose a number from below, or type in your own value.
+Choose a number from below, or type in your own value
[snip]
-22 / Koofr, Digi Storage and other Koofr-compatible storage providers
- \ (koofr)
+XX / Handle checksums for other remotes
+ \ "hasher"
[snip]
-Storage> koofr
-Option provider.
-Choose your storage provider.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / Koofr, https://app.koofr.net/
- \ (koofr)
- 2 / Digi Storage, https://storage.rcs-rds.ro/
- \ (digistorage)
- 3 / Any other Koofr API compatible storage service
- \ (other)
-provider> 2
-Option user.
-Your user name.
-Enter a value.
-user> USERNAME
-Option password.
-Your password for rclone (generate one at https://storage.rcs-rds.ro/app/admin/preferences/password).
-Choose an alternative below.
-y) Yes, type in my own password
-g) Generate random password
-y/g> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Edit advanced config?
+Storage> hasher
+Remote to cache checksums for, like myremote:mypath.
+Enter a string value. Press Enter for the default ("").
+remote> myRemote:path
+Comma separated list of supported checksum types.
+Enter a string value. Press Enter for the default ("md5,sha1").
+hashsums> md5
+Maximum time to keep checksums in cache. 0 = no cache, off = cache forever.
+max_age> off
+Edit advanced config? (y/n)
y) Yes
-n) No (default)
+n) No
y/n> n
+Remote config
--------------------
-[ds]
-type = koofr
-provider = digistorage
-user = USERNAME
-password = *** ENCRYPTED ***
+[Hasher1]
+type = hasher
+remote = myRemote:path
+hashsums = md5
+max_age = off
--------------------
-y) Yes this is OK (default)
+y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y
-
Other
-
You may also want to use another, public or private storage provider that runs a Koofr API compatible service, by simply providing the base URL to connect to.
-
Here is an example of how to make a remote called other. First run:
+
Manual configuration
+
Run rclone config path to see the path of current active config file, usually YOURHOME/.config/rclone/rclone.conf. Open it in your favorite text editor, find section for the base remote and create new section for hasher like in the following examples:
Hasher takes basically the following parameters: - remote is required, - hashes is a comma separated list of supported checksums (by default md5,sha1), - max_age - maximum time to keep a checksum value in the cache, 0 will disable caching completely, off will cache "forever" (that is until the files get changed).
+
Make sure the remote has : (colon) in. If you specify the remote without a colon then rclone will use a local directory of that name. So if you use a remote of /local/path then rclone will handle hashes for that directory. If you use remote = name literally then rclone will put files in a directory called name located under current directory.
+
Usage
+
Basic operations
+
Now you can use it as Hasher2:subdir/file instead of base remote. Hasher will transparently update cache with new checksums when a file is fully read or overwritten, like:
The way to refresh all cached checksums (even unsupported by the base backend) for a subtree is to re-download all files in the subtree. For example, use hashsum --download using any supported hashsum on the command line (we just care to re-read):
Instead of SHA1 it can be any hash supported by the remote. The last argument can point to either a local or an other-remote:path text file in SUM format. The command will parse the SUM file, then walk down the path given by the first argument, snapshot current fingerprints and fill in the cache entries correspondingly. - Paths in the SUM file are treated as relative to hasher:dir/subdir. - The command will not check that supplied values are correct. You must know what you are doing. - This is a one-time action. The SUM file will not get "attached" to the remote. Cache entries can still be overwritten later, should the object's fingerprint change. - The tree walk can take long depending on the tree size. You can increase --checkers to make it faster. Or use stickyimport if you don't care about fingerprints and consistency.
stickyimport is similar to import but works much faster because it does not need to stat existing files and skips initial tree walk. Instead of binding cache entries to file fingerprints it creates sticky entries bound to the file name alone ignoring size, modification time etc. Such hash entries can be replaced only by purge, delete, backend drop or by full re-read/re-write of the files.
+
Configuration reference
+
Standard options
+
Here are the Standard options specific to hasher (Better checksums for other remotes).
+
--hasher-remote
+
Remote to cache checksums for (e.g. myRemote:path).
+
Properties:
+
+
Config: remote
+
Env Var: RCLONE_HASHER_REMOTE
+
Type: string
+
Required: true
+
+
--hasher-hashes
+
Comma separated list of supported checksum types.
+
Properties:
+
+
Config: hashes
+
Env Var: RCLONE_HASHER_HASHES
+
Type: CommaSepList
+
Default: md5,sha1
+
+
--hasher-max-age
+
Maximum time to keep checksums in cache (0 = no cache, off = cache forever).
+
Properties:
+
+
Config: max_age
+
Env Var: RCLONE_HASHER_MAX_AGE
+
Type: Duration
+
Default: off
+
+
Advanced options
+
Here are the Advanced options specific to hasher (Better checksums for other remotes).
+
--hasher-auto-size
+
Auto-update checksum for files smaller than this size (disabled by default).
+
Properties:
+
+
Config: auto_size
+
Env Var: RCLONE_HASHER_AUTO_SIZE
+
Type: SizeSuffix
+
Default: 0
+
+
Metadata
+
Any metadata supported by the underlying remote is read and written.
Fill hash cache from a SUM file without verifying file fingerprints. Usage Example: rclone backend stickyimport hasher:subdir md5 remote:path/to/sum.md5
+
Implementation details (advanced)
+
This section explains how various rclone operations work on a hasher remote.
+
Disclaimer. This section describes current implementation which can change in future rclone versions!.
+
Hashsum command
+
The rclone hashsum (or md5sum or sha1sum) command will:
+
+
if requested hash is supported by lower level, just pass it.
+
if object size is below auto_size then download object and calculate requested hashes on the fly.
+
if unsupported and the size is big enough, build object fingerprint (including size, modtime if supported, first-found other hash if any).
+
if the strict match is found in cache for the requested remote, return the stored hash.
+
if remote found but fingerprint mismatched, then purge the entry and proceed to step 6.
+
if remote not found or had no requested hash type or after step 5: download object, calculate all supported hashes on the fly and store in cache; return requested hash.
+
+
Other operations
+
+
whenever a file is uploaded or downloaded in full, capture the stream to calculate all supported hashes on the fly and update database
+
server-side move will update keys of existing cache entries
+
deletefile will remove a single cache entry
+
purge will remove all cache entries under the purged path
+
+
Note that setting max_age = 0 will disable checksum caching completely.
+
If you set max_age = off, checksums in cache will never age, unless you fully rewrite or delete the file.
+
Cache storage
+
Cached checksums are stored as bolt database files under rclone cache directory, usually ~/.cache/rclone/kv/. Databases are maintained one per base backend, named like BaseRemote~hasher.bolt. Checksums for multiple alias-es into a single base backend will be stored in the single database. All local paths are treated as aliases into the local backend (unless crypted or chunked) and stored in ~/.cache/rclone/kv/local~hasher.bolt. Databases can be shared between multiple rclone processes.
+
HDFS
+
HDFS is a distributed file-system, part of the Apache Hadoop framework.
+
Paths are specified as remote: or remote:path/to/dir.
+
Configuration
+
Here is an example of how to make a remote called remote. First run:
rclone config
This will guide you through an interactive setup process:
No remotes found, make a new one?
@@ -19048,149 +21314,87 @@
Other
s) Set configuration password
q) Quit config
n/s/q> n
-name> other
-Option Storage.
+name> remote
Type of storage to configure.
-Choose a number from below, or type in your own value.
-[snip]
-22 / Koofr, Digi Storage and other Koofr-compatible storage providers
- \ (koofr)
-[snip]
-Storage> koofr
-Option provider.
-Choose your storage provider.
-Choose a number from below, or type in your own value.
-Press Enter to leave empty.
- 1 / Koofr, https://app.koofr.net/
- \ (koofr)
- 2 / Digi Storage, https://storage.rcs-rds.ro/
- \ (digistorage)
- 3 / Any other Koofr API compatible storage service
- \ (other)
-provider> 3
-Option endpoint.
-The Koofr API endpoint to use.
-Enter a value.
-endpoint> https://koofr.other.org
-Option user.
-Your user name.
-Enter a value.
-user> USERNAME
-Option password.
-Your password for rclone (generate one at your service's settings page).
-Choose an alternative below.
-y) Yes, type in my own password
-g) Generate random password
-y/g> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Edit advanced config?
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+[skip]
+XX / Hadoop distributed file system
+ \ "hdfs"
+[skip]
+Storage> hdfs
+** See help for hdfs backend at: https://rclone.org/hdfs/ **
+
+hadoop name node and port
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 1 / Connect to host namenode at port 8020
+ \ "namenode:8020"
+namenode> namenode.hadoop:8020
+hadoop user name
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 1 / Connect to hdfs as root
+ \ "root"
+username> root
+Edit advanced config? (y/n)
y) Yes
n) No (default)
y/n> n
+Remote config
+--------------------
+[remote]
+type = hdfs
+namenode = namenode.hadoop:8020
+username = root
--------------------
-[other]
-type = koofr
-provider = other
-endpoint = https://koofr.other.org
-user = USERNAME
-password = *** ENCRYPTED ***
---------------------
y) Yes this is OK (default)
e) Edit this remote
d) Delete this remote
-y/e/d> y
-
Mail.ru Cloud
-
Mail.ru Cloud is a cloud storage provided by a Russian internet company Mail.Ru Group. The official desktop client is Disk-O:, available on Windows and Mac OS.
-
Currently it is recommended to disable 2FA on Mail.ru accounts intended for rclone until it gets eventually implemented.
-
Features highlights
-
-
Paths may be as deep as required, e.g. remote:directory/subdirectory
-
Files have a last modified time property, directories don't
-
Deleted files are by default moved to the trash
-
Files and directories can be shared via public links
-
Partial uploads or streaming are not supported, file size must be known before upload
-
Maximum file size is limited to 2G for a free account, unlimited for paid accounts
-
Storage keeps hash for all files and performs transparent deduplication, the hash algorithm is a modified SHA1
-
If a particular file is already present in storage, one can quickly submit file hash instead of long file upload (this optimization is supported by rclone)
-
-
Configuration
-
Here is an example of making a mailru configuration. First create a Mail.ru Cloud account and choose a tariff, then run
-
rclone config
-
This will guide you through an interactive setup process:
-
No remotes found, make a new one?
+y/e/d> y
+Current remotes:
+
+Name Type
+==== ====
+hadoop hdfs
+
+e) Edit existing remote
n) New remote
+d) Delete remote
+r) Rename remote
+c) Copy remote
s) Set configuration password
q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / Mail.ru Cloud
- \ "mailru"
-[snip]
-Storage> mailru
-User name (usually email)
-Enter a string value. Press Enter for the default ("").
-user> username@mail.ru
-Password
-y) Yes type in my own password
-g) Generate random password
-y/g> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Skip full upload if there is another file with same data hash.
-This feature is called "speedup" or "put by hash". It is especially efficient
-in case of generally available files like popular books, video or audio clips
-[snip]
-Enter a boolean value (true or false). Press Enter for the default ("true").
-Choose a number from below, or type in your own value
- 1 / Enable
- \ "true"
- 2 / Disable
- \ "false"
-speedup_enable> 1
-Edit advanced config? (y/n)
-y) Yes
-n) No
-y/n> n
-Remote config
---------------------
-[remote]
-type = mailru
-user = username@mail.ru
-pass = *** ENCRYPTED ***
-speedup_enable = true
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-
Configuration of this backend does not require a local web browser. You can use the configured backend as shown below:
-
See top level directories
+e/n/d/r/c/s/q> q
+
This remote is called remote and can now be used like this
+
See all the top level directories
rclone lsd remote:
-
Make a new directory
-
rclone mkdir remote:directory
List the contents of a directory
rclone ls remote:directory
-
Sync /home/local/directory to the remote path, deleting any excess files in the path.
Files support a modification time attribute with up to 1 second precision. Directories do not have a modification time, which is shown as "Jan 1 1970".
-
Hash checksums
-
Hash sums use a custom Mail.ru algorithm based on SHA1. If file size is less than or equal to the SHA1 block size (20 bytes), its hash is simply its data right-padded with zero bytes. Hash sum of a larger file is computed as a SHA1 sum of the file data bytes concatenated with a decimal representation of the data length.
-
Emptying Trash
-
Removing a file or directory actually moves it to the trash, which is not visible to rclone but can be seen in a web browser. The trashed file still occupies part of total quota. If you wish to empty your trash and free some quota, you can use the rclone cleanup remote: command, which will permanently delete all your trashed files. This command does not take any path arguments.
-
Quota information
-
To view your current quota you can use the rclone about remote: command which will display your usage limit (quota) and the current usage.
-
Restricted filename characters
+
Sync the remote directory to /home/local/directory, deleting any excess files.
Skip full upload if there is another file with same data hash.
-
This feature is called "speedup" or "put by hash". It is especially efficient in case of generally available files like popular books, video or audio clips, because files are searched by hash in all accounts of all mailru users. It is meaningless and ineffective if source file is unique or encrypted. Please note that rclone may need local memory and disk space to calculate content hash in advance and decide whether full upload is required. Also, if rclone does not know file size in advance (e.g. in case of streaming or partial uploads), it will not even try this optimization.
-
Properties:
-
-
Config: speedup_enable
-
Env Var: RCLONE_MAILRU_SPEEDUP_ENABLE
-
Type: bool
-
Default: true
+
Required: false
Examples:
-
"true"
-
-
Enable
-
-
"false"
+
"root"
-
Disable
+
Connect to hdfs as root.
-
Advanced options
-
Here are the advanced options specific to mailru (Mail.ru Cloud).
-
--mailru-speedup-file-patterns
-
Comma separated list of file name patterns eligible for speedup (put by hash).
-
Patterns are case insensitive and can contain '*' or '?' meta characters.
+
Advanced options
+
Here are the Advanced options specific to hdfs (Hadoop distributed file system).
+
--hdfs-service-principal-name
+
Kerberos service principal name for the namenode.
+
Enables KERBEROS authentication. Specifies the Service Principal Name (SERVICE/FQDN) for the namenode. E.g. "hdfs/namenode.hadoop.docker" for namenode running as service 'hdfs' with FQDN 'namenode.hadoop.docker'.
Properties:
-
Config: speedup_file_patterns
-
Env Var: RCLONE_MAILRU_SPEEDUP_FILE_PATTERNS
+
Config: service_principal_name
+
Env Var: RCLONE_HDFS_SERVICE_PRINCIPAL_NAME
Type: string
-
Default: ".mkv,.avi,.mp4,.mp3,.zip,.gz,.rar,.pdf"
-
Examples:
-
-
""
-
-
Empty list completely disables speedup (put by hash).
-
-
"*"
+
Required: false
+
+
--hdfs-data-transfer-protection
+
Kerberos data transfer protection: authentication|integrity|privacy.
+
Specifies whether or not authentication, data signature integrity checks, and wire encryption is required when communicating the the datanodes. Possible values are 'authentication', 'integrity' and 'privacy'. Used only with KERBEROS enabled.
+
Properties:
-
All files will be attempted for speedup.
-
-
".mkv,.avi,.mp4,.mp3"
+
Config: data_transfer_protection
+
Env Var: RCLONE_HDFS_DATA_TRANSFER_PROTECTION
+
Type: string
+
Required: false
+
Examples:
-
Only common audio/video files will be tried for put by hash.
-
-
".zip,.gz,.rar,.pdf"
+
"privacy"
-
Only common archives or PDF books will be tried for speedup.
+
Ensure authentication, integrity and encryption enabled.
-
--mailru-speedup-max-disk
-
This option allows you to disable speedup (put by hash) for large files.
-
Reason is that preliminary hashing can exhaust your RAM or disk space.
Paths may be as deep as required, e.g. remote:directory/subdirectory.
+
The initial setup for hidrive involves getting a token from HiDrive which you need to do in your browser. rclone config walks you through it.
+
Configuration
+
Here is an example of how to make a remote called remote. First run:
+
rclone config
+
This will guide you through an interactive setup process:
+
No remotes found - make a new one
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> remote
+Type of storage to configure.
+Choose a number from below, or type in your own value
+[snip]
+XX / HiDrive
+ \ "hidrive"
+[snip]
+Storage> hidrive
+OAuth Client Id - Leave blank normally.
+client_id>
+OAuth Client Secret - Leave blank normally.
+client_secret>
+Access permissions that rclone should use when requesting access from HiDrive.
+Leave blank normally.
+scope_access>
+Edit advanced config?
+y/n> n
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
+y/n> y
+If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth?state=xxxxxxxxxxxxxxxxxxxxxx
+Log in and authorize rclone for access
+Waiting for code...
+Got code
+--------------------
+[remote]
+type = hidrive
+token = {"access_token":"xxxxxxxxxxxxxxxxxxxx","token_type":"Bearer","refresh_token":"xxxxxxxxxxxxxxxxxxxxxxx","expiry":"xxxxxxxxxxxxxxxxxxxxxxx"}
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
You should be aware that OAuth-tokens can be used to access your account and hence should not be shared with other persons. See the below section for more information.
+
See the remote setup docs for how to set it up on a machine with no Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the token as returned from HiDrive. This only runs from the moment it opens your browser to the moment you get back the verification code. The webserver runs on http://127.0.0.1:53682/. If local port 53682 is protected by a firewall you may need to temporarily unblock the firewall to complete authorization.
+
Once configured you can then use rclone like this,
+
List directories in top level of your HiDrive root folder
+
rclone lsd remote:
+
List all the files in your HiDrive filesystem
+
rclone ls remote:
+
To copy a local directory to a HiDrive directory called backup
+
rclone copy /home/source remote:backup
+
Keeping your tokens safe
+
Any OAuth-tokens will be stored by rclone in the remote's configuration file as unencrypted text. Anyone can use a valid refresh-token to access your HiDrive filesystem without knowing your password. Therefore you should make sure no one else can access your configuration.
+
It is possible to encrypt rclone's configuration file. You can find information on securing your configuration file by viewing the configuration encryption docs.
+
Invalid refresh token
+
As can be verified here, each refresh_token (for Native Applications) is valid for 60 days. If used to access HiDrivei, its validity will be automatically extended.
+
This means that if you
-
Files larger than 1Gb will be uploaded directly.
+
Don't use the HiDrive remote for 60 days
+
+
then rclone will return an error which includes a text that implies the refresh token is invalid or expired.
+
To fix this you will need to authorize rclone to access your HiDrive account again.
+
Using
+
rclone config reconnect remote:
+
the process is very similar to the process of initial setup exemplified before.
+
Modified time and hashes
+
HiDrive allows modification times to be set on objects accurate to 1 second.
+
HiDrive supports its own hash type which is used to verify the integrity of file contents after successful transfers.
+
Restricted filename characters
+
HiDrive cannot store files or folders that include / (0x2F) or null-bytes (0x00) in their name. Any other characters can be used in the names of files or folders. Additionally, files or folders cannot be named either of the following: . or ..
+
Therefore rclone will automatically replace these characters, if files or folders are stored or accessed with such names.
+
You can read about how this filename encoding works in general here.
+
Keep in mind that HiDrive only supports file or folder names with a length of 255 characters or less.
+
Transfers
+
HiDrive limits file sizes per single request to a maximum of 2 GiB. To allow storage of larger files and allow for better upload performance, the hidrive backend will use a chunked transfer for files larger than 96 MiB. Rclone will upload multiple parts/chunks of the file at the same time. Chunks in the process of being uploaded are buffered in memory, so you may want to restrict this behaviour on systems with limited resources.
+
You can customize this behaviour using the following options:
+
+
chunk_size: size of file parts
+
upload_cutoff: files larger or equal to this in size will use a chunked transfer
+
upload_concurrency: number of file-parts to upload at the same time
+
+
See the below section about configuration options for more details.
+
Root folder
+
You can set the root folder for rclone. This is the directory that rclone considers to be the root of your HiDrive.
+
Usually, you will leave this blank, and rclone will use the root of the account.
+
However, you can set this to restrict rclone to a specific folder hierarchy.
+
This works by prepending the contents of the root_prefix option to any paths accessed by rclone. For example, the following two ways to access the home directory are equivalent:
See the below section about configuration options for more details.
+
Directory member count
+
By default, rclone will know the number of directory members contained in a directory. For example, rclone lsd uses this information.
+
The acquisition of this information will result in additional time costs for HiDrive's API. When dealing with large directory structures, it may be desirable to circumvent this time cost, especially when this information is not explicitly needed. For this, the disable_fetching_member_count option can be used.
+
See the below section about configuration options for more details.
+
Standard options
+
Here are the Standard options specific to hidrive (HiDrive).
+
--hidrive-client-id
+
OAuth Client Id.
+
Leave blank normally.
+
Properties:
+
+
Config: client_id
+
Env Var: RCLONE_HIDRIVE_CLIENT_ID
+
Type: string
+
Required: false
+
+
--hidrive-client-secret
+
OAuth Client Secret.
+
Leave blank normally.
+
Properties:
+
+
Config: client_secret
+
Env Var: RCLONE_HIDRIVE_CLIENT_SECRET
+
Type: string
+
Required: false
+
+
--hidrive-scope-access
+
Access permissions that rclone should use when requesting access from HiDrive.
+
Properties:
+
+
Config: scope_access
+
Env Var: RCLONE_HIDRIVE_SCOPE_ACCESS
+
Type: string
+
Default: "rw"
+
Examples:
+
+
"rw"
+
+
Read and write access to resources.
-
"3G"
+
"ro"
-
Choose this option if you have less than 3Gb free on local disk.
+
Read-only access to resources.
-
--mailru-speedup-max-memory
-
Files larger than the size given below will always be hashed on disk.
+
Advanced options
+
Here are the Advanced options specific to hidrive (HiDrive).
+
--hidrive-token
+
OAuth Access Token as a JSON blob.
Properties:
-
Config: speedup_max_memory
-
Env Var: RCLONE_MAILRU_SPEEDUP_MAX_MEMORY
-
Type: SizeSuffix
-
Default: 32Mi
+
Config: token
+
Env Var: RCLONE_HIDRIVE_TOKEN
+
Type: string
+
Required: false
+
+
--hidrive-auth-url
+
Auth server URL.
+
Leave blank to use the provider defaults.
+
Properties:
+
+
Config: auth_url
+
Env Var: RCLONE_HIDRIVE_AUTH_URL
+
Type: string
+
Required: false
+
+
--hidrive-token-url
+
Token server url.
+
Leave blank to use the provider defaults.
+
Properties:
+
+
Config: token_url
+
Env Var: RCLONE_HIDRIVE_TOKEN_URL
+
Type: string
+
Required: false
+
+
--hidrive-scope-role
+
User-level that rclone should use when requesting access from HiDrive.
+
Properties:
+
+
Config: scope_role
+
Env Var: RCLONE_HIDRIVE_SCOPE_ROLE
+
Type: string
+
Default: "user"
Examples:
-
"0"
+
"user"
-
Preliminary hashing will always be done in a temporary disk location.
+
User-level access to management permissions.
+
This will be sufficient in most cases.
-
"32M"
+
"admin"
-
Do not dedicate more than 32Mb RAM for preliminary hashing.
+
Extensive access to management permissions.
-
"256M"
+
"owner"
-
You have at most 256Mb RAM free for hash calculations.
+
Full access to management permissions.
-
--mailru-check-hash
-
What should copy do if file checksum is mismatched or invalid.
+
--hidrive-root-prefix
+
The root/parent folder for all paths.
+
Fill in to use the specified folder as the parent for all paths given to the remote. This way rclone can use any folder as its starting point.
Properties:
-
Config: check_hash
-
Env Var: RCLONE_MAILRU_CHECK_HASH
-
Type: bool
-
Default: true
+
Config: root_prefix
+
Env Var: RCLONE_HIDRIVE_ROOT_PREFIX
+
Type: string
+
Default: "/"
Examples:
-
"true"
+
"/"
-
Fail with error.
+
The topmost directory accessible by rclone.
+
This will be equivalent with "root" if rclone uses a regular HiDrive user account.
-
"false"
+
"root"
-
Ignore and continue.
+
The topmost directory of the HiDrive user account
+
+
""
+
+
This specifies that there is no root-prefix for your paths.
+
When using this you will always need to specify paths to this remote with a valid parent e.g. "remote:/path/to/dir" or "remote:root/path/to/dir".
-
--mailru-user-agent
-
HTTP user agent used internally by client.
-
Defaults to "rclone/VERSION" or "--user-agent" provided on command line.
+
--hidrive-endpoint
+
Endpoint for the service.
+
This is the URL that API-calls will be made to.
Properties:
-
Config: user_agent
-
Env Var: RCLONE_MAILRU_USER_AGENT
+
Config: endpoint
+
Env Var: RCLONE_HIDRIVE_ENDPOINT
Type: string
-
Required: false
+
Default: "https://api.hidrive.strato.com/2.1"
-
--mailru-quirks
-
Comma separated list of internal maintenance flags.
-
This option must not be used by an ordinary user. It is intended only to facilitate remote troubleshooting of backend issues. Strict meaning of flags is not documented and not guaranteed to persist between releases. Quirks will be removed when the backend grows stable. Supported quirks: atomicmkdir binlist unknowndirs
+
--hidrive-disable-fetching-member-count
+
Do not fetch number of objects in directories unless it is absolutely necessary.
+
Requests may be faster if the number of objects in subdirectories is not fetched.
Any files larger than the configured cutoff (or files of unknown size) will be uploaded in chunks of this size.
+
The upper limit for this is 2147483647 bytes (about 2.000Gi). That is the maximum amount of bytes a single upload-operation will support. Setting this above the upper limit or to a negative value will cause uploads to fail.
+
Setting this to larger values may increase the upload speed at the cost of using more memory. It can be set to smaller values smaller to save on memory.
+
Properties:
+
+
Config: chunk_size
+
Env Var: RCLONE_HIDRIVE_CHUNK_SIZE
+
Type: SizeSuffix
+
Default: 48Mi
+
+
--hidrive-upload-cutoff
+
Cutoff/Threshold for chunked uploads.
+
Any files larger than this will be uploaded in chunks of the configured chunksize.
+
The upper limit for this is 2147483647 bytes (about 2.000Gi). That is the maximum amount of bytes a single upload-operation will support. Setting this above the upper limit will cause uploads to fail.
+
Properties:
+
+
Config: upload_cutoff
+
Env Var: RCLONE_HIDRIVE_UPLOAD_CUTOFF
+
Type: SizeSuffix
+
Default: 96Mi
+
+
--hidrive-upload-concurrency
+
Concurrency for chunked uploads.
+
This is the upper limit for how many transfers for the same file are running concurrently. Setting this above to a value smaller than 1 will cause uploads to deadlock.
+
If you are uploading small numbers of large files over high-speed links and these uploads do not fully utilize your bandwidth, then increasing this may help to speed up the transfers.
File size limits depend on your account. A single file size is limited by 2G for a free account and unlimited for paid tariffs. Please refer to the Mail.ru site for the total uploaded size limits.
-
Note that Mailru is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
-
Mega
-
Mega is a cloud storage and file hosting service known for its security feature where all files are encrypted locally before they are uploaded. This prevents anyone (including employees of Mega) from accessing the files without knowledge of the key used for encryption.
-
This is an rclone backend for Mega which supports the file transfer features of Mega using the same client side encryption.
-
Paths are specified as remote:path
-
Paths may be as deep as required, e.g. remote:directory/subdirectory.
-
Configuration
+
Limitations
+
Symbolic links
+
HiDrive is able to store symbolic links (symlinks) by design, for example, when unpacked from a zip archive.
+
There exists no direct mechanism to manage native symlinks in remotes. As such this implementation has chosen to ignore any native symlinks present in the remote. rclone will not be able to access or show any symlinks stored in the hidrive-remote. This means symlinks cannot be individually removed, copied, or moved, except when removing, copying, or moving the parent folder.
+
This does not affect the .rclonelink-files that rclone uses to encode and store symbolic links.
+
Sparse files
+
It is possible to store sparse files in HiDrive.
+
Note that copying a sparse file will expand the holes into null-byte (0x00) regions that will then consume disk space. Likewise, when downloading a sparse file, the resulting file will have null-byte regions in the place of file holes.
+
HTTP
+
The HTTP remote is a read only remote for reading files of a webserver. The webserver should provide file listings which rclone will read and turn into a remote. This has been tested with common webservers such as Apache/Nginx/Caddy and will likely work with file listings from most web servers. (If it doesn't then please file an issue, or send a pull request!)
+
Paths are specified as remote: or remote:path.
+
The remote: represents the configured url, and any path following it will be resolved relative to this url, according to the URL standard. This means with remote url https://beta.rclone.org/branch and path fix, the resolved URL will be https://beta.rclone.org/branch/fix, while with path /fix the resolved URL will be https://beta.rclone.org/fix as the absolute path is resolved from the root of the domain.
+
If the path following the remote: ends with / it will be assumed to point to a directory. If the path does not end with /, then a HEAD request is sent and the response used to decide if it it is treated as a file or a directory (run with -vv to see details). When --http-no-head is specified, a path without ending / is always assumed to be a file. If rclone incorrectly assumes the path is a file, the solution is to specify the path with ending /. When you know the path is a directory, ending it with / is always better as it avoids the initial HEAD request.
+
To just download a single file it is easier to use copyurl.
+
Configuration
Here is an example of how to make a remote called remote. First run:
rclone config
This will guide you through an interactive setup process:
@@ -19437,360 +21803,428 @@
Configuration
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / Mega
- \ "mega"
+XX / HTTP
+ \ "http"
[snip]
-Storage> mega
-User name
-user> you@example.com
-Password.
-y) Yes type in my own password
-g) Generate random password
-n) No leave this optional password blank
-y/g/n> y
-Enter the password:
-password:
-Confirm the password:
-password:
+Storage> http
+URL of http host to connect to
+Choose a number from below, or type in your own value
+ 1 / Connect to example.com
+ \ "https://example.com"
+url> https://beta.rclone.org
Remote config
--------------------
[remote]
-type = mega
-user = you@example.com
-pass = *** ENCRYPTED ***
+url = https://beta.rclone.org
--------------------
y) Yes this is OK
e) Edit this remote
d) Delete this remote
-y/e/d> y
-
NOTE: The encryption keys need to have been already generated after a regular login via the browser, otherwise attempting to use the credentials in rclone will fail.
-
Once configured you can then use rclone like this,
-
List directories in top level of your Mega
+y/e/d> y
+Current remotes:
+
+Name Type
+==== ====
+remote http
+
+e) Edit existing remote
+n) New remote
+d) Delete remote
+r) Rename remote
+c) Copy remote
+s) Set configuration password
+q) Quit config
+e/n/d/r/c/s/q> q
+
This remote is called remote and can now be used like this
+
See all the top level directories
rclone lsd remote:
-
List all the files in your Mega
-
rclone ls remote:
-
To copy a local directory to an Mega directory called backup
-
rclone copy /home/source remote:backup
-
Modified time and hashes
-
Mega does not support modification times or hashes yet.
-
Restricted filename characters
-
-
-
-
Character
-
Value
-
Replacement
-
-
-
-
-
NUL
-
0x00
-
␀
-
-
-
/
-
0x2F
-
/
-
-
-
-
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-
Duplicated files
-
Mega can have two files with exactly the same name and path (unlike a normal file system).
-
Duplicated files cause problems with the syncing and you will see messages in the log about duplicates.
-
Use rclone dedupe to fix duplicated files.
-
Failure to log-in
-
Mega remotes seem to get blocked (reject logins) under "heavy use". We haven't worked out the exact blocking rules but it seems to be related to fast paced, successive rclone commands.
-
For example, executing this command 90 times in a row rclone link remote:file will cause the remote to become "blocked". This is not an abnormal situation, for example if you wish to get the public links of a directory with hundred of files... After more or less a week, the remote will remote accept rclone logins normally again.
-
You can mitigate this issue by mounting the remote it with rclone mount. This will log-in when mounting and a log-out when unmounting only. You can also run rclone rcd and then use rclone rc to run the commands over the API to avoid logging in each time.
-
Rclone does not currently close mega sessions (you can see them in the web interface), however closing the sessions does not solve the issue.
-
If you space rclone commands by 3 seconds it will avoid blocking the remote. We haven't identified the exact blocking rules, so perhaps one could execute the command 80 times without waiting and avoid blocking by waiting 3 seconds, then continuing...
-
Note that this has been observed by trial and error and might not be set in stone.
-
Other tools seem not to produce this blocking effect, as they use a different working approach (state-based, using sessionIDs instead of log-in) which isn't compatible with the current stateless rclone approach.
-
Note that once blocked, the use of other tools (such as megacmd) is not a sure workaround: following megacmd login times have been observed in succession for blocked remote: 7 minutes, 20 min, 30min, 30 min, 30min. Web access looks unaffected though.
-
Investigation is continuing in relation to workarounds based on timeouts, pacers, retrials and tpslimits - if you discover something relevant, please post on the forum.
-
So, if rclone was working nicely and suddenly you are unable to log-in and you are sure the user and the password are correct, likely you have got the remote blocked for a while.
-
Standard options
-
Here are the standard options specific to mega (Mega).
-
--mega-user
-
User name.
+
List the contents of a directory
+
rclone ls remote:directory
+
Sync the remote directory to /home/local/directory, deleting any excess files.
Here are the Advanced options specific to http (HTTP).
+
--http-headers
+
Set HTTP headers for all transactions.
+
Use this to set additional HTTP headers for all transactions.
+
The input format is comma separated list of key,value pairs. Standard CSV encoding may be used.
+
For example, to set a Cookie use 'Cookie,name=value', or '"Cookie","name=value"'.
+
You can set multiple headers, e.g. '"Cookie","name=value","Authorization","xxx"'.
Properties:
-
Config: pass
-
Env Var: RCLONE_MEGA_PASS
-
Type: string
-
Required: true
+
Config: headers
+
Env Var: RCLONE_HTTP_HEADERS
+
Type: CommaSepList
+
Default:
-
Advanced options
-
Here are the advanced options specific to mega (Mega).
-
--mega-debug
-
Output more debug from Mega.
-
If this flag is set (along with -vv) it will print further debugging information from the mega backend.
+
--http-no-slash
+
Set this if the site doesn't end directories with /.
+
Use this if your target website does not use / on the end of directories.
+
A / on the end of a path is how rclone normally tells the difference between files and directories. If this flag is set, then rclone will treat all files with Content-Type: text/html as directories and read URLs from them rather than downloading them.
+
Note that this may cause rclone to confuse genuine HTML files with directories.
Properties:
-
Config: debug
-
Env Var: RCLONE_MEGA_DEBUG
+
Config: no_slash
+
Env Var: RCLONE_HTTP_NO_SLASH
Type: bool
Default: false
-
--mega-hard-delete
-
Delete files permanently rather than putting them into the trash.
-
Normally the mega backend will put all deletions into the trash rather than permanently deleting them. If you specify this then rclone will permanently delete objects instead.
-
Properties:
+
--http-no-head
+
Don't use HEAD requests.
+
HEAD requests are mainly used to find file sizes in dir listing. If your site is being very slow to load then you can try this option. Normally rclone does a HEAD request for each potential file in a directory listing to:
If you set this option, rclone will not do the HEAD request. This will mean that directory listings are much quicker, but rclone won't have the times or sizes of any files, and some files that don't exist may be in the listing.
Properties:
-
Config: encoding
-
Env Var: RCLONE_MEGA_ENCODING
-
Type: MultiEncoder
-
Default: Slash,InvalidUtf8,Dot
+
Config: no_head
+
Env Var: RCLONE_HTTP_NO_HEAD
+
Type: bool
+
Default: false
-
Limitations
-
This backend uses the go-mega go library which is an opensource go library implementing the Mega API. There doesn't appear to be any documentation for the mega protocol beyond the mega C++ SDK source code so there are likely quite a few errors still remaining in this library.
-
Mega allows duplicate files which may confuse rclone.
-
Memory
-
The memory backend is an in RAM backend. It does not persist its data - use the local backend for that.
-
The memory backend behaves like a bucket-based remote (e.g. like s3). Because it has no parameters you can just use it with the :memory: remote name.
-
Configuration
-
You can configure it as a remote like this with rclone config too if you want to:
+
Limitations
+
rclone about is not supported by the HTTP backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
Paths are specified as remote:bucket (or remote: for the lsd command.) You may put subdirectories in too, e.g. remote:item/path/to/dir.
+
Unlike S3, listing up all items uploaded by you isn't supported.
+
Once you have made a remote, you can use it like this:
+
Make a new item
+
rclone mkdir remote:item
+
List the contents of a item
+
rclone ls remote:item
+
Sync /home/local/directory to the remote item, deleting any excess files in the item.
+
rclone sync -i /home/local/directory remote:item
+
Notes
+
Because of Internet Archive's architecture, it enqueues write operations (and extra post-processings) in a per-item queue. You can check item's queue at https://catalogd.archive.org/history/item-name-here . Because of that, all uploads/deletes will not show up immediately and takes some time to be available. The per-item queue is enqueued to an another queue, Item Deriver Queue. You can check the status of Item Deriver Queue here. This queue has a limit, and it may block you from uploading, or even deleting. You should avoid uploading a lot of small files for better behavior.
+
You can optionally wait for the server's processing to finish, by setting non-zero value to wait_archive key. By making it wait, rclone can do normal file comparison. Make sure to set a large enough value (e.g. 30m0s for smaller files) as it can take a long time depending on server's queue.
+
About metadata
+
This backend supports setting, updating and reading metadata of each file. The metadata will appear as file metadata on Internet Archive. However, some fields are reserved by both Internet Archive and rclone.
+
The following are reserved by Internet Archive: - name - source - size - md5 - crc32 - sha1 - format - old_version - viruscheck - summation
+
Trying to set values to these keys is ignored with a warning. Only setting mtime is an exception. Doing so make it the identical behavior as setting ModTime.
+
rclone reserves all the keys starting with rclone-. Setting value for these keys will give you warnings, but values are set according to request.
+
If there are multiple values for a key, only the first one is returned. This is a limitation of rclone, that supports one value per one key. It can be triggered when you did a server-side copy.
+
Reading metadata will also provide custom (non-standard nor reserved) ones.
+
Filtering auto generated files
+
The Internet Archive automatically creates metadata files after upload. These can cause problems when doing an rclone sync as rclone will try, and fail, to delete them. These metadata files are not changeable, as they are created by the Internet Archive automatically.
+
These auto-created files can be excluded from the sync using metadata filtering.
Which excludes from the sync any files which have the source=metadata or format=Metadata flags which are added to Internet Archive auto-created files.
+
Configuration
+
Here is an example of making an internetarchive configuration. Most applies to the other providers as well, any differences are described below.
+
First run
+
rclone config
+
This will guide you through an interactive setup process.
No remotes found, make a new one?
n) New remote
s) Set configuration password
q) Quit config
n/s/q> n
name> remote
+Option Storage.
Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / Memory
- \ "memory"
-[snip]
-Storage> memory
-** See help for memory backend at: https://rclone.org/memory/ **
-
-Remote config
-
+Choose a number from below, or type in your own value.
+XX / InternetArchive Items
+ \ (internetarchive)
+Storage> internetarchive
+Option access_key_id.
+IAS3 Access Key.
+Leave blank for anonymous access.
+You can find one here: https://archive.org/account/s3.php
+Enter a value. Press Enter to leave empty.
+access_key_id> XXXX
+Option secret_access_key.
+IAS3 Secret Key (password).
+Leave blank for anonymous access.
+Enter a value. Press Enter to leave empty.
+secret_access_key> XXXX
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> y
+Option endpoint.
+IAS3 Endpoint.
+Leave blank for default value.
+Enter a string value. Press Enter for the default (https://s3.us.archive.org).
+endpoint>
+Option front_endpoint.
+Host of InternetArchive Frontend.
+Leave blank for default value.
+Enter a string value. Press Enter for the default (https://archive.org).
+front_endpoint>
+Option disable_checksum.
+Don't store MD5 checksum with object metadata.
+Normally rclone will calculate the MD5 checksum of the input before
+uploading it so it can ask the server to check the object against checksum.
+This is great for data integrity checking but can cause long delays for
+large files to start uploading.
+Enter a boolean value (true or false). Press Enter for the default (true).
+disable_checksum> true
+Option encoding.
+The encoding for the backend.
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+Enter a encoder.MultiEncoder value. Press Enter for the default (Slash,Question,Hash,Percent,Del,Ctl,InvalidUtf8,Dot).
+encoding>
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> n
--------------------
[remote]
-type = memory
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-
Because the memory backend isn't persistent it is most useful for testing or with an rclone server or rclone mount, e.g.
Paths are specified as remote: You may put subdirectories in too, e.g. remote:/path/to/dir. If you have a CP code you can use that as the folder after the domain such as <domain>/<cpcode>/<internal directories within cpcode>.
-
For example, this is commonly configured with or without a CP code: * With a CP code. [your-domain-prefix]-nsu.akamaihd.net/123456/subdirectory/ * Without a CP code. [your-domain-prefix]-nsu.akamaihd.net
-
See all buckets rclone lsd remote: The initial setup for Netstorage involves getting an account and secret. Use rclone config to walk you through the setup process.
-
Here's an example of how to make a remote called ns1.
-
-
To begin the interactive configuration process, enter this command:
-
-
rclone config
-
-
Type n to create a new remote.
-
-
n) New remote
-d) Delete remote
-q) Quit config
-e/n/d/q> n
-
-
For this example, enter ns1 when you reach the name> prompt.
-
-
name> ns1
-
-
Enter netstorage as the type of storage to configure.
-
-
Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-XX / NetStorage
- \ "netstorage"
-Storage> netstorage
-
-
Select between the HTTP or HTTPS protocol. Most users should choose HTTPS, which is the default. HTTP is provided primarily for debugging purposes.
-
-
Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / HTTP protocol
- \ "http"
- 2 / HTTPS protocol
- \ "https"
-protocol> 1
-
-
Specify your NetStorage host, CP code, and any necessary content paths using this format: <domain>/<cpcode>/<content>/
-
-
Enter a string value. Press Enter for the default ("").
-host> baseball-nsu.akamaihd.net/123456/content/
-
-
Set the netstorage account name
-
-
Enter a string value. Press Enter for the default ("").
-account> username
-
-
Set the Netstorage account secret/G2O key which will be used for authentication purposes. Select the y option to set your own password then enter your secret. Note: The secret is stored in the rclone.conf file with hex-encoded encryption.
-
-
y) Yes type in my own password
-g) Generate random password
-y/g> y
-Enter the password:
-password:
-Confirm the password:
-password:
-
-
View the summary and confirm your remote configuration.
-
-
[ns1]
-type = netstorage
-protocol = http
-host = baseball-nsu.akamaihd.net/123456/content/
-account = username
-secret = *** ENCRYPTED ***
+type = internetarchive
+access_key_id = XXXX
+secret_access_key = XXXX
--------------------
y) Yes this is OK (default)
e) Edit this remote
d) Delete this remote
y/e/d> y
-
This remote is called ns1 and can now be used.
-
Example operations
-
Get started with rclone and NetStorage with these examples. For additional rclone commands, visit https://rclone.org/commands/.
-
See contents of a directory in your project
-
rclone lsd ns1:/974012/testing/
-
Sync the contents local with remote
-
rclone sync . ns1:/974012/testing/
-
Upload local content to remote
-
rclone copy notes.txt ns1:/974012/testing/
-
Delete content on remote
-
rclone delete ns1:/974012/testing/notes.txt
-
Move or copy content between CP codes.
-
Your credentials must have access to two CP codes on the same remote. You can't perform operations between different remotes.
The Netstorage backend changes the rclone --links, -l behavior. When uploading, instead of creating the .rclonelink file, use the "symlink" API in order to create the corresponding symlink on the remote. The .rclonelink file will not be created, the upload will be intercepted and only the symlink file that matches the source file name with no suffix will be created on the remote.
-
This will effectively allow commands like copy/copyto, move/moveto and sync to upload from local to remote and download from remote to local directories with symlinks. Due to internal rclone limitations, it is not possible to upload an individual symlink file to any remote backend. You can always use the "backend symlink" command to create a symlink on the NetStorage server, refer to "symlink" section below.
-
Individual symlink files on the remote can be used with the commands like "cat" to print the destination name, or "delete" to delete symlink, or copy, copy/to and move/moveto to download from the remote to local. Note: individual symlink files on the remote should be specified including the suffix .rclonelink.
-
Note: No file with the suffix .rclonelink should ever exist on the server since it is not possible to actually upload/create a file with .rclonelink suffix with rclone, it can only exist if it is manually created through a non-rclone method on the remote.
-
Implicit vs. Explicit Directories
-
With NetStorage, directories can exist in one of two forms:
-
-
Explicit Directory. This is an actual, physical directory that you have created in a storage group.
-
Implicit Directory. This refers to a directory within a path that has not been physically created. For example, during upload of a file, non-existent subdirectories can be specified in the target path. NetStorage creates these as "implicit." While the directories aren't physically created, they exist implicitly and the noted path is connected with the uploaded file.
-
-
Rclone will intercept all file uploads and mkdir commands for the NetStorage remote and will explicitly issue the mkdir command for each directory in the uploading path. This will help with the interoperability with the other Akamai services such as SFTP and the Content Management Shell (CMShell). Rclone will not guarantee correctness of operations with implicit directories which might have been created as a result of using an upload API directly.
-
ListR Feature
-
NetStorage remote supports the ListR feature by using the "list" NetStorage API action to return a lexicographical list of all objects within the specified CP code, recursing into subdirectories as they're encountered.
+
Standard options
+
Here are the Standard options specific to internetarchive (Internet Archive).
+
--internetarchive-access-key-id
+
IAS3 Access Key.
+
Leave blank for anonymous access. You can find one here: https://archive.org/account/s3.php
+
Properties:
-
Rclone will use the ListR method for some commands by default. Commands such as lsf -R will use ListR by default. To disable this, include the --disable listR option to use the non-recursive method of listing objects.
-
Rclone will not use the ListR method for some commands. Commands such as sync don't use ListR by default. To force using the ListR method, include the --fast-list option.
+
Config: access_key_id
+
Env Var: RCLONE_INTERNETARCHIVE_ACCESS_KEY_ID
+
Type: string
+
Required: false
-
There are pros and cons of using the ListR method, refer to rclone documentation. In general, the sync command over an existing deep tree on the remote will run faster with the "--fast-list" flag but with extra memory usage as a side effect. It might also result in higher CPU utilization but the whole task can be completed faster.
-
Note: There is a known limitation that "lsf -R" will display number of files in the directory and directory size as -1 when ListR method is used. The workaround is to pass "--disable listR" flag if these numbers are important in the output.
-
Purge Feature
-
NetStorage remote supports the purge feature by using the "quick-delete" NetStorage API action. The quick-delete action is disabled by default for security reasons and can be enabled for the account through the Akamai portal. Rclone will first try to use quick-delete action for the purge command and if this functionality is disabled then will fall back to a standard delete method.
-
Note: Read the NetStorage Usage API for considerations when using "quick-delete". In general, using quick-delete method will not delete the tree immediately and objects targeted for quick-delete may still be accessible.
-
Standard options
-
Here are the standard options specific to netstorage (Akamai NetStorage).
-
--netstorage-host
-
Domain+path of NetStorage host to connect to.
-
Format should be <domain>/<internal folders>
+
--internetarchive-secret-access-key
+
IAS3 Secret Key (password).
+
Leave blank for anonymous access.
Properties:
-
Config: host
-
Env Var: RCLONE_NETSTORAGE_HOST
+
Config: secret_access_key
+
Env Var: RCLONE_INTERNETARCHIVE_SECRET_ACCESS_KEY
Type: string
-
Required: true
+
Required: false
-
--netstorage-account
-
Set the NetStorage account name
+
Advanced options
+
Here are the Advanced options specific to internetarchive (Internet Archive).
+
--internetarchive-endpoint
+
IAS3 Endpoint.
+
Leave blank for default value.
Properties:
-
Config: account
-
Env Var: RCLONE_NETSTORAGE_ACCOUNT
+
Config: endpoint
+
Env Var: RCLONE_INTERNETARCHIVE_ENDPOINT
Type: string
-
Required: true
+
Default: "https://s3.us.archive.org"
-
--netstorage-secret
-
Set the NetStorage account secret/G2O key for authentication.
-
Please choose the 'y' option to set your own password then enter your secret.
Here are the advanced options specific to netstorage (Akamai NetStorage).
-
--netstorage-protocol
-
Select between HTTP or HTTPS protocol.
-
Most users should choose HTTPS, which is the default. HTTP is provided primarily for debugging purposes.
+
--internetarchive-disable-checksum
+
Don't ask the server to test against MD5 checksum calculated by rclone. Normally rclone will calculate the MD5 checksum of the input before uploading it so it can ask the server to check the object against checksum. This is great for data integrity checking but can cause long delays for large files to start uploading.
Properties:
-
Config: protocol
-
Env Var: RCLONE_NETSTORAGE_PROTOCOL
-
Type: string
-
Default: "https"
-
Examples:
-
-
"http"
+
Config: disable_checksum
+
Env Var: RCLONE_INTERNETARCHIVE_DISABLE_CHECKSUM
+
Type: bool
+
Default: true
+
+
--internetarchive-wait-archive
+
Timeout for waiting the server's processing tasks (specifically archive and book_op) to finish. Only enable if you need to be guaranteed to be reflected after write operations. 0 to disable waiting. No errors to be thrown in case of timeout.
The desired path location (including applicable sub-directories) ending in the object that will be the target of the symlink (for example, /links/mylink). Include the file extension for the object, if applicable. rclone backend symlink <src> <path>
-
Microsoft Azure Blob Storage
-
Paths are specified as remote:container (or remote: for the lsd command.) You may put subdirectories in too, e.g. remote:container/path/to/dir.
-
Configuration
-
Here is an example of making a Microsoft Azure Blob Storage configuration. For a remote called remote. First run:
-
rclone config
+
Metadata
+
Metadata fields provided by Internet Archive. If there are multiple values for a key, only the first one is returned. This is a limitation of Rclone, that supports one value per one key.
+
Owner is able to add custom keys. Metadata feature grabs all the keys including them.
+
Here are the possible system metadata items for the internetarchive backend.
+
+
+
+
+
+
+
+
+
+
+
Name
+
Help
+
Type
+
Example
+
Read Only
+
+
+
+
+
crc32
+
CRC32 calculated by Internet Archive
+
string
+
01234567
+
Y
+
+
+
format
+
Name of format identified by Internet Archive
+
string
+
Comma-Separated Values
+
Y
+
+
+
md5
+
MD5 hash calculated by Internet Archive
+
string
+
01234567012345670123456701234567
+
Y
+
+
+
mtime
+
Time of last modification, managed by Rclone
+
RFC 3339
+
2006-01-02T15:04:05.999999999Z
+
Y
+
+
+
name
+
Full file path, without the bucket part
+
filename
+
backend/internetarchive/internetarchive.go
+
Y
+
+
+
old_version
+
Whether the file was replaced and moved by keep-old-version flag
+
boolean
+
true
+
Y
+
+
+
rclone-ia-mtime
+
Time of last modification, managed by Internet Archive
+
RFC 3339
+
2006-01-02T15:04:05.999999999Z
+
N
+
+
+
rclone-mtime
+
Time of last modification, managed by Rclone
+
RFC 3339
+
2006-01-02T15:04:05.999999999Z
+
N
+
+
+
rclone-update-track
+
Random value used by Rclone for tracking changes inside Internet Archive
+
string
+
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+
N
+
+
+
sha1
+
SHA1 hash calculated by Internet Archive
+
string
+
0123456701234567012345670123456701234567
+
Y
+
+
+
size
+
File size in bytes
+
decimal number
+
123456
+
Y
+
+
+
source
+
The source of the file
+
string
+
original
+
Y
+
+
+
summation
+
Check https://forum.rclone.org/t/31922 for how it is used
+
string
+
md5
+
Y
+
+
+
viruscheck
+
The last time viruscheck process was run for the file (?)
Jottacloud is a cloud storage service provider from a Norwegian company, using its own datacenters in Norway. In addition to the official service at jottacloud.com, it also provides white-label solutions to different companies, such as: * Telia * Telia Cloud (cloud.telia.se) * Telia Sky (sky.telia.no) * Tele2 * Tele2 Cloud (mittcloud.tele2.se) * Elkjøp (with subsidiaries): * Elkjøp Cloud (cloud.elkjop.no) * Elgiganten Sweden (cloud.elgiganten.se) * Elgiganten Denmark (cloud.elgiganten.dk) * Giganti Cloud (cloud.gigantti.fi) * ELKO Cloud (cloud.elko.is)
+
Most of the white-label versions are supported by this backend, although may require different authentication setup - described below.
+
Paths are specified as remote:path
+
Paths may be as deep as required, e.g. remote:directory/subdirectory.
+
Authentication types
+
Some of the whitelabel versions uses a different authentication method than the official service, and you have to choose the correct one when setting up the remote.
+
Standard authentication
+
The standard authentication method used by the official service (jottacloud.com), as well as some of the whitelabel services, requires you to generate a single-use personal login token from the account security settings in the service's web interface. Log in to your account, go to "Settings" and then "Security", or use the direct link presented to you by rclone when configuring the remote: https://www.jottacloud.com/web/secure. Scroll down to the section "Personal login token", and click the "Generate" button. Note that if you are using a whitelabel service you probably can't use the direct link, you need to find the same page in their dedicated web interface, and also it may be in a different location than described above.
+
To access your account from multiple instances of rclone, you need to configure each of them with a separate personal login token. E.g. you create a Jottacloud remote with rclone in one location, and copy the configuration file to a second location where you also want to run rclone and access the same remote. Then you need to replace the token for one of them, using the config reconnect command, which requires you to generate a new personal login token and supply as input. If you do not do this, the token may easily end up being invalidated, resulting in both instances failing with an error message something along the lines of:
+
oauth2: cannot fetch token: 400 Bad Request
+Response: {"error":"invalid_grant","error_description":"Stale token"}
+
When this happens, you need to replace the token as described above to be able to use your remote again.
+
All personal login tokens you have taken into use will be listed in the web interface under "My logged in devices", and from the right side of that list you can click the "X" button to revoke individual tokens.
+
Legacy authentication
+
If you are using one of the whitelabel versions (e.g. from Elkjøp) you may not have the option to generate a CLI token. In this case you'll have to use the legacy authentication. To do this select yes when the setup asks for legacy authentication and enter your username and password. The rest of the setup is identical to the default setup.
+
Telia Cloud authentication
+
Similar to other whitelabel versions Telia Cloud doesn't offer the option of creating a CLI token, and additionally uses a separate authentication flow where the username is generated internally. To setup rclone to use Telia Cloud, choose Telia Cloud authentication in the setup. The rest of the setup is identical to the default setup.
+
Tele2 Cloud authentication
+
As Tele2-Com Hem merger was completed this authentication can be used for former Com Hem Cloud and Tele2 Cloud customers as no support for creating a CLI token exists, and additionally uses a separate authentication flow where the username is generated internally. To setup rclone to use Tele2 Cloud, choose Tele2 Cloud authentication in the setup. The rest of the setup is identical to the default setup.
+
Configuration
+
Here is an example of how to make a remote called remote with the default setup. First run:
+
rclone config
This will guide you through an interactive setup process:
No remotes found, make a new one?
n) New remote
@@ -19798,45 +22232,102 @@
Configuration
q) Quit config
n/s/q> n
name> remote
+Option Storage.
Type of storage to configure.
-Choose a number from below, or type in your own value
+Choose a number from below, or type in your own value.
[snip]
-XX / Microsoft Azure Blob Storage
- \ "azureblob"
+XX / Jottacloud
+ \ (jottacloud)
[snip]
-Storage> azureblob
-Storage Account Name
-account> account_name
-Storage Account Key
-key> base64encodedkey==
-Endpoint for the service - leave blank normally.
-endpoint>
-Remote config
+Storage> jottacloud
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> n
+Option config_type.
+Select authentication type.
+Choose a number from below, or type in an existing string value.
+Press Enter for the default (standard).
+ / Standard authentication.
+ 1 | Use this if you're a normal Jottacloud user.
+ \ (standard)
+ / Legacy authentication.
+ 2 | This is only required for certain whitelabel versions of Jottacloud and not recommended for normal users.
+ \ (legacy)
+ / Telia Cloud authentication.
+ 3 | Use this if you are using Telia Cloud.
+ \ (telia)
+ / Tele2 Cloud authentication.
+ 4 | Use this if you are using Tele2 Cloud.
+ \ (tele2)
+config_type> 1
+Personal login token.
+Generate here: https://www.jottacloud.com/web/secure
+Login Token> <your token here>
+Use a non-standard device/mountpoint?
+Choosing no, the default, will let you access the storage used for the archive
+section of the official Jottacloud client. If you instead want to access the
+sync or the backup section, for example, you must choose yes.
+y) Yes
+n) No (default)
+y/n> y
+Option config_device.
+The device to use. In standard setup the built-in Jotta device is used,
+which contains predefined mountpoints for archive, sync etc. All other devices
+are treated as backup devices by the official Jottacloud client. You may create
+a new by entering a unique name.
+Choose a number from below, or type in your own string value.
+Press Enter for the default (DESKTOP-3H31129).
+ 1 > DESKTOP-3H31129
+ 2 > Jotta
+config_device> 2
+Option config_mountpoint.
+The mountpoint to use for the built-in device Jotta.
+The standard setup is to use the Archive mountpoint. Most other mountpoints
+have very limited support in rclone and should generally be avoided.
+Choose a number from below, or type in an existing string value.
+Press Enter for the default (Archive).
+ 1 > Archive
+ 2 > Shared
+ 3 > Sync
+config_mountpoint> 1
--------------------
[remote]
-account = account_name
-key = base64encodedkey==
-endpoint =
+type = jottacloud
+configVersion = 1
+client_id = jottacli
+client_secret =
+tokenURL = https://id.jottacloud.com/auth/realms/jottacloud/protocol/openid-connect/token
+token = {........}
+username = 2940e57271a93d987d6f8a21
+device = Jotta
+mountpoint = Archive
--------------------
-y) Yes this is OK
+y) Yes this is OK (default)
e) Edit this remote
d) Delete this remote
y/e/d> y
-
See all containers
+
Once configured you can then use rclone like this,
+
List directories in top level of your Jottacloud
rclone lsd remote:
-
Make a new container
-
rclone mkdir remote:container
-
List the contents of a container
-
rclone ls remote:container
-
Sync /home/local/directory to the remote container, deleting any excess files in the container.
To copy a local directory to an Jottacloud directory called backup
+
rclone copy /home/source remote:backup
+
Devices and Mountpoints
+
The official Jottacloud client registers a device for each computer you install it on, and shows them in the backup section of the user interface. For each folder you select for backup it will create a mountpoint within this device. A built-in device called Jotta is special, and contains mountpoints Archive, Sync and some others, used for corresponding features in official clients.
+
With rclone you'll want to use the standard Jotta/Archive device/mountpoint in most cases. However, you may for example want to access files from the sync or backup functionality provided by the official clients, and rclone therefore provides the option to select other devices and mountpoints during config.
+
You are allowed to create new devices and mountpoints. All devices except the built-in Jotta device are treated as backup devices by official Jottacloud clients, and the mountpoints on them are individual backup sets.
+
With the built-in Jotta device, only existing, built-in, mountpoints can be selected. In addition to the mentioned Archive and Sync, it may contain several other mountpoints such as: Latest, Links, Shared and Trash. All of these are special mountpoints with a different internal representation than the "regular" mountpoints. Rclone will only to a very limited degree support them. Generally you should avoid these, unless you know what you are doing.
+
--fast-list
This remote supports --fast-list which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
-
Modified time
-
The modified time is stored as metadata on the object with the mtime key. It is stored using RFC3339 Format time with nanosecond precision. The metadata is supplied during directory listings so there is no overhead to using it.
-
Performance
-
When uploading large files, increasing the value of --azureblob-upload-concurrency will increase performance at the cost of using more memory. The default of 16 is set quite conservatively to use less memory. It maybe be necessary raise it to 64 or higher to fully utilize a 1 GBit/s link with a single file transfer.
-
Restricted filename characters
+
Note that the implementation in Jottacloud always uses only a single API request to get the entire list, so for large folders this could lead to long wait time before the first results are shown.
+
Note also that with rclone version 1.58 and newer information about MIME types are not available when using --fast-list.
+
Modified time and hashes
+
Jottacloud allows modification times to be set on objects accurate to 1 second. These will be used to detect whether objects need syncing or not.
+
Jottacloud supports MD5 type hashes, so you can use the --checksum flag.
+
Note that Jottacloud requires the MD5 hash before upload so if the source does not have an MD5 checksum then the file will be cached temporarily on disk (in location given by --temp-dir) before it is uploaded. Small files will be cached in memory - see the --jottacloud-md5-memory-limit flag. When uploading from local disk the source checksum is always available, so this does not apply. Starting with rclone version 1.52 the same is true for crypted remotes (in older versions the crypt backend would not calculate hashes for uploads from local disk, so the Jottacloud backend had to do it as described above).
File names can also not end with the following characters. These only get replaced if they are the last character in the name:
-
-
-
-
Character
-
Value
-
Replacement
+
+
:
+
0x3A
+
:
+
+
+
<
+
0x3C
+
<
-
-
-
.
-
0x2E
-
.
+
>
+
0x3E
+
>
+
+
+
?
+
0x3F
+
?
+
+
+
|
+
0x7C
+
|
-
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-
Hashes
-
MD5 hashes are stored with blobs. However blobs that were uploaded in chunks only have an MD5 if the source remote was capable of MD5 hashes, e.g. the local disk.
-
Authenticating with Azure Blob Storage
-
Rclone has 3 ways of authenticating with Azure Blob Storage:
-
Account and Key
-
This is the most straight forward and least flexible way. Just fill in the account and key lines and leave the rest blank.
-
SAS URL
-
This can be an account level SAS URL or container level SAS URL.
-
To use it leave account, key blank and fill in sas_url.
-
An account level SAS URL or container level SAS URL can be obtained from the Azure portal or the Azure Storage Explorer. To get a container level SAS URL right click on a container in the Azure Blob explorer in the Azure portal.
-
If you use a container level SAS URL, rclone operations are permitted only on a particular container, e.g.
-
rclone ls azureblob:container
-
You can also list the single container from the root. This will only show the container specified by the SAS URL.
-
$ rclone lsd azureblob:
-container/
-
Note that you can't see or access any other containers - this will fail
-
rclone ls azureblob:othercontainer
-
Container level SAS URLs are useful for temporarily allowing third parties access to a single container or putting credentials into an untrusted environment such as a CI build server.
-
Standard options
-
Here are the standard options specific to azureblob (Microsoft Azure Blob Storage).
-
--azureblob-account
-
Storage Account Name.
-
Leave blank to use SAS URL or Emulator.
+
Invalid UTF-8 bytes will also be replaced, as they can't be used in XML strings.
+
Deleting files
+
By default, rclone will send all files to the trash when deleting files. They will be permanently deleted automatically after 30 days. You may bypass the trash and permanently delete files immediately by using the --jottacloud-hard-delete flag, or set the equivalent environment variable. Emptying the trash is supported by the cleanup command.
+
Versions
+
Jottacloud supports file versioning. When rclone uploads a new version of a file it creates a new version of it. Currently rclone only supports retrieving the current version but older versions can be accessed via the Jottacloud Website.
+
Versioning can be disabled by --jottacloud-no-versions option. This is achieved by deleting the remote file prior to uploading a new version. If the upload the fails no version of the file will be available in the remote.
+
Quota information
+
To view your current quota you can use the rclone about remote: command which will display your usage limit (unless it is unlimited) and the current usage.
+
Advanced options
+
Here are the Advanced options specific to jottacloud (Jottacloud).
+
--jottacloud-md5-memory-limit
+
Files bigger than this will be cached on disk to calculate the MD5 if required.
Properties:
-
Config: account
-
Env Var: RCLONE_AZUREBLOB_ACCOUNT
-
Type: string
-
Required: false
+
Config: md5_memory_limit
+
Env Var: RCLONE_JOTTACLOUD_MD5_MEMORY_LIMIT
+
Type: SizeSuffix
+
Default: 10Mi
-
--azureblob-service-principal-file
-
Path to file containing credentials for use with a service principal.
-
Leave blank normally. Needed only if you want to use a service principal instead of interactive login.
-
$ az ad sp create-for-rbac --name "<name>" \
- --role "Storage Blob Data Owner" \
- --scopes "/subscriptions/<subscription>/resourceGroups/<resource-group>/providers/Microsoft.Storage/storageAccounts/<storage-account>/blobServices/default/containers/<container>" \
- > azure-principal.json
This will show trashed files in their original directory structure.
Properties:
-
Config: service_principal_file
-
Env Var: RCLONE_AZUREBLOB_SERVICE_PRINCIPAL_FILE
-
Type: string
-
Required: false
+
Config: trashed_only
+
Env Var: RCLONE_JOTTACLOUD_TRASHED_ONLY
+
Type: bool
+
Default: false
-
--azureblob-key
-
Storage Account Key.
-
Leave blank to use SAS URL or Emulator.
+
--jottacloud-hard-delete
+
Delete files permanently rather than putting them into the trash.
Properties:
-
Config: key
-
Env Var: RCLONE_AZUREBLOB_KEY
-
Type: string
-
Required: false
+
Config: hard_delete
+
Env Var: RCLONE_JOTTACLOUD_HARD_DELETE
+
Type: bool
+
Default: false
-
--azureblob-sas-url
-
SAS URL for container level access only.
-
Leave blank if using account/key or Emulator.
+
--jottacloud-upload-resume-limit
+
Files bigger than this can be resumed if the upload fail's.
Properties:
-
Config: sas_url
-
Env Var: RCLONE_AZUREBLOB_SAS_URL
-
Type: string
-
Required: false
+
Config: upload_resume_limit
+
Env Var: RCLONE_JOTTACLOUD_UPLOAD_RESUME_LIMIT
+
Type: SizeSuffix
+
Default: 10Mi
-
--azureblob-use-msi
-
Use a managed service identity to authenticate (only works in Azure).
-
When true, use a managed service identity to authenticate to Azure Storage instead of a SAS token or account key.
-
If the VM(SS) on which this program is running has a system-assigned identity, it will be used by default. If the resource has no system-assigned but exactly one user-assigned identity, the user-assigned identity will be used by default. If the resource has multiple user-assigned identities, the identity to use must be explicitly specified using exactly one of the msi_object_id, msi_client_id, or msi_mi_res_id parameters.
+
--jottacloud-no-versions
+
Avoid server side versioning by deleting files and recreating files instead of overwriting them.
Properties:
-
Config: use_msi
-
Env Var: RCLONE_AZUREBLOB_USE_MSI
+
Config: no_versions
+
Env Var: RCLONE_JOTTACLOUD_NO_VERSIONS
Type: bool
Default: false
-
--azureblob-use-emulator
-
Uses local storage emulator if provided as 'true'.
Here are the advanced options specific to azureblob (Microsoft Azure Blob Storage).
-
--azureblob-msi-object-id
-
Object ID of the user-assigned MSI to use, if any.
-
Leave blank if msi_client_id or msi_mi_res_id specified.
+
Limitations
+
Note that Jottacloud is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
+
There are quite a few characters that can't be in Jottacloud file names. Rclone will map these names to and from an identical looking unicode equivalent. For example if a file has a ? in it will be mapped to ? instead.
+
Jottacloud only supports filenames up to 255 characters in length.
+
Troubleshooting
+
Jottacloud exhibits some inconsistent behaviours regarding deleted files and folders which may cause Copy, Move and DirMove operations to previously deleted paths to fail. Emptying the trash should help in such cases.
+
Koofr
+
Paths are specified as remote:path
+
Paths may be as deep as required, e.g. remote:directory/subdirectory.
+
Configuration
+
The initial setup for Koofr involves creating an application password for rclone. You can do that by opening the Koofr web application, giving the password a nice name like rclone and clicking on generate.
+
Here is an example of how to make a remote called koofr. First run:
+
rclone config
+
This will guide you through an interactive setup process:
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> koofr
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+[snip]
+22 / Koofr, Digi Storage and other Koofr-compatible storage providers
+ \ (koofr)
+[snip]
+Storage> koofr
+Option provider.
+Choose your storage provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / Koofr, https://app.koofr.net/
+ \ (koofr)
+ 2 / Digi Storage, https://storage.rcs-rds.ro/
+ \ (digistorage)
+ 3 / Any other Koofr API compatible storage service
+ \ (other)
+provider> 1
+Option user.
+Your user name.
+Enter a value.
+user> USERNAME
+Option password.
+Your password for rclone (generate one at https://app.koofr.net/app/admin/preferences/password).
+Choose an alternative below.
+y) Yes, type in my own password
+g) Generate random password
+y/g> y
+Enter the password:
+password:
+Confirm the password:
+password:
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> n
+Remote config
+--------------------
+[koofr]
+type = koofr
+provider = koofr
+user = USERNAME
+password = *** ENCRYPTED ***
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
You can choose to edit advanced config in order to enter your own service URL if you use an on-premise or white label Koofr instance, or choose an alternative mount instead of your primary storage.
+
Once configured you can then use rclone like this,
+
List directories in top level of your Koofr
+
rclone lsd koofr:
+
List all the files in your Koofr
+
rclone ls koofr:
+
To copy a local directory to an Koofr directory called backup
Cutoff for switching to chunked upload (<= 256 MiB) (deprecated).
-
Properties:
-
-
Config: upload_cutoff
-
Env Var: RCLONE_AZUREBLOB_UPLOAD_CUTOFF
-
Type: string
-
Required: false
-
-
--azureblob-chunk-size
-
Upload chunk size.
-
Note that this is stored in memory and there may be up to "--transfers" * "--azureblob-upload-concurrency" chunks stored at once in memory.
-
Properties:
-
-
Config: chunk_size
-
Env Var: RCLONE_AZUREBLOB_CHUNK_SIZE
-
Type: SizeSuffix
-
Default: 4Mi
-
-
--azureblob-upload-concurrency
-
Concurrency for multipart uploads.
-
This is the number of chunks of the same file that are uploaded concurrently.
-
If you are uploading small numbers of large files over high-speed links and these uploads do not fully utilize your bandwidth, then increasing this may help to speed up the transfers.
-
In tests, upload speed increases almost linearly with upload concurrency. For example to fill a gigabit pipe it may be necessary to raise this to 64. Note that this will use more memory.
-
Note that chunks are stored in memory and there may be up to "--transfers" * "--azureblob-upload-concurrency" chunks stored at once in memory.
+
--koofr-password
+
Your password for rclone (generate one at https://storage.rcs-rds.ro/app/admin/preferences/password).
This sets the number of blobs requested in each listing chunk. Default is the maximum, 5000. "List blobs" requests are permitted 2 minutes per megabyte to complete. If an operation is taking longer than 2 minutes per megabyte on average, it will time out ( source ). This can be used to limit the number of blobs items to return, to avoid the time out.
+
--koofr-password
+
Your password for rclone (generate one at your service's settings page).
Archived blobs can be restored by setting access tier to hot or cool. Leave blank if you intend to use default access tier, which is set at account level
-
If there is no "access tier" specified, rclone doesn't apply any tier. rclone performs "Set Tier" operation on blobs while uploading, if objects are not modified, specifying "access tier" to new one will have no effect. If blobs are in "archive tier" at remote, trying to perform data transfer operations from remote will not be allowed. User should first restore by tiering blob to "Hot" or "Cool".
+
Advanced options
+
Here are the Advanced options specific to koofr (Koofr, Digi Storage and other Koofr-compatible storage providers).
+
--koofr-mountid
+
Mount ID of the mount to use.
+
If omitted, the primary mount is used.
Properties:
-
Config: access_tier
-
Env Var: RCLONE_AZUREBLOB_ACCESS_TIER
+
Config: mountid
+
Env Var: RCLONE_KOOFR_MOUNTID
Type: string
Required: false
-
--azureblob-archive-tier-delete
-
Delete archive tier blobs before overwriting.
-
Archive tier blobs cannot be updated. So without this flag, if you attempt to update an archive tier blob, then rclone will produce the error:
-
can't update archive tier blob without --azureblob-archive-tier-delete
-
With this flag set then before rclone attempts to overwrite an archive tier blob, it will delete the existing blob before uploading its replacement. This has the potential for data loss if the upload fails (unlike updating a normal blob) and also may cost more since deleting archive tier blobs early may be chargable.
-
Properties:
-
-
Config: archive_tier_delete
-
Env Var: RCLONE_AZUREBLOB_ARCHIVE_TIER_DELETE
-
Type: bool
-
Default: false
-
-
--azureblob-disable-checksum
-
Don't store MD5 checksum with object metadata.
-
Normally rclone will calculate the MD5 checksum of the input before uploading it so it can add it to metadata on the object. This is great for data integrity checking but can cause long delays for large files to start uploading.
-
Properties:
-
-
Config: disable_checksum
-
Env Var: RCLONE_AZUREBLOB_DISABLE_CHECKSUM
-
Type: bool
-
Default: false
-
-
--azureblob-memory-pool-flush-time
-
How often internal memory buffer pools will be flushed.
-
Uploads which requires additional buffers (f.e multipart) will use memory pool for allocations. This option controls how often unused buffers will be removed from the pool.
-
Properties:
-
-
Config: memory_pool_flush_time
-
Env Var: RCLONE_AZUREBLOB_MEMORY_POOL_FLUSH_TIME
-
Type: Duration
-
Default: 1m0s
-
-
--azureblob-memory-pool-use-mmap
-
Whether to use mmap buffers in internal memory pool.
+
--koofr-setmtime
+
Does the backend support setting modification time.
+
Set this to false if you use a mount ID that points to a Dropbox or Amazon Drive backend.
Public access level of a container: blob or container.
-
Properties:
-
-
Config: public_access
-
Env Var: RCLONE_AZUREBLOB_PUBLIC_ACCESS
-
Type: string
-
Required: false
-
Examples:
-
-
""
-
-
The container and its blobs can be accessed only with an authorized request.
-
It's a default value.
-
-
"blob"
-
-
Blob data within this container can be read via anonymous request.
-
-
"container"
-
-
Allow full public read access for container and blob data.
-
-
-
-
--azureblob-no-head-object
-
If set, do not do HEAD before GET when getting objects.
-
Properties:
-
-
Config: no_head_object
-
Env Var: RCLONE_AZUREBLOB_NO_HEAD_OBJECT
-
Type: bool
-
Default: false
+
Default: Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot
-
Limitations
-
MD5 sums are only uploaded with chunked files if the source has an MD5 sum. This will always be the case for a local to azure copy.
-
rclone about is not supported by the Microsoft Azure Blob storage backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
You can test rclone with storage emulator locally, to do this make sure azure storage emulator installed locally and set up a new remote with rclone config follow instructions described in introduction, set use_emulator config as true, you do not need to provide default account name or key if using emulator.
-
Microsoft OneDrive
-
Paths are specified as remote:path
-
Paths may be as deep as required, e.g. remote:directory/subdirectory.
-
Configuration
-
The initial setup for OneDrive involves getting a token from Microsoft which you need to do in your browser. rclone config walks you through it.
-
Here is an example of how to make a remote called remote. First run:
+
Limitations
+
Note that Koofr is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
+
Providers
+
Koofr
+
This is the original Koofr storage provider used as main example and described in the configuration section above.
+
Digi Storage
+
Digi Storage is a cloud storage service run by Digi.ro that provides a Koofr API.
+
Here is an example of how to make a remote called ds. First run:
rclone config
This will guide you through an interactive setup process:
-
e) Edit existing remote
+
No remotes found, make a new one?
n) New remote
-d) Delete remote
-r) Rename remote
-c) Copy remote
s) Set configuration password
q) Quit config
-e/n/d/r/c/s/q> n
-name> remote
+n/s/q> n
+name> ds
+Option Storage.
Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
+Choose a number from below, or type in your own value.
[snip]
-XX / Microsoft OneDrive
- \ "onedrive"
+22 / Koofr, Digi Storage and other Koofr-compatible storage providers
+ \ (koofr)
[snip]
-Storage> onedrive
-Microsoft App Client Id
-Leave blank normally.
-Enter a string value. Press Enter for the default ("").
-client_id>
-Microsoft App Client Secret
-Leave blank normally.
-Enter a string value. Press Enter for the default ("").
-client_secret>
-Edit advanced config? (y/n)
+Storage> koofr
+Option provider.
+Choose your storage provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / Koofr, https://app.koofr.net/
+ \ (koofr)
+ 2 / Digi Storage, https://storage.rcs-rds.ro/
+ \ (digistorage)
+ 3 / Any other Koofr API compatible storage service
+ \ (other)
+provider> 2
+Option user.
+Your user name.
+Enter a value.
+user> USERNAME
+Option password.
+Your password for rclone (generate one at https://storage.rcs-rds.ro/app/admin/preferences/password).
+Choose an alternative below.
+y) Yes, type in my own password
+g) Generate random password
+y/g> y
+Enter the password:
+password:
+Confirm the password:
+password:
+Edit advanced config?
y) Yes
-n) No
+n) No (default)
y/n> n
-Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
-Choose a number from below, or type in an existing value
- 1 / OneDrive Personal or Business
- \ "onedrive"
- 2 / Sharepoint site
- \ "sharepoint"
- 3 / Type in driveID
- \ "driveid"
- 4 / Type in SiteID
- \ "siteid"
- 5 / Search a Sharepoint site
- \ "search"
-Your choice> 1
-Found 1 drives, please select the one you want to use:
-0: OneDrive (business) id=b!Eqwertyuiopasdfghjklzxcvbnm-7mnbvcxzlkjhgfdsapoiuytrewqk
-Chose drive to use:> 0
-Found drive 'root' of type 'business', URL: https://org-my.sharepoint.com/personal/you/Documents
-Is that okay?
-y) Yes
-n) No
-y/n> y
---------------------
-[remote]
-type = onedrive
-token = {"access_token":"youraccesstoken","token_type":"Bearer","refresh_token":"yourrefreshtoken","expiry":"2018-08-26T22:39:52.486512262+08:00"}
-drive_id = b!Eqwertyuiopasdfghjklzxcvbnm-7mnbvcxzlkjhgfdsapoiuytrewqk
-drive_type = business
--------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
+[ds]
+type = koofr
+provider = digistorage
+user = USERNAME
+password = *** ENCRYPTED ***
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
y/e/d> y
-
See the remote setup docs for how to set it up on a machine with no Internet browser available.
-
Note that rclone runs a webserver on your local machine to collect the token as returned from Microsoft. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this it may require you to unblock it temporarily if you are running a host firewall.
-
Once configured you can then use rclone like this,
-
List directories in top level of your OneDrive
+
Other
+
You may also want to use another, public or private storage provider that runs a Koofr API compatible service, by simply providing the base URL to connect to.
+
Here is an example of how to make a remote called other. First run:
+
rclone config
+
This will guide you through an interactive setup process:
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> other
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+[snip]
+22 / Koofr, Digi Storage and other Koofr-compatible storage providers
+ \ (koofr)
+[snip]
+Storage> koofr
+Option provider.
+Choose your storage provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / Koofr, https://app.koofr.net/
+ \ (koofr)
+ 2 / Digi Storage, https://storage.rcs-rds.ro/
+ \ (digistorage)
+ 3 / Any other Koofr API compatible storage service
+ \ (other)
+provider> 3
+Option endpoint.
+The Koofr API endpoint to use.
+Enter a value.
+endpoint> https://koofr.other.org
+Option user.
+Your user name.
+Enter a value.
+user> USERNAME
+Option password.
+Your password for rclone (generate one at your service's settings page).
+Choose an alternative below.
+y) Yes, type in my own password
+g) Generate random password
+y/g> y
+Enter the password:
+password:
+Confirm the password:
+password:
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> n
+--------------------
+[other]
+type = koofr
+provider = other
+endpoint = https://koofr.other.org
+user = USERNAME
+password = *** ENCRYPTED ***
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
Mail.ru Cloud
+
Mail.ru Cloud is a cloud storage provided by a Russian internet company Mail.Ru Group. The official desktop client is Disk-O:, available on Windows and Mac OS.
+
Currently it is recommended to disable 2FA on Mail.ru accounts intended for rclone until it gets eventually implemented.
+
Features highlights
+
+
Paths may be as deep as required, e.g. remote:directory/subdirectory
+
Files have a last modified time property, directories don't
+
Deleted files are by default moved to the trash
+
Files and directories can be shared via public links
+
Partial uploads or streaming are not supported, file size must be known before upload
+
Maximum file size is limited to 2G for a free account, unlimited for paid accounts
+
Storage keeps hash for all files and performs transparent deduplication, the hash algorithm is a modified SHA1
+
If a particular file is already present in storage, one can quickly submit file hash instead of long file upload (this optimization is supported by rclone)
+
+
Configuration
+
Here is an example of making a mailru configuration.
+
First create a Mail.ru Cloud account and choose a tariff.
+
You will need to log in and create an app password for rclone. Rclone will not work with your normal username and password - it will give an error like oauth2: server response missing access_token.
+
+
Click on your user icon in the top right
+
Go to Security / "Пароль и безопасность"
+
Click password for apps / "Пароли для внешних приложений"
+
Add the password - give it a name - eg "rclone"
+
Copy the password and use this password below - your normal login password won't work.
+
+
Now run
+
rclone config
+
This will guide you through an interactive setup process:
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> remote
+Type of storage to configure.
+Type of storage to configure.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+[snip]
+XX / Mail.ru Cloud
+ \ "mailru"
+[snip]
+Storage> mailru
+User name (usually email)
+Enter a string value. Press Enter for the default ("").
+user> username@mail.ru
+Password
+
+This must be an app password - rclone will not work with your normal
+password. See the Configuration section in the docs for how to make an
+app password.
+y) Yes type in my own password
+g) Generate random password
+y/g> y
+Enter the password:
+password:
+Confirm the password:
+password:
+Skip full upload if there is another file with same data hash.
+This feature is called "speedup" or "put by hash". It is especially efficient
+in case of generally available files like popular books, video or audio clips
+[snip]
+Enter a boolean value (true or false). Press Enter for the default ("true").
+Choose a number from below, or type in your own value
+ 1 / Enable
+ \ "true"
+ 2 / Disable
+ \ "false"
+speedup_enable> 1
+Edit advanced config? (y/n)
+y) Yes
+n) No
+y/n> n
+Remote config
+--------------------
+[remote]
+type = mailru
+user = username@mail.ru
+pass = *** ENCRYPTED ***
+speedup_enable = true
+--------------------
+y) Yes this is OK
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
Configuration of this backend does not require a local web browser. You can use the configured backend as shown below:
+
See top level directories
rclone lsd remote:
-
List all the files in your OneDrive
-
rclone ls remote:
-
To copy a local directory to an OneDrive directory called backup
-
rclone copy /home/source remote:backup
-
Getting your own Client ID and Key
-
You can use your own Client ID if the default (client_id left blank) one doesn't work for you or you see lots of throttling. The default Client ID and Key is shared by all rclone users when performing requests.
-
If you are having problems with them (E.g., seeing a lot of throttling), you can get your own Client ID and Key by following the steps below:
-
-
Open https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade and then click New registration.
-
Enter a name for your app, choose account type Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox), select Web in Redirect URI, then type (do not copy and paste) http://localhost:53682/ and click Register. Copy and keep the Application (client) ID under the app name for later use.
-
Under manage select Certificates & secrets, click New client secret. Enter a description (can be anything) and set Expires to 24 months. Copy and keep that secret Value for later use (you won't be able to see this value afterwards).
-
Under manage select API permissions, click Add a permission and select Microsoft Graph then select delegated permissions.
-
Search and select the following permissions: Files.Read, Files.ReadWrite, Files.Read.All, Files.ReadWrite.All, offline_access, User.Read, and optionally Sites.Read.All (see below). Once selected click Add permissions at the bottom.
-
-
Now the application is complete. Run rclone config to create or edit a OneDrive remote. Supply the app ID and password as Client ID and Secret, respectively. rclone will walk you through the remaining steps.
-
The Sites.Read.All permission is required if you need to search SharePoint sites when configuring the remote. However, if that permission is not assigned, you need to set disable_site_permission option to true in the advanced options.
-
Modification time and hashes
-
OneDrive allows modification times to be set on objects accurate to 1 second. These will be used to detect whether objects need syncing or not.
-
OneDrive personal supports SHA1 type hashes. OneDrive for business and Sharepoint Server support QuickXorHash.
-
For all types of OneDrive you can use the --checksum flag.
-
Restricted filename characters
+
Make a new directory
+
rclone mkdir remote:directory
+
List the contents of a directory
+
rclone ls remote:directory
+
Sync /home/local/directory to the remote path, deleting any excess files in the path.
Files support a modification time attribute with up to 1 second precision. Directories do not have a modification time, which is shown as "Jan 1 1970".
+
Hash checksums
+
Hash sums use a custom Mail.ru algorithm based on SHA1. If file size is less than or equal to the SHA1 block size (20 bytes), its hash is simply its data right-padded with zero bytes. Hash sum of a larger file is computed as a SHA1 sum of the file data bytes concatenated with a decimal representation of the data length.
+
Emptying Trash
+
Removing a file or directory actually moves it to the trash, which is not visible to rclone but can be seen in a web browser. The trashed file still occupies part of total quota. If you wish to empty your trash and free some quota, you can use the rclone cleanup remote: command, which will permanently delete all your trashed files. This command does not take any path arguments.
+
Quota information
+
To view your current quota you can use the rclone about remote: command which will display your usage limit (quota) and the current usage.
File names can also not end with the following characters. These only get replaced if they are the last character in the name:
-
-
-
-
Character
-
Value
-
Replacement
-
-
-
-
-
SP
-
0x20
-
␠
-
-
-
.
-
0x2E
-
.
-
-
-
-
File names can also not begin with the following characters. These only get replaced if they are the first character in the name:
-
-
-
-
Character
-
Value
-
Replacement
-
-
-
-
-
SP
-
0x20
-
␠
-
-
-
~
-
0x7E
-
~
-
-
-
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-
Deleting files
-
Any files you delete with rclone will end up in the trash. Microsoft doesn't provide an API to permanently delete files, nor to empty the trash, so you will have to do that with one of Microsoft's apps or via the OneDrive website.
-
Standard options
-
Here are the standard options specific to onedrive (Microsoft OneDrive).
-
--onedrive-client-id
-
OAuth Client Id.
-
Leave blank normally.
+
Standard options
+
Here are the Standard options specific to mailru (Mail.ru Cloud).
+
--mailru-user
+
User name (usually email).
Properties:
-
Config: client_id
-
Env Var: RCLONE_ONEDRIVE_CLIENT_ID
+
Config: user
+
Env Var: RCLONE_MAILRU_USER
Type: string
-
Required: false
+
Required: true
-
--onedrive-client-secret
-
OAuth Client Secret.
-
Leave blank normally.
+
--mailru-pass
+
Password.
+
This must be an app password - rclone will not work with your normal password. See the Configuration section in the docs for how to make an app password.
Skip full upload if there is another file with same data hash.
+
This feature is called "speedup" or "put by hash". It is especially efficient in case of generally available files like popular books, video or audio clips, because files are searched by hash in all accounts of all mailru users. It is meaningless and ineffective if source file is unique or encrypted. Please note that rclone may need local memory and disk space to calculate content hash in advance and decide whether full upload is required. Also, if rclone does not know file size in advance (e.g. in case of streaming or partial uploads), it will not even try this optimization.
Properties:
-
Config: region
-
Env Var: RCLONE_ONEDRIVE_REGION
-
Type: string
-
Default: "global"
+
Config: speedup_enable
+
Env Var: RCLONE_MAILRU_SPEEDUP_ENABLE
+
Type: bool
+
Default: true
Examples:
-
"global"
-
-
Microsoft Cloud Global
-
-
"us"
-
-
Microsoft Cloud for US Government
-
-
"de"
+
"true"
-
Microsoft Cloud Germany
+
Enable
-
"cn"
+
"false"
-
Azure and Office 365 operated by 21Vianet in China
+
Disable
-
Advanced options
-
Here are the advanced options specific to onedrive (Microsoft OneDrive).
-
--onedrive-token
-
OAuth Access Token as a JSON blob.
-
Properties:
-
-
Config: token
-
Env Var: RCLONE_ONEDRIVE_TOKEN
-
Type: string
-
Required: false
-
-
--onedrive-auth-url
-
Auth server URL.
-
Leave blank to use the provider defaults.
+
Advanced options
+
Here are the Advanced options specific to mailru (Mail.ru Cloud).
+
--mailru-speedup-file-patterns
+
Comma separated list of file name patterns eligible for speedup (put by hash).
+
Patterns are case insensitive and can contain '*' or '?' meta characters.
Properties:
-
Config: auth_url
-
Env Var: RCLONE_ONEDRIVE_AUTH_URL
+
Config: speedup_file_patterns
+
Env Var: RCLONE_MAILRU_SPEEDUP_FILE_PATTERNS
Type: string
-
Required: false
-
-
--onedrive-token-url
-
Token server url.
-
Leave blank to use the provider defaults.
-
Properties:
+
Default: ".mkv,.avi,.mp4,.mp3,.zip,.gz,.rar,.pdf"
+
Examples:
-
Config: token_url
-
Env Var: RCLONE_ONEDRIVE_TOKEN_URL
-
Type: string
-
Required: false
-
-
--onedrive-chunk-size
-
Chunk size to upload files with - must be multiple of 320k (327,680 bytes).
-
Above this size files will be chunked - must be multiple of 320k (327,680 bytes) and should not exceed 250M (262,144,000 bytes) else you may encounter "Microsoft.SharePoint.Client.InvalidClientQueryException: The request message is too big." Note that the chunks will be buffered into memory.
-
Properties:
+
""
-
Config: chunk_size
-
Env Var: RCLONE_ONEDRIVE_CHUNK_SIZE
-
Type: SizeSuffix
-
Default: 10Mi
-
-
--onedrive-drive-id
-
The ID of the drive to use.
-
Properties:
+
Empty list completely disables speedup (put by hash).
+
+
"*"
-
Config: drive_id
-
Env Var: RCLONE_ONEDRIVE_DRIVE_ID
-
Type: string
-
Required: false
-
-
--onedrive-drive-type
-
The type of the drive (personal | business | documentLibrary).
-
Properties:
+
All files will be attempted for speedup.
+
+
".mkv,.avi,.mp4,.mp3"
-
Config: drive_type
-
Env Var: RCLONE_ONEDRIVE_DRIVE_TYPE
-
Type: string
-
Required: false
-
-
--onedrive-root-folder-id
-
ID of the root folder.
-
This isn't normally needed, but in special circumstances you might know the folder ID that you wish to access but not be able to get there through a path traversal.
-
Properties:
+
Only common audio/video files will be tried for put by hash.
+
+
".zip,.gz,.rar,.pdf"
-
Config: root_folder_id
-
Env Var: RCLONE_ONEDRIVE_ROOT_FOLDER_ID
-
Type: string
-
Required: false
+
Only common archives or PDF books will be tried for speedup.
+
+
-
--onedrive-disable-site-permission
-
Disable the request for Sites.Read.All permission.
-
If set to true, you will no longer be able to search for a SharePoint site when configuring drive ID, because rclone will not request Sites.Read.All permission. Set it to true if your organization didn't assign Sites.Read.All permission to the application, and your organization disallows users to consent app permission request on their own.
+
--mailru-speedup-max-disk
+
This option allows you to disable speedup (put by hash) for large files.
+
Reason is that preliminary hashing can exhaust your RAM or disk space.
Properties:
-
Config: disable_site_permission
-
Env Var: RCLONE_ONEDRIVE_DISABLE_SITE_PERMISSION
-
Type: bool
-
Default: false
-
-
--onedrive-expose-onenote-files
-
Set to make OneNote files show up in directory listings.
-
By default, rclone will hide OneNote files in directory listings because operations like "Open" and "Update" won't work on them. But this behaviour may also prevent you from deleting them. If you want to delete OneNote files or otherwise want them to show up in directory listing, set this option.
-
Properties:
+
Config: speedup_max_disk
+
Env Var: RCLONE_MAILRU_SPEEDUP_MAX_DISK
+
Type: SizeSuffix
+
Default: 3Gi
+
Examples:
-
Config: expose_onenote_files
-
Env Var: RCLONE_ONEDRIVE_EXPOSE_ONENOTE_FILES
-
Type: bool
-
Default: false
-
-
--onedrive-server-side-across-configs
-
Allow server-side operations (e.g. copy) to work across different onedrive configs.
-
This will only work if you are copying between two OneDrive Personal drives AND the files to copy are already shared between them. In other cases, rclone will fall back to normal copy (which will be slightly slower).
Onedrive for business creates versions when rclone uploads new files overwriting an existing one and when it sets the modification time.
-
These versions take up space out of the quota.
-
This flag checks for versions after file upload and setting modification time and removes all but the last version.
-
NB Onedrive personal can't currently delete versions so don't use this flag there.
-
Properties:
+
Files larger than 1Gb will be uploaded directly.
+
+
"3G"
-
Config: no_versions
-
Env Var: RCLONE_ONEDRIVE_NO_VERSIONS
-
Type: bool
-
Default: false
+
Choose this option if you have less than 3Gb free on local disk.
+
+
-
--onedrive-link-scope
-
Set the scope of the links created by the link command.
+
--mailru-speedup-max-memory
+
Files larger than the size given below will always be hashed on disk.
Properties:
-
Config: link_scope
-
Env Var: RCLONE_ONEDRIVE_LINK_SCOPE
-
Type: string
-
Default: "anonymous"
+
Config: speedup_max_memory
+
Env Var: RCLONE_MAILRU_SPEEDUP_MAX_MEMORY
+
Type: SizeSuffix
+
Default: 32Mi
Examples:
-
"anonymous"
+
"0"
-
Anyone with the link has access, without needing to sign in.
-
This may include people outside of your organization.
-
Anonymous link support may be disabled by an administrator.
+
Preliminary hashing will always be done in a temporary disk location.
-
"organization"
+
"32M"
-
Anyone signed into your organization (tenant) can use the link to get access.
-
Only available in OneDrive for Business and SharePoint.
+
Do not dedicate more than 32Mb RAM for preliminary hashing.
+
+
"256M"
+
+
You have at most 256Mb RAM free for hash calculations.
-
--onedrive-link-type
-
Set the type of the links created by the link command.
+
--mailru-check-hash
+
What should copy do if file checksum is mismatched or invalid.
Properties:
-
Config: link_type
-
Env Var: RCLONE_ONEDRIVE_LINK_TYPE
-
Type: string
-
Default: "view"
+
Config: check_hash
+
Env Var: RCLONE_MAILRU_CHECK_HASH
+
Type: bool
+
Default: true
Examples:
-
"view"
-
-
Creates a read-only link to the item.
-
-
"edit"
+
"true"
-
Creates a read-write link to the item.
+
Fail with error.
-
"embed"
+
"false"
-
Creates an embeddable link to the item.
+
Ignore and continue.
-
--onedrive-link-password
-
Set the password for links created by the link command.
-
At the time of writing this only works with OneDrive personal paid accounts.
+
--mailru-user-agent
+
HTTP user agent used internally by client.
+
Defaults to "rclone/VERSION" or "--user-agent" provided on command line.
Properties:
-
Config: link_password
-
Env Var: RCLONE_ONEDRIVE_LINK_PASSWORD
+
Config: user_agent
+
Env Var: RCLONE_MAILRU_USER_AGENT
Type: string
Required: false
-
--onedrive-encoding
+
--mailru-quirks
+
Comma separated list of internal maintenance flags.
+
This option must not be used by an ordinary user. It is intended only to facilitate remote troubleshooting of backend issues. Strict meaning of flags is not documented and not guaranteed to persist between releases. Quirks will be removed when the backend grows stable. Supported quirks: atomicmkdir binlist unknowndirs
If you don't use rclone for 90 days the refresh token will expire. This will result in authorization problems. This is easy to fix by running the rclone config reconnect remote: command to get a new token and refresh token.
-
Naming
-
Note that OneDrive is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
-
There are quite a few characters that can't be in OneDrive file names. These can't occur on Windows platforms, but on non-Windows platforms they are common. Rclone will map these names to and from an identical looking unicode equivalent. For example if a file has a ? in it will be mapped to ? instead.
-
File sizes
-
The largest allowed file size is 250 GiB for both OneDrive Personal and OneDrive for Business (Updated 13 Jan 2021).
-
Path length
-
The entire path, including the file name, must contain fewer than 400 characters for OneDrive, OneDrive for Business and SharePoint Online. If you are encrypting file and folder names with rclone, you may want to pay attention to this limitation because the encrypted names are typically longer than the original ones.
-
Number of files
-
OneDrive seems to be OK with at least 50,000 files in a folder, but at 100,000 rclone will get errors listing the directory like couldn’t list files: UnknownError:. See #2707 for more info.
-
An official document about the limitations for different types of OneDrive can be found here.
-
Versions
-
Every change in a file OneDrive causes the service to create a new version of the the file. This counts against a users quota. For example changing the modification time of a file creates a second version, so the file apparently uses twice the space.
-
For example the copy command is affected by this as rclone copies the file and then afterwards sets the modification time to match the source file which uses another version.
-
You can use the rclone cleanup command (see below) to remove all old versions.
-
Or you can set the no_versions parameter to true and rclone will remove versions after operations which create new versions. This takes extra transactions so only enable it if you need it.
-
Note At the time of writing Onedrive Personal creates versions (but not for setting the modification time) but the API for removing them returns "API not found" so cleanup and no_versions should not be used on Onedrive Personal.
-
Disabling versioning
-
Starting October 2018, users will no longer be able to disable versioning by default. This is because Microsoft has brought an update to the mechanism. To change this new default setting, a PowerShell command is required to be run by a SharePoint admin. If you are an admin, you can run these commands in PowerShell to change that setting:
-
-
Install-Module -Name Microsoft.Online.SharePoint.PowerShell (in case you haven't installed this already)
Connect-SPOService -Url https://YOURSITE-admin.sharepoint.com -Credential YOU@YOURSITE.COM (replacing YOURSITE, YOU, YOURSITE.COM with the actual values; this will prompt for your credentials)
Disconnect-SPOService (to disconnect from the server)
-
-
Below are the steps for normal users to disable versioning. If you don't see the "No Versioning" option, make sure the above requirements are met.
-
User Weropol has found a method to disable versioning on OneDrive
-
-
Open the settings menu by clicking on the gear symbol at the top of the OneDrive Business page.
-
Click Site settings.
-
Once on the Site settings page, navigate to Site Administration > Site libraries and lists.
-
Click Customize "Documents".
-
Click General Settings > Versioning Settings.
-
Under Document Version History select the option No versioning. Note: This will disable the creation of new file versions, but will not remove any previous versions. Your documents are safe.
-
Apply the changes by clicking OK.
-
Use rclone to upload or modify files. (I also use the --no-update-modtime flag)
-
Restore the versioning settings after using rclone. (Optional)
-
-
Cleanup
-
OneDrive supports rclone cleanup which causes rclone to look through every file under the path supplied and delete all version but the current version. Because this involves traversing all the files, then querying each file for versions it can be quite slow. Rclone does --checkers tests in parallel. The command also supports -i which is a great way to see what it would do.
-
rclone cleanup -i remote:path/subdir # interactively remove all old version for path/subdir
-rclone cleanup remote:path/subdir # unconditionally remove all old version for path/subdir
-
NB Onedrive personal can't currently delete versions
-
Troubleshooting
-
Excessive throttling or blocked on SharePoint
-
If you experience excessive throttling or is being blocked on SharePoint then it may help to set the user agent explicitly with a flag like this: --user-agent "ISV|rclone.org|rclone/v1.55.1"
Unexpected file size/hash differences on Sharepoint
-
It is a known issue that Sharepoint (not OneDrive or OneDrive for Business) silently modifies uploaded files, mainly Office files (.docx, .xlsx, etc.), causing file size and hash checks to fail. There are also other situations that will cause OneDrive to report inconsistent file sizes. To use rclone with such affected files on Sharepoint, you may disable these checks with the following command line arguments:
-
--ignore-checksum --ignore-size
-
Alternatively, if you have write access to the OneDrive files, it may be possible to fix this problem for certain files, by attempting the steps below. Open the web interface for OneDrive and find the affected files (which will be in the error messages/log for rclone). Simply click on each of these files, causing OneDrive to open them on the web. This will cause each file to be converted in place to a format that is functionally equivalent but which will no longer trigger the size discrepancy. Once all problematic files are converted you will no longer need the ignore options above.
-
Replacing/deleting existing files on Sharepoint gets "item not found"
-
It is a known issue that Sharepoint (not OneDrive or OneDrive for Business) may return "item not found" errors when users try to replace or delete uploaded files; this seems to mainly affect Office files (.docx, .xlsx, etc.). As a workaround, you may use the --backup-dir <BACKUP_DIR> command line argument so rclone moves the files to be replaced/deleted into a given backup directory (instead of directly replacing/deleting them). For example, to instruct rclone to move the files into the directory rclone-backup-dir on backend mysharepoint, you may use:
-
--backup-dir mysharepoint:rclone-backup-dir
-
access_denied (AADSTS65005)
-
Error: access_denied
-Code: AADSTS65005
-Description: Using application 'rclone' is currently not supported for your organization [YOUR_ORGANIZATION] because it is in an unmanaged state. An administrator needs to claim ownership of the company by DNS validation of [YOUR_ORGANIZATION] before the application rclone can be provisioned.
-
This means that rclone can't use the OneDrive for Business API with your account. You can't do much about it, maybe write an email to your admins.
-
However, there are other ways to interact with your OneDrive account. Have a look at the webdav backend: https://rclone.org/webdav/#sharepoint
-
invalid_grant (AADSTS50076)
-
Error: invalid_grant
-Code: AADSTS50076
-Description: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '...'.
-
If you see the error above after enabling multi-factor authentication for your account, you can fix it by refreshing your OAuth refresh token. To do that, run rclone config, and choose to edit your OneDrive backend. Then, you don't need to actually make any changes until you reach this question: Already have a token - refresh?. For this question, answer y and go through the process to refresh your token, just like the first time the backend is configured. After this, rclone should work again for this backend.
-
Invalid request when making public links
-
On Sharepoint and OneDrive for Business, rclone link may return an "Invalid request" error. A possible cause is that the organisation admin didn't allow public links to be made for the organisation/sharepoint library. To fix the permissions as an admin, take a look at the docs: 1, 2.
-
OpenDrive
+
Limitations
+
File size limits depend on your account. A single file size is limited by 2G for a free account and unlimited for paid tariffs. Please refer to the Mail.ru site for the total uploaded size limits.
+
Note that Mailru is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
+
Mega
+
Mega is a cloud storage and file hosting service known for its security feature where all files are encrypted locally before they are uploaded. This prevents anyone (including employees of Mega) from accessing the files without knowledge of the key used for encryption.
+
This is an rclone backend for Mega which supports the file transfer features of Mega using the same client side encryption.
Paths are specified as remote:path
Paths may be as deep as required, e.g. remote:directory/subdirectory.
-
Configuration
+
Configuration
Here is an example of how to make a remote called remote. First run:
rclone config
This will guide you through an interactive setup process:
-
n) New remote
-d) Delete remote
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
q) Quit config
-e/n/d/q> n
+n/s/q> n
name> remote
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / OpenDrive
- \ "opendrive"
+XX / Mega
+ \ "mega"
[snip]
-Storage> opendrive
-Username
-username>
-Password
+Storage> mega
+User name
+user> you@example.com
+Password.
y) Yes type in my own password
g) Generate random password
-y/g> y
+n) No leave this optional password blank
+y/g/n> y
Enter the password:
password:
Confirm the password:
password:
+Remote config
--------------------
[remote]
-username =
-password = *** ENCRYPTED ***
+type = mega
+user = you@example.com
+pass = *** ENCRYPTED ***
--------------------
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y
-
List directories in top level of your OpenDrive
+
NOTE: The encryption keys need to have been already generated after a regular login via the browser, otherwise attempting to use the credentials in rclone will fail.
+
Once configured you can then use rclone like this,
+
List directories in top level of your Mega
rclone lsd remote:
-
List all the files in your OpenDrive
+
List all the files in your Mega
rclone ls remote:
-
To copy a local directory to an OpenDrive directory called backup
+
To copy a local directory to an Mega directory called backup
rclone copy /home/source remote:backup
-
Modified time and MD5SUMs
-
OpenDrive allows modification times to be set on objects accurate to 1 second. These will be used to detect whether objects need syncing or not.
-
Restricted filename characters
+
Modified time and hashes
+
Mega does not support modification times or hashes yet.
+
Restricted filename characters
@@ -20726,641 +23181,998 @@
Restricted filename characters
0x2F
/
-
-
"
-
0x22
-
"
-
-
-
*
-
0x2A
-
*
-
-
-
:
-
0x3A
-
:
-
-
-
<
-
0x3C
-
<
-
-
-
>
-
0x3E
-
>
-
-
-
?
-
0x3F
-
?
-
-
-
\
-
0x5C
-
\
-
-
-
|
-
0x7C
-
|
-
-
-
-
File names can also not begin or end with the following characters. These only get replaced if they are the first or last character in the name:
-
-
-
-
Character
-
Value
-
Replacement
-
-
-
-
-
SP
-
0x20
-
␠
-
-
-
HT
-
0x09
-
␉
-
-
-
LF
-
0x0A
-
␊
-
-
-
VT
-
0x0B
-
␋
-
-
-
CR
-
0x0D
-
␍
-
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-
Standard options
-
Here are the standard options specific to opendrive (OpenDrive).
-
--opendrive-username
-
Username.
+
Duplicated files
+
Mega can have two files with exactly the same name and path (unlike a normal file system).
+
Duplicated files cause problems with the syncing and you will see messages in the log about duplicates.
+
Use rclone dedupe to fix duplicated files.
+
Failure to log-in
+
Object not found
+
If you are connecting to your Mega remote for the first time, to test access and synchronization, you may receive an error such as
+
Failed to create file system for "my-mega-remote:":
+couldn't login: Object (typically, node or user) not found
+
The diagnostic steps often recommended in the rclone forum start with the MEGAcmd utility. Note that this refers to the official C++ command from https://github.com/meganz/MEGAcmd and not the go language built command from t3rm1n4l/megacmd that is no longer maintained.
+
Follow the instructions for installing MEGAcmd and try accessing your remote as they recommend. You can establish whether or not you can log in using MEGAcmd, and obtain diagnostic information to help you, and search or work with others in the forum.
+
MEGA CMD> login me@example.com
+Password:
+Fetching nodes ...
+Loading transfers from local cache
+Login complete as me@example.com
+me@example.com:/$
+
Note that some have found issues with passwords containing special characters. If you can not log on with rclone, but MEGAcmd logs on just fine, then consider changing your password temporarily to pure alphanumeric characters, in case that helps.
+
Repeated commands blocks access
+
Mega remotes seem to get blocked (reject logins) under "heavy use". We haven't worked out the exact blocking rules but it seems to be related to fast paced, successive rclone commands.
+
For example, executing this command 90 times in a row rclone link remote:file will cause the remote to become "blocked". This is not an abnormal situation, for example if you wish to get the public links of a directory with hundred of files... After more or less a week, the remote will remote accept rclone logins normally again.
+
You can mitigate this issue by mounting the remote it with rclone mount. This will log-in when mounting and a log-out when unmounting only. You can also run rclone rcd and then use rclone rc to run the commands over the API to avoid logging in each time.
+
Rclone does not currently close mega sessions (you can see them in the web interface), however closing the sessions does not solve the issue.
+
If you space rclone commands by 3 seconds it will avoid blocking the remote. We haven't identified the exact blocking rules, so perhaps one could execute the command 80 times without waiting and avoid blocking by waiting 3 seconds, then continuing...
+
Note that this has been observed by trial and error and might not be set in stone.
+
Other tools seem not to produce this blocking effect, as they use a different working approach (state-based, using sessionIDs instead of log-in) which isn't compatible with the current stateless rclone approach.
+
Note that once blocked, the use of other tools (such as megacmd) is not a sure workaround: following megacmd login times have been observed in succession for blocked remote: 7 minutes, 20 min, 30min, 30 min, 30min. Web access looks unaffected though.
+
Investigation is continuing in relation to workarounds based on timeouts, pacers, retrials and tpslimits - if you discover something relevant, please post on the forum.
+
So, if rclone was working nicely and suddenly you are unable to log-in and you are sure the user and the password are correct, likely you have got the remote blocked for a while.
+
Standard options
+
Here are the Standard options specific to mega (Mega).
Here are the advanced options specific to opendrive (OpenDrive).
-
--opendrive-encoding
+
Advanced options
+
Here are the Advanced options specific to mega (Mega).
+
--mega-debug
+
Output more debug from Mega.
+
If this flag is set (along with -vv) it will print further debugging information from the mega backend.
+
Properties:
+
+
Config: debug
+
Env Var: RCLONE_MEGA_DEBUG
+
Type: bool
+
Default: false
+
+
--mega-hard-delete
+
Delete files permanently rather than putting them into the trash.
+
Normally the mega backend will put all deletions into the trash rather than permanently deleting them. If you specify this then rclone will permanently delete objects instead.
Note that these chunks are buffered in memory so increasing them will increase memory use.
-
Properties:
-
-
Config: chunk_size
-
Env Var: RCLONE_OPENDRIVE_CHUNK_SIZE
-
Type: SizeSuffix
-
Default: 10Mi
+
Default: Slash,InvalidUtf8,Dot
-
Limitations
-
Note that OpenDrive is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
-
There are quite a few characters that can't be in OpenDrive file names. These can't occur on Windows platforms, but on non-Windows platforms they are common. Rclone will map these names to and from an identical looking unicode equivalent. For example if a file has a ? in it will be mapped to ? instead.
-
rclone about is not supported by the OpenDrive backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
Paths are specified as remote:bucket (or remote: for the lsd command.) You may put subdirectories in too, e.g. remote:bucket/path/to/dir.
-
Configuration
-
Here is an example of making an QingStor configuration. First run
-
rclone config
-
This will guide you through an interactive setup process.
+
Limitations
+
This backend uses the go-mega go library which is an opensource go library implementing the Mega API. There doesn't appear to be any documentation for the mega protocol beyond the mega C++ SDK source code so there are likely quite a few errors still remaining in this library.
+
Mega allows duplicate files which may confuse rclone.
+
Memory
+
The memory backend is an in RAM backend. It does not persist its data - use the local backend for that.
+
The memory backend behaves like a bucket-based remote (e.g. like s3). Because it has no parameters you can just use it with the :memory: remote name.
+
Configuration
+
You can configure it as a remote like this with rclone config too if you want to:
No remotes found, make a new one?
n) New remote
-r) Rename remote
-c) Copy remote
s) Set configuration password
q) Quit config
-n/r/c/s/q> n
+n/s/q> n
name> remote
Type of storage to configure.
+Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
[snip]
-XX / QingStor Object Storage
- \ "qingstor"
+XX / Memory
+ \ "memory"
[snip]
-Storage> qingstor
-Get QingStor credentials from runtime. Only applies if access_key_id and secret_access_key is blank.
-Choose a number from below, or type in your own value
- 1 / Enter QingStor credentials in the next step
- \ "false"
- 2 / Get QingStor credentials from the environment (env vars or IAM)
- \ "true"
-env_auth> 1
-QingStor Access Key ID - leave blank for anonymous access or runtime credentials.
-access_key_id> access_key
-QingStor Secret Access Key (password) - leave blank for anonymous access or runtime credentials.
-secret_access_key> secret_key
-Enter an endpoint URL to connection QingStor API.
-Leave blank will use the default value "https://qingstor.com:443"
-endpoint>
-Zone connect to. Default is "pek3a".
-Choose a number from below, or type in your own value
- / The Beijing (China) Three Zone
- 1 | Needs location constraint pek3a.
- \ "pek3a"
- / The Shanghai (China) First Zone
- 2 | Needs location constraint sh1a.
- \ "sh1a"
-zone> 1
-Number of connection retry.
-Leave blank will use the default value "3".
-connection_retries>
+Storage> memory
+** See help for memory backend at: https://rclone.org/memory/ **
+
Remote config
+
--------------------
[remote]
-env_auth = false
-access_key_id = access_key
-secret_access_key = secret_key
-endpoint =
-zone = pek3a
-connection_retries =
+type = memory
--------------------
-y) Yes this is OK
+y) Yes this is OK (default)
e) Edit this remote
d) Delete this remote
y/e/d> y
-
This remote is called remote and can now be used like this
-
See all buckets
-
rclone lsd remote:
-
Make a new bucket
-
rclone mkdir remote:bucket
-
List the contents of a bucket
-
rclone ls remote:bucket
-
Sync /home/local/directory to the remote bucket, deleting any excess files in the bucket.
This remote supports --fast-list which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
-
Multipart uploads
-
rclone supports multipart uploads with QingStor which means that it can upload files bigger than 5 GiB. Note that files uploaded with multipart upload don't have an MD5SUM.
-
Note that incomplete multipart uploads older than 24 hours can be removed with rclone cleanup remote:bucket just for one bucket rclone cleanup remote: for all buckets. QingStor does not ever remove incomplete multipart uploads so it may be necessary to run this from time to time.
-
Buckets and Zone
-
With QingStor you can list buckets (rclone lsd) using any zone, but you can only access the content of a bucket from the zone it was created in. If you attempt to access a bucket from the wrong zone, you will get an error, incorrect zone, the bucket is not in 'XXX' zone.
-
Authentication
-
There are two ways to supply rclone with a set of QingStor credentials. In order of precedence:
+
Because the memory backend isn't persistent it is most useful for testing or with an rclone server or rclone mount, e.g.
Paths are specified as remote: You may put subdirectories in too, e.g. remote:/path/to/dir. If you have a CP code you can use that as the folder after the domain such as <domain>/<cpcode>/<internal directories within cpcode>.
+
For example, this is commonly configured with or without a CP code: * With a CP code. [your-domain-prefix]-nsu.akamaihd.net/123456/subdirectory/ * Without a CP code. [your-domain-prefix]-nsu.akamaihd.net
+
See all buckets rclone lsd remote: The initial setup for Netstorage involves getting an account and secret. Use rclone config to walk you through the setup process.
+
Configuration
+
Here's an example of how to make a remote called ns1.
+
+
To begin the interactive configuration process, enter this command:
+
+
rclone config
+
+
Type n to create a new remote.
+
+
n) New remote
+d) Delete remote
+q) Quit config
+e/n/d/q> n
+
+
For this example, enter ns1 when you reach the name> prompt.
+
+
name> ns1
+
+
Enter netstorage as the type of storage to configure.
+
+
Type of storage to configure.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+XX / NetStorage
+ \ "netstorage"
+Storage> netstorage
+
+
Select between the HTTP or HTTPS protocol. Most users should choose HTTPS, which is the default. HTTP is provided primarily for debugging purposes.
+
+
Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 1 / HTTP protocol
+ \ "http"
+ 2 / HTTPS protocol
+ \ "https"
+protocol> 1
+
+
Specify your NetStorage host, CP code, and any necessary content paths using this format: <domain>/<cpcode>/<content>/
+
+
Enter a string value. Press Enter for the default ("").
+host> baseball-nsu.akamaihd.net/123456/content/
+
+
Set the netstorage account name
+
+
Enter a string value. Press Enter for the default ("").
+account> username
+
+
Set the Netstorage account secret/G2O key which will be used for authentication purposes. Select the y option to set your own password then enter your secret. Note: The secret is stored in the rclone.conf file with hex-encoded encryption.
+
+
y) Yes type in my own password
+g) Generate random password
+y/g> y
+Enter the password:
+password:
+Confirm the password:
+password:
+
+
View the summary and confirm your remote configuration.
+
+
[ns1]
+type = netstorage
+protocol = http
+host = baseball-nsu.akamaihd.net/123456/content/
+account = username
+secret = *** ENCRYPTED ***
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
This remote is called ns1 and can now be used.
+
Example operations
+
Get started with rclone and NetStorage with these examples. For additional rclone commands, visit https://rclone.org/commands/.
+
See contents of a directory in your project
+
rclone lsd ns1:/974012/testing/
+
Sync the contents local with remote
+
rclone sync . ns1:/974012/testing/
+
Upload local content to remote
+
rclone copy notes.txt ns1:/974012/testing/
+
Delete content on remote
+
rclone delete ns1:/974012/testing/notes.txt
+
Move or copy content between CP codes.
+
Your credentials must have access to two CP codes on the same remote. You can't perform operations between different remotes.
The Netstorage backend changes the rclone --links, -l behavior. When uploading, instead of creating the .rclonelink file, use the "symlink" API in order to create the corresponding symlink on the remote. The .rclonelink file will not be created, the upload will be intercepted and only the symlink file that matches the source file name with no suffix will be created on the remote.
+
This will effectively allow commands like copy/copyto, move/moveto and sync to upload from local to remote and download from remote to local directories with symlinks. Due to internal rclone limitations, it is not possible to upload an individual symlink file to any remote backend. You can always use the "backend symlink" command to create a symlink on the NetStorage server, refer to "symlink" section below.
+
Individual symlink files on the remote can be used with the commands like "cat" to print the destination name, or "delete" to delete symlink, or copy, copy/to and move/moveto to download from the remote to local. Note: individual symlink files on the remote should be specified including the suffix .rclonelink.
+
Note: No file with the suffix .rclonelink should ever exist on the server since it is not possible to actually upload/create a file with .rclonelink suffix with rclone, it can only exist if it is manually created through a non-rclone method on the remote.
+
Implicit vs. Explicit Directories
+
With NetStorage, directories can exist in one of two forms:
+
+
Explicit Directory. This is an actual, physical directory that you have created in a storage group.
+
Implicit Directory. This refers to a directory within a path that has not been physically created. For example, during upload of a file, nonexistent subdirectories can be specified in the target path. NetStorage creates these as "implicit." While the directories aren't physically created, they exist implicitly and the noted path is connected with the uploaded file.
+
+
Rclone will intercept all file uploads and mkdir commands for the NetStorage remote and will explicitly issue the mkdir command for each directory in the uploading path. This will help with the interoperability with the other Akamai services such as SFTP and the Content Management Shell (CMShell). Rclone will not guarantee correctness of operations with implicit directories which might have been created as a result of using an upload API directly.
+
--fast-list / ListR support
+
NetStorage remote supports the ListR feature by using the "list" NetStorage API action to return a lexicographical list of all objects within the specified CP code, recursing into subdirectories as they're encountered.
-
Directly in the rclone configuration file (as configured by rclone config)
+
Rclone will use the ListR method for some commands by default. Commands such as lsf -R will use ListR by default. To disable this, include the --disable listR option to use the non-recursive method of listing objects.
+
Rclone will not use the ListR method for some commands. Commands such as sync don't use ListR by default. To force using the ListR method, include the --fast-list option.
+
+
There are pros and cons of using the ListR method, refer to rclone documentation. In general, the sync command over an existing deep tree on the remote will run faster with the "--fast-list" flag but with extra memory usage as a side effect. It might also result in higher CPU utilization but the whole task can be completed faster.
+
Note: There is a known limitation that "lsf -R" will display number of files in the directory and directory size as -1 when ListR method is used. The workaround is to pass "--disable listR" flag if these numbers are important in the output.
+
Purge
+
NetStorage remote supports the purge feature by using the "quick-delete" NetStorage API action. The quick-delete action is disabled by default for security reasons and can be enabled for the account through the Akamai portal. Rclone will first try to use quick-delete action for the purge command and if this functionality is disabled then will fall back to a standard delete method.
+
Note: Read the NetStorage Usage API for considerations when using "quick-delete". In general, using quick-delete method will not delete the tree immediately and objects targeted for quick-delete may still be accessible.
+
Standard options
+
Here are the Standard options specific to netstorage (Akamai NetStorage).
+
--netstorage-host
+
Domain+path of NetStorage host to connect to.
+
Format should be <domain>/<internal folders>
+
Properties:
-
set access_key_id and secret_access_key
-
-
Runtime configuration:
+
Config: host
+
Env Var: RCLONE_NETSTORAGE_HOST
+
Type: string
+
Required: true
+
+
--netstorage-account
+
Set the NetStorage account name
+
Properties:
-
set env_auth to true in the config file
-
Exporting the following environment variables before running rclone
+
Config: account
+
Env Var: RCLONE_NETSTORAGE_ACCOUNT
+
Type: string
+
Required: true
+
+
--netstorage-secret
+
Set the NetStorage account secret/G2O key for authentication.
+
Please choose the 'y' option to set your own password then enter your secret.
The desired path location (including applicable sub-directories) ending in the object that will be the target of the symlink (for example, /links/mylink). Include the file extension for the object, if applicable. rclone backend symlink <src> <path>
+
Microsoft Azure Blob Storage
+
Paths are specified as remote:container (or remote: for the lsd command.) You may put subdirectories in too, e.g. remote:container/path/to/dir.
+
Configuration
+
Here is an example of making a Microsoft Azure Blob Storage configuration. For a remote called remote. First run:
+
rclone config
+
This will guide you through an interactive setup process:
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> remote
+Type of storage to configure.
+Choose a number from below, or type in your own value
+[snip]
+XX / Microsoft Azure Blob Storage
+ \ "azureblob"
+[snip]
+Storage> azureblob
+Storage Account Name
+account> account_name
+Storage Account Key
+key> base64encodedkey==
+Endpoint for the service - leave blank normally.
+endpoint>
+Remote config
+--------------------
+[remote]
+account = account_name
+key = base64encodedkey==
+endpoint =
+--------------------
+y) Yes this is OK
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
See all containers
+
rclone lsd remote:
+
Make a new container
+
rclone mkdir remote:container
+
List the contents of a container
+
rclone ls remote:container
+
Sync /home/local/directory to the remote container, deleting any excess files in the container.
This remote supports --fast-list which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
+
Modified time
+
The modified time is stored as metadata on the object with the mtime key. It is stored using RFC3339 Format time with nanosecond precision. The metadata is supplied during directory listings so there is no performance overhead to using it.
+
If you wish to use the Azure standard LastModified time stored on the object as the modified time, then use the --use-server-modtime flag. Note that rclone can't set LastModified, so using the --update flag when syncing is recommended if using --use-server-modtime.
+
Performance
+
When uploading large files, increasing the value of --azureblob-upload-concurrency will increase performance at the cost of using more memory. The default of 16 is set quite conservatively to use less memory. It maybe be necessary raise it to 64 or higher to fully utilize a 1 GBit/s link with a single file transfer.
File names can also not end with the following characters. These only get replaced if they are the last character in the name:
+
+
+
+
Character
+
Value
+
Replacement
+
+
+
+
+
.
+
0x2E
+
.
+
+
+
+
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
+
Hashes
+
MD5 hashes are stored with blobs. However blobs that were uploaded in chunks only have an MD5 if the source remote was capable of MD5 hashes, e.g. the local disk.
+
Authentication
+
There are a number of ways of supplying credentials for Azure Blob Storage. Rclone tries them in the order of the sections below.
+
Env Auth
+
If the env_auth config parameter is true then rclone will pull credentials from the environment or runtime.
+
It tries these authentication methods in this order:
+
+
Environment Variables
+
Managed Service Identity Credentials
+
Azure CLI credentials (as used by the az tool)
+
+
These are described in the following sections
+
Env Auth: 1. Environment Variables
+
If env_auth is set and environment variables are present rclone authenticates a service principal with a secret or certificate, or a user with a password, depending on which environment variable are set. It reads configuration from these variables, in the following order:
+
+
Service principal with client secret
+
+
AZURE_TENANT_ID: ID of the service principal's tenant. Also called its "directory" ID.
+
AZURE_CLIENT_ID: the service principal's client ID
+
AZURE_CLIENT_SECRET: one of the service principal's client secrets
+
+
Service principal with certificate
+
+
AZURE_TENANT_ID: ID of the service principal's tenant. Also called its "directory" ID.
+
AZURE_CLIENT_ID: the service principal's client ID
+
AZURE_CLIENT_CERTIFICATE_PATH: path to a PEM or PKCS12 certificate file including the private key.
+
AZURE_CLIENT_CERTIFICATE_PASSWORD: (optional) password for the certificate file.
+
AZURE_CLIENT_SEND_CERTIFICATE_CHAIN: (optional) Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to "true" or "1", authentication requests include the x5c header.
+
+
User with username and password
+
+
AZURE_TENANT_ID: (optional) tenant to authenticate in. Defaults to "organizations".
+
AZURE_CLIENT_ID: client ID of the application the user will authenticate to
+
AZURE_USERNAME: a username (usually an email address)
+
AZURE_PASSWORD: the user's password
+
+
+
Env Auth: 2. Managed Service Identity Credentials
+
When using Managed Service Identity if the VM(SS) on which this program is running has a system-assigned identity, it will be used by default. If the resource has no system-assigned but exactly one user-assigned identity, the user-assigned identity will be used by default.
+
If the resource has multiple user-assigned identities you will need to unset env_auth and set use_msi instead. See the use_msi section.
+
Env Auth: 3. Azure CLI credentials (as used by the az tool)
+
Credentials created with the az tool can be picked up using env_auth.
+
For example if you were to login with a service principal like this:
+
az login --service-principal -u XXX -p XXX --tenant XXX
az storage blob list --container-name CONTAINER --account-name ACCOUNT --auth-mode login
+
Account and Shared Key
+
This is the most straight forward and least flexible way. Just fill in the account and key lines and leave the rest blank.
+
SAS URL
+
This can be an account level SAS URL or container level SAS URL.
+
To use it leave account and key blank and fill in sas_url.
+
An account level SAS URL or container level SAS URL can be obtained from the Azure portal or the Azure Storage Explorer. To get a container level SAS URL right click on a container in the Azure Blob explorer in the Azure portal.
+
If you use a container level SAS URL, rclone operations are permitted only on a particular container, e.g.
+
rclone ls azureblob:container
+
You can also list the single container from the root. This will only show the container specified by the SAS URL.
+
$ rclone lsd azureblob:
+container/
+
Note that you can't see or access any other containers - this will fail
+
rclone ls azureblob:othercontainer
+
Container level SAS URLs are useful for temporarily allowing third parties access to a single container or putting credentials into an untrusted environment such as a CI build server.
+
Service principal with client secret
+
If these variables are set, rclone will authenticate with a service principal with a client secret.
+
+
tenant: ID of the service principal's tenant. Also called its "directory" ID.
+
client_id: the service principal's client ID
+
client_secret: one of the service principal's client secrets
+
+
The credentials can also be placed in a file using the service_principal_file configuration option.
+
Service principal with certificate
+
If these variables are set, rclone will authenticate with a service principal with certificate.
+
+
tenant: ID of the service principal's tenant. Also called its "directory" ID.
+
client_id: the service principal's client ID
+
client_certificate_path: path to a PEM or PKCS12 certificate file including the private key.
+
client_certificate_password: (optional) password for the certificate file.
+
client_send_certificate_chain: (optional) Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to "true" or "1", authentication requests include the x5c header.
+
+
NBclient_certificate_password must be obscured - see rclone obscure.
+
User with username and password
+
If these variables are set, rclone will authenticate with username and password.
+
+
tenant: (optional) tenant to authenticate in. Defaults to "organizations".
+
client_id: client ID of the application the user will authenticate to
+
username: a username (usually an email address)
+
password: the user's password
+
+
Microsoft doesn't recommend this kind of authentication, because it's less secure than other authentication flows. This method is not interactive, so it isn't compatible with any form of multi-factor authentication, and the application must already have user or admin consent. This credential can only authenticate work and school accounts; it can't authenticate Microsoft accounts.
If use_msi is set then managed service identity credentials are used. This authentication only works when running in an Azure service. env_auth needs to be unset to use this.
+
However if you have multiple user identities to choose from these must be explicitly specified using exactly one of the msi_object_id, msi_client_id, or msi_mi_res_id parameters.
+
If none of msi_object_id, msi_client_id, or msi_mi_res_id is set, this is is equivalent to using env_auth.
+
Standard options
+
Here are the Standard options specific to azureblob (Microsoft Azure Blob Storage).
+
--azureblob-account
+
Azure Storage Account Name.
+
Set this to the Azure Storage Account Name in use.
+
Leave blank to use SAS URL or Emulator, otherwise it needs to be set.
+
If this is blank and if env_auth is set it will be read from the environment variable AZURE_STORAGE_ACCOUNT_NAME if possible.
Properties:
-
Config: access_key_id
-
Env Var: RCLONE_QINGSTOR_ACCESS_KEY_ID
+
Config: account
+
Env Var: RCLONE_AZUREBLOB_ACCOUNT
Type: string
Required: false
-
--qingstor-secret-access-key
-
QingStor Secret Access Key (password).
-
Leave blank for anonymous access or runtime credentials.
+
--azureblob-env-auth
+
Read credentials from runtime (environment variables, CLI or MSI).
When uploading files larger than upload_cutoff they will be uploaded as multipart uploads using this chunk size.
-
Note that "--qingstor-upload-concurrency" chunks of this size are buffered in memory per transfer.
-
If you are transferring large files over high-speed links and you have enough memory, then increasing this will speed up the transfers.
+
Advanced options
+
Here are the Advanced options specific to azureblob (Microsoft Azure Blob Storage).
+
--azureblob-client-send-certificate-chain
+
Send the certificate chain when using certificate auth.
+
Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to true, authentication requests include the x5c header.
+
Optionally set this if using - Service principal with certificate
This is the number of chunks of the same file that are uploaded concurrently.
-
NB if you set this to > 1 then the checksums of multipart uploads become corrupted (the uploads themselves are not corrupted though).
-
If you are uploading small numbers of large files over high-speed links and these uploads do not fully utilize your bandwidth, then increasing this may help to speed up the transfers.
+
--azureblob-username
+
User name (usually an email address)
+
Set this if using - User with username and password
rclone about is not supported by the qingstor backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
Sia (sia.tech) is a decentralized cloud storage platform based on the blockchain technology. With rclone you can use it like any other remote filesystem or mount Sia folders locally. The technology behind it involves a number of new concepts such as Siacoins and Wallet, Blockchain and Consensus, Renting and Hosting, and so on. If you are new to it, you'd better first familiarize yourself using their excellent support documentation.
-
Introduction
-
Before you can use rclone with Sia, you will need to have a running copy of Sia-UI or siad (the Sia daemon) locally on your computer or on local network (e.g. a NAS). Please follow the Get started guide and install one.
-
rclone interacts with Sia network by talking to the Sia daemon via HTTP API which is usually available on port 9980. By default you will run the daemon locally on the same computer so it's safe to leave the API password blank (the API URL will be http://127.0.0.1:9980 making external access impossible).
-
However, if you want to access Sia daemon running on another node, for example due to memory constraints or because you want to share single daemon between several rclone and Sia-UI instances, you'll need to make a few more provisions: - Ensure you have Sia daemon installed directly or in a docker container because Sia-UI does not support this mode natively. - Run it on externally accessible port, for example provide --api-addr :9980 and --disable-api-security arguments on the daemon command line. - Enforce API password for the siad daemon via environment variable SIA_API_PASSWORD or text file named apipassword in the daemon directory. - Set rclone backend option api_password taking it from above locations.
-
Notes: 1. If your wallet is locked, rclone cannot unlock it automatically. You should either unlock it in advance by using Sia-UI or via command line siac wallet unlock. Alternatively you can make siad unlock your wallet automatically upon startup by running it with environment variable SIA_WALLET_PASSWORD. 2. If siad cannot find the SIA_API_PASSWORD variable or the apipassword file in the SIA_DIR directory, it will generate a random password and store in the text file named apipassword under YOUR_HOME/.sia/ directory on Unix or C:\Users\YOUR_HOME\AppData\Local\Sia\apipassword on Windows. Remember this when you configure password in rclone. 3. The only way to use siad without API password is to run it on localhost with command line argument --authorize-api=false, but this is insecure and strongly discouraged.
-
Configuration
-
Here is an example of how to make a sia remote called mySia. First, run:
-
rclone config
-
This will guide you through an interactive setup process:
-
No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> mySia
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-...
-29 / Sia Decentralized Cloud
- \ "sia"
-...
-Storage> sia
-Sia daemon API URL, like http://sia.daemon.host:9980.
-Note that siad must run with --disable-api-security to open API port for other hosts (not recommended).
-Keep default if Sia daemon runs on localhost.
-Enter a string value. Press Enter for the default ("http://127.0.0.1:9980").
-api_url> http://127.0.0.1:9980
-Sia Daemon API Password.
-Can be found in the apipassword file located in HOME/.sia/ or in the daemon directory.
-y) Yes type in my own password
-g) Generate random password
-n) No leave this optional password blank (default)
-y/g/n> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Edit advanced config?
-y) Yes
-n) No (default)
-y/n> n
---------------------
-[mySia]
-type = sia
-api_url = http://127.0.0.1:9980
-api_password = *** ENCRYPTED ***
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-
Once configured, you can then use rclone like this:
+
--azureblob-service-principal-file
+
Path to file containing credentials for use with a service principal.
+
Leave blank normally. Needed only if you want to use a service principal instead of interactive login.
+
$ az ad sp create-for-rbac --name "<name>" \
+ --role "Storage Blob Data Owner" \
+ --scopes "/subscriptions/<subscription>/resourceGroups/<resource-group>/providers/Microsoft.Storage/storageAccounts/<storage-account>/blobServices/default/containers/<container>" \
+ > azure-principal.json
It may be more convenient to put the credentials directly into the rclone config file under the client_id, tenant and client_secret keys instead of setting service_principal_file.
+
Properties:
-
List directories in top level of your Sia storage
+
Config: service_principal_file
+
Env Var: RCLONE_AZUREBLOB_SERVICE_PRINCIPAL_FILE
+
Type: string
+
Required: false
-
rclone lsd mySia:
+
--azureblob-use-msi
+
Use a managed service identity to authenticate (only works in Azure).
+
When true, use a managed service identity to authenticate to Azure Storage instead of a SAS token or account key.
+
If the VM(SS) on which this program is running has a system-assigned identity, it will be used by default. If the resource has no system-assigned but exactly one user-assigned identity, the user-assigned identity will be used by default. If the resource has multiple user-assigned identities, the identity to use must be explicitly specified using exactly one of the msi_object_id, msi_client_id, or msi_mi_res_id parameters.
+
Properties:
-
List all the files in your Sia storage
+
Config: use_msi
+
Env Var: RCLONE_AZUREBLOB_USE_MSI
+
Type: bool
+
Default: false
-
rclone ls mySia:
+
--azureblob-msi-object-id
+
Object ID of the user-assigned MSI to use, if any.
+
Leave blank if msi_client_id or msi_mi_res_id specified.
+
Properties:
-
Upload a local directory to the Sia directory called backup
+
Config: msi_object_id
+
Env Var: RCLONE_AZUREBLOB_MSI_OBJECT_ID
+
Type: string
+
Required: false
-
rclone copy /home/source mySia:backup
-
Standard options
-
Here are the standard options specific to sia (Sia Decentralized Cloud).
-
--sia-api-url
-
Sia daemon API URL, like http://sia.daemon.host:9980.
-
Note that siad must run with --disable-api-security to open API port for other hosts (not recommended). Keep default if Sia daemon runs on localhost.
+
--azureblob-msi-client-id
+
Object ID of the user-assigned MSI to use, if any.
+
Leave blank if msi_object_id or msi_mi_res_id specified.
Properties:
-
Config: api_url
-
Env Var: RCLONE_SIA_API_URL
+
Config: msi_client_id
+
Env Var: RCLONE_AZUREBLOB_MSI_CLIENT_ID
Type: string
-
Default: "http://127.0.0.1:9980"
+
Required: false
-
--sia-api-password
-
Sia Daemon API Password.
-
Can be found in the apipassword file located in HOME/.sia/ or in the daemon directory.
Azure resource ID of the user-assigned MSI to use, if any.
+
Leave blank if msi_client_id or msi_object_id specified.
Properties:
-
Config: api_password
-
Env Var: RCLONE_SIA_API_PASSWORD
+
Config: msi_mi_res_id
+
Env Var: RCLONE_AZUREBLOB_MSI_MI_RES_ID
Type: string
Required: false
-
Advanced options
-
Here are the advanced options specific to sia (Sia Decentralized Cloud).
-
--sia-user-agent
-
Siad User Agent
-
Sia daemon requires the 'Sia-Agent' user agent by default for security
+
--azureblob-use-emulator
+
Uses local storage emulator if provided as 'true'.
+
Leave blank if using real azure storage endpoint.
Properties:
-
Config: user_agent
-
Env Var: RCLONE_SIA_USER_AGENT
+
Config: use_emulator
+
Env Var: RCLONE_AZUREBLOB_USE_EMULATOR
+
Type: bool
+
Default: false
+
+
--azureblob-endpoint
+
Endpoint for the service.
+
Leave blank normally.
+
Properties:
+
+
Config: endpoint
+
Env Var: RCLONE_AZUREBLOB_ENDPOINT
Type: string
-
Default: "Sia-Agent"
+
Required: false
-
--sia-encoding
+
--azureblob-upload-cutoff
+
Cutoff for switching to chunked upload (<= 256 MiB) (deprecated).
+
Properties:
+
+
Config: upload_cutoff
+
Env Var: RCLONE_AZUREBLOB_UPLOAD_CUTOFF
+
Type: string
+
Required: false
+
+
--azureblob-chunk-size
+
Upload chunk size.
+
Note that this is stored in memory and there may be up to "--transfers" * "--azureblob-upload-concurrency" chunks stored at once in memory.
+
Properties:
+
+
Config: chunk_size
+
Env Var: RCLONE_AZUREBLOB_CHUNK_SIZE
+
Type: SizeSuffix
+
Default: 4Mi
+
+
--azureblob-upload-concurrency
+
Concurrency for multipart uploads.
+
This is the number of chunks of the same file that are uploaded concurrently.
+
If you are uploading small numbers of large files over high-speed links and these uploads do not fully utilize your bandwidth, then increasing this may help to speed up the transfers.
+
In tests, upload speed increases almost linearly with upload concurrency. For example to fill a gigabit pipe it may be necessary to raise this to 64. Note that this will use more memory.
+
Note that chunks are stored in memory and there may be up to "--transfers" * "--azureblob-upload-concurrency" chunks stored at once in memory.
+
Properties:
+
+
Config: upload_concurrency
+
Env Var: RCLONE_AZUREBLOB_UPLOAD_CONCURRENCY
+
Type: int
+
Default: 16
+
+
--azureblob-list-chunk
+
Size of blob list.
+
This sets the number of blobs requested in each listing chunk. Default is the maximum, 5000. "List blobs" requests are permitted 2 minutes per megabyte to complete. If an operation is taking longer than 2 minutes per megabyte on average, it will time out ( source ). This can be used to limit the number of blobs items to return, to avoid the time out.
+
Properties:
+
+
Config: list_chunk
+
Env Var: RCLONE_AZUREBLOB_LIST_CHUNK
+
Type: int
+
Default: 5000
+
+
--azureblob-access-tier
+
Access tier of blob: hot, cool or archive.
+
Archived blobs can be restored by setting access tier to hot or cool. Leave blank if you intend to use default access tier, which is set at account level
+
If there is no "access tier" specified, rclone doesn't apply any tier. rclone performs "Set Tier" operation on blobs while uploading, if objects are not modified, specifying "access tier" to new one will have no effect. If blobs are in "archive tier" at remote, trying to perform data transfer operations from remote will not be allowed. User should first restore by tiering blob to "Hot" or "Cool".
+
Properties:
+
+
Config: access_tier
+
Env Var: RCLONE_AZUREBLOB_ACCESS_TIER
+
Type: string
+
Required: false
+
+
--azureblob-archive-tier-delete
+
Delete archive tier blobs before overwriting.
+
Archive tier blobs cannot be updated. So without this flag, if you attempt to update an archive tier blob, then rclone will produce the error:
+
can't update archive tier blob without --azureblob-archive-tier-delete
+
With this flag set then before rclone attempts to overwrite an archive tier blob, it will delete the existing blob before uploading its replacement. This has the potential for data loss if the upload fails (unlike updating a normal blob) and also may cost more since deleting archive tier blobs early may be chargable.
+
Properties:
+
+
Config: archive_tier_delete
+
Env Var: RCLONE_AZUREBLOB_ARCHIVE_TIER_DELETE
+
Type: bool
+
Default: false
+
+
--azureblob-disable-checksum
+
Don't store MD5 checksum with object metadata.
+
Normally rclone will calculate the MD5 checksum of the input before uploading it so it can add it to metadata on the object. This is great for data integrity checking but can cause long delays for large files to start uploading.
+
Properties:
+
+
Config: disable_checksum
+
Env Var: RCLONE_AZUREBLOB_DISABLE_CHECKSUM
+
Type: bool
+
Default: false
+
+
--azureblob-memory-pool-flush-time
+
How often internal memory buffer pools will be flushed.
+
Uploads which requires additional buffers (f.e multipart) will use memory pool for allocations. This option controls how often unused buffers will be removed from the pool.
+
Properties:
+
+
Config: memory_pool_flush_time
+
Env Var: RCLONE_AZUREBLOB_MEMORY_POOL_FLUSH_TIME
+
Type: Duration
+
Default: 1m0s
+
+
--azureblob-memory-pool-use-mmap
+
Whether to use mmap buffers in internal memory pool.
Public access level of a container: blob or container.
+
Properties:
-
Modification times not supported
-
Checksums not supported
-
rclone about not supported
-
rclone can work only with Siad or Sia-UI at the moment, the SkyNet daemon is not supported yet.
-
Sia does not allow control characters or symbols like question and pound signs in file names. rclone will transparently encode them for you, but you'd better be aware
Paths are specified as remote:container (or remote: for the lsd command.) You may put subdirectories in too, e.g. remote:container/path/to/dir.
-
Configuration
-
Here is an example of making a swift configuration. First run
-
rclone config
-
This will guide you through an interactive setup process.
-
No remotes found, make a new one?
+
""
+
+
The container and its blobs can be accessed only with an authorized request.
+
It's a default value.
+
+
"blob"
+
+
Blob data within this container can be read via anonymous request.
+
+
"container"
+
+
Allow full public read access for container and blob data.
+
+
+
+
--azureblob-no-check-container
+
If set, don't attempt to check the container exists or create it.
+
This can be useful when trying to minimise the number of transactions rclone does if you know the container exists already.
+
Properties:
+
+
Config: no_check_container
+
Env Var: RCLONE_AZUREBLOB_NO_CHECK_CONTAINER
+
Type: bool
+
Default: false
+
+
--azureblob-no-head-object
+
If set, do not do HEAD before GET when getting objects.
+
Properties:
+
+
Config: no_head_object
+
Env Var: RCLONE_AZUREBLOB_NO_HEAD_OBJECT
+
Type: bool
+
Default: false
+
+
Custom upload headers
+
You can set custom upload headers with the --header-upload flag.
+
+
Cache-Control
+
Content-Disposition
+
Content-Encoding
+
Content-Language
+
Content-Type
+
+
Eg --header-upload "Content-Type: text/potato"
+
Limitations
+
MD5 sums are only uploaded with chunked files if the source has an MD5 sum. This will always be the case for a local to azure copy.
+
rclone about is not supported by the Microsoft Azure Blob storage backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
You can run rclone with the storage emulator (usually azurite).
+
To do this, just set up a new remote with rclone config following the instructions in the introduction and set use_emulator in the advanced settings as true. You do not need to provide a default account name nor an account key. But you can override them in the account and key options. (Prior to v1.61 they were hard coded to azurite's devstoreaccount1.)
+
Also, if you want to access a storage emulator instance running on a different machine, you can override the endpoint parameter in the advanced settings, setting it to http(s)://<host>:<port>/devstoreaccount1 (e.g. http://10.254.2.5:10000/devstoreaccount1).
+
Microsoft OneDrive
+
Paths are specified as remote:path
+
Paths may be as deep as required, e.g. remote:directory/subdirectory.
+
Configuration
+
The initial setup for OneDrive involves getting a token from Microsoft which you need to do in your browser. rclone config walks you through it.
+
Here is an example of how to make a remote called remote. First run:
+
rclone config
+
This will guide you through an interactive setup process:
+
e) Edit existing remote
n) New remote
+d) Delete remote
+r) Rename remote
+c) Copy remote
s) Set configuration password
q) Quit config
-n/s/q> n
+e/n/d/r/c/s/q> n
name> remote
Type of storage to configure.
+Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
[snip]
-XX / OpenStack Swift (Rackspace Cloud Files, Memset Memstore, OVH)
- \ "swift"
+XX / Microsoft OneDrive
+ \ "onedrive"
[snip]
-Storage> swift
-Get swift credentials from environment variables in standard OpenStack form.
-Choose a number from below, or type in your own value
- 1 / Enter swift credentials in the next step
- \ "false"
- 2 / Get swift credentials from environment vars. Leave other fields blank if using this.
- \ "true"
-env_auth> true
-User name to log in (OS_USERNAME).
-user>
-API key or password (OS_PASSWORD).
-key>
-Authentication URL for server (OS_AUTH_URL).
-Choose a number from below, or type in your own value
- 1 / Rackspace US
- \ "https://auth.api.rackspacecloud.com/v1.0"
- 2 / Rackspace UK
- \ "https://lon.auth.api.rackspacecloud.com/v1.0"
- 3 / Rackspace v2
- \ "https://identity.api.rackspacecloud.com/v2.0"
- 4 / Memset Memstore UK
- \ "https://auth.storage.memset.com/v1.0"
- 5 / Memset Memstore UK v2
- \ "https://auth.storage.memset.com/v2.0"
- 6 / OVH
- \ "https://auth.cloud.ovh.net/v3"
-auth>
-User ID to log in - optional - most swift systems use user and leave this blank (v3 auth) (OS_USER_ID).
-user_id>
-User domain - optional (v3 auth) (OS_USER_DOMAIN_NAME)
-domain>
-Tenant name - optional for v1 auth, this or tenant_id required otherwise (OS_TENANT_NAME or OS_PROJECT_NAME)
-tenant>
-Tenant ID - optional for v1 auth, this or tenant required otherwise (OS_TENANT_ID)
-tenant_id>
-Tenant domain - optional (v3 auth) (OS_PROJECT_DOMAIN_NAME)
-tenant_domain>
-Region name - optional (OS_REGION_NAME)
-region>
-Storage URL - optional (OS_STORAGE_URL)
-storage_url>
-Auth Token from alternate authentication - optional (OS_AUTH_TOKEN)
-auth_token>
-AuthVersion - optional - set to (1,2,3) if your auth URL has no version (ST_AUTH_VERSION)
-auth_version>
-Endpoint type to choose from the service catalogue (OS_ENDPOINT_TYPE)
-Choose a number from below, or type in your own value
- 1 / Public (default, choose this if not sure)
- \ "public"
- 2 / Internal (use internal service net)
- \ "internal"
- 3 / Admin
- \ "admin"
-endpoint_type>
+Storage> onedrive
+Microsoft App Client Id
+Leave blank normally.
+Enter a string value. Press Enter for the default ("").
+client_id>
+Microsoft App Client Secret
+Leave blank normally.
+Enter a string value. Press Enter for the default ("").
+client_secret>
+Edit advanced config? (y/n)
+y) Yes
+n) No
+y/n> n
Remote config
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
+y) Yes
+n) No
+y/n> y
+If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
+Log in and authorize rclone for access
+Waiting for code...
+Got code
+Choose a number from below, or type in an existing value
+ 1 / OneDrive Personal or Business
+ \ "onedrive"
+ 2 / Sharepoint site
+ \ "sharepoint"
+ 3 / Type in driveID
+ \ "driveid"
+ 4 / Type in SiteID
+ \ "siteid"
+ 5 / Search a Sharepoint site
+ \ "search"
+Your choice> 1
+Found 1 drives, please select the one you want to use:
+0: OneDrive (business) id=b!Eqwertyuiopasdfghjklzxcvbnm-7mnbvcxzlkjhgfdsapoiuytrewqk
+Chose drive to use:> 0
+Found drive 'root' of type 'business', URL: https://org-my.sharepoint.com/personal/you/Documents
+Is that okay?
+y) Yes
+n) No
+y/n> y
--------------------
-[test]
-env_auth = true
-user =
-key =
-auth =
-user_id =
-domain =
-tenant =
-tenant_id =
-tenant_domain =
-region =
-storage_url =
-auth_token =
-auth_version =
-endpoint_type =
+[remote]
+type = onedrive
+token = {"access_token":"youraccesstoken","token_type":"Bearer","refresh_token":"yourrefreshtoken","expiry":"2018-08-26T22:39:52.486512262+08:00"}
+drive_id = b!Eqwertyuiopasdfghjklzxcvbnm-7mnbvcxzlkjhgfdsapoiuytrewqk
+drive_type = business
--------------------
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y
-
This remote is called remote and can now be used like this
-
See all containers
+
See the remote setup docs for how to set it up on a machine with no Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the token as returned from Microsoft. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this it may require you to unblock it temporarily if you are running a host firewall.
+
Once configured you can then use rclone like this,
+
List directories in top level of your OneDrive
rclone lsd remote:
-
Make a new container
-
rclone mkdir remote:container
-
List the contents of a container
-
rclone ls remote:container
-
Sync /home/local/directory to the remote container, deleting any excess files in the container.
An OpenStack credentials file typically looks something something like this (without the comments)
-
export OS_AUTH_URL=https://a.provider.net/v2.0
-export OS_TENANT_ID=ffffffffffffffffffffffffffffffff
-export OS_TENANT_NAME="1234567890123456"
-export OS_USERNAME="123abc567xy"
-echo "Please enter your OpenStack Password: "
-read -sr OS_PASSWORD_INPUT
-export OS_PASSWORD=$OS_PASSWORD_INPUT
-export OS_REGION_NAME="SBG1"
-if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi
-
The config file needs to look something like this where $OS_USERNAME represents the value of the OS_USERNAME variable - 123abc567xy in the example above.
Note that you may (or may not) need to set region too - try without first.
-
Configuration from the environment
-
If you prefer you can configure rclone to use swift using a standard set of OpenStack environment variables.
-
When you run through the config, make sure you choose true for env_auth and leave everything else blank.
-
rclone will then set any empty config parameters from the environment using standard OpenStack environment variables. There is a list of the variables in the docs for the swift library.
-
Using an alternate authentication method
-
If your OpenStack installation uses a non-standard authentication method that might not be yet supported by rclone or the underlying swift library, you can authenticate externally (e.g. calling manually the openstack commands to get a token). Then, you just need to pass the two configuration variables auth_token and storage_url. If they are both provided, the other variables are ignored. rclone will not try to authenticate but instead assume it is already authenticated and use these two variables to access the OpenStack installation.
-
Using rclone without a config file
-
You can use rclone with swift without a config file, if desired, like this:
This remote supports --fast-list which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
-
--update and --use-server-modtime
-
As noted below, the modified time is stored on metadata on the object. It is used by default for all operations that require checking the time a file was last updated. It allows rclone to treat the remote more like a true filesystem, but it is inefficient because it requires an extra API call to retrieve the metadata.
-
For many operations, the time the object was last uploaded to the remote is sufficient to determine if it is "dirty". By using --update along with --use-server-modtime, you can avoid the extra API call and simply upload files whose local modtime is newer than the time it was last uploaded.
-
Modified time
-
The modified time is stored as metadata on the object as X-Object-Meta-Mtime as floating point since the epoch accurate to 1 ns.
-
This is a de facto standard (used in the official python-swiftclient amongst others) for storing the modification time for an object.
-
Restricted filename characters
+
List all the files in your OneDrive
+
rclone ls remote:
+
To copy a local directory to an OneDrive directory called backup
+
rclone copy /home/source remote:backup
+
Getting your own Client ID and Key
+
rclone uses a default Client ID when talking to OneDrive, unless a custom client_id is specified in the config. The default Client ID and Key are shared by all rclone users when performing requests.
+
You may choose to create and use your own Client ID, in case the default one does not work well for you. For example, you might see throttling.
+
Creating Client ID for OneDrive Personal
+
To create your own Client ID, please follow these steps:
+
+
Open https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade and then click New registration.
+
Enter a name for your app, choose account type Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox), select Web in Redirect URI, then type (do not copy and paste) http://localhost:53682/ and click Register. Copy and keep the Application (client) ID under the app name for later use.
+
Under manage select Certificates & secrets, click New client secret. Enter a description (can be anything) and set Expires to 24 months. Copy and keep that secret Value for later use (you won't be able to see this value afterwards).
+
Under manage select API permissions, click Add a permission and select Microsoft Graph then select delegated permissions.
+
Search and select the following permissions: Files.Read, Files.ReadWrite, Files.Read.All, Files.ReadWrite.All, offline_access, User.Read and Sites.Read.All (if custom access scopes are configured, select the permissions accordingly). Once selected click Add permissions at the bottom.
+
+
Now the application is complete. Run rclone config to create or edit a OneDrive remote. Supply the app ID and password as Client ID and Secret, respectively. rclone will walk you through the remaining steps.
+
The access_scopes option allows you to configure the permissions requested by rclone. See Microsoft Docs for more information about the different scopes.
+
The Sites.Read.All permission is required if you need to search SharePoint sites when configuring the remote. However, if that permission is not assigned, you need to exclude Sites.Read.All from your access scopes or set disable_site_permission option to true in the advanced options.
+
Creating Client ID for OneDrive Business
+
The steps for OneDrive Personal may or may not work for OneDrive Business, depending on the security settings of the organization. A common error is that the publisher of the App is not verified.
+
You may try to verify you account, or try to limit the App to your organization only, as shown below.
+
+
Make sure to create the App with your business account.
+
Follow the steps above to create an App. However, we need a different account type here: Accounts in this organizational directory only (*** - Single tenant). Note that you can also change the account type after creating the App.
File names can also not end with the following characters. These only get replaced if they are the last character in the name:
+
+
+
+
Character
+
Value
+
Replacement
+
+
+
+
+
SP
+
0x20
+
␠
+
+
+
.
+
0x2E
+
.
+
+
+
+
File names can also not begin with the following characters. These only get replaced if they are the first character in the name:
+
+
+
+
Character
+
Value
+
Replacement
+
+
+
+
+
SP
+
0x20
+
␠
+
+
+
~
+
0x7E
+
~
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-
Standard options
-
Here are the standard options specific to swift (OpenStack Swift (Rackspace Cloud Files, Memset Memstore, OVH)).
-
--swift-env-auth
-
Get swift credentials from environment variables in standard OpenStack form.
-
Properties:
-
-
Config: env_auth
-
Env Var: RCLONE_SWIFT_ENV_AUTH
-
Type: bool
-
Default: false
-
Examples:
-
-
"false"
-
-
Enter swift credentials in the next step.
-
-
"true"
-
-
Get swift credentials from environment vars.
-
Leave other fields blank if using this.
-
-
-
-
--swift-user
-
User name to log in (OS_USERNAME).
+
Deleting files
+
Any files you delete with rclone will end up in the trash. Microsoft doesn't provide an API to permanently delete files, nor to empty the trash, so you will have to do that with one of Microsoft's apps or via the OneDrive website.
+
Standard options
+
Here are the Standard options specific to onedrive (Microsoft OneDrive).
+
--onedrive-client-id
+
OAuth Client Id.
+
Leave blank normally.
Properties:
-
Config: user
-
Env Var: RCLONE_SWIFT_USER
+
Config: client_id
+
Env Var: RCLONE_ONEDRIVE_CLIENT_ID
Type: string
Required: false
-
--swift-key
-
API key or password (OS_PASSWORD).
+
--onedrive-client-secret
+
OAuth Client Secret.
+
Leave blank normally.
Properties:
-
Config: key
-
Env Var: RCLONE_SWIFT_KEY
+
Config: client_secret
+
Env Var: RCLONE_ONEDRIVE_CLIENT_SECRET
Type: string
Required: false
-
--swift-auth
-
Authentication URL for server (OS_AUTH_URL).
+
--onedrive-region
+
Choose national cloud region for OneDrive.
Properties:
-
Config: auth
-
Env Var: RCLONE_SWIFT_AUTH
+
Config: region
+
Env Var: RCLONE_ONEDRIVE_REGION
Type: string
-
Required: false
+
Default: "global"
Examples:
-
"https://auth.api.rackspacecloud.com/v1.0"
-
-
Rackspace US
-
-
"https://lon.auth.api.rackspacecloud.com/v1.0"
-
-
Rackspace UK
-
-
"https://identity.api.rackspacecloud.com/v2.0"
+
"global"
-
Rackspace v2
+
Microsoft Cloud Global
-
"https://auth.storage.memset.com/v1.0"
+
"us"
-
Memset Memstore UK
+
Microsoft Cloud for US Government
-
"https://auth.storage.memset.com/v2.0"
+
"de"
-
Memset Memstore UK v2
+
Microsoft Cloud Germany
-
"https://auth.cloud.ovh.net/v3"
+
"cn"
-
OVH
+
Azure and Office 365 operated by Vnet Group in China
-
--swift-user-id
-
User ID to log in - optional - most swift systems use user and leave this blank (v3 auth) (OS_USER_ID).
+
Advanced options
+
Here are the Advanced options specific to onedrive (Microsoft OneDrive).
+
--onedrive-token
+
OAuth Access Token as a JSON blob.
Properties:
-
Config: user_id
-
Env Var: RCLONE_SWIFT_USER_ID
+
Config: token
+
Env Var: RCLONE_ONEDRIVE_TOKEN
Type: string
Required: false
-
--swift-domain
-
User domain - optional (v3 auth) (OS_USER_DOMAIN_NAME)
+
--onedrive-auth-url
+
Auth server URL.
+
Leave blank to use the provider defaults.
Properties:
-
Config: domain
-
Env Var: RCLONE_SWIFT_DOMAIN
+
Config: auth_url
+
Env Var: RCLONE_ONEDRIVE_AUTH_URL
Type: string
Required: false
-
--swift-tenant
-
Tenant name - optional for v1 auth, this or tenant_id required otherwise (OS_TENANT_NAME or OS_PROJECT_NAME).
+
--onedrive-token-url
+
Token server url.
+
Leave blank to use the provider defaults.
Properties:
-
Config: tenant
-
Env Var: RCLONE_SWIFT_TENANT
+
Config: token_url
+
Env Var: RCLONE_ONEDRIVE_TOKEN_URL
Type: string
Required: false
-
--swift-tenant-id
-
Tenant ID - optional for v1 auth, this or tenant required otherwise (OS_TENANT_ID).
+
--onedrive-chunk-size
+
Chunk size to upload files with - must be multiple of 320k (327,680 bytes).
+
Above this size files will be chunked - must be multiple of 320k (327,680 bytes) and should not exceed 250M (262,144,000 bytes) else you may encounter "Microsoft.SharePoint.Client.InvalidClientQueryException: The request message is too big." Note that the chunks will be buffered into memory.
The type of the drive (personal | business | documentLibrary).
Properties:
-
Config: region
-
Env Var: RCLONE_SWIFT_REGION
+
Config: drive_type
+
Env Var: RCLONE_ONEDRIVE_DRIVE_TYPE
Type: string
Required: false
-
--swift-storage-url
-
Storage URL - optional (OS_STORAGE_URL).
+
--onedrive-root-folder-id
+
ID of the root folder.
+
This isn't normally needed, but in special circumstances you might know the folder ID that you wish to access but not be able to get there through a path traversal.
Properties:
-
Config: storage_url
-
Env Var: RCLONE_SWIFT_STORAGE_URL
+
Config: root_folder_id
+
Env Var: RCLONE_ONEDRIVE_ROOT_FOLDER_ID
Type: string
Required: false
-
--swift-auth-token
-
Auth Token from alternate authentication - optional (OS_AUTH_TOKEN).
+
--onedrive-access-scopes
+
Set scopes to be requested by rclone.
+
Choose or manually enter a custom space separated list with all scopes, that rclone should request.
Properties:
-
Config: auth_token
-
Env Var: RCLONE_SWIFT_AUTH_TOKEN
-
Type: string
-
Required: false
-
-
--swift-application-credential-id
-
Application Credential ID (OS_APPLICATION_CREDENTIAL_ID).
Read and write access to all resources, without the ability to browse SharePoint sites.
+
Same as if disable_site_permission was set to true
+
+
-
--swift-application-credential-name
-
Application Credential Name (OS_APPLICATION_CREDENTIAL_NAME).
+
--onedrive-disable-site-permission
+
Disable the request for Sites.Read.All permission.
+
If set to true, you will no longer be able to search for a SharePoint site when configuring drive ID, because rclone will not request Sites.Read.All permission. Set it to true if your organization didn't assign Sites.Read.All permission to the application, and your organization disallows users to consent app permission request on their own.
Set to make OneNote files show up in directory listings.
+
By default, rclone will hide OneNote files in directory listings because operations like "Open" and "Update" won't work on them. But this behaviour may also prevent you from deleting them. If you want to delete OneNote files or otherwise want them to show up in directory listing, set this option.
AuthVersion - optional - set to (1,2,3) if your auth URL has no version (ST_AUTH_VERSION).
+
--onedrive-server-side-across-configs
+
Allow server-side operations (e.g. copy) to work across different onedrive configs.
+
This will only work if you are copying between two OneDrive Personal drives AND the files to copy are already shared between them. In other cases, rclone will fall back to normal copy (which will be slightly slower).
Endpoint type to choose from the service catalogue (OS_ENDPOINT_TYPE).
+
--onedrive-no-versions
+
Remove all versions on modifying operations.
+
Onedrive for business creates versions when rclone uploads new files overwriting an existing one and when it sets the modification time.
+
These versions take up space out of the quota.
+
This flag checks for versions after file upload and setting modification time and removes all but the last version.
+
NB Onedrive personal can't currently delete versions so don't use this flag there.
Properties:
-
Config: endpoint_type
-
Env Var: RCLONE_SWIFT_ENDPOINT_TYPE
+
Config: no_versions
+
Env Var: RCLONE_ONEDRIVE_NO_VERSIONS
+
Type: bool
+
Default: false
+
+
--onedrive-link-scope
+
Set the scope of the links created by the link command.
+
Properties:
+
+
Config: link_scope
+
Env Var: RCLONE_ONEDRIVE_LINK_SCOPE
Type: string
-
Default: "public"
+
Default: "anonymous"
Examples:
-
"public"
-
-
Public (default, choose this if not sure)
-
-
"internal"
+
"anonymous"
-
Internal (use internal service net)
+
Anyone with the link has access, without needing to sign in.
+
This may include people outside of your organization.
+
Anonymous link support may be disabled by an administrator.
-
"admin"
+
"organization"
-
Admin
+
Anyone signed into your organization (tenant) can use the link to get access.
+
Only available in OneDrive for Business and SharePoint.
-
--swift-storage-policy
-
The storage policy to use when creating a new container.
-
This applies the specified storage policy when creating a new container. The policy cannot be changed afterwards. The allowed configuration values and their meaning depend on your Swift storage provider.
+
--onedrive-link-type
+
Set the type of the links created by the link command.
Properties:
-
Config: storage_policy
-
Env Var: RCLONE_SWIFT_STORAGE_POLICY
+
Config: link_type
+
Env Var: RCLONE_ONEDRIVE_LINK_TYPE
Type: string
-
Required: false
+
Default: "view"
Examples:
-
""
+
"view"
-
Default
+
Creates a read-only link to the item.
-
"pcs"
+
"edit"
-
OVH Public Cloud Storage
+
Creates a read-write link to the item.
-
"pca"
+
"embed"
-
OVH Public Cloud Archive
+
Creates an embeddable link to the item.
-
Advanced options
-
Here are the advanced options specific to swift (OpenStack Swift (Rackspace Cloud Files, Memset Memstore, OVH)).
-
--swift-leave-parts-on-error
-
If true avoid calling abort upload on a failure.
-
It should be set to true for resuming uploads across different sessions.
-
Properties:
-
-
Config: leave_parts_on_error
-
Env Var: RCLONE_SWIFT_LEAVE_PARTS_ON_ERROR
-
Type: bool
-
Default: false
-
-
--swift-chunk-size
-
Above this size files will be chunked into a _segments container.
-
Above this size files will be chunked into a _segments container. The default for this is 5 GiB which is its maximum value.
-
Properties:
-
-
Config: chunk_size
-
Env Var: RCLONE_SWIFT_CHUNK_SIZE
-
Type: SizeSuffix
-
Default: 5Gi
-
-
--swift-no-chunk
-
Don't chunk files during streaming upload.
-
When doing streaming uploads (e.g. using rcat or mount) setting this flag will cause the swift backend to not upload chunked files.
-
This will limit the maximum upload size to 5 GiB. However non chunked files are easier to deal with and have an MD5SUM.
-
Rclone will still chunk files bigger than chunk_size when doing normal copy operations.
+
--onedrive-link-password
+
Set the password for links created by the link command.
+
At the time of writing this only works with OneDrive personal paid accounts.
The Swift API doesn't return a correct MD5SUM for segmented files (Dynamic or Static Large Objects) so rclone won't check or use the MD5SUM for these.
-
Troubleshooting
-
Rclone gives Failed to create file system for "remote:": Bad Request
-
Due to an oddity of the underlying swift library, it gives a "Bad Request" error rather than a more sensible error when the authentication fails for Swift.
-
So this most likely means your username / password is wrong. You can investigate further with the --dump-bodies flag.
-
This may also be caused by specifying the region when you shouldn't have (e.g. OVH).
-
Rclone gives Failed to create file system: Response didn't have storage url and auth token
-
This is most likely caused by forgetting to specify your tenant when setting up a swift remote.
-
OVH Cloud Archive
-
To use rclone with OVH cloud archive, first use rclone config to set up a swift backend with OVH, choosing pca as the storage_policy.
-
Uploading Objects
-
Uploading objects to OVH cloud archive is no different to object storage, you just simply run the command you like (move, copy or sync) to upload the objects. Once uploaded the objects will show in a "Frozen" state within the OVH control panel.
-
Retrieving Objects
-
To retrieve objects use rclone copy as normal. If the objects are in a frozen state then rclone will ask for them all to be unfrozen and it will wait at the end of the output with a message like the following:
-
2019/03/23 13:06:33 NOTICE: Received retry after error - sleeping until 2019-03-23T13:16:33.481657164+01:00 (9m59.99985121s)
-
Rclone will wait for the time specified then retry the copy.
-
pCloud
+
Limitations
+
If you don't use rclone for 90 days the refresh token will expire. This will result in authorization problems. This is easy to fix by running the rclone config reconnect remote: command to get a new token and refresh token.
+
Naming
+
Note that OneDrive is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
+
There are quite a few characters that can't be in OneDrive file names. These can't occur on Windows platforms, but on non-Windows platforms they are common. Rclone will map these names to and from an identical looking unicode equivalent. For example if a file has a ? in it will be mapped to ? instead.
+
File sizes
+
The largest allowed file size is 250 GiB for both OneDrive Personal and OneDrive for Business (Updated 13 Jan 2021).
+
Path length
+
The entire path, including the file name, must contain fewer than 400 characters for OneDrive, OneDrive for Business and SharePoint Online. If you are encrypting file and folder names with rclone, you may want to pay attention to this limitation because the encrypted names are typically longer than the original ones.
+
Number of files
+
OneDrive seems to be OK with at least 50,000 files in a folder, but at 100,000 rclone will get errors listing the directory like couldn’t list files: UnknownError:. See #2707 for more info.
+
An official document about the limitations for different types of OneDrive can be found here.
+
Versions
+
Every change in a file OneDrive causes the service to create a new version of the file. This counts against a users quota. For example changing the modification time of a file creates a second version, so the file apparently uses twice the space.
+
For example the copy command is affected by this as rclone copies the file and then afterwards sets the modification time to match the source file which uses another version.
+
You can use the rclone cleanup command (see below) to remove all old versions.
+
Or you can set the no_versions parameter to true and rclone will remove versions after operations which create new versions. This takes extra transactions so only enable it if you need it.
+
Note At the time of writing Onedrive Personal creates versions (but not for setting the modification time) but the API for removing them returns "API not found" so cleanup and no_versions should not be used on Onedrive Personal.
+
Disabling versioning
+
Starting October 2018, users will no longer be able to disable versioning by default. This is because Microsoft has brought an update to the mechanism. To change this new default setting, a PowerShell command is required to be run by a SharePoint admin. If you are an admin, you can run these commands in PowerShell to change that setting:
+
+
Install-Module -Name Microsoft.Online.SharePoint.PowerShell (in case you haven't installed this already)
Connect-SPOService -Url https://YOURSITE-admin.sharepoint.com -Credential YOU@YOURSITE.COM (replacing YOURSITE, YOU, YOURSITE.COM with the actual values; this will prompt for your credentials)
Disconnect-SPOService (to disconnect from the server)
+
+
Below are the steps for normal users to disable versioning. If you don't see the "No Versioning" option, make sure the above requirements are met.
+
User Weropol has found a method to disable versioning on OneDrive
+
+
Open the settings menu by clicking on the gear symbol at the top of the OneDrive Business page.
+
Click Site settings.
+
Once on the Site settings page, navigate to Site Administration > Site libraries and lists.
+
Click Customize "Documents".
+
Click General Settings > Versioning Settings.
+
Under Document Version History select the option No versioning. Note: This will disable the creation of new file versions, but will not remove any previous versions. Your documents are safe.
+
Apply the changes by clicking OK.
+
Use rclone to upload or modify files. (I also use the --no-update-modtime flag)
+
Restore the versioning settings after using rclone. (Optional)
+
+
Cleanup
+
OneDrive supports rclone cleanup which causes rclone to look through every file under the path supplied and delete all version but the current version. Because this involves traversing all the files, then querying each file for versions it can be quite slow. Rclone does --checkers tests in parallel. The command also supports -i which is a great way to see what it would do.
+
rclone cleanup -i remote:path/subdir # interactively remove all old version for path/subdir
+rclone cleanup remote:path/subdir # unconditionally remove all old version for path/subdir
+
NB Onedrive personal can't currently delete versions
+
Troubleshooting
+
Excessive throttling or blocked on SharePoint
+
If you experience excessive throttling or is being blocked on SharePoint then it may help to set the user agent explicitly with a flag like this: --user-agent "ISV|rclone.org|rclone/v1.55.1"
Unexpected file size/hash differences on Sharepoint
+
It is a known issue that Sharepoint (not OneDrive or OneDrive for Business) silently modifies uploaded files, mainly Office files (.docx, .xlsx, etc.), causing file size and hash checks to fail. There are also other situations that will cause OneDrive to report inconsistent file sizes. To use rclone with such affected files on Sharepoint, you may disable these checks with the following command line arguments:
+
--ignore-checksum --ignore-size
+
Alternatively, if you have write access to the OneDrive files, it may be possible to fix this problem for certain files, by attempting the steps below. Open the web interface for OneDrive and find the affected files (which will be in the error messages/log for rclone). Simply click on each of these files, causing OneDrive to open them on the web. This will cause each file to be converted in place to a format that is functionally equivalent but which will no longer trigger the size discrepancy. Once all problematic files are converted you will no longer need the ignore options above.
+
Replacing/deleting existing files on Sharepoint gets "item not found"
+
It is a known issue that Sharepoint (not OneDrive or OneDrive for Business) may return "item not found" errors when users try to replace or delete uploaded files; this seems to mainly affect Office files (.docx, .xlsx, etc.) and web files (.html, .aspx, etc.). As a workaround, you may use the --backup-dir <BACKUP_DIR> command line argument so rclone moves the files to be replaced/deleted into a given backup directory (instead of directly replacing/deleting them). For example, to instruct rclone to move the files into the directory rclone-backup-dir on backend mysharepoint, you may use:
+
--backup-dir mysharepoint:rclone-backup-dir
+
access_denied (AADSTS65005)
+
Error: access_denied
+Code: AADSTS65005
+Description: Using application 'rclone' is currently not supported for your organization [YOUR_ORGANIZATION] because it is in an unmanaged state. An administrator needs to claim ownership of the company by DNS validation of [YOUR_ORGANIZATION] before the application rclone can be provisioned.
+
This means that rclone can't use the OneDrive for Business API with your account. You can't do much about it, maybe write an email to your admins.
+
However, there are other ways to interact with your OneDrive account. Have a look at the WebDAV backend: https://rclone.org/webdav/#sharepoint
+
invalid_grant (AADSTS50076)
+
Error: invalid_grant
+Code: AADSTS50076
+Description: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '...'.
+
If you see the error above after enabling multi-factor authentication for your account, you can fix it by refreshing your OAuth refresh token. To do that, run rclone config, and choose to edit your OneDrive backend. Then, you don't need to actually make any changes until you reach this question: Already have a token - refresh?. For this question, answer y and go through the process to refresh your token, just like the first time the backend is configured. After this, rclone should work again for this backend.
+
Invalid request when making public links
+
On Sharepoint and OneDrive for Business, rclone link may return an "Invalid request" error. A possible cause is that the organisation admin didn't allow public links to be made for the organisation/sharepoint library. To fix the permissions as an admin, take a look at the docs: 1, 2.
+
Can not access Shared with me files
+
Shared with me files is not supported by rclone currently, but there is a workaround:
Right click a item in Shared, then click Add shortcut to My files in the context
+
+
Screenshot (Shared with me)
+
+make_shortcut
+
+
+
The shortcut will appear in My files, you can access it with rclone, it behaves like a normal folder/file.
+
+
Screenshot (My Files)
+
+in_my_files
+
+
+
+
+
Screenshot (rclone mount)
+
+
+
OpenDrive
Paths are specified as remote:path
Paths may be as deep as required, e.g. remote:directory/subdirectory.
-
Configuration
-
The initial setup for pCloud involves getting a token from pCloud which you need to do in your browser. rclone config walks you through it.
+
Configuration
Here is an example of how to make a remote called remote. First run:
rclone config
This will guide you through an interactive setup process:
-
No remotes found, make a new one?
-n) New remote
-s) Set configuration password
+
n) New remote
+d) Delete remote
q) Quit config
-n/s/q> n
+e/n/d/q> n
name> remote
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / Pcloud
- \ "pcloud"
+XX / OpenDrive
+ \ "opendrive"
[snip]
-Storage> pcloud
-Pcloud App Client Id - leave blank normally.
-client_id>
-Pcloud App Client Secret - leave blank normally.
-client_secret>
-Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
---------------------
+Storage> opendrive
+Username
+username>
+Password
+y) Yes type in my own password
+g) Generate random password
+y/g> y
+Enter the password:
+password:
+Confirm the password:
+password:
+--------------------
[remote]
-client_id =
-client_secret =
-token = {"access_token":"XXX","token_type":"bearer","expiry":"0001-01-01T00:00:00Z"}
+username =
+password = *** ENCRYPTED ***
--------------------
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y
-
See the remote setup docs for how to set it up on a machine with no Internet browser available.
-
Note that rclone runs a webserver on your local machine to collect the token as returned from pCloud. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this it may require you to unblock it temporarily if you are running a host firewall.
-
Once configured you can then use rclone like this,
-
List directories in top level of your pCloud
+
List directories in top level of your OpenDrive
rclone lsd remote:
-
List all the files in your pCloud
+
List all the files in your OpenDrive
rclone ls remote:
-
To copy a local directory to a pCloud directory called backup
+
To copy a local directory to an OpenDrive directory called backup
rclone copy /home/source remote:backup
-
Modified time and hashes
-
pCloud allows modification times to be set on objects accurate to 1 second. These will be used to detect whether objects need syncing or not. In order to set a Modification time pCloud requires the object be re-uploaded.
-
pCloud supports MD5 and SHA1 hashes in the US region, and SHA1 and SHA256 hashes in the EU region, so you can use the --checksum flag.
OpenDrive allows modification times to be set on objects accurate to 1 second. These will be used to detect whether objects need syncing or not.
+
Restricted filename characters
@@ -21748,629 +24684,888 @@
Restricted filename characters
+
NUL
+
0x00
+
␀
+
+
+
/
+
0x2F
+
/
+
+
+
"
+
0x22
+
"
+
+
+
*
+
0x2A
+
*
+
+
+
:
+
0x3A
+
:
+
+
+
<
+
0x3C
+
<
+
+
+
>
+
0x3E
+
>
+
+
+
?
+
0x3F
+
?
+
+
\
0x5C
\
+
+
|
+
0x7C
+
|
+
+
+
+
File names can also not begin or end with the following characters. These only get replaced if they are the first or last character in the name:
+
+
+
+
Character
+
Value
+
Replacement
+
+
+
+
+
SP
+
0x20
+
␠
+
+
+
HT
+
0x09
+
␉
+
+
+
LF
+
0x0A
+
␊
+
+
+
VT
+
0x0B
+
␋
+
+
+
CR
+
0x0D
+
␍
+
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-
Deleting files
-
Deleted files will be moved to the trash. Your subscription level will determine how long items stay in the trash. rclone cleanup can be used to empty the trash.
-
Root folder ID
-
You can set the root_folder_id for rclone. This is the directory (identified by its Folder ID) that rclone considers to be the root of your pCloud drive.
-
Normally you will leave this blank and rclone will determine the correct root to use itself.
-
However you can set this to restrict rclone to a specific folder hierarchy.
-
In order to do this you will have to find the Folder ID of the directory you wish rclone to display. This will be the folder field of the URL when you open the relevant folder in the pCloud web interface.
-
So if the folder you want rclone to use has a URL which looks like https://my.pcloud.com/#page=filemanager&folder=5xxxxxxxx8&tpl=foldergrid in the browser, then you use 5xxxxxxxx8 as the root_folder_id in the config.
-
Standard options
-
Here are the standard options specific to pcloud (Pcloud).
-
--pcloud-client-id
-
OAuth Client Id.
-
Leave blank normally.
-
Properties:
-
-
Config: client_id
-
Env Var: RCLONE_PCLOUD_CLIENT_ID
-
Type: string
-
Required: false
-
-
--pcloud-client-secret
-
OAuth Client Secret.
-
Leave blank normally.
-
Properties:
-
-
Config: client_secret
-
Env Var: RCLONE_PCLOUD_CLIENT_SECRET
-
Type: string
-
Required: false
-
-
Advanced options
-
Here are the advanced options specific to pcloud (Pcloud).
-
--pcloud-token
-
OAuth Access Token as a JSON blob.
-
Properties:
-
-
Config: token
-
Env Var: RCLONE_PCLOUD_TOKEN
-
Type: string
-
Required: false
-
-
--pcloud-auth-url
-
Auth server URL.
-
Leave blank to use the provider defaults.
+
Standard options
+
Here are the Standard options specific to opendrive (OpenDrive).
This is normally set when rclone initially does the oauth connection, however you will need to set it by hand if you are using remote config with rclone authorize.
+
--opendrive-chunk-size
+
Files will be uploaded in chunks this size.
+
Note that these chunks are buffered in memory so increasing them will increase memory use.
Properties:
-
Config: hostname
-
Env Var: RCLONE_PCLOUD_HOSTNAME
-
Type: string
-
Default: "api.pcloud.com"
-
Examples:
-
-
"api.pcloud.com"
-
-
Original/US region
-
-
"eapi.pcloud.com"
-
-
EU region
-
-
+
Config: chunk_size
+
Env Var: RCLONE_OPENDRIVE_CHUNK_SIZE
+
Type: SizeSuffix
+
Default: 10Mi
-
premiumize.me
-
Paths are specified as remote:path
-
Paths may be as deep as required, e.g. remote:directory/subdirectory.
-
Configuration
-
The initial setup for premiumize.me involves getting a token from premiumize.me which you need to do in your browser. rclone config walks you through it.
+
Limitations
+
Note that OpenDrive is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
+
There are quite a few characters that can't be in OpenDrive file names. These can't occur on Windows platforms, but on non-Windows platforms they are common. Rclone will map these names to and from an identical looking unicode equivalent. For example if a file has a ? in it will be mapped to ? instead.
+
rclone about is not supported by the OpenDrive backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
Paths are specified as remote:bucket (or remote: for the lsd command.) You may put subdirectories in too, e.g. remote:bucket/path/to/dir.
+
Configuration
+
Here is an example of making an oracle object storage configuration. rclone config walks you through it.
Here is an example of how to make a remote called remote. First run:
rclone config
This will guide you through an interactive setup process:
-
No remotes found, make a new one?
-n) New remote
+
n) New remote
+d) Delete remote
+r) Rename remote
+c) Copy remote
s) Set configuration password
q) Quit config
-n/s/q> n
+e/n/d/r/c/s/q> n
+
+Enter name for new remote.
name> remote
+
+Option Storage.
Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / premiumize.me
- \ "premiumizeme"
+Choose a number from below, or type in your own value.
[snip]
-Storage> premiumizeme
-** See help for premiumizeme backend at: https://rclone.org/premiumizeme/ **
+XX / Oracle Cloud Infrastructure Object Storage
+ \ (oracleobjectstorage)
+Storage> oracleobjectstorage
-Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
---------------------
-[remote]
-type = premiumizeme
-token = {"access_token":"XXX","token_type":"Bearer","refresh_token":"XXX","expiry":"2029-08-07T18:44:15.548915378+01:00"}
---------------------
-y) Yes this is OK
+Option provider.
+Choose your Auth Provider
+Choose a number from below, or type in your own string value.
+Press Enter for the default (env_auth).
+ 1 / automatically pickup the credentials from runtime(env), first one to provide auth wins
+ \ (env_auth)
+ / use an OCI user and an API key for authentication.
+ 2 | you’ll need to put in a config file your tenancy OCID, user OCID, region, the path, fingerprint to an API key.
+ | https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm
+ \ (user_principal_auth)
+ / use instance principals to authorize an instance to make API calls.
+ 3 | each instance has its own identity, and authenticates using the certificates that are read from instance metadata.
+ | https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm
+ \ (instance_principal_auth)
+ 4 / use resource principals to make API calls
+ \ (resource_principal_auth)
+ 5 / no credentials needed, this is typically for reading public buckets
+ \ (no_auth)
+provider> 2
+
+Option namespace.
+Object storage namespace
+Enter a value.
+namespace> idbamagbg734
+
+Option compartment.
+Object storage compartment OCID
+Enter a value.
+compartment> ocid1.compartment.oc1..aaaaaaaapufkxc7ame3sthry5i7ujrwfc7ejnthhu6bhanm5oqfjpyasjkba
+
+Option region.
+Object storage Region
+Enter a value.
+region> us-ashburn-1
+
+Option endpoint.
+Endpoint for Object storage API.
+Leave blank to use the default endpoint for the region.
+Enter a value. Press Enter to leave empty.
+endpoint>
+
+Option config_file.
+Path to OCI config file
+Choose a number from below, or type in your own string value.
+Press Enter for the default (~/.oci/config).
+ 1 / oci configuration file location
+ \ (~/.oci/config)
+config_file> /etc/oci/dev.conf
+
+Option config_profile.
+Profile name inside OCI config file
+Choose a number from below, or type in your own string value.
+Press Enter for the default (Default).
+ 1 / Use the default profile
+ \ (Default)
+config_profile> Test
+
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> n
+
+Configuration complete.
+Options:
+- type: oracleobjectstorage
+- namespace: idbamagbg734
+- compartment: ocid1.compartment.oc1..aaaaaaaapufkxc7ame3sthry5i7ujrwfc7ejnthhu6bhanm5oqfjpyasjkba
+- region: us-ashburn-1
+- provider: user_principal_auth
+- config_file: /etc/oci/dev.conf
+- config_profile: Test
+Keep this "remote" remote?
+y) Yes this is OK (default)
e) Edit this remote
d) Delete this remote
-y/e/d>
-
See the remote setup docs for how to set it up on a machine with no Internet browser available.
-
Note that rclone runs a webserver on your local machine to collect the token as returned from premiumize.me. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this it may require you to unblock it temporarily if you are running a host firewall.
-
Once configured you can then use rclone like this,
-
List directories in top level of your premiumize.me
+y/e/d> y
+
See all buckets
rclone lsd remote:
-
List all the files in your premiumize.me
-
rclone ls remote:
-
To copy a local directory to an premiumize.me directory called backup
-
rclone copy /home/source remote:backup
-
Modified time and hashes
-
premiumize.me does not support modification times or hashes, therefore syncing will default to --size-only checking. Note that using --update will work.
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-
Standard options
-
Here are the standard options specific to premiumizeme (premiumize.me).
-
--premiumizeme-api-key
-
API Key.
-
This is not normally used - use oauth instead.
+
Create a new bucket
+
rclone mkdir remote:bucket
+
List the contents of a bucket
+
rclone ls remote:bucket
+rclone ls remote:bucket --max-depth 1
+
Modified time
+
The modified time is stored as metadata on the object as opc-meta-mtime as floating point since the epoch, accurate to 1 ns.
+
If the modification time needs to be updated rclone will attempt to perform a server side copy to update the modification if the object can be copied in a single part. In the case the object is larger than 5Gb, the object will be uploaded rather than copied.
+
Note that reading this from the object takes an additional HEAD request as the metadata isn't returned in object listings.
+
Multipart uploads
+
rclone supports multipart uploads with OOS which means that it can upload files bigger than 5 GiB.
+
Note that files uploaded both with multipart upload and through crypt remotes do not have MD5 sums.
+
rclone switches from single part uploads to multipart uploads at the point specified by --oos-upload-cutoff. This can be a maximum of 5 GiB and a minimum of 0 (ie always upload multipart files).
+
The chunk sizes used in the multipart upload are specified by --oos-chunk-size and the number of chunks uploaded concurrently is specified by --oos-upload-concurrency.
+
Multipart uploads will use --transfers * --oos-upload-concurrency * --oos-chunk-size extra memory. Single part uploads to not use extra memory.
+
Single part transfers can be faster than multipart transfers or slower depending on your latency from oos - the more latency, the more likely single part transfers will be faster.
+
Increasing --oos-upload-concurrency will increase throughput (8 would be a sensible value) and increasing --oos-chunk-size also increases throughput (16M would be sensible). Increasing either of these will use more memory. The default values are high enough to gain most of the possible performance without using too much memory.
+
Standard options
+
Here are the Standard options specific to oracleobjectstorage (Oracle Cloud Infrastructure Object Storage).
+
--oos-provider
+
Choose your Auth Provider
Properties:
-
Config: api_key
-
Env Var: RCLONE_PREMIUMIZEME_API_KEY
+
Config: provider
+
Env Var: RCLONE_OOS_PROVIDER
+
Type: string
+
Default: "env_auth"
+
Examples:
+
+
"env_auth"
+
+
automatically pickup the credentials from runtime(env), first one to provide auth wins
+
+
"user_principal_auth"
+
+
use an OCI user and an API key for authentication.
+
you’ll need to put in a config file your tenancy OCID, user OCID, region, the path, fingerprint to an API key.
no credentials needed, this is typically for reading public buckets
+
+
+
+
--oos-namespace
+
Object storage namespace
+
Properties:
+
+
Config: namespace
+
Env Var: RCLONE_OOS_NAMESPACE
+
Type: string
+
Required: true
+
+
--oos-compartment
+
Object storage compartment OCID
+
Properties:
+
+
Config: compartment
+
Env Var: RCLONE_OOS_COMPARTMENT
+
Provider: !no_auth
+
Type: string
+
Required: true
+
+
--oos-region
+
Object storage Region
+
Properties:
+
+
Config: region
+
Env Var: RCLONE_OOS_REGION
+
Type: string
+
Required: true
+
+
--oos-endpoint
+
Endpoint for Object storage API.
+
Leave blank to use the default endpoint for the region.
+
Properties:
+
+
Config: endpoint
+
Env Var: RCLONE_OOS_ENDPOINT
Type: string
Required: false
-
Advanced options
-
Here are the advanced options specific to premiumizeme (premiumize.me).
-
--premiumizeme-encoding
+
--oos-config-file
+
Path to OCI config file
+
Properties:
+
+
Config: config_file
+
Env Var: RCLONE_OOS_CONFIG_FILE
+
Provider: user_principal_auth
+
Type: string
+
Default: "~/.oci/config"
+
Examples:
+
+
"~/.oci/config"
+
+
oci configuration file location
+
+
+
+
--oos-config-profile
+
Profile name inside the oci config file
+
Properties:
+
+
Config: config_profile
+
Env Var: RCLONE_OOS_CONFIG_PROFILE
+
Provider: user_principal_auth
+
Type: string
+
Default: "Default"
+
Examples:
+
+
"Default"
+
+
Use the default profile
+
+
+
+
Advanced options
+
Here are the Advanced options specific to oracleobjectstorage (Oracle Cloud Infrastructure Object Storage).
+
--oos-upload-cutoff
+
Cutoff for switching to chunked upload.
+
Any files larger than this will be uploaded in chunks of chunk_size. The minimum is 0 and the maximum is 5 GiB.
+
Properties:
+
+
Config: upload_cutoff
+
Env Var: RCLONE_OOS_UPLOAD_CUTOFF
+
Type: SizeSuffix
+
Default: 200Mi
+
+
--oos-chunk-size
+
Chunk size to use for uploading.
+
When uploading files larger than upload_cutoff or files with unknown size (e.g. from "rclone rcat" or uploaded with "rclone mount" or google photos or google docs) they will be uploaded as multipart uploads using this chunk size.
+
Note that "upload_concurrency" chunks of this size are buffered in memory per transfer.
+
If you are transferring large files over high-speed links and you have enough memory, then increasing this will speed up the transfers.
+
Rclone will automatically increase the chunk size when uploading a large file of known size to stay below the 10,000 chunks limit.
+
Files of unknown size are uploaded with the configured chunk_size. Since the default chunk size is 5 MiB and there can be at most 10,000 chunks, this means that by default the maximum size of a file you can stream upload is 48 GiB. If you wish to stream upload larger files then you will need to increase chunk_size.
+
Increasing the chunk size decreases the accuracy of the progress statistics displayed with "-P" flag.
+
Properties:
+
+
Config: chunk_size
+
Env Var: RCLONE_OOS_CHUNK_SIZE
+
Type: SizeSuffix
+
Default: 5Mi
+
+
--oos-upload-concurrency
+
Concurrency for multipart uploads.
+
This is the number of chunks of the same file that are uploaded concurrently.
+
If you are uploading small numbers of large files over high-speed links and these uploads do not fully utilize your bandwidth, then increasing this may help to speed up the transfers.
+
Properties:
+
+
Config: upload_concurrency
+
Env Var: RCLONE_OOS_UPLOAD_CONCURRENCY
+
Type: int
+
Default: 10
+
+
--oos-copy-cutoff
+
Cutoff for switching to multipart copy.
+
Any files larger than this that need to be server-side copied will be copied in chunks of this size.
+
The minimum is 0 and the maximum is 5 GiB.
+
Properties:
+
+
Config: copy_cutoff
+
Env Var: RCLONE_OOS_COPY_CUTOFF
+
Type: SizeSuffix
+
Default: 4.656Gi
+
+
--oos-copy-timeout
+
Timeout for copy.
+
Copy is an asynchronous operation, specify timeout to wait for copy to succeed
+
Properties:
+
+
Config: copy_timeout
+
Env Var: RCLONE_OOS_COPY_TIMEOUT
+
Type: Duration
+
Default: 1m0s
+
+
--oos-disable-checksum
+
Don't store MD5 checksum with object metadata.
+
Normally rclone will calculate the MD5 checksum of the input before uploading it so it can add it to metadata on the object. This is great for data integrity checking but can cause long delays for large files to start uploading.
Durations are parsed as per the rest of rclone, 2h, 7d, 7w etc.
+
Options:
+
+
"max-age": Max age of upload to delete
+
+
QingStor
+
Paths are specified as remote:bucket (or remote: for the lsd command.) You may put subdirectories in too, e.g. remote:bucket/path/to/dir.
+
Configuration
+
Here is an example of making an QingStor configuration. First run
+
rclone config
+
This will guide you through an interactive setup process.
No remotes found, make a new one?
n) New remote
+r) Rename remote
+c) Copy remote
s) Set configuration password
q) Quit config
-n/s/q> n
-name> putio
+n/r/c/s/q> n
+name> remote
Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
[snip]
-XX / Put.io
- \ "putio"
+XX / QingStor Object Storage
+ \ "qingstor"
[snip]
-Storage> putio
-** See help for putio backend at: https://rclone.org/putio/ **
-
+Storage> qingstor
+Get QingStor credentials from runtime. Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own value
+ 1 / Enter QingStor credentials in the next step
+ \ "false"
+ 2 / Get QingStor credentials from the environment (env vars or IAM)
+ \ "true"
+env_auth> 1
+QingStor Access Key ID - leave blank for anonymous access or runtime credentials.
+access_key_id> access_key
+QingStor Secret Access Key (password) - leave blank for anonymous access or runtime credentials.
+secret_access_key> secret_key
+Enter an endpoint URL to connection QingStor API.
+Leave blank will use the default value "https://qingstor.com:443"
+endpoint>
+Zone connect to. Default is "pek3a".
+Choose a number from below, or type in your own value
+ / The Beijing (China) Three Zone
+ 1 | Needs location constraint pek3a.
+ \ "pek3a"
+ / The Shanghai (China) First Zone
+ 2 | Needs location constraint sh1a.
+ \ "sh1a"
+zone> 1
+Number of connection retry.
+Leave blank will use the default value "3".
+connection_retries>
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
--------------------
-[putio]
-type = putio
-token = {"access_token":"XXXXXXXX","expiry":"0001-01-01T00:00:00Z"}
+[remote]
+env_auth = false
+access_key_id = access_key
+secret_access_key = secret_key
+endpoint =
+zone = pek3a
+connection_retries =
--------------------
y) Yes this is OK
e) Edit this remote
d) Delete this remote
-y/e/d> y
-Current remotes:
-
-Name Type
-==== ====
-putio putio
-
-e) Edit existing remote
-n) New remote
-d) Delete remote
-r) Rename remote
-c) Copy remote
-s) Set configuration password
-q) Quit config
-e/n/d/r/c/s/q> q
-
Note that rclone runs a webserver on your local machine to collect the token as returned from Google if you use auto config mode. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this it may require you to unblock it temporarily if you are running a host firewall, or use manual mode.
-
You can then use it like this,
-
List directories in top level of your put.io
+y/e/d> y
+
This remote is called remote and can now be used like this
+
See all buckets
rclone lsd remote:
-
List all the files in your put.io
-
rclone ls remote:
-
To copy a local directory to a put.io directory called backup
This remote supports --fast-list which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
+
Multipart uploads
+
rclone supports multipart uploads with QingStor which means that it can upload files bigger than 5 GiB. Note that files uploaded with multipart upload don't have an MD5SUM.
+
Note that incomplete multipart uploads older than 24 hours can be removed with rclone cleanup remote:bucket just for one bucket rclone cleanup remote: for all buckets. QingStor does not ever remove incomplete multipart uploads so it may be necessary to run this from time to time.
+
Buckets and Zone
+
With QingStor you can list buckets (rclone lsd) using any zone, but you can only access the content of a bucket from the zone it was created in. If you attempt to access a bucket from the wrong zone, you will get an error, incorrect zone, the bucket is not in 'XXX' zone.
+
Authentication
+
There are two ways to supply rclone with a set of QingStor credentials. In order of precedence:
+
+
Directly in the rclone configuration file (as configured by rclone config)
+
+
set access_key_id and secret_access_key
+
+
Runtime configuration:
+
+
set env_auth to true in the config file
+
Exporting the following environment variables before running rclone
+
+
Access Key ID: QS_ACCESS_KEY_ID or QS_ACCESS_KEY
+
Secret Access Key: QS_SECRET_ACCESS_KEY or QS_SECRET_KEY
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-
Advanced options
-
Here are the advanced options specific to putio (Put.io).
-
--putio-encoding
+
Standard options
+
Here are the Standard options specific to qingstor (QingCloud Object Storage).
+
--qingstor-env-auth
+
Get QingStor credentials from runtime.
+
Only applies if access_key_id and secret_access_key is blank.
+
Properties:
+
+
Config: env_auth
+
Env Var: RCLONE_QINGSTOR_ENV_AUTH
+
Type: bool
+
Default: false
+
Examples:
+
+
"false"
+
+
Enter QingStor credentials in the next step.
+
+
"true"
+
+
Get QingStor credentials from the environment (env vars or IAM).
+
+
+
+
--qingstor-access-key-id
+
QingStor Access Key ID.
+
Leave blank for anonymous access or runtime credentials.
+
Properties:
+
+
Config: access_key_id
+
Env Var: RCLONE_QINGSTOR_ACCESS_KEY_ID
+
Type: string
+
Required: false
+
+
--qingstor-secret-access-key
+
QingStor Secret Access Key (password).
+
Leave blank for anonymous access or runtime credentials.
+
Properties:
+
+
Config: secret_access_key
+
Env Var: RCLONE_QINGSTOR_SECRET_ACCESS_KEY
+
Type: string
+
Required: false
+
+
--qingstor-endpoint
+
Enter an endpoint URL to connection QingStor API.
+
Leave blank will use the default value "https://qingstor.com:443".
+
Properties:
+
+
Config: endpoint
+
Env Var: RCLONE_QINGSTOR_ENDPOINT
+
Type: string
+
Required: false
+
+
--qingstor-zone
+
Zone to connect to.
+
Default is "pek3a".
+
Properties:
+
+
Config: zone
+
Env Var: RCLONE_QINGSTOR_ZONE
+
Type: string
+
Required: false
+
Examples:
+
+
"pek3a"
+
+
The Beijing (China) Three Zone.
+
Needs location constraint pek3a.
+
+
"sh1a"
+
+
The Shanghai (China) First Zone.
+
Needs location constraint sh1a.
+
+
"gd2a"
+
+
The Guangdong (China) Second Zone.
+
Needs location constraint gd2a.
+
+
+
+
Advanced options
+
Here are the Advanced options specific to qingstor (QingCloud Object Storage).
+
--qingstor-connection-retries
+
Number of connection retries.
+
Properties:
+
+
Config: connection_retries
+
Env Var: RCLONE_QINGSTOR_CONNECTION_RETRIES
+
Type: int
+
Default: 3
+
+
--qingstor-upload-cutoff
+
Cutoff for switching to chunked upload.
+
Any files larger than this will be uploaded in chunks of chunk_size. The minimum is 0 and the maximum is 5 GiB.
+
Properties:
+
+
Config: upload_cutoff
+
Env Var: RCLONE_QINGSTOR_UPLOAD_CUTOFF
+
Type: SizeSuffix
+
Default: 200Mi
+
+
--qingstor-chunk-size
+
Chunk size to use for uploading.
+
When uploading files larger than upload_cutoff they will be uploaded as multipart uploads using this chunk size.
+
Note that "--qingstor-upload-concurrency" chunks of this size are buffered in memory per transfer.
+
If you are transferring large files over high-speed links and you have enough memory, then increasing this will speed up the transfers.
+
Properties:
+
+
Config: chunk_size
+
Env Var: RCLONE_QINGSTOR_CHUNK_SIZE
+
Type: SizeSuffix
+
Default: 4Mi
+
+
--qingstor-upload-concurrency
+
Concurrency for multipart uploads.
+
This is the number of chunks of the same file that are uploaded concurrently.
+
NB if you set this to > 1 then the checksums of multipart uploads become corrupted (the uploads themselves are not corrupted though).
+
If you are uploading small numbers of large files over high-speed links and these uploads do not fully utilize your bandwidth, then increasing this may help to speed up the transfers.
This is a backend for the Seafile storage service: - It works with both the free community edition or the professional edition. - Seafile versions 6.x and 7.x are all supported. - Encrypted libraries are also supported. - It supports 2FA enabled users
-
Configuration
-
There are two distinct modes you can setup your remote: - you point your remote to the root of the server, meaning you don't specify a library during the configuration: Paths are specified as remote:library. You may put subdirectories in too, e.g. remote:library/path/to/dir. - you point your remote to a specific library during the configuration: Paths are specified as remote:path/to/dir. This is the recommended mode when using encrypted libraries. (This mode is possibly slightly faster than the root mode)
-
Configuration in root mode
-
Here is an example of making a seafile configuration for a user with no two-factor authentication. First run
-
rclone config
-
This will guide you through an interactive setup process. To authenticate you will need the URL of your server, your email (or username) and your password.
-
No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> seafile
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / Seafile
- \ "seafile"
-[snip]
-Storage> seafile
-** See help for seafile backend at: https://rclone.org/seafile/ **
-
-URL of seafile host to connect to
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Connect to cloud.seafile.com
- \ "https://cloud.seafile.com/"
-url> http://my.seafile.server/
-User name (usually email address)
-Enter a string value. Press Enter for the default ("").
-user> me@example.com
-Password
-y) Yes type in my own password
-g) Generate random password
-n) No leave this optional password blank (default)
-y/g> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Two-factor authentication ('true' if the account has 2FA enabled)
-Enter a boolean value (true or false). Press Enter for the default ("false").
-2fa> false
-Name of the library. Leave blank to access all non-encrypted libraries.
-Enter a string value. Press Enter for the default ("").
-library>
-Library password (for encrypted libraries only). Leave blank if you pass it through the command line.
-y) Yes type in my own password
-g) Generate random password
-n) No leave this optional password blank (default)
-y/g/n> n
-Edit advanced config? (y/n)
-y) Yes
-n) No (default)
-y/n> n
-Remote config
-Two-factor authentication is not enabled on this account.
---------------------
-[seafile]
-type = seafile
-url = http://my.seafile.server/
-user = me@example.com
-pass = *** ENCRYPTED ***
-2fa = false
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-
This remote is called seafile. It's pointing to the root of your seafile server and can now be used like this:
-
See all libraries
-
rclone lsd seafile:
-
Create a new library
-
rclone mkdir seafile:library
-
List the contents of a library
-
rclone ls seafile:library
-
Sync /home/local/directory to the remote library, deleting any excess files in the library.
Here's an example of a configuration in library mode with a user that has the two-factor authentication enabled. Your 2FA code will be asked at the end of the configuration, and will attempt to authenticate you:
+
Limitations
+
rclone about is not supported by the qingstor backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
Sia (sia.tech) is a decentralized cloud storage platform based on the blockchain technology. With rclone you can use it like any other remote filesystem or mount Sia folders locally. The technology behind it involves a number of new concepts such as Siacoins and Wallet, Blockchain and Consensus, Renting and Hosting, and so on. If you are new to it, you'd better first familiarize yourself using their excellent support documentation.
+
Introduction
+
Before you can use rclone with Sia, you will need to have a running copy of Sia-UI or siad (the Sia daemon) locally on your computer or on local network (e.g. a NAS). Please follow the Get started guide and install one.
+
rclone interacts with Sia network by talking to the Sia daemon via HTTP API which is usually available on port 9980. By default you will run the daemon locally on the same computer so it's safe to leave the API password blank (the API URL will be http://127.0.0.1:9980 making external access impossible).
+
However, if you want to access Sia daemon running on another node, for example due to memory constraints or because you want to share single daemon between several rclone and Sia-UI instances, you'll need to make a few more provisions: - Ensure you have Sia daemon installed directly or in a docker container because Sia-UI does not support this mode natively. - Run it on externally accessible port, for example provide --api-addr :9980 and --disable-api-security arguments on the daemon command line. - Enforce API password for the siad daemon via environment variable SIA_API_PASSWORD or text file named apipassword in the daemon directory. - Set rclone backend option api_password taking it from above locations.
+
Notes: 1. If your wallet is locked, rclone cannot unlock it automatically. You should either unlock it in advance by using Sia-UI or via command line siac wallet unlock. Alternatively you can make siad unlock your wallet automatically upon startup by running it with environment variable SIA_WALLET_PASSWORD. 2. If siad cannot find the SIA_API_PASSWORD variable or the apipassword file in the SIA_DIR directory, it will generate a random password and store in the text file named apipassword under YOUR_HOME/.sia/ directory on Unix or C:\Users\YOUR_HOME\AppData\Local\Sia\apipassword on Windows. Remember this when you configure password in rclone. 3. The only way to use siad without API password is to run it on localhost with command line argument --authorize-api=false, but this is insecure and strongly discouraged.
+
Configuration
+
Here is an example of how to make a sia remote called mySia. First, run:
+
rclone config
+
This will guide you through an interactive setup process:
No remotes found, make a new one?
n) New remote
s) Set configuration password
q) Quit config
n/s/q> n
-name> seafile
+name> mySia
Type of storage to configure.
Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
-[snip]
-XX / Seafile
- \ "seafile"
-[snip]
-Storage> seafile
-** See help for seafile backend at: https://rclone.org/seafile/ **
-
-URL of seafile host to connect to
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
- 1 / Connect to cloud.seafile.com
- \ "https://cloud.seafile.com/"
-url> http://my.seafile.server/
-User name (usually email address)
-Enter a string value. Press Enter for the default ("").
-user> me@example.com
-Password
+...
+29 / Sia Decentralized Cloud
+ \ "sia"
+...
+Storage> sia
+Sia daemon API URL, like http://sia.daemon.host:9980.
+Note that siad must run with --disable-api-security to open API port for other hosts (not recommended).
+Keep default if Sia daemon runs on localhost.
+Enter a string value. Press Enter for the default ("http://127.0.0.1:9980").
+api_url> http://127.0.0.1:9980
+Sia Daemon API Password.
+Can be found in the apipassword file located in HOME/.sia/ or in the daemon directory.
y) Yes type in my own password
g) Generate random password
n) No leave this optional password blank (default)
-y/g> y
+y/g/n> y
Enter the password:
password:
Confirm the password:
password:
-Two-factor authentication ('true' if the account has 2FA enabled)
-Enter a boolean value (true or false). Press Enter for the default ("false").
-2fa> true
-Name of the library. Leave blank to access all non-encrypted libraries.
-Enter a string value. Press Enter for the default ("").
-library> My Library
-Library password (for encrypted libraries only). Leave blank if you pass it through the command line.
-y) Yes type in my own password
-g) Generate random password
-n) No leave this optional password blank (default)
-y/g/n> n
-Edit advanced config? (y/n)
+Edit advanced config?
y) Yes
n) No (default)
y/n> n
-Remote config
-Two-factor authentication: please enter your 2FA code
-2fa code> 123456
-Authenticating...
-Success!
--------------------
-[seafile]
-type = seafile
-url = http://my.seafile.server/
-user = me@example.com
-pass =
-2fa = true
-library = My Library
+[mySia]
+type = sia
+api_url = http://127.0.0.1:9980
+api_password = *** ENCRYPTED ***
--------------------
y) Yes this is OK (default)
e) Edit this remote
d) Delete this remote
y/e/d> y
-
You'll notice your password is blank in the configuration. It's because we only need the password to authenticate you once.
-
You specified My Library during the configuration. The root of the remote is pointing at the root of the library My Library:
-
See all files in the library:
-
rclone lsd seafile:
-
Create a new directory inside the library
-
rclone mkdir seafile:directory
-
List the contents of a directory
-
rclone ls seafile:directory
-
Sync /home/local/directory to the remote library, deleting any excess files in the library.
-
rclone sync -i /home/local/directory seafile:
-
--fast-list
-
Seafile version 7+ supports --fast-list which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details. Please note this is not supported on seafile server version 6.x
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
-
Seafile and rclone link
-
Rclone supports generating share links for non-encrypted libraries only. They can either be for a file or a directory:
-
rclone link seafile:seafile-tutorial.doc
-http://my.seafile.server/f/fdcd8a2f93f84b8b90f4/
-
-
or if run on a directory you will get:
-
rclone link seafile:dir
-http://my.seafile.server/d/9ea2455f6f55478bbb0d/
-
Please note a share link is unique for each file or directory. If you run a link command on a file/dir that has already been shared, you will get the exact same link.
-
Compatibility
-
It has been actively tested using the seafile docker image of these versions: - 6.3.4 community edition - 7.0.5 community edition - 7.1.3 community edition
-
Versions below 6.0 are not supported. Versions between 6.0 and 6.3 haven't been tested and might not work properly.
-
Standard options
-
Here are the standard options specific to seafile (seafile).
-
--seafile-url
-
URL of seafile host to connect to.
-
Properties:
+
Once configured, you can then use rclone like this:
-
Config: url
-
Env Var: RCLONE_SEAFILE_URL
-
Type: string
-
Required: true
-
Examples:
+
List directories in top level of your Sia storage
+
+
rclone lsd mySia:
-
"https://cloud.seafile.com/"
+
List all the files in your Sia storage
+
+
rclone ls mySia:
-
Connect to cloud.seafile.com.
-
-
+
Upload a local directory to the Sia directory called backup
-
--seafile-user
-
User name (usually email address).
+
rclone copy /home/source mySia:backup
+
Standard options
+
Here are the Standard options specific to sia (Sia Decentralized Cloud).
+
--sia-api-url
+
Sia daemon API URL, like http://sia.daemon.host:9980.
+
Note that siad must run with --disable-api-security to open API port for other hosts (not recommended). Keep default if Sia daemon runs on localhost.
Properties:
-
Config: user
-
Env Var: RCLONE_SEAFILE_USER
+
Config: api_url
+
Env Var: RCLONE_SIA_API_URL
Type: string
-
Required: true
+
Default: "http://127.0.0.1:9980"
-
--seafile-pass
-
Password.
+
--sia-api-password
+
Sia Daemon API Password.
+
Can be found in the apipassword file located in HOME/.sia/ or in the daemon directory.
The SFTP backend can be used with a number of different providers:
+
Limitations
-
C14
-
rsync.net
+
Modification times not supported
+
Checksums not supported
+
rclone about not supported
+
rclone can work only with Siad or Sia-UI at the moment, the SkyNet daemon is not supported yet.
+
Sia does not allow control characters or symbols like question and pound signs in file names. rclone will transparently encode them for you, but you'd better be aware
-
SFTP runs over SSH v2 and is installed as standard with most modern SSH installations.
-
Paths are specified as remote:path. If the path does not begin with a / it is relative to the home directory of the user. An empty path remote: refers to the user's home directory. For example, rclone lsd remote: would list the home directory of the user cofigured in the rclone remote config (i.e /home/sftpuser). However, rclone lsd remote:/ would list the root directory for remote machine (i.e. /)
-
Note that some SFTP servers will need the leading / - Synology is a good example of this. rsync.net, on the other hand, requires users to OMIT the leading /.
-
Configuration
-
Here is an example of making an SFTP configuration. First run
Paths are specified as remote:container (or remote: for the lsd command.) You may put subdirectories in too, e.g. remote:container/path/to/dir.
+
Configuration
+
Here is an example of making a swift configuration. First run
rclone config
This will guide you through an interactive setup process.
No remotes found, make a new one?
@@ -22382,517 +25577,472 @@
Configuration
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / SSH/SFTP Connection
- \ "sftp"
+XX / OpenStack Swift (Rackspace Cloud Files, Memset Memstore, OVH)
+ \ "swift"
[snip]
-Storage> sftp
-SSH host to connect to
+Storage> swift
+Get swift credentials from environment variables in standard OpenStack form.
Choose a number from below, or type in your own value
- 1 / Connect to example.com
- \ "example.com"
-host> example.com
-SSH username
-Enter a string value. Press Enter for the default ("$USER").
-user> sftpuser
-SSH port number
-Enter a signed integer. Press Enter for the default (22).
-port>
-SSH password, leave blank to use ssh-agent.
-y) Yes type in my own password
-g) Generate random password
-n) No leave this optional password blank
-y/g/n> n
-Path to unencrypted PEM-encoded private key file, leave blank to use ssh-agent.
-key_file>
+ 1 / Enter swift credentials in the next step
+ \ "false"
+ 2 / Get swift credentials from environment vars. Leave other fields blank if using this.
+ \ "true"
+env_auth> true
+User name to log in (OS_USERNAME).
+user>
+API key or password (OS_PASSWORD).
+key>
+Authentication URL for server (OS_AUTH_URL).
+Choose a number from below, or type in your own value
+ 1 / Rackspace US
+ \ "https://auth.api.rackspacecloud.com/v1.0"
+ 2 / Rackspace UK
+ \ "https://lon.auth.api.rackspacecloud.com/v1.0"
+ 3 / Rackspace v2
+ \ "https://identity.api.rackspacecloud.com/v2.0"
+ 4 / Memset Memstore UK
+ \ "https://auth.storage.memset.com/v1.0"
+ 5 / Memset Memstore UK v2
+ \ "https://auth.storage.memset.com/v2.0"
+ 6 / OVH
+ \ "https://auth.cloud.ovh.net/v3"
+auth>
+User ID to log in - optional - most swift systems use user and leave this blank (v3 auth) (OS_USER_ID).
+user_id>
+User domain - optional (v3 auth) (OS_USER_DOMAIN_NAME)
+domain>
+Tenant name - optional for v1 auth, this or tenant_id required otherwise (OS_TENANT_NAME or OS_PROJECT_NAME)
+tenant>
+Tenant ID - optional for v1 auth, this or tenant required otherwise (OS_TENANT_ID)
+tenant_id>
+Tenant domain - optional (v3 auth) (OS_PROJECT_DOMAIN_NAME)
+tenant_domain>
+Region name - optional (OS_REGION_NAME)
+region>
+Storage URL - optional (OS_STORAGE_URL)
+storage_url>
+Auth Token from alternate authentication - optional (OS_AUTH_TOKEN)
+auth_token>
+AuthVersion - optional - set to (1,2,3) if your auth URL has no version (ST_AUTH_VERSION)
+auth_version>
+Endpoint type to choose from the service catalogue (OS_ENDPOINT_TYPE)
+Choose a number from below, or type in your own value
+ 1 / Public (default, choose this if not sure)
+ \ "public"
+ 2 / Internal (use internal service net)
+ \ "internal"
+ 3 / Admin
+ \ "admin"
+endpoint_type>
Remote config
--------------------
-[remote]
-host = example.com
-user = sftpuser
-port =
-pass =
-key_file =
+[test]
+env_auth = true
+user =
+key =
+auth =
+user_id =
+domain =
+tenant =
+tenant_id =
+tenant_domain =
+region =
+storage_url =
+auth_token =
+auth_version =
+endpoint_type =
--------------------
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y
-
This remote is called remote and can now be used like this:
-
See all directories in the home directory
+
This remote is called remote and can now be used like this
+
See all containers
rclone lsd remote:
-
See all directories in the root directory
-
rclone lsd remote:/
-
Make a new directory
-
rclone mkdir remote:path/to/directory
-
List the contents of a directory
-
rclone ls remote:path/to/directory
-
Sync /home/local/directory to the remote directory, deleting any excess files in the directory.
Mount the remote path /srv/www-data/ to the local path /mnt/www-data
-
rclone mount remote:/srv/www-data/ /mnt/www-data
-
SSH Authentication
-
The SFTP remote supports three authentication methods:
-
-
Password
-
Key file, including certificate signed keys
-
ssh-agent
-
-
Key files should be PEM-encoded private key files. For instance /home/$USER/.ssh/id_rsa. Only unencrypted OpenSSH or PEM encrypted files are supported.
-
The key file can be specified in either an external file (key_file) or contained within the rclone config file (key_pem). If using key_pem in the config file, the entry should be on a single line with new line ('' or '') separating lines. i.e.
This will generate it correctly for key_pem for use in the config:
-
awk '{printf "%s\\n", $0}' < ~/.ssh/id_rsa
-
If you don't specify pass, key_file, or key_pem or ask_password then rclone will attempt to contact an ssh-agent. You can also specify key_use_agent to force the usage of an ssh-agent. In this case key_file or key_pem can also be specified to force the usage of a specific key in the ssh-agent.
-
Using an ssh-agent is the only way to load encrypted OpenSSH keys at the moment.
-
If you set the ask_password option, rclone will prompt for a password when needed and no password has been configured.
-
Certificate-signed keys
-
With traditional key-based authentication, you configure your private key only, and the public key built into it will be used during the authentication process.
-
If you have a certificate you may use it to sign your public key, creating a separate SSH user certificate that should be used instead of the plain public key extracted from the private key. Then you must provide the path to the user certificate public key file in pubkey_file.
-
Note: This is not the traditional public key paired with your private key, typically saved as /home/$USER/.ssh/id_rsa.pub. Setting this path in pubkey_file will not work.
If you concatenate a cert with a private key then you can specify the merged file in both places.
-
Note: the cert must come first in the file. e.g.
-
cat id_rsa-cert.pub id_rsa > merged_key
-
Host key validation
-
By default rclone will not check the server's host key for validation. This can allow an attacker to replace a server with their own and if you use password authentication then this can lead to that password being exposed.
-
Host key matching, using standard known_hosts files can be turned on by enabling the known_hosts_file option. This can point to the file maintained by OpenSSH or can point to a unique file.
-
e.g. using the OpenSSH known_hosts file:
+
Make a new container
+
rclone mkdir remote:container
+
List the contents of a container
+
rclone ls remote:container
+
Sync /home/local/directory to the remote container, deleting any excess files in the container.
An OpenStack credentials file typically looks something something like this (without the comments)
+
export OS_AUTH_URL=https://a.provider.net/v2.0
+export OS_TENANT_ID=ffffffffffffffffffffffffffffffff
+export OS_TENANT_NAME="1234567890123456"
+export OS_USERNAME="123abc567xy"
+echo "Please enter your OpenStack Password: "
+read -sr OS_PASSWORD_INPUT
+export OS_PASSWORD=$OS_PASSWORD_INPUT
+export OS_REGION_NAME="SBG1"
+if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi
+
The config file needs to look something like this where $OS_USERNAME represents the value of the OS_USERNAME variable - 123abc567xy in the example above.
rclone will not manage this file for you. If the key is missing or wrong then the connection will be refused.
-
If the server is set up for a certificate host key then the entry in the known_hosts file must be the @cert-authority entry for the CA
-
-
If the host key provided by the server does not match the one in the file (or is missing) then the connection will be aborted and an error returned such as
NewFs: couldn't connect SSH: ssh: handshake failed: ssh: no authorities for hostname: example.com:22
-
then it is likely the server has presented a CA signed host certificate and you will need to add the appropriate @cert-authority entry.
-
The known_hosts_file setting can be set during rclone config as an advanced option.
-
ssh-agent on macOS
-
Note that there seem to be various problems with using an ssh-agent on macOS due to recent changes in the OS. The most effective work-around seems to be to start an ssh-agent in each session, e.g.
-
eval `ssh-agent -s` && ssh-add -A
-
And then at the end of the session
-
eval `ssh-agent -k`
-
These commands can be used in scripts of course.
-
Modified time
-
Modified times are stored on the server to 1 second precision.
-
Modified times are used in syncing and are fully supported.
-
Some SFTP servers disable setting/modifying the file modification time after upload (for example, certain configurations of ProFTPd with mod_sftp). If you are using one of these servers, you can set the option set_modtime = false in your RClone backend configuration to disable this behaviour.
-
Standard options
-
Here are the standard options specific to sftp (SSH/SFTP Connection).
Note that you may (or may not) need to set region too - try without first.
+
Configuration from the environment
+
If you prefer you can configure rclone to use swift using a standard set of OpenStack environment variables.
+
When you run through the config, make sure you choose true for env_auth and leave everything else blank.
+
rclone will then set any empty config parameters from the environment using standard OpenStack environment variables. There is a list of the variables in the docs for the swift library.
+
Using an alternate authentication method
+
If your OpenStack installation uses a non-standard authentication method that might not be yet supported by rclone or the underlying swift library, you can authenticate externally (e.g. calling manually the openstack commands to get a token). Then, you just need to pass the two configuration variables auth_token and storage_url. If they are both provided, the other variables are ignored. rclone will not try to authenticate but instead assume it is already authenticated and use these two variables to access the OpenStack installation.
+
Using rclone without a config file
+
You can use rclone with swift without a config file, if desired, like this:
This remote supports --fast-list which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details.
+
--update and --use-server-modtime
+
As noted below, the modified time is stored on metadata on the object. It is used by default for all operations that require checking the time a file was last updated. It allows rclone to treat the remote more like a true filesystem, but it is inefficient because it requires an extra API call to retrieve the metadata.
+
For many operations, the time the object was last uploaded to the remote is sufficient to determine if it is "dirty". By using --update along with --use-server-modtime, you can avoid the extra API call and simply upload files whose local modtime is newer than the time it was last uploaded.
+
Modified time
+
The modified time is stored as metadata on the object as X-Object-Meta-Mtime as floating point since the epoch accurate to 1 ns.
+
This is a de facto standard (used in the official python-swiftclient amongst others) for storing the modification time for an object.
+
Restricted filename characters
+
+
+
+
Character
+
Value
+
Replacement
+
+
+
+
+
NUL
+
0x00
+
␀
+
+
+
/
+
0x2F
+
/
+
+
+
+
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
+
Standard options
+
Here are the Standard options specific to swift (OpenStack Swift (Rackspace Cloud Files, Memset Memstore, OVH)).
+
--swift-env-auth
+
Get swift credentials from environment variables in standard OpenStack form.
Tenant name - optional for v1 auth, this or tenant_id required otherwise (OS_TENANT_NAME or OS_PROJECT_NAME).
Properties:
-
Config: key_file_pass
-
Env Var: RCLONE_SFTP_KEY_FILE_PASS
+
Config: tenant
+
Env Var: RCLONE_SWIFT_TENANT
Type: string
Required: false
-
--sftp-pubkey-file
-
Optional path to public key file.
-
Set this if you have a signed certificate you want to use for authentication.
-
Leading ~ will be expanded in the file name as will environment variables such as ${RCLONE_CONFIG_DIR}.
+
--swift-tenant-id
+
Tenant ID - optional for v1 auth, this or tenant required otherwise (OS_TENANT_ID).
Properties:
-
Config: pubkey_file
-
Env Var: RCLONE_SFTP_PUBKEY_FILE
+
Config: tenant_id
+
Env Var: RCLONE_SWIFT_TENANT_ID
Type: string
Required: false
-
--sftp-key-use-agent
-
When set forces the usage of the ssh-agent.
-
When key-file is also set, the ".pub" file of the specified key-file is read and only the associated key is requested from the ssh-agent. This allows to avoid Too many authentication failures for *username* errors when the ssh-agent contains many keys.
AuthVersion - optional - set to (1,2,3) if your auth URL has no version (ST_AUTH_VERSION).
Properties:
-
Config: set_modtime
-
Env Var: RCLONE_SFTP_SET_MODTIME
-
Type: bool
-
Default: true
+
Config: auth_version
+
Env Var: RCLONE_SWIFT_AUTH_VERSION
+
Type: int
+
Default: 0
-
--sftp-md5sum-command
-
The command used to read md5 hashes.
-
Leave blank for autodetect.
+
--swift-endpoint-type
+
Endpoint type to choose from the service catalogue (OS_ENDPOINT_TYPE).
Properties:
-
Config: md5sum_command
-
Env Var: RCLONE_SFTP_MD5SUM_COMMAND
+
Config: endpoint_type
+
Env Var: RCLONE_SWIFT_ENDPOINT_TYPE
Type: string
-
Required: false
-
-
--sftp-sha1sum-command
-
The command used to read sha1 hashes.
-
Leave blank for autodetect.
-
Properties:
+
Default: "public"
+
Examples:
-
Config: sha1sum_command
-
Env Var: RCLONE_SFTP_SHA1SUM_COMMAND
-
Type: string
-
Required: false
-
-
--sftp-skip-links
-
Set to skip any symlinks and any other non regular files.
-
Properties:
+
"public"
-
Config: skip_links
-
Env Var: RCLONE_SFTP_SKIP_LINKS
-
Type: bool
-
Default: false
-
-
--sftp-subsystem
-
Specifies the SSH2 subsystem on the remote host.
-
Properties:
+
Public (default, choose this if not sure)
+
+
"internal"
-
Config: subsystem
-
Env Var: RCLONE_SFTP_SUBSYSTEM
-
Type: string
-
Default: "sftp"
+
Internal (use internal service net)
+
+
"admin"
+
+
Admin
+
+
-
--sftp-server-command
-
Specifies the path or command to run a sftp server on the remote host.
-
The subsystem option is ignored when server_command is defined.
+
--swift-storage-policy
+
The storage policy to use when creating a new container.
+
This applies the specified storage policy when creating a new container. The policy cannot be changed afterwards. The allowed configuration values and their meaning depend on your Swift storage provider.
Properties:
-
Config: server_command
-
Env Var: RCLONE_SFTP_SERVER_COMMAND
+
Config: storage_policy
+
Env Var: RCLONE_SWIFT_STORAGE_POLICY
Type: string
Required: false
+
Examples:
+
+
""
+
+
Default
+
+
"pcs"
+
+
OVH Public Cloud Storage
+
+
"pca"
+
+
OVH Public Cloud Archive
+
+
-
--sftp-use-fstat
-
If set use fstat instead of stat.
-
Some servers limit the amount of open files and calling Stat after opening the file will throw an error from the server. Setting this flag will call Fstat instead of Stat which is called on an already open file handle.
-
It has been found that this helps with IBM Sterling SFTP servers which have "extractability" level set to 1 which means only 1 file can be opened at any given time.
+
Advanced options
+
Here are the Advanced options specific to swift (OpenStack Swift (Rackspace Cloud Files, Memset Memstore, OVH)).
+
--swift-leave-parts-on-error
+
If true avoid calling abort upload on a failure.
+
It should be set to true for resuming uploads across different sessions.
Properties:
-
Config: use_fstat
-
Env Var: RCLONE_SFTP_USE_FSTAT
+
Config: leave_parts_on_error
+
Env Var: RCLONE_SWIFT_LEAVE_PARTS_ON_ERROR
Type: bool
Default: false
-
--sftp-disable-concurrent-reads
-
If set don't use concurrent reads.
-
Normally concurrent reads are safe to use and not using them will degrade performance, so this option is disabled by default.
-
Some servers limit the amount number of times a file can be downloaded. Using concurrent reads can trigger this limit, so if you have a server which returns
-
Failed to copy: file does not exist
-
Then you may need to enable this flag.
-
If concurrent reads are disabled, the use_fstat option is ignored.
+
--swift-chunk-size
+
Above this size files will be chunked into a _segments container.
+
Above this size files will be chunked into a _segments container. The default for this is 5 GiB which is its maximum value.
Properties:
-
Config: disable_concurrent_reads
-
Env Var: RCLONE_SFTP_DISABLE_CONCURRENT_READS
-
Type: bool
-
Default: false
+
Config: chunk_size
+
Env Var: RCLONE_SWIFT_CHUNK_SIZE
+
Type: SizeSuffix
+
Default: 5Gi
-
--sftp-disable-concurrent-writes
-
If set don't use concurrent writes.
-
Normally rclone uses concurrent writes to upload files. This improves the performance greatly, especially for distant servers.
-
This option disables concurrent writes should that be necessary.
+
--swift-no-chunk
+
Don't chunk files during streaming upload.
+
When doing streaming uploads (e.g. using rcat or mount) setting this flag will cause the swift backend to not upload chunked files.
+
This will limit the maximum upload size to 5 GiB. However non chunked files are easier to deal with and have an MD5SUM.
+
Rclone will still chunk files bigger than chunk_size when doing normal copy operations.
Properties:
-
Config: disable_concurrent_writes
-
Env Var: RCLONE_SFTP_DISABLE_CONCURRENT_WRITES
+
Config: no_chunk
+
Env Var: RCLONE_SWIFT_NO_CHUNK
Type: bool
Default: false
-
--sftp-idle-timeout
-
Max time before closing idle connections.
-
If no connections have been returned to the connection pool in the time given, rclone will empty the connection pool.
-
Set to 0 to keep connections indefinitely.
+
--swift-no-large-objects
+
Disable support for static and dynamic large objects
+
Swift cannot transparently store files bigger than 5 GiB. There are two schemes for doing that, static or dynamic large objects, and the API does not allow rclone to determine whether a file is a static or dynamic large object without doing a HEAD on the object. Since these need to be treated differently, this means rclone has to issue HEAD requests for objects for example when reading checksums.
+
When no_large_objects is set, rclone will assume that there are no static or dynamic large objects stored. This means it can stop doing the extra HEAD calls which in turn increases performance greatly especially when doing a swift to swift transfer with --checksum set.
+
Setting this option implies no_chunk and also that no files will be uploaded in chunks, so files bigger than 5 GiB will just fail on upload.
+
If you set this option and there are static or dynamic large objects, then this will give incorrect hashes for them. Downloads will succeed, but other operations such as Remove and Copy will fail.
Properties:
-
Config: idle_timeout
-
Env Var: RCLONE_SFTP_IDLE_TIMEOUT
-
Type: Duration
-
Default: 1m0s
+
Config: no_large_objects
+
Env Var: RCLONE_SWIFT_NO_LARGE_OBJECTS
+
Type: bool
+
Default: false
-
Limitations
-
SFTP supports checksums if the same login has shell access and md5sum or sha1sum as well as echo are in the remote's PATH. This remote checksumming (file hashing) is recommended and enabled by default. Disabling the checksumming may be required if you are connecting to SFTP servers which are not under your control, and to which the execution of remote commands is prohibited. Set the configuration option disable_hashcheck to true to disable checksumming.
-
SFTP also supports about if the same login has shell access and df are in the remote's PATH. about will return the total space, free space, and used space on the remote for the disk of the specified path on the remote or, if not set, the disk of the root on the remote. about will fail if it does not have shell access or if df is not in the remote's PATH.
-
Note that some SFTP servers (e.g. Synology) the paths are different for SSH and SFTP so the hashes can't be calculated properly. For them using disable_hashcheck is a good idea.
-
The only ssh agent supported under Windows is Putty's pageant.
-
The Go SSH library disables the use of the aes128-cbc cipher by default, due to security concerns. This can be re-enabled on a per-connection basis by setting the use_insecure_cipher setting in the configuration file to true. Further details on the insecurity of this cipher can be found in this paper.
-
SFTP isn't supported under plan9 until this issue is fixed.
-
Note that since SFTP isn't HTTP based the following flags don't work with it: --dump-headers, --dump-bodies, --dump-auth
-
Note that --timeout and --contimeout are both supported.
Storj is an encrypted, secure, and cost-effective object storage service that enables you to store, back up, and archive large amounts of data in a decentralized manner.
Use this backend to take advantage of client-side encryption as well as to achieve the best possible download performance. Uploads will be erasure-coded locally, thus a 1gb upload will result in 2.68gb of data being uploaded to storage nodes across the network.
-
Use the s3 backend and one of the S3 compatible Hosted Gateways to increase upload performance and reduce the load on your systems and network. Uploads will be encrypted and erasure-coded server-side, thus a 1GB upload will result in only in 1GB of data being uploaded to storage nodes across the network.
-
Side by side comparison with more details:
-
-
Characteristics:
-
-
Storj backend: Uses native RPC protocol, connects directly to the storage nodes which hosts the data. Requires more CPU resource of encoding/decoding and has network amplification (especially during the upload), uses lots of TCP connections
-
S3 backend: Uses S3 compatible HTTP Rest API via the shared gateways. There is no network amplification, but performance depends on the shared gateways and the secret encryption key is shared with the gateway.
-
-
Typical usage:
-
-
Storj backend: Server environments and desktops with enough resources, internet speed and connectivity - and applications where storjs client-side encryption is required.
-
S3 backend: Desktops and similar with limited resources, internet speed or connectivity.
-
-
Security:
-
-
Storj backend: strong. Private encryption key doesn't need to leave the local computer.
-
S3 backend: weaker. Private encryption key is shared with the authentication service of the hosted gateway, where it's stored encrypted. It can be stronger when combining with the rclone crypt backend.
-
-
Bandwidth usage (upload):
-
-
Storj backend: higher. As data is erasure coded on the client side both the original data and the parities should be uploaded. About ~2.7 times more data is required to be uploaded. Client may start to upload with even higher number of nodes (~3.7 times more) and abandon/stop the slow uploads.
-
S3 backend: normal. Only the raw data is uploaded, erasure coding happens on the gateway.
-
-
Bandwidth usage (download)
-
-
Storj backend: almost normal. Only the minimal number of data is required, but to avoid very slow data providers a few more sources are used and the slowest are ignored (max 1.2x overhead).
-
S3 backend: normal. Only the raw data is downloaded, erasure coding happens on the shared gateway.
-
-
CPU usage:
-
-
Storj backend: higher, but more predictable. Erasure code and encryption/decryption happens locally which requires significant CPU usage.
-
S3 backend: less. Erasure code and encryption/decryption happens on shared s3 gateways (and as is, it depends on the current load on the gateways)
-
-
TCP connection usage:
-
-
Storj backend: high. A direct connection is required to each of the Storj nodes resulting in 110 connections on upload and 35 on download per 64 MB segment. Not all the connections are actively used (slow ones are pruned), but they are all opened. Adjusting the max open file limit may be required.
-
S3 backend: normal. Only one connection per download/upload thread is required to the shared gateway.
-
-
Overall performance:
-
-
Storj backend: with enough resources (CPU and bandwidth) storj backend can provide even 2x better performance. Data is directly downloaded to / uploaded from to the client instead of the gateway.
-
S3 backend: Can be faster on edge devices where CPU and network bandwidth is limited as the shared S3 compatible gateways take care about the encrypting/decryption and erasure coding and no download/upload amplification.
-
-
Decentralization:
-
-
Storj backend: high. Data is downloaded directly from the distributed cloud of storage providers.
-
S3 backend: low. Requires a running S3 gateway (either self-hosted or Storj-hosted).
Storj backend: rclone checksum is not possible without download, as checksum metadata is not calculated during upload
-
S3 backend: secret encryption key is shared with the gateway
-
+
Config: encoding
+
Env Var: RCLONE_SWIFT_ENCODING
+
Type: MultiEncoder
+
Default: Slash,InvalidUtf8
-
Configuration
-
To make a new Storj configuration you need one of the following: * Access Grant that someone else shared with you. * API Key of a Storj project you are a member of.
-
Here is an example of how to make a remote called remote. First run:
-
rclone config
-
This will guide you through an interactive setup process:
-
Setup with access grant
-
No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-q) Quit config
-n/s/q> n
-name> remote
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / Storj Decentralized Cloud Storage
- \ "storj"
-[snip]
-Storage> storj
-** See help for storj backend at: https://rclone.org/storj/ **
-
-Choose an authentication method.
-Enter a string value. Press Enter for the default ("existing").
-Choose a number from below, or type in your own value
- 1 / Use an existing access grant.
- \ "existing"
- 2 / Create a new access grant from satellite address, API key, and passphrase.
- \ "new"
-provider> existing
-Access Grant.
-Enter a string value. Press Enter for the default ("").
-access_grant> your-access-grant-received-by-someone-else
-Remote config
---------------------
-[remote]
-type = storj
-access_grant = your-access-grant-received-by-someone-else
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-
Setup with API key and passphrase
+
Limitations
+
The Swift API doesn't return a correct MD5SUM for segmented files (Dynamic or Static Large Objects) so rclone won't check or use the MD5SUM for these.
+
Troubleshooting
+
Rclone gives Failed to create file system for "remote:": Bad Request
+
Due to an oddity of the underlying swift library, it gives a "Bad Request" error rather than a more sensible error when the authentication fails for Swift.
+
So this most likely means your username / password is wrong. You can investigate further with the --dump-bodies flag.
+
This may also be caused by specifying the region when you shouldn't have (e.g. OVH).
+
Rclone gives Failed to create file system: Response didn't have storage url and auth token
+
This is most likely caused by forgetting to specify your tenant when setting up a swift remote.
+
OVH Cloud Archive
+
To use rclone with OVH cloud archive, first use rclone config to set up a swift backend with OVH, choosing pca as the storage_policy.
+
Uploading Objects
+
Uploading objects to OVH cloud archive is no different to object storage, you just simply run the command you like (move, copy or sync) to upload the objects. Once uploaded the objects will show in a "Frozen" state within the OVH control panel.
+
Retrieving Objects
+
To retrieve objects use rclone copy as normal. If the objects are in a frozen state then rclone will ask for them all to be unfrozen and it will wait at the end of the output with a message like the following:
+
2019/03/23 13:06:33 NOTICE: Received retry after error - sleeping until 2019-03-23T13:16:33.481657164+01:00 (9m59.99985121s)
+
Rclone will wait for the time specified then retry the copy.
+
pCloud
+
Paths are specified as remote:path
+
Paths may be as deep as required, e.g. remote:directory/subdirectory.
+
Configuration
+
The initial setup for pCloud involves getting a token from pCloud which you need to do in your browser. rclone config walks you through it.
+
Here is an example of how to make a remote called remote. First run:
+
rclone config
+
This will guide you through an interactive setup process:
No remotes found, make a new one?
n) New remote
s) Set configuration password
@@ -22900,195 +26050,197 @@
Setup with API key and passphrase
-
Standard options
-
Here are the standard options specific to storj (Storj Decentralized Cloud Storage).
-
--storj-provider
-
Choose an authentication method.
+
See the remote setup docs for how to set it up on a machine with no Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the token as returned from pCloud. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this it may require you to unblock it temporarily if you are running a host firewall.
+
Once configured you can then use rclone like this,
+
List directories in top level of your pCloud
+
rclone lsd remote:
+
List all the files in your pCloud
+
rclone ls remote:
+
To copy a local directory to a pCloud directory called backup
+
rclone copy /home/source remote:backup
+
Modified time and hashes
+
pCloud allows modification times to be set on objects accurate to 1 second. These will be used to detect whether objects need syncing or not. In order to set a Modification time pCloud requires the object be re-uploaded.
+
pCloud supports MD5 and SHA1 hashes in the US region, and SHA1 and SHA256 hashes in the EU region, so you can use the --checksum flag.
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
+
Deleting files
+
Deleted files will be moved to the trash. Your subscription level will determine how long items stay in the trash. rclone cleanup can be used to empty the trash.
+
Emptying the trash
+
Due to an API limitation, the rclone cleanup command will only work if you set your username and password in the advanced options for this backend. Since we generally want to avoid storing user passwords in the rclone config file, we advise you to only set this up if you need the rclone cleanup command to work.
+
Root folder ID
+
You can set the root_folder_id for rclone. This is the directory (identified by its Folder ID) that rclone considers to be the root of your pCloud drive.
+
Normally you will leave this blank and rclone will determine the correct root to use itself.
+
However you can set this to restrict rclone to a specific folder hierarchy.
+
In order to do this you will have to find the Folder ID of the directory you wish rclone to display. This will be the folder field of the URL when you open the relevant folder in the pCloud web interface.
+
So if the folder you want rclone to use has a URL which looks like https://my.pcloud.com/#page=filemanager&folder=5xxxxxxxx8&tpl=foldergrid in the browser, then you use 5xxxxxxxx8 as the root_folder_id in the config.
+
Standard options
+
Here are the Standard options specific to pcloud (Pcloud).
+
--pcloud-client-id
+
OAuth Client Id.
+
Leave blank normally.
Properties:
-
Config: provider
-
Env Var: RCLONE_STORJ_PROVIDER
+
Config: client_id
+
Env Var: RCLONE_PCLOUD_CLIENT_ID
Type: string
-
Default: "existing"
-
Examples:
+
Required: false
+
+
--pcloud-client-secret
+
OAuth Client Secret.
+
Leave blank normally.
+
Properties:
-
"existing"
+
Config: client_secret
+
Env Var: RCLONE_PCLOUD_CLIENT_SECRET
+
Type: string
+
Required: false
+
+
Advanced options
+
Here are the Advanced options specific to pcloud (Pcloud).
+
--pcloud-token
+
OAuth Access Token as a JSON blob.
+
Properties:
-
Use an existing access grant.
-
-
"new"
+
Config: token
+
Env Var: RCLONE_PCLOUD_TOKEN
+
Type: string
+
Required: false
+
+
--pcloud-auth-url
+
Auth server URL.
+
Leave blank to use the provider defaults.
+
Properties:
-
Create a new access grant from satellite address, API key, and passphrase.
-
-
+
Config: auth_url
+
Env Var: RCLONE_PCLOUD_AUTH_URL
+
Type: string
+
Required: false
-
--storj-access-grant
-
Access grant.
+
--pcloud-token-url
+
Token server url.
+
Leave blank to use the provider defaults.
Properties:
-
Config: access_grant
-
Env Var: RCLONE_STORJ_ACCESS_GRANT
-
Provider: existing
+
Config: token_url
+
Env Var: RCLONE_PCLOUD_TOKEN_URL
Type: string
Required: false
-
--storj-satellite-address
-
Satellite address.
-
Custom satellite address should match the format: <nodeid>@<address>:<port>.
Fill in for rclone to use a non root folder as its starting point.
+
Properties:
+
+
Config: root_folder_id
+
Env Var: RCLONE_PCLOUD_ROOT_FOLDER_ID
Type: string
-
Default: "us-central-1.storj.io"
-
Examples:
+
Default: "d0"
+
+
--pcloud-hostname
+
Hostname to connect to.
+
This is normally set when rclone initially does the oauth connection, however you will need to set it by hand if you are using remote config with rclone authorize.
+
Properties:
-
"us-central-1.storj.io"
+
Config: hostname
+
Env Var: RCLONE_PCLOUD_HOSTNAME
+
Type: string
+
Default: "api.pcloud.com"
+
Examples:
-
US Central 1
-
-
"europe-west-1.storj.io"
+
"api.pcloud.com"
-
Europe West 1
+
Original/US region
-
"asia-east-1.storj.io"
+
"eapi.pcloud.com"
-
Asia East 1
+
EU region
-
--storj-api-key
-
API key.
+
--pcloud-username
+
Your pcloud username.
+
This is only required when you want to use the cleanup command. Due to a bug in the pcloud API the required API does not support OAuth authentication so we have to rely on user password authentication for it.
Properties:
-
Config: api_key
-
Env Var: RCLONE_STORJ_API_KEY
-
Provider: new
+
Config: username
+
Env Var: RCLONE_PCLOUD_USERNAME
Type: string
Required: false
-
--storj-passphrase
-
Encryption passphrase.
-
To access existing objects enter passphrase used for uploading.
rclone about is not supported by the rclone Storj backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
If you get errors like too many open files this usually happens when the default ulimit for system max open files is exceeded. Native Storj protocol opens a large number of TCP connections (each of which is counted as an open file). For a single upload stream you can expect 110 TCP connections to be opened. For a single download stream you can expect 35. This batch of connections will be opened for every 64 MiB segment and you should also expect TCP connections to be reused. If you do many transfers you eventually open a connection to most storage nodes (thousands of nodes).
-
To fix these, please raise your system limits. You can do this issuing a ulimit -n 65536 just before you run rclone. To change the limits more permanently you can add this to your shell startup script, e.g. $HOME/.bashrc, or change the system-wide configuration, usually /etc/sysctl.conf and/or /etc/security/limits.conf, but please refer to your operating system manual.
-
SugarSync
-
SugarSync is a cloud service that enables active synchronization of files across computers and other devices for file backup, access, syncing, and sharing.
-
Configuration
-
The initial setup for SugarSync involves getting a token from SugarSync which you can do with rclone. rclone config walks you through it.
+
premiumize.me
+
Paths are specified as remote:path
+
Paths may be as deep as required, e.g. remote:directory/subdirectory.
+
Configuration
+
The initial setup for premiumize.me involves getting a token from premiumize.me which you need to do in your browser. rclone config walks you through it.
Here is an example of how to make a remote called remote. First run:
rclone config
This will guide you through an interactive setup process:
@@ -23102,243 +26254,165 @@
Configuration
Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
[snip]
-XX / Sugarsync
- \ "sugarsync"
+XX / premiumize.me
+ \ "premiumizeme"
[snip]
-Storage> sugarsync
-** See help for sugarsync backend at: https://rclone.org/sugarsync/ **
+Storage> premiumizeme
+** See help for premiumizeme backend at: https://rclone.org/premiumizeme/ **
-Sugarsync App ID.
-Leave blank to use rclone's.
-Enter a string value. Press Enter for the default ("").
-app_id>
-Sugarsync Access Key ID.
-Leave blank to use rclone's.
-Enter a string value. Press Enter for the default ("").
-access_key_id>
-Sugarsync Private Access Key
-Leave blank to use rclone's.
-Enter a string value. Press Enter for the default ("").
-private_access_key>
-Permanently delete files if true
-otherwise put them in the deleted files.
-Enter a boolean value (true or false). Press Enter for the default ("false").
-hard_delete>
-Edit advanced config? (y/n)
-y) Yes
-n) No (default)
-y/n> n
Remote config
-Username (email address)> nick@craig-wood.com
-Your Sugarsync password is only required during setup and will not be stored.
-password:
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
+y) Yes
+n) No
+y/n> y
+If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
+Log in and authorize rclone for access
+Waiting for code...
+Got code
--------------------
[remote]
-type = sugarsync
-refresh_token = https://api.sugarsync.com/app-authorization/XXXXXXXXXXXXXXXXXX
+type = premiumizeme
+token = {"access_token":"XXX","token_type":"Bearer","refresh_token":"XXX","expiry":"2029-08-07T18:44:15.548915378+01:00"}
--------------------
-y) Yes this is OK (default)
+y) Yes this is OK
e) Edit this remote
d) Delete this remote
-y/e/d> y
-
Note that the config asks for your email and password but doesn't store them, it only uses them to get the initial token.
+y/e/d>
+
See the remote setup docs for how to set it up on a machine with no Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the token as returned from premiumize.me. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this it may require you to unblock it temporarily if you are running a host firewall.
Once configured you can then use rclone like this,
-
List directories (sync folders) in top level of your SugarSync
+
List directories in top level of your premiumize.me
rclone lsd remote:
-
List all the files in your SugarSync folder "Test"
-
rclone ls remote:Test
-
To copy a local directory to an SugarSync folder called backup
+
List all the files in your premiumize.me
+
rclone ls remote:
+
To copy a local directory to an premiumize.me directory called backup
rclone copy /home/source remote:backup
-
Paths are specified as remote:path
-
Paths may be as deep as required, e.g. remote:directory/subdirectory.
-
NB you can't create files in the top level folder you have to create a folder, which rclone will create as a "Sync Folder" with SugarSync.
Modified time and hashes
-
SugarSync does not support modification times or hashes, therefore syncing will default to --size-only checking. Note that using --update will work as rclone can read the time files were uploaded.
Invalid UTF-8 bytes will also be replaced, as they can't be used in XML strings.
-
Deleting files
-
Deleted files will be moved to the "Deleted items" folder by default.
-
However you can supply the flag --sugarsync-hard-delete or set the config parameter hard_delete = true if you would like files to be deleted straight away.
-
Standard options
-
Here are the standard options specific to sugarsync (Sugarsync).
-
--sugarsync-app-id
-
Sugarsync App ID.
-
Leave blank to use rclone's.
-
Properties:
-
-
Config: app_id
-
Env Var: RCLONE_SUGARSYNC_APP_ID
-
Type: string
-
Required: false
-
-
--sugarsync-access-key-id
-
Sugarsync Access Key ID.
-
Leave blank to use rclone's.
-
Properties:
-
-
Config: access_key_id
-
Env Var: RCLONE_SUGARSYNC_ACCESS_KEY_ID
-
Type: string
-
Required: false
-
-
--sugarsync-private-access-key
-
Sugarsync Private Access Key.
-
Leave blank to use rclone's.
-
Properties:
-
-
Config: private_access_key
-
Env Var: RCLONE_SUGARSYNC_PRIVATE_ACCESS_KEY
-
Type: string
-
Required: false
-
-
--sugarsync-hard-delete
-
Permanently delete files if true otherwise put them in the deleted files.
-
Properties:
-
-
Config: hard_delete
-
Env Var: RCLONE_SUGARSYNC_HARD_DELETE
-
Type: bool
-
Default: false
-
-
Advanced options
-
Here are the advanced options specific to sugarsync (Sugarsync).
-
--sugarsync-refresh-token
-
Sugarsync refresh token.
-
Leave blank normally, will be auto configured by rclone.
-
Properties:
-
-
Config: refresh_token
-
Env Var: RCLONE_SUGARSYNC_REFRESH_TOKEN
-
Type: string
-
Required: false
-
-
--sugarsync-authorization
-
Sugarsync authorization.
-
Leave blank normally, will be auto configured by rclone.
-
Properties:
-
-
Config: authorization
-
Env Var: RCLONE_SUGARSYNC_AUTHORIZATION
-
Type: string
-
Required: false
-
-
--sugarsync-authorization-expiry
-
Sugarsync authorization expiry.
-
Leave blank normally, will be auto configured by rclone.
+
premiumize.me does not support modification times or hashes, therefore syncing will default to --size-only checking. Note that using --update will work.
rclone about is not supported by the SugarSync backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
The Tardigrade backend has been renamed to be the Storj backend. Old configuration files will continue to work.
-
Uptobox
-
This is a Backend for Uptobox file storage service. Uptobox is closer to a one-click hoster than a traditional cloud storage provider and therefore not suitable for long term storage.
+
Limitations
+
Note that premiumize.me is case insensitive so you can't have a file called "Hello.doc" and one called "hello.doc".
+
premiumize.me file names can't have the \ or " characters in. rclone maps these to and from an identical looking unicode equivalents \ and "
+
premiumize.me only supports filenames up to 255 characters in length.
+
put.io
Paths are specified as remote:path
-
Paths may be as deep as required, e.g. remote:directory/subdirectory.
-
Configuration
-
To configure an Uptobox backend you'll need your personal api token. You'll find it in your account settings
-
Here is an example of how to make a remote called remote with the default setup. First run:
-
rclone config
+
put.io paths may be as deep as required, e.g. remote:directory/subdirectory.
+
Configuration
+
The initial setup for put.io involves getting a token from put.io which you need to do in your browser. rclone config walks you through it.
+
Here is an example of how to make a remote called remote. First run:
+
rclone config
This will guide you through an interactive setup process:
-
Current remotes:
-
-Name Type
-==== ====
-TestUptobox uptobox
-
-e) Edit existing remote
+
No remotes found, make a new one?
n) New remote
-d) Delete remote
-r) Rename remote
-c) Copy remote
s) Set configuration password
q) Quit config
-e/n/d/r/c/s/q> n
-name> uptobox
+n/s/q> n
+name> putio
Type of storage to configure.
Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
-[...]
-37 / Uptobox
- \ "uptobox"
-[...]
-Storage> uptobox
-** See help for uptobox backend at: https://rclone.org/uptobox/ **
+[snip]
+XX / Put.io
+ \ "putio"
+[snip]
+Storage> putio
+** See help for putio backend at: https://rclone.org/putio/ **
-Your API Key, get it from https://uptobox.com/my_account
-Enter a string value. Press Enter for the default ("").
-api_key> xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-Edit advanced config? (y/n)
-y) Yes
-n) No (default)
-y/n> n
Remote config
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
+y) Yes
+n) No
+y/n> y
+If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
+Log in and authorize rclone for access
+Waiting for code...
+Got code
--------------------
-[uptobox]
-type = uptobox
-api_key = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+[putio]
+type = putio
+token = {"access_token":"XXXXXXXX","expiry":"0001-01-01T00:00:00Z"}
--------------------
-y) Yes this is OK (default)
+y) Yes this is OK
e) Edit this remote
d) Delete this remote
-y/e/d>
-
Once configured you can then use rclone like this,
-
List directories in top level of your Uptobox
+y/e/d> y
+Current remotes:
+
+Name Type
+==== ====
+putio putio
+
+e) Edit existing remote
+n) New remote
+d) Delete remote
+r) Rename remote
+c) Copy remote
+s) Set configuration password
+q) Quit config
+e/n/d/r/c/s/q> q
+
See the remote setup docs for how to set it up on a machine with no Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the token as returned from put.io if using web browser to automatically authenticate. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this it may require you to unblock it temporarily if you are running a host firewall, or use manual mode.
+
You can then use it like this,
+
List directories in top level of your put.io
rclone lsd remote:
-
List all the files in your Uptobox
+
List all the files in your put.io
rclone ls remote:
-
To copy a local directory to an Uptobox directory called backup
+
To copy a local directory to a put.io directory called backup
rclone copy /home/source remote:backup
-
Modified time and hashes
-
Uptobox supports neither modified times nor checksums.
Uptobox will delete inactive files that have not been accessed in 60 days.
-
rclone about is not supported by this backend an overview of used space can however been seen in the uptobox web interface.
-
Union
-
The union remote provides a unification similar to UnionFS using other remotes.
-
Paths may be as deep as required or a local path, e.g. remote:directory/subdirectory or /directory/subdirectory.
-
During the initial setup with rclone config you will specify the upstream remotes as a space separated list. The upstream remotes can either be a local paths or other remotes.
-
Attribute :ro and :nc can be attach to the end of path to tag the remote as read only or no create, e.g. remote:directory/subdirectory:ro or remote:directory/subdirectory:nc.
-
Subfolders can be used in upstream remotes. Assume a union remote named backup with the remotes mydrive:private/backup. Invoking rclone mkdir backup:desktop is exactly the same as invoking rclone mkdir mydrive:private/backup/desktop.
-
There will be no special handling of paths containing .. segments. Invoking rclone mkdir backup:../desktop is exactly the same as invoking rclone mkdir mydrive:private/backup/../desktop.
-
Configuration
-
Here is an example of how to make a union called remote for local folders. First run:
-
rclone config
-
This will guide you through an interactive setup process:
+
Limitations
+
put.io has rate limiting. When you hit a limit, rclone automatically retries after waiting the amount of time requested by the server.
+
If you want to avoid ever hitting these limits, you may use the --tpslimit flag with a low number. Note that the imposed limits may be different for different operations, and may change over time.
+
Seafile
+
This is a backend for the Seafile storage service: - It works with both the free community edition or the professional edition. - Seafile versions 6.x and 7.x are all supported. - Encrypted libraries are also supported. - It supports 2FA enabled users
+
Configuration
+
There are two distinct modes you can setup your remote: - you point your remote to the root of the server, meaning you don't specify a library during the configuration: Paths are specified as remote:library. You may put subdirectories in too, e.g. remote:library/path/to/dir. - you point your remote to a specific library during the configuration: Paths are specified as remote:path/to/dir. This is the recommended mode when using encrypted libraries. (This mode is possibly slightly faster than the root mode)
+
Configuration in root mode
+
Here is an example of making a seafile configuration for a user with no two-factor authentication. First run
+
rclone config
+
This will guide you through an interactive setup process. To authenticate you will need the URL of your server, your email (or username) and your password.
No remotes found, make a new one?
n) New remote
s) Set configuration password
q) Quit config
n/s/q> n
-name> remote
+name> seafile
Type of storage to configure.
+Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
[snip]
-XX / Union merges the contents of several remotes
- \ "union"
+XX / Seafile
+ \ "seafile"
[snip]
-Storage> union
-List of space separated upstreams.
-Can be 'upstreama:test/dir upstreamb:', '\"upstreama:test/space:ro dir\" upstreamb:', etc.
+Storage> seafile
+** See help for seafile backend at: https://rclone.org/seafile/ **
+
+URL of seafile host to connect to
Enter a string value. Press Enter for the default ("").
-upstreams> remote1:dir1 remote2:dir2 remote3:dir3
-Policy to choose upstream on ACTION class.
-Enter a string value. Press Enter for the default ("epall").
-action_policy>
-Policy to choose upstream on CREATE class.
-Enter a string value. Press Enter for the default ("epmfs").
-create_policy>
-Policy to choose upstream on SEARCH class.
-Enter a string value. Press Enter for the default ("ff").
-search_policy>
-Cache time of usage and free space (in seconds). This option is only useful when a path preserving policy is used.
-Enter a signed integer. Press Enter for the default ("120").
-cache_time>
+Choose a number from below, or type in your own value
+ 1 / Connect to cloud.seafile.com
+ \ "https://cloud.seafile.com/"
+url> http://my.seafile.server/
+User name (usually email address)
+Enter a string value. Press Enter for the default ("").
+user> me@example.com
+Password
+y) Yes type in my own password
+g) Generate random password
+n) No leave this optional password blank (default)
+y/g> y
+Enter the password:
+password:
+Confirm the password:
+password:
+Two-factor authentication ('true' if the account has 2FA enabled)
+Enter a boolean value (true or false). Press Enter for the default ("false").
+2fa> false
+Name of the library. Leave blank to access all non-encrypted libraries.
+Enter a string value. Press Enter for the default ("").
+library>
+Library password (for encrypted libraries only). Leave blank if you pass it through the command line.
+y) Yes type in my own password
+g) Generate random password
+n) No leave this optional password blank (default)
+y/g/n> n
+Edit advanced config? (y/n)
+y) Yes
+n) No (default)
+y/n> n
Remote config
+Two-factor authentication is not enabled on this account.
--------------------
-[remote]
-type = union
-upstreams = remote1:dir1 remote2:dir2 remote3:dir3
+[seafile]
+type = seafile
+url = http://my.seafile.server/
+user = me@example.com
+pass = *** ENCRYPTED ***
+2fa = false
--------------------
-y) Yes this is OK
+y) Yes this is OK (default)
e) Edit this remote
d) Delete this remote
-y/e/d> y
-Current remotes:
-
-Name Type
-==== ====
-remote union
-
-e) Edit existing remote
+y/e/d> y
+
This remote is called seafile. It's pointing to the root of your seafile server and can now be used like this:
+
See all libraries
+
rclone lsd seafile:
+
Create a new library
+
rclone mkdir seafile:library
+
List the contents of a library
+
rclone ls seafile:library
+
Sync /home/local/directory to the remote library, deleting any excess files in the library.
Here's an example of a configuration in library mode with a user that has the two-factor authentication enabled. Your 2FA code will be asked at the end of the configuration, and will attempt to authenticate you:
+
No remotes found, make a new one?
n) New remote
-d) Delete remote
-r) Rename remote
-c) Copy remote
s) Set configuration password
q) Quit config
-e/n/d/r/c/s/q> q
-
Once configured you can then use rclone like this,
-
List directories in top level in remote1:dir1, remote2:dir2 and remote3:dir3
-
rclone lsd remote:
-
List all the files in remote1:dir1, remote2:dir2 and remote3:dir3
-
rclone ls remote:
-
Copy another local directory to the union directory called source, which will be placed into remote3:dir3
-
rclone copy C:\source remote:source
-
Behavior / Policies
-
The behavior of union backend is inspired by trapexit/mergerfs. All functions are grouped into 3 categories: action, create and search. These functions and categories can be assigned a policy which dictates what file or directory is chosen when performing that behavior. Any policy can be assigned to a function or category though some may not be very useful in practice. For instance: rand (random) may be useful for file creation (create) but could lead to very odd behavior if used for delete if there were more than one copy of the file.
-
Function / Category classifications
-
-
-
-
-
-
-
-
-
Category
-
Description
-
Functions
-
-
-
-
-
action
-
Writing Existing file
-
move, rmdir, rmdirs, delete, purge and copy, sync (as destination when file exist)
Policies, as described below, are of two basic types. path preserving and non-path preserving.
-
All policies which start with ep (epff, eplfs, eplus, epmfs, eprand) are path preserving. ep stands for existing path.
-
A path preserving policy will only consider upstreams where the relative path being accessed already exists.
-
When using non-path preserving policies paths will be created in target upstreams as necessary.
-
Quota Relevant Policies
-
Some policies rely on quota information. These policies should be used only if your upstreams support the respective quota fields.
+n/s/q> n
+name> seafile
+Type of storage to configure.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+[snip]
+XX / Seafile
+ \ "seafile"
+[snip]
+Storage> seafile
+** See help for seafile backend at: https://rclone.org/seafile/ **
+
+URL of seafile host to connect to
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 1 / Connect to cloud.seafile.com
+ \ "https://cloud.seafile.com/"
+url> http://my.seafile.server/
+User name (usually email address)
+Enter a string value. Press Enter for the default ("").
+user> me@example.com
+Password
+y) Yes type in my own password
+g) Generate random password
+n) No leave this optional password blank (default)
+y/g> y
+Enter the password:
+password:
+Confirm the password:
+password:
+Two-factor authentication ('true' if the account has 2FA enabled)
+Enter a boolean value (true or false). Press Enter for the default ("false").
+2fa> true
+Name of the library. Leave blank to access all non-encrypted libraries.
+Enter a string value. Press Enter for the default ("").
+library> My Library
+Library password (for encrypted libraries only). Leave blank if you pass it through the command line.
+y) Yes type in my own password
+g) Generate random password
+n) No leave this optional password blank (default)
+y/g/n> n
+Edit advanced config? (y/n)
+y) Yes
+n) No (default)
+y/n> n
+Remote config
+Two-factor authentication: please enter your 2FA code
+2fa code> 123456
+Authenticating...
+Success!
+--------------------
+[seafile]
+type = seafile
+url = http://my.seafile.server/
+user = me@example.com
+pass =
+2fa = true
+library = My Library
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
You'll notice your password is blank in the configuration. It's because we only need the password to authenticate you once.
+
You specified My Library during the configuration. The root of the remote is pointing at the root of the library My Library:
+
See all files in the library:
+
rclone lsd seafile:
+
Create a new directory inside the library
+
rclone mkdir seafile:directory
+
List the contents of a directory
+
rclone ls seafile:directory
+
Sync /home/local/directory to the remote library, deleting any excess files in the library.
+
rclone sync -i /home/local/directory seafile:
+
--fast-list
+
Seafile version 7+ supports --fast-list which allows you to use fewer transactions in exchange for more memory. See the rclone docs for more details. Please note this is not supported on seafile server version 6.x
To check if your upstream supports the field, run rclone about remote: [flags] and see if the required field exists.
-
Filters
-
Policies basically search upstream remotes and create a list of files / paths for functions to work on. The policy is responsible for filtering and sorting. The policy type defines the sorting but filtering is mostly uniform as described below.
+
Invalid UTF-8 bytes will also be replaced, as they can't be used in JSON strings.
+
Seafile and rclone link
+
Rclone supports generating share links for non-encrypted libraries only. They can either be for a file or a directory:
+
rclone link seafile:seafile-tutorial.doc
+http://my.seafile.server/f/fdcd8a2f93f84b8b90f4/
+
+
or if run on a directory you will get:
+
rclone link seafile:dir
+http://my.seafile.server/d/9ea2455f6f55478bbb0d/
+
Please note a share link is unique for each file or directory. If you run a link command on a file/dir that has already been shared, you will get the exact same link.
+
Compatibility
+
It has been actively tested using the seafile docker image of these versions: - 6.3.4 community edition - 7.0.5 community edition - 7.1.3 community edition
+
Versions below 6.0 are not supported. Versions between 6.0 and 6.3 haven't been tested and might not work properly.
+
Standard options
+
Here are the Standard options specific to seafile (seafile).
+
--seafile-url
+
URL of seafile host to connect to.
+
Properties:
-
No search policies filter.
-
All action policies will filter out remotes which are tagged as read-only.
-
All create policies will filter out remotes which are tagged read-only or no-create.
+
Config: url
+
Env Var: RCLONE_SEAFILE_URL
+
Type: string
+
Required: true
+
Examples:
+
+
"https://cloud.seafile.com/"
+
+
Connect to cloud.seafile.com.
+
+
-
If all remotes are filtered an error will be returned.
-
Policy descriptions
-
The policies definition are inspired by trapexit/mergerfs but not exactly the same. Some policy definition could be different due to the much larger latency of remote file systems.
-
-
-
-
-
-
-
-
Policy
-
Description
-
-
-
-
-
all
-
Search category: same as epall. Action category: same as epall. Create category: act on all upstreams.
-
-
-
epall (existing path, all)
-
Search category: Given this order configured, act on the first one found where the relative path exists. Action category: apply to all found. Create category: act on all upstreams where the relative path exists.
-
-
-
epff (existing path, first found)
-
Act on the first one found, by the time upstreams reply, where the relative path exists.
-
-
-
eplfs (existing path, least free space)
-
Of all the upstreams on which the relative path exists choose the one with the least free space.
-
-
-
eplus (existing path, least used space)
-
Of all the upstreams on which the relative path exists choose the one with the least used space.
-
-
-
eplno (existing path, least number of objects)
-
Of all the upstreams on which the relative path exists choose the one with the least number of objects.
-
-
-
epmfs (existing path, most free space)
-
Of all the upstreams on which the relative path exists choose the one with the most free space.
-
-
-
eprand (existing path, random)
-
Calls epall and then randomizes. Returns only one upstream.
-
-
-
ff (first found)
-
Search category: same as epff. Action category: same as epff. Create category: Act on the first one found by the time upstreams reply.
-
-
-
lfs (least free space)
-
Search category: same as eplfs. Action category: same as eplfs. Create category: Pick the upstream with the least available free space.
-
-
-
lus (least used space)
-
Search category: same as eplus. Action category: same as eplus. Create category: Pick the upstream with the least used space.
-
-
-
lno (least number of objects)
-
Search category: same as eplno. Action category: same as eplno. Create category: Pick the upstream with the least number of objects.
-
-
-
mfs (most free space)
-
Search category: same as epmfs. Action category: same as epmfs. Create category: Pick the upstream with the most available free space.
-
-
-
newest
-
Pick the file / directory with the largest mtime.
-
-
-
rand (random)
-
Calls all and then randomizes. Returns only one upstream.
-
-
-
-
Standard options
-
Here are the standard options specific to union (Union merges the contents of several upstream fs).
-
--union-upstreams
-
List of space separated upstreams.
-
Can be 'upstreama:test/dir upstreamb:', '"upstreama:test/space:ro dir" upstreamb:', etc.
This option is only useful when a path preserving policy is used.
+
--seafile-auth-token
+
Authentication token.
Properties:
-
Config: cache_time
-
Env Var: RCLONE_UNION_CACHE_TIME
-
Type: int
-
Default: 120
+
Config: auth_token
+
Env Var: RCLONE_SEAFILE_AUTH_TOKEN
+
Type: string
+
Required: false
-
WebDAV
-
Paths are specified as remote:path
-
Paths may be as deep as required, e.g. remote:directory/subdirectory.
-
Configuration
-
To configure the WebDAV remote you will need to have a URL for it, and a username and password. If you know what kind of system you are connecting to then rclone can enable extra features.
-
Here is an example of how to make a remote called remote. First run:
-
rclone config
-
This will guide you through an interactive setup process:
+
Advanced options
+
Here are the Advanced options specific to seafile (seafile).
+
--seafile-create-library
+
Should rclone create a library if it doesn't exist.
The SFTP backend can be used with a number of different providers:
+
+
Hetzner Storage Box
+
rsync.net
+
+
SFTP runs over SSH v2 and is installed as standard with most modern SSH installations.
+
Paths are specified as remote:path. If the path does not begin with a / it is relative to the home directory of the user. An empty path remote: refers to the user's home directory. For example, rclone lsd remote: would list the home directory of the user configured in the rclone remote config (i.e /home/sftpuser). However, rclone lsd remote:/ would list the root directory for remote machine (i.e. /)
+
Note that some SFTP servers will need the leading / - Synology is a good example of this. rsync.net and Hetzner, on the other hand, requires users to OMIT the leading /.
+
Note that by default rclone will try to execute shell commands on the server, see shell access considerations.
+
Configuration
+
Here is an example of making an SFTP configuration. First run
+
rclone config
+
This will guide you through an interactive setup process.
No remotes found, make a new one?
n) New remote
s) Set configuration password
@@ -23683,595 +26769,2224 @@
Configuration
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / Webdav
- \ "webdav"
+XX / SSH/SFTP
+ \ "sftp"
[snip]
-Storage> webdav
-URL of http host to connect to
+Storage> sftp
+SSH host to connect to
Choose a number from below, or type in your own value
1 / Connect to example.com
- \ "https://example.com"
-url> https://example.com/remote.php/webdav/
-Name of the Webdav site/service/software you are using
-Choose a number from below, or type in your own value
- 1 / Nextcloud
- \ "nextcloud"
- 2 / Owncloud
- \ "owncloud"
- 3 / Sharepoint Online, authenticated by Microsoft account.
- \ "sharepoint"
- 4 / Sharepoint with NTLM authentication. Usually self-hosted or on-premises.
- \ "sharepoint-ntlm"
- 5 / Other site/service or software
- \ "other"
-vendor> 1
-User name
-user> user
-Password.
+ \ "example.com"
+host> example.com
+SSH username
+Enter a string value. Press Enter for the default ("$USER").
+user> sftpuser
+SSH port number
+Enter a signed integer. Press Enter for the default (22).
+port>
+SSH password, leave blank to use ssh-agent.
y) Yes type in my own password
g) Generate random password
n) No leave this optional password blank
-y/g/n> y
-Enter the password:
-password:
-Confirm the password:
-password:
-Bearer token instead of user/pass (e.g. a Macaroon)
-bearer_token>
+y/g/n> n
+Path to unencrypted PEM-encoded private key file, leave blank to use ssh-agent.
+key_file>
Remote config
--------------------
[remote]
-type = webdav
-url = https://example.com/remote.php/webdav/
-vendor = nextcloud
-user = user
-pass = *** ENCRYPTED ***
-bearer_token =
+host = example.com
+user = sftpuser
+port =
+pass =
+key_file =
--------------------
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y
-
Once configured you can then use rclone like this,
-
List directories in top level of your WebDAV
+
This remote is called remote and can now be used like this:
+
See all directories in the home directory
rclone lsd remote:
-
List all the files in your WebDAV
-
rclone ls remote:
-
To copy a local directory to an WebDAV directory called backup
-
rclone copy /home/source remote:backup
-
Modified time and hashes
-
Plain WebDAV does not support modified times. However when used with Owncloud or Nextcloud rclone will support modified times.
-
Likewise plain WebDAV does not support hashes, however when used with Owncloud or Nextcloud rclone will support SHA1 and MD5 hashes. Depending on the exact version of Owncloud or Nextcloud hashes may appear on all objects, or only on objects which had a hash uploaded with them.
-
Standard options
-
Here are the standard options specific to webdav (Webdav).
-
--webdav-url
-
URL of http host to connect to.
-
E.g. https://example.com.
-
Properties:
-
-
Config: url
-
Env Var: RCLONE_WEBDAV_URL
-
Type: string
-
Required: true
-
-
--webdav-vendor
-
Name of the Webdav site/service/software you are using.
-
Properties:
-
-
Config: vendor
-
Env Var: RCLONE_WEBDAV_VENDOR
-
Type: string
-
Required: false
-
Examples:
-
-
"nextcloud"
-
-
Nextcloud
-
-
"owncloud"
-
-
Owncloud
-
-
"sharepoint"
-
-
Sharepoint Online, authenticated by Microsoft account
-
-
"sharepoint-ntlm"
-
-
Sharepoint with NTLM authentication, usually self-hosted or on-premises
-
-
"other"
+
See all directories in the root directory
+
rclone lsd remote:/
+
Make a new directory
+
rclone mkdir remote:path/to/directory
+
List the contents of a directory
+
rclone ls remote:path/to/directory
+
Sync /home/local/directory to the remote directory, deleting any excess files in the directory.
Mount the remote path /srv/www-data/ to the local path /mnt/www-data
+
rclone mount remote:/srv/www-data/ /mnt/www-data
+
SSH Authentication
+
The SFTP remote supports three authentication methods:
-
Other site/service or software
-
-
+
Password
+
Key file, including certificate signed keys
+
ssh-agent
-
--webdav-user
-
User name.
-
In case NTLM authentication is used, the username should be in the format 'Domain'.
+
Key files should be PEM-encoded private key files. For instance /home/$USER/.ssh/id_rsa. Only unencrypted OpenSSH or PEM encrypted files are supported.
+
The key file can be specified in either an external file (key_file) or contained within the rclone config file (key_pem). If using key_pem in the config file, the entry should be on a single line with new line ('' or '') separating lines. i.e.
This will generate it correctly for key_pem for use in the config:
+
awk '{printf "%s\\n", $0}' < ~/.ssh/id_rsa
+
If you don't specify pass, key_file, or key_pem or ask_password then rclone will attempt to contact an ssh-agent. You can also specify key_use_agent to force the usage of an ssh-agent. In this case key_file or key_pem can also be specified to force the usage of a specific key in the ssh-agent.
+
Using an ssh-agent is the only way to load encrypted OpenSSH keys at the moment.
+
If you set the ask_password option, rclone will prompt for a password when needed and no password has been configured.
+
Certificate-signed keys
+
With traditional key-based authentication, you configure your private key only, and the public key built into it will be used during the authentication process.
+
If you have a certificate you may use it to sign your public key, creating a separate SSH user certificate that should be used instead of the plain public key extracted from the private key. Then you must provide the path to the user certificate public key file in pubkey_file.
+
Note: This is not the traditional public key paired with your private key, typically saved as /home/$USER/.ssh/id_rsa.pub. Setting this path in pubkey_file will not work.
If you concatenate a cert with a private key then you can specify the merged file in both places.
+
Note: the cert must come first in the file. e.g.
+
cat id_rsa-cert.pub id_rsa > merged_key
+
Host key validation
+
By default rclone will not check the server's host key for validation. This can allow an attacker to replace a server with their own and if you use password authentication then this can lead to that password being exposed.
+
Host key matching, using standard known_hosts files can be turned on by enabling the known_hosts_file option. This can point to the file maintained by OpenSSH or can point to a unique file.
rclone will not manage this file for you. If the key is missing or wrong then the connection will be refused.
+
If the server is set up for a certificate host key then the entry in the known_hosts file must be the @cert-authority entry for the CA
+
+
If the host key provided by the server does not match the one in the file (or is missing) then the connection will be aborted and an error returned such as
NewFs: couldn't connect SSH: ssh: handshake failed: ssh: no authorities for hostname: example.com:22
+
then it is likely the server has presented a CA signed host certificate and you will need to add the appropriate @cert-authority entry.
+
The known_hosts_file setting can be set during rclone config as an advanced option.
+
ssh-agent on macOS
+
Note that there seem to be various problems with using an ssh-agent on macOS due to recent changes in the OS. The most effective work-around seems to be to start an ssh-agent in each session, e.g.
+
eval `ssh-agent -s` && ssh-add -A
+
And then at the end of the session
+
eval `ssh-agent -k`
+
These commands can be used in scripts of course.
+
Shell access
+
Some functionality of the SFTP backend relies on remote shell access, and the possibility to execute commands. This includes checksum, and in some cases also about. The shell commands that must be executed may be different on different type of shells, and also quoting/escaping of file path arguments containing special characters may be different. Rclone therefore needs to know what type of shell it is, and if shell access is available at all.
+
Most servers run on some version of Unix, and then a basic Unix shell can be assumed, without further distinction. Windows 10, Server 2019, and later can also run a SSH server, which is a port of OpenSSH (see official installation guide). On a Windows server the shell handling is different: Although it can also be set up to use a Unix type shell, e.g. Cygwin bash, the default is to use Windows Command Prompt (cmd.exe), and PowerShell is a recommended alternative. All of these have behave differently, which rclone must handle.
+
Rclone tries to auto-detect what type of shell is used on the server, first time you access the SFTP remote. If a remote shell session is successfully created, it will look for indications that it is CMD or PowerShell, with fall-back to Unix if not something else is detected. If unable to even create a remote shell session, then shell command execution will be disabled entirely. The result is stored in the SFTP remote configuration, in option shell_type, so that the auto-detection only have to be performed once. If you manually set a value for this option before first run, the auto-detection will be skipped, and if you set a different value later this will override any existing. Value none can be set to avoid any attempts at executing shell commands, e.g. if this is not allowed on the server.
+
When the server is rclone serve sftp, the rclone SFTP remote will detect this as a Unix type shell - even if it is running on Windows. This server does not actually have a shell, but it accepts input commands matching the specific ones that the SFTP backend relies on for Unix shells, e.g. md5sum and df. Also it handles the string escape rules used for Unix shell. Treating it as a Unix type shell from a SFTP remote will therefore always be correct, and support all features.
+
Shell access considerations
+
The shell type auto-detection logic, described above, means that by default rclone will try to run a shell command the first time a new sftp remote is accessed. If you configure a sftp remote without a config file, e.g. an on the fly remote, rclone will have nowhere to store the result, and it will re-run the command on every access. To avoid this you should explicitly set the shell_type option to the correct value, or to none if you want to prevent rclone from executing any remote shell commands.
+
It is also important to note that, since the shell type decides how quoting and escaping of file paths used as command-line arguments are performed, configuring the wrong shell type may leave you exposed to command injection exploits. Make sure to confirm the auto-detected shell type, or explicitly set the shell type you know is correct, or disable shell access until you know.
+
Checksum
+
SFTP does not natively support checksums (file hash), but rclone is able to use checksumming if the same login has shell access, and can execute remote commands. If there is a command that can calculate compatible checksums on the remote system, Rclone can then be configured to execute this whenever a checksum is needed, and read back the results. Currently MD5 and SHA-1 are supported.
+
Normally this requires an external utility being available on the server. By default rclone will try commands md5sum, md5 and rclone md5sum for MD5 checksums, and the first one found usable will be picked. Same with sha1sum, sha1 and rclone sha1sum commands for SHA-1 checksums. These utilities normally need to be in the remote's PATH to be found.
+
In some cases the shell itself is capable of calculating checksums. PowerShell is an example of such a shell. If rclone detects that the remote shell is PowerShell, which means it most probably is a Windows OpenSSH server, rclone will use a predefined script block to produce the checksums when no external checksum commands are found (see shell access). This assumes PowerShell version 4.0 or newer.
+
The options md5sum_command and sha1_command can be used to customize the command to be executed for calculation of checksums. You can for example set a specific path to where md5sum and sha1sum executables are located, or use them to specify some other tools that print checksums in compatible format. The value can include command-line arguments, or even shell script blocks as with PowerShell. Rclone has subcommands md5sum and sha1sum that use compatible format, which means if you have an rclone executable on the server it can be used. As mentioned above, they will be automatically picked up if found in PATH, but if not you can set something like /path/to/rclone md5sum as the value of option md5sum_command to make sure a specific executable is used.
+
Remote checksumming is recommended and enabled by default. First time rclone is using a SFTP remote, if options md5sum_command or sha1_command are not set, it will check if any of the default commands for each of them, as described above, can be used. The result will be saved in the remote configuration, so next time it will use the same. Value none will be set if none of the default commands could be used for a specific algorithm, and this algorithm will not be supported by the remote.
+
Disabling the checksumming may be required if you are connecting to SFTP servers which are not under your control, and to which the execution of remote shell commands is prohibited. Set the configuration option disable_hashcheck to true to disable checksumming entirely, or set shell_type to none to disable all functionality based on remote shell command execution.
+
Modified time
+
Modified times are stored on the server to 1 second precision.
+
Modified times are used in syncing and are fully supported.
+
Some SFTP servers disable setting/modifying the file modification time after upload (for example, certain configurations of ProFTPd with mod_sftp). If you are using one of these servers, you can set the option set_modtime = false in your RClone backend configuration to disable this behaviour.
+
About command
+
The about command returns the total space, free space, and used space on the remote for the disk of the specified path on the remote or, if not set, the disk of the root on the remote.
+
SFTP usually supports the about command, but it depends on the server. If the server implements the vendor-specific VFS statistics extension, which is normally the case with OpenSSH instances, it will be used. If not, but the same login has access to a Unix shell, where the df command is available (e.g. in the remote's PATH), then this will be used instead. If the server shell is PowerShell, probably with a Windows OpenSSH server, rclone will use a built-in shell command (see shell access). If none of the above is applicable, about will fail.
+
Standard options
+
Here are the Standard options specific to sftp (SSH/SFTP).
Default encoding is Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,Hash,Percent,BackSlash,Del,Ctl,LeftSpace,LeftTilde,RightSpace,RightPeriod,InvalidUtf8 for sharepoint-ntlm or identity otherwise.
+
--sftp-key-file-pass
+
The passphrase to decrypt the PEM-encoded private key file.
+
Only PEM encrypted key files (old OpenSSH format) are supported. Encrypted keys in the new OpenSSH format can't be used.
Use this to set additional HTTP headers for all transactions
-
The input format is comma separated list of key,value pairs. Standard CSV encoding may be used.
-
For example, to set a Cookie use 'Cookie,name=value', or '"Cookie","name=value"'.
-
You can set multiple headers, e.g. '"Cookie","name=value","Authorization","xxx"'.
+
--sftp-pubkey-file
+
Optional path to public key file.
+
Set this if you have a signed certificate you want to use for authentication.
+
Leading ~ will be expanded in the file name as will environment variables such as ${RCLONE_CONFIG_DIR}.
Properties:
-
Config: headers
-
Env Var: RCLONE_WEBDAV_HEADERS
-
Type: CommaSepList
-
Default:
+
Config: pubkey_file
+
Env Var: RCLONE_SFTP_PUBKEY_FILE
+
Type: string
+
Required: false
-
Provider notes
-
See below for notes on specific providers.
-
Owncloud
-
Click on the settings cog in the bottom right of the page and this will show the WebDAV URL that rclone needs in the config step. It will look something like https://example.com/remote.php/webdav/.
-
Owncloud supports modified times using the X-OC-Mtime header.
-
Nextcloud
-
This is configured in an identical way to Owncloud. Note that Nextcloud initially did not support streaming of files (rcat) whereas Owncloud did, but this seems to be fixed as of 2020-11-27 (tested with rclone v1.53.1 and Nextcloud Server v19).
-
Sharepoint Online
-
Rclone can be used with Sharepoint provided by OneDrive for Business or Office365 Education Accounts. This feature is only needed for a few of these Accounts, mostly Office365 Education ones. These accounts are sometimes not verified by the domain owner github#1975
-
This means that these accounts can't be added using the official API (other Accounts should work with the "onedrive" option). However, it is possible to access them using webdav.
-
To use a sharepoint remote with rclone, add it like this: First, you need to get your remote's URL:
+
--sftp-key-use-agent
+
When set forces the usage of the ssh-agent.
+
When key-file is also set, the ".pub" file of the specified key-file is read and only the associated key is requested from the ssh-agent. This allows to avoid Too many authentication failures for *username* errors when the ssh-agent contains many keys.
Now take a look at your address bar, the URL should look like this: https://[YOUR-DOMAIN]-my.sharepoint.com/personal/[YOUR-EMAIL]/_layouts/15/onedrive.aspx
+
Config: key_use_agent
+
Env Var: RCLONE_SFTP_KEY_USE_AGENT
+
Type: bool
+
Default: false
-
You'll only need this URL up to the email address. After that, you'll most likely want to add "/Documents". That subdirectory contains the actual data stored on your OneDrive.
-
Add the remote to rclone like this: Configure the url as https://[YOUR-DOMAIN]-my.sharepoint.com/personal/[YOUR-EMAIL]/Documents and use your normal account email and password for user and pass. If you have 2FA enabled, you have to generate an app password. Set the vendor to sharepoint.
Use this option in case your (hosted) Sharepoint is not tied to OneDrive accounts and uses NTLM authentication.
-
To get the url configuration, similarly to the above, first navigate to the desired directory in your browser to get the URL, then strip everything after the name of the opened directory.
-
Example: If the URL is: https://example.sharepoint.com/sites/12345/Documents/Forms/AllItems.aspx
-
The configuration to use would be: https://example.sharepoint.com/sites/12345/Documents
-
Set the vendor to sharepoint-ntlm.
-
NTLM uses domain and user name combination for authentication, set user to DOMAIN\username.
As SharePoint does some special things with uploaded documents, you won't be able to use the documents size or the documents hash to compare if a file has been changed since the upload / which file is newer.
-
For Rclone calls copying files (especially Office files such as .docx, .xlsx, etc.) from/to SharePoint (like copy, sync, etc.), you should append these flags to ensure Rclone uses the "Last Modified" datetime property to compare your documents:
-
--ignore-size --ignore-checksum --update
-
dCache
-
dCache is a storage system that supports many protocols and authentication/authorisation schemes. For WebDAV clients, it allows users to authenticate with username and password (BASIC), X.509, Kerberos, and various bearer tokens, including Macaroons and OpenID-Connect access tokens.
-
Configure as normal using the other type. Don't enter a username or password, instead enter your Macaroon as the bearer_token.
-
The config will end up looking something like this.
There is a script that obtains a Macaroon from a dCache WebDAV endpoint, and creates an rclone config file.
-
Macaroons may also be obtained from the dCacheView web-browser/JavaScript client that comes with dCache.
-
OpenID-Connect
-
dCache also supports authenticating with OpenID-Connect access tokens. OpenID-Connect is a protocol (based on OAuth 2.0) that allows services to identify users who have authenticated with some central service.
-
Support for OpenID-Connect in rclone is currently achieved using another software package called oidc-agent. This is a command-line tool that facilitates obtaining an access token. Once installed and configured, an access token is obtained by running the oidc-token command. The following example shows a (shortened) access token obtained from the XDC OIDC Provider.
Note Before the oidc-token command will work, the refresh token must be loaded into the oidc agent. This is done with the oidc-add command (e.g., oidc-add XDC). This is typically done once per login session. Full details on this and how to register oidc-agent with your OIDC Provider are provided in the oidc-agent documentation.
-
The rclone bearer_token_command configuration option is used to fetch the access token from oidc-agent.
-
Configure as a normal WebDAV endpoint, using the 'other' vendor, leaving the username and password empty. When prompted, choose to edit the advanced config and enter the command to get a bearer token (e.g., oidc-agent XDC).
-
The following example config shows a WebDAV endpoint that uses oidc-agent to supply an access token from the XDC OIDC Provider.
Here is an example of making a yandex configuration. First run
-
rclone config
-
This will guide you through an interactive setup process:
-
No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-n/s> n
-name> remote
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Yandex Disk
- \ "yandex"
-[snip]
-Storage> yandex
-Yandex Client Id - leave blank normally.
-client_id>
-Yandex Client Secret - leave blank normally.
-client_secret>
-Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
---------------------
-[remote]
-client_id =
-client_secret =
-token = {"access_token":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","token_type":"OAuth","expiry":"2016-12-29T12:27:11.362788025Z"}
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-
See the remote setup docs for how to set it up on a machine with no Internet browser available.
-
Note that rclone runs a webserver on your local machine to collect the token as returned from Yandex Disk. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this it may require you to unblock it temporarily if you are running a host firewall.
-
Once configured you can then use rclone like this,
-
See top level directories
-
rclone lsd remote:
-
Make a new directory
-
rclone mkdir remote:directory
-
List the contents of a directory
-
rclone ls remote:directory
-
Sync /home/local/directory to the remote path, deleting any excess files in the path.
Yandex paths may be as deep as required, e.g. remote:directory/subdirectory.
-
Modified time
-
Modified times are supported and are stored accurate to 1 ns in custom metadata called rclone_modified in RFC3339 with nanoseconds format.
-
MD5 checksums
-
MD5 checksums are natively supported by Yandex Disk.
-
Emptying Trash
-
If you wish to empty your trash you can use the rclone cleanup remote: command which will permanently delete all your trashed files. This command does not take any path arguments.
-
Quota information
-
To view your current quota you can use the rclone about remote: command which will display your usage limit (quota) and the current usage.
When uploading very large files (bigger than about 5 GiB) you will need to increase the --timeout parameter. This is because Yandex pauses (perhaps to calculate the MD5SUM for the entire file) before returning confirmation that the file has been uploaded. The default handling of timeouts in rclone is to assume a 5 minute pause is an error and close the connection - you'll see net/http: timeout awaiting response headers errors in the logs if this is happening. Setting the timeout to twice the max size of file in GiB should be enough, so if you want to upload a 30 GiB file set a timeout of 2 * 30 = 60m, that is --timeout 60m.
-
Having a Yandex Mail account is mandatory to use the Yandex.Disk subscription. Token generation will work without a mail account, but Rclone won't be able to complete any actions.
-
[403 - DiskUnsupportedUserAccountTypeError] User account type is not supported.
Here is an example of making a zoho configuration. First run
-
rclone config
-
This will guide you through an interactive setup process:
-
No remotes found, make a new one?
-n) New remote
-s) Set configuration password
-n/s> n
-name> remote
-Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
-[snip]
-XX / Zoho
- \ "zoho"
-[snip]
-Storage> zoho
-** See help for zoho backend at: https://rclone.org/zoho/ **
-
-OAuth Client Id
-Leave blank normally.
-Enter a string value. Press Enter for the default ("").
-client_id>
-OAuth Client Secret
-Leave blank normally.
-Enter a string value. Press Enter for the default ("").
-client_secret>
-Edit advanced config? (y/n)
-y) Yes
-n) No (default)
-y/n> n
-Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
-y) Yes (default)
-n) No
-y/n>
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth?state=LVn0IHzxej1ZkmQw31d0wQ
-Log in and authorize rclone for access
-Waiting for code...
-Got code
-Choose a number from below, or type in your own value
- 1 / MyTeam
- \ "4u28602177065ff22426787a6745dba8954eb"
-Enter a Team ID> 1
-Choose a number from below, or type in your own value
- 1 / General
- \ "4u2869d2aa6fca04f4f2f896b6539243b85b1"
-Enter a Workspace ID> 1
---------------------
-[remote]
-type = zoho
-token = {"access_token":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","token_type":"Zoho-oauthtoken","refresh_token":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","expiry":"2020-10-12T00:54:52.370275223+02:00"}
-root_folder_id = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
---------------------
-y) Yes this is OK (default)
-e) Edit this remote
-d) Delete this remote
-y/e/d>
-
See the remote setup docs for how to set it up on a machine with no Internet browser available.
-
Rclone runs a webserver on your local computer to collect the authorization token from Zoho Workdrive. This is only from the moment your browser is opened until the token is returned. The webserver runs on http://127.0.0.1:53682/. If local port 53682 is protected by a firewall you may need to temporarily unblock the firewall to complete authorization.
-
Once configured you can then use rclone like this,
-
See top level directories
-
rclone lsd remote:
-
Make a new directory
-
rclone mkdir remote:directory
-
List the contents of a directory
-
rclone ls remote:directory
-
Sync /home/local/directory to the remote path, deleting any excess files in the path.
Zoho paths may be as deep as required, eg remote:directory/subdirectory.
-
Modified time
-
Modified times are currently not supported for Zoho Workdrive
-
Checksums
-
No checksums are supported.
-
Usage information
-
To view your current quota you can use the rclone about remote: command which will display your current usage.
-
Restricted filename characters
-
Only control characters and invalid UTF-8 are replaced. In addition most Unicode full-width characters are not supported at all and will be removed from filenames during upload.
-
Standard options
-
Here are the standard options specific to zoho (Zoho).
-
--zoho-client-id
-
OAuth Client Id.
-
Leave blank normally.
+
--sftp-path-override
+
Override path used by SSH shell commands.
+
This allows checksum calculation when SFTP and SSH paths are different. This issue affects among others Synology NAS boxes.
+
E.g. if shared folders can be found in directories representing volumes:
You'll have to use the region your organization is registered in. If not sure use the same top level domain as you connect to in your browser.
+
--sftp-shell-type
+
The type of SSH shell on remote server, if any.
+
Leave blank for autodetect.
Properties:
-
Config: region
-
Env Var: RCLONE_ZOHO_REGION
+
Config: shell_type
+
Env Var: RCLONE_SFTP_SHELL_TYPE
Type: string
Required: false
Examples:
-
"com"
+
"none"
-
United states / Global
+
No shell access
-
"eu"
+
"unix"
-
Europe
+
Unix shell
-
"in"
+
"powershell"
-
India
+
PowerShell
-
"com.au"
+
"cmd"
-
Australia
+
Windows Command Prompt
-
Advanced options
-
Here are the advanced options specific to zoho (Zoho).
-
--zoho-token
-
OAuth Access Token as a JSON blob.
+
--sftp-md5sum-command
+
The command used to read md5 hashes.
+
Leave blank for autodetect.
Properties:
-
Config: token
-
Env Var: RCLONE_ZOHO_TOKEN
-
Type: string
+
Config: md5sum_command
+
Env Var: RCLONE_SFTP_MD5SUM_COMMAND
+
Type: string
Required: false
-
--zoho-auth-url
-
Auth server URL.
-
Leave blank to use the provider defaults.
+
--sftp-sha1sum-command
+
The command used to read sha1 hashes.
+
Leave blank for autodetect.
Properties:
-
Config: auth_url
-
Env Var: RCLONE_ZOHO_AUTH_URL
+
Config: sha1sum_command
+
Env Var: RCLONE_SFTP_SHA1SUM_COMMAND
Type: string
Required: false
-
--zoho-token-url
-
Token server url.
-
Leave blank to use the provider defaults.
+
--sftp-skip-links
+
Set to skip any symlinks and any other non regular files.
Properties:
-
Config: token_url
-
Env Var: RCLONE_ZOHO_TOKEN_URL
+
Config: skip_links
+
Env Var: RCLONE_SFTP_SKIP_LINKS
+
Type: bool
+
Default: false
+
+
--sftp-subsystem
+
Specifies the SSH2 subsystem on the remote host.
+
Properties:
+
+
Config: subsystem
+
Env Var: RCLONE_SFTP_SUBSYSTEM
+
Type: string
+
Default: "sftp"
+
+
--sftp-server-command
+
Specifies the path or command to run a sftp server on the remote host.
+
The subsystem option is ignored when server_command is defined.
+
Properties:
+
+
Config: server_command
+
Env Var: RCLONE_SFTP_SERVER_COMMAND
Type: string
Required: false
-
--zoho-encoding
+
--sftp-use-fstat
+
If set use fstat instead of stat.
+
Some servers limit the amount of open files and calling Stat after opening the file will throw an error from the server. Setting this flag will call Fstat instead of Stat which is called on an already open file handle.
+
It has been found that this helps with IBM Sterling SFTP servers which have "extractability" level set to 1 which means only 1 file can be opened at any given time.
+
Properties:
+
+
Config: use_fstat
+
Env Var: RCLONE_SFTP_USE_FSTAT
+
Type: bool
+
Default: false
+
+
--sftp-disable-concurrent-reads
+
If set don't use concurrent reads.
+
Normally concurrent reads are safe to use and not using them will degrade performance, so this option is disabled by default.
+
Some servers limit the amount number of times a file can be downloaded. Using concurrent reads can trigger this limit, so if you have a server which returns
+
Failed to copy: file does not exist
+
Then you may need to enable this flag.
+
If concurrent reads are disabled, the use_fstat option is ignored.
+
Properties:
+
+
Config: disable_concurrent_reads
+
Env Var: RCLONE_SFTP_DISABLE_CONCURRENT_READS
+
Type: bool
+
Default: false
+
+
--sftp-disable-concurrent-writes
+
If set don't use concurrent writes.
+
Normally rclone uses concurrent writes to upload files. This improves the performance greatly, especially for distant servers.
+
This option disables concurrent writes should that be necessary.
+
Properties:
+
+
Config: disable_concurrent_writes
+
Env Var: RCLONE_SFTP_DISABLE_CONCURRENT_WRITES
+
Type: bool
+
Default: false
+
+
--sftp-idle-timeout
+
Max time before closing idle connections.
+
If no connections have been returned to the connection pool in the time given, rclone will empty the connection pool.
+
Set to 0 to keep connections indefinitely.
+
Properties:
+
+
Config: idle_timeout
+
Env Var: RCLONE_SFTP_IDLE_TIMEOUT
+
Type: Duration
+
Default: 1m0s
+
+
--sftp-chunk-size
+
Upload and download chunk size.
+
This controls the maximum size of payload in SFTP protocol packets. The RFC limits this to 32768 bytes (32k), which is the default. However, a lot of servers support larger sizes, typically limited to a maximum total package size of 256k, and setting it larger will increase transfer speed dramatically on high latency links. This includes OpenSSH, and, for example, using the value of 255k works well, leaving plenty of room for overhead while still being within a total packet size of 256k.
+
Make sure to test thoroughly before using a value higher than 32k, and only use it if you always connect to the same server or after sufficiently broad testing. If you get errors such as "failed to send packet payload: EOF", lots of "connection lost", or "corrupted on transfer", when copying a larger file, try lowering the value. The server run by rclone serve sftp sends packets with standard 32k maximum payload so you must not set a different chunk_size when downloading files, but it accepts packets up to the 256k total size, so for uploads the chunk_size can be set as for the OpenSSH example above.
+
Properties:
+
+
Config: chunk_size
+
Env Var: RCLONE_SFTP_CHUNK_SIZE
+
Type: SizeSuffix
+
Default: 32Ki
+
+
--sftp-concurrency
+
The maximum number of outstanding requests for one file
+
This controls the maximum number of outstanding requests for one file. Increasing it will increase throughput on high latency links at the cost of using more memory.
+
Properties:
+
+
Config: concurrency
+
Env Var: RCLONE_SFTP_CONCURRENCY
+
Type: int
+
Default: 64
+
+
--sftp-set-env
+
Environment variables to pass to sftp and commands
+
Set environment variables in the form:
+
VAR=value
+
to be passed to the sftp client and to any commands run (eg md5sum).
+
Pass multiple variables space separated, eg
+
VAR1=value VAR2=value
+
and pass variables with spaces in in quotes, eg
+
"VAR3=value with space" "VAR4=value with space" VAR5=nospacehere
+
Properties:
+
+
Config: set_env
+
Env Var: RCLONE_SFTP_SET_ENV
+
Type: SpaceSepList
+
Default:
+
+
--sftp-ciphers
+
Space separated list of ciphers to be used for session encryption, ordered by preference.
+
At least one must match with server configuration. This can be checked for example using ssh -Q cipher.
+
This must not be set if use_insecure_cipher is true.
On some SFTP servers (e.g. Synology) the paths are different for SSH and SFTP so the hashes can't be calculated properly. For them using disable_hashcheck is a good idea.
+
The only ssh agent supported under Windows is Putty's pageant.
+
The Go SSH library disables the use of the aes128-cbc cipher by default, due to security concerns. This can be re-enabled on a per-connection basis by setting the use_insecure_cipher setting in the configuration file to true. Further details on the insecurity of this cipher can be found in this paper.
+
SFTP isn't supported under plan9 until this issue is fixed.
+
Note that since SFTP isn't HTTP based the following flags don't work with it: --dump-headers, --dump-bodies, --dump-auth.
+
Note that --timeout and --contimeout are both supported.
This relies on go-smb2 library for communication with SMB protocol.
+
Paths are specified as remote:sharename (or remote: for the lsd command.) You may put subdirectories in too, e.g. remote:item/path/to/dir.
+
Notes
+
The first path segment must be the name of the share, which you entered when you started to share on Windows. On smbd, it's the section title in smb.conf (usually in /etc/samba/) file. You can find shares by quering the root if you're unsure (e.g. rclone lsd remote:).
+
You can't access to the shared printers from rclone, obviously.
+
You can't use Anonymous access for logging in. You have to use the guest user with an empty password instead. The rclone client tries to avoid 8.3 names when uploading files by encoding trailing spaces and periods. Alternatively, the local backend on Windows can access SMB servers using UNC paths, by \\server\share. This doesn't apply to non-Windows OSes, such as Linux and macOS.
+
Configuration
+
Here is an example of making a SMB configuration.
+
First run
+
rclone config
+
This will guide you through an interactive setup process.
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> remote
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+XX / SMB / CIFS
+ \ (smb)
+Storage> smb
+
+Option host.
+Samba hostname to connect to.
+E.g. "example.com".
+Enter a value.
+host> localhost
+
+Option user.
+Samba username.
+Enter a string value. Press Enter for the default (lesmi).
+user> guest
+
+Option port.
+Samba port number.
+Enter a signed integer. Press Enter for the default (445).
+port>
+
+Option pass.
+Samba password.
+Choose an alternative below. Press Enter for the default (n).
+y) Yes, type in my own password
+g) Generate random password
+n) No, leave this optional password blank (default)
+y/g/n> g
+Password strength in bits.
+64 is just about memorable
+128 is secure
+1024 is the maximum
+Bits> 64
+Your password is: XXXX
+Use this password? Please note that an obscured version of this
+password (and not the password itself) will be stored under your
+configuration file, so keep this generated password in a safe place.
+y) Yes (default)
+n) No
+y/n> y
+
+Option domain.
+Domain name for NTLM authentication.
+Enter a string value. Press Enter for the default (WORKGROUP).
+domain>
+
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> n
+
+Configuration complete.
+Options:
+- type: samba
+- host: localhost
+- user: guest
+- pass: *** ENCRYPTED ***
+Keep this "remote" remote?
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> d
+
Standard options
+
Here are the Standard options specific to smb (SMB / CIFS).
Local paths are specified as normal filesystem paths, e.g. /path/to/wherever, so
-
rclone sync -i /home/source /tmp/destination
-
Will sync /home/source to /tmp/destination.
-
Configuration
-
For consistencies sake one can also configure a remote of type local in the config file, and access the local filesystem using rclone remote paths, e.g. remote:path/to/wherever, but it is probably easier not to.
-
Modified time
-
Rclone reads and writes the modified time using an accuracy determined by the OS. Typically this is 1ns on Linux, 10 ns on Windows and 1 Second on OS X.
-
Filenames
-
Filenames should be encoded in UTF-8 on disk. This is the normal case for Windows and OS X.
-
There is a bit more uncertainty in the Linux world, but new distributions will have UTF-8 encoded files names. If you are using an old Linux filesystem with non UTF-8 file names (e.g. latin1) then you can use the convmv tool to convert the filesystem to UTF-8. This tool is available in most distributions' package managers.
-
If an invalid (non-UTF8) filename is read, the invalid characters will be replaced with a quoted representation of the invalid bytes. The name gro\xdf will be transferred as gro‛DF. rclone will emit a debug message in this case (use -v to see), e.g.
-
Local file system at .: Replacing invalid UTF-8 characters in "gro\xdf"
-
Restricted characters
-
With the local backend, restrictions on the characters that are usable in file or directory names depend on the operating system. To check what rclone will replace by default on your system, run rclone help flags local-encoding.
-
On non Windows platforms the following characters are replaced when handling file names.
-
-
-
-
Character
-
Value
-
Replacement
-
-
-
-
-
NUL
-
0x00
-
␀
-
-
-
/
-
0x2F
-
/
-
-
+
Storj
+
Storj is an encrypted, secure, and cost-effective object storage service that enables you to store, back up, and archive large amounts of data in a decentralized manner.
Use this backend to take advantage of client-side encryption as well as to achieve the best possible download performance. Uploads will be erasure-coded locally, thus a 1gb upload will result in 2.68gb of data being uploaded to storage nodes across the network.
+
Use the s3 backend and one of the S3 compatible Hosted Gateways to increase upload performance and reduce the load on your systems and network. Uploads will be encrypted and erasure-coded server-side, thus a 1GB upload will result in only in 1GB of data being uploaded to storage nodes across the network.
+
Side by side comparison with more details:
+
+
Characteristics:
+
+
Storj backend: Uses native RPC protocol, connects directly to the storage nodes which hosts the data. Requires more CPU resource of encoding/decoding and has network amplification (especially during the upload), uses lots of TCP connections
+
S3 backend: Uses S3 compatible HTTP Rest API via the shared gateways. There is no network amplification, but performance depends on the shared gateways and the secret encryption key is shared with the gateway.
+
+
Typical usage:
+
+
Storj backend: Server environments and desktops with enough resources, internet speed and connectivity - and applications where storjs client-side encryption is required.
+
S3 backend: Desktops and similar with limited resources, internet speed or connectivity.
+
+
Security:
+
+
Storj backend: strong. Private encryption key doesn't need to leave the local computer.
+
S3 backend: weaker. Private encryption key is shared with the authentication service of the hosted gateway, where it's stored encrypted. It can be stronger when combining with the rclone crypt backend.
+
+
Bandwidth usage (upload):
+
+
Storj backend: higher. As data is erasure coded on the client side both the original data and the parities should be uploaded. About ~2.7 times more data is required to be uploaded. Client may start to upload with even higher number of nodes (~3.7 times more) and abandon/stop the slow uploads.
+
S3 backend: normal. Only the raw data is uploaded, erasure coding happens on the gateway.
+
+
Bandwidth usage (download)
+
+
Storj backend: almost normal. Only the minimal number of data is required, but to avoid very slow data providers a few more sources are used and the slowest are ignored (max 1.2x overhead).
+
S3 backend: normal. Only the raw data is downloaded, erasure coding happens on the shared gateway.
+
+
CPU usage:
+
+
Storj backend: higher, but more predictable. Erasure code and encryption/decryption happens locally which requires significant CPU usage.
+
S3 backend: less. Erasure code and encryption/decryption happens on shared s3 gateways (and as is, it depends on the current load on the gateways)
+
+
TCP connection usage:
+
+
Storj backend: high. A direct connection is required to each of the Storj nodes resulting in 110 connections on upload and 35 on download per 64 MB segment. Not all the connections are actively used (slow ones are pruned), but they are all opened. Adjusting the max open file limit may be required.
+
S3 backend: normal. Only one connection per download/upload thread is required to the shared gateway.
+
+
Overall performance:
+
+
Storj backend: with enough resources (CPU and bandwidth) storj backend can provide even 2x better performance. Data is directly downloaded to / uploaded from to the client instead of the gateway.
+
S3 backend: Can be faster on edge devices where CPU and network bandwidth is limited as the shared S3 compatible gateways take care about the encrypting/decryption and erasure coding and no download/upload amplification.
+
+
Decentralization:
+
+
Storj backend: high. Data is downloaded directly from the distributed cloud of storage providers.
+
S3 backend: low. Requires a running S3 gateway (either self-hosted or Storj-hosted).
+
+
Limitations:
+
+
Storj backend: rclone checksum is not possible without download, as checksum metadata is not calculated during upload
+
S3 backend: secret encryption key is shared with the gateway
+
+
+
Configuration
+
To make a new Storj configuration you need one of the following: * Access Grant that someone else shared with you. * API Key of a Storj project you are a member of.
+
Here is an example of how to make a remote called remote. First run:
+
rclone config
+
This will guide you through an interactive setup process:
+
Setup with access grant
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> remote
+Type of storage to configure.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+[snip]
+XX / Storj Decentralized Cloud Storage
+ \ "storj"
+[snip]
+Storage> storj
+** See help for storj backend at: https://rclone.org/storj/ **
+
+Choose an authentication method.
+Enter a string value. Press Enter for the default ("existing").
+Choose a number from below, or type in your own value
+ 1 / Use an existing access grant.
+ \ "existing"
+ 2 / Create a new access grant from satellite address, API key, and passphrase.
+ \ "new"
+provider> existing
+Access Grant.
+Enter a string value. Press Enter for the default ("").
+access_grant> your-access-grant-received-by-someone-else
+Remote config
+--------------------
+[remote]
+type = storj
+access_grant = your-access-grant-received-by-someone-else
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
Setup with API key and passphrase
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> remote
+Type of storage to configure.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+[snip]
+XX / Storj Decentralized Cloud Storage
+ \ "storj"
+[snip]
+Storage> storj
+** See help for storj backend at: https://rclone.org/storj/ **
+
+Choose an authentication method.
+Enter a string value. Press Enter for the default ("existing").
+Choose a number from below, or type in your own value
+ 1 / Use an existing access grant.
+ \ "existing"
+ 2 / Create a new access grant from satellite address, API key, and passphrase.
+ \ "new"
+provider> new
+Satellite Address. Custom satellite address should match the format: `<nodeid>@<address>:<port>`.
+Enter a string value. Press Enter for the default ("us-central-1.storj.io").
+Choose a number from below, or type in your own value
+ 1 / US Central 1
+ \ "us-central-1.storj.io"
+ 2 / Europe West 1
+ \ "europe-west-1.storj.io"
+ 3 / Asia East 1
+ \ "asia-east-1.storj.io"
+satellite_address> 1
+API Key.
+Enter a string value. Press Enter for the default ("").
+api_key> your-api-key-for-your-storj-project
+Encryption Passphrase. To access existing objects enter passphrase used for uploading.
+Enter a string value. Press Enter for the default ("").
+passphrase> your-human-readable-encryption-passphrase
+Remote config
+--------------------
+[remote]
+type = storj
+satellite_address = 12EayRS2V1kEsWESU9QMRseFhdxYxKicsiFmxrsLZHeLUtdps3S@us-central-1.tardigrade.io:7777
+api_key = your-api-key-for-your-storj-project
+passphrase = your-human-readable-encryption-passphrase
+access_grant = the-access-grant-generated-from-the-api-key-and-passphrase
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
Standard options
+
Here are the Standard options specific to storj (Storj Decentralized Cloud Storage).
+
--storj-provider
+
Choose an authentication method.
+
Properties:
+
+
Config: provider
+
Env Var: RCLONE_STORJ_PROVIDER
+
Type: string
+
Default: "existing"
+
Examples:
+
+
"existing"
+
+
Use an existing access grant.
+
+
"new"
+
+
Create a new access grant from satellite address, API key, and passphrase.
+
+
+
+
--storj-access-grant
+
Access grant.
+
Properties:
+
+
Config: access_grant
+
Env Var: RCLONE_STORJ_ACCESS_GRANT
+
Provider: existing
+
Type: string
+
Required: false
+
+
--storj-satellite-address
+
Satellite address.
+
Custom satellite address should match the format: <nodeid>@<address>:<port>.
+
Properties:
+
+
Config: satellite_address
+
Env Var: RCLONE_STORJ_SATELLITE_ADDRESS
+
Provider: new
+
Type: string
+
Default: "us-central-1.storj.io"
+
Examples:
+
+
"us-central-1.storj.io"
+
+
US Central 1
+
+
"europe-west-1.storj.io"
+
+
Europe West 1
+
+
"asia-east-1.storj.io"
+
+
Asia East 1
+
+
+
+
--storj-api-key
+
API key.
+
Properties:
+
+
Config: api_key
+
Env Var: RCLONE_STORJ_API_KEY
+
Provider: new
+
Type: string
+
Required: false
+
+
--storj-passphrase
+
Encryption passphrase.
+
To access existing objects enter passphrase used for uploading.
+
Properties:
+
+
Config: passphrase
+
Env Var: RCLONE_STORJ_PASSPHRASE
+
Provider: new
+
Type: string
+
Required: false
+
+
Usage
+
Paths are specified as remote:bucket (or remote: for the lsf command.) You may put subdirectories in too, e.g. remote:bucket/path/to/dir.
+
Once configured you can then use rclone like this.
+
Create a new bucket
+
Use the mkdir command to create new bucket, e.g. bucket.
+
rclone mkdir remote:bucket
+
List all buckets
+
Use the lsf command to list all buckets.
+
rclone lsf remote:
+
Note the colon (:) character at the end of the command line.
+
Delete a bucket
+
Use the rmdir command to delete an empty bucket.
+
rclone rmdir remote:bucket
+
Use the purge command to delete a non-empty bucket with all its content.
rclone about is not supported by the rclone Storj backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
If you get errors like too many open files this usually happens when the default ulimit for system max open files is exceeded. Native Storj protocol opens a large number of TCP connections (each of which is counted as an open file). For a single upload stream you can expect 110 TCP connections to be opened. For a single download stream you can expect 35. This batch of connections will be opened for every 64 MiB segment and you should also expect TCP connections to be reused. If you do many transfers you eventually open a connection to most storage nodes (thousands of nodes).
+
To fix these, please raise your system limits. You can do this issuing a ulimit -n 65536 just before you run rclone. To change the limits more permanently you can add this to your shell startup script, e.g. $HOME/.bashrc, or change the system-wide configuration, usually /etc/sysctl.conf and/or /etc/security/limits.conf, but please refer to your operating system manual.
+
SugarSync
+
SugarSync is a cloud service that enables active synchronization of files across computers and other devices for file backup, access, syncing, and sharing.
+
Configuration
+
The initial setup for SugarSync involves getting a token from SugarSync which you can do with rclone. rclone config walks you through it.
+
Here is an example of how to make a remote called remote. First run:
+
rclone config
+
This will guide you through an interactive setup process:
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> remote
+Type of storage to configure.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+[snip]
+XX / Sugarsync
+ \ "sugarsync"
+[snip]
+Storage> sugarsync
+** See help for sugarsync backend at: https://rclone.org/sugarsync/ **
+
+Sugarsync App ID.
+Leave blank to use rclone's.
+Enter a string value. Press Enter for the default ("").
+app_id>
+Sugarsync Access Key ID.
+Leave blank to use rclone's.
+Enter a string value. Press Enter for the default ("").
+access_key_id>
+Sugarsync Private Access Key
+Leave blank to use rclone's.
+Enter a string value. Press Enter for the default ("").
+private_access_key>
+Permanently delete files if true
+otherwise put them in the deleted files.
+Enter a boolean value (true or false). Press Enter for the default ("false").
+hard_delete>
+Edit advanced config? (y/n)
+y) Yes
+n) No (default)
+y/n> n
+Remote config
+Username (email address)> nick@craig-wood.com
+Your Sugarsync password is only required during setup and will not be stored.
+password:
+--------------------
+[remote]
+type = sugarsync
+refresh_token = https://api.sugarsync.com/app-authorization/XXXXXXXXXXXXXXXXXX
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
Note that the config asks for your email and password but doesn't store them, it only uses them to get the initial token.
+
Once configured you can then use rclone like this,
+
List directories (sync folders) in top level of your SugarSync
+
rclone lsd remote:
+
List all the files in your SugarSync folder "Test"
+
rclone ls remote:Test
+
To copy a local directory to an SugarSync folder called backup
+
rclone copy /home/source remote:backup
+
Paths are specified as remote:path
+
Paths may be as deep as required, e.g. remote:directory/subdirectory.
+
NB you can't create files in the top level folder you have to create a folder, which rclone will create as a "Sync Folder" with SugarSync.
+
Modified time and hashes
+
SugarSync does not support modification times or hashes, therefore syncing will default to --size-only checking. Note that using --update will work as rclone can read the time files were uploaded.
Invalid UTF-8 bytes will also be replaced, as they can't be used in XML strings.
+
Deleting files
+
Deleted files will be moved to the "Deleted items" folder by default.
+
However you can supply the flag --sugarsync-hard-delete or set the config parameter hard_delete = true if you would like files to be deleted straight away.
+
Standard options
+
Here are the Standard options specific to sugarsync (Sugarsync).
+
--sugarsync-app-id
+
Sugarsync App ID.
+
Leave blank to use rclone's.
+
Properties:
+
+
Config: app_id
+
Env Var: RCLONE_SUGARSYNC_APP_ID
+
Type: string
+
Required: false
+
+
--sugarsync-access-key-id
+
Sugarsync Access Key ID.
+
Leave blank to use rclone's.
+
Properties:
+
+
Config: access_key_id
+
Env Var: RCLONE_SUGARSYNC_ACCESS_KEY_ID
+
Type: string
+
Required: false
+
+
--sugarsync-private-access-key
+
Sugarsync Private Access Key.
+
Leave blank to use rclone's.
+
Properties:
+
+
Config: private_access_key
+
Env Var: RCLONE_SUGARSYNC_PRIVATE_ACCESS_KEY
+
Type: string
+
Required: false
+
+
--sugarsync-hard-delete
+
Permanently delete files if true otherwise put them in the deleted files.
+
Properties:
+
+
Config: hard_delete
+
Env Var: RCLONE_SUGARSYNC_HARD_DELETE
+
Type: bool
+
Default: false
+
+
Advanced options
+
Here are the Advanced options specific to sugarsync (Sugarsync).
+
--sugarsync-refresh-token
+
Sugarsync refresh token.
+
Leave blank normally, will be auto configured by rclone.
+
Properties:
+
+
Config: refresh_token
+
Env Var: RCLONE_SUGARSYNC_REFRESH_TOKEN
+
Type: string
+
Required: false
+
+
--sugarsync-authorization
+
Sugarsync authorization.
+
Leave blank normally, will be auto configured by rclone.
+
Properties:
+
+
Config: authorization
+
Env Var: RCLONE_SUGARSYNC_AUTHORIZATION
+
Type: string
+
Required: false
+
+
--sugarsync-authorization-expiry
+
Sugarsync authorization expiry.
+
Leave blank normally, will be auto configured by rclone.
+
Properties:
+
+
Config: authorization_expiry
+
Env Var: RCLONE_SUGARSYNC_AUTHORIZATION_EXPIRY
+
Type: string
+
Required: false
+
+
--sugarsync-user
+
Sugarsync user.
+
Leave blank normally, will be auto configured by rclone.
+
Properties:
+
+
Config: user
+
Env Var: RCLONE_SUGARSYNC_USER
+
Type: string
+
Required: false
+
+
--sugarsync-root-id
+
Sugarsync root id.
+
Leave blank normally, will be auto configured by rclone.
+
Properties:
+
+
Config: root_id
+
Env Var: RCLONE_SUGARSYNC_ROOT_ID
+
Type: string
+
Required: false
+
+
--sugarsync-deleted-id
+
Sugarsync deleted folder id.
+
Leave blank normally, will be auto configured by rclone.
rclone about is not supported by the SugarSync backend. Backends without this capability cannot determine free space for an rclone mount or use policy mfs (most free space) as a member of an rclone union remote.
The Tardigrade backend has been renamed to be the Storj backend. Old configuration files will continue to work.
+
Uptobox
+
This is a Backend for Uptobox file storage service. Uptobox is closer to a one-click hoster than a traditional cloud storage provider and therefore not suitable for long term storage.
+
Paths are specified as remote:path
+
Paths may be as deep as required, e.g. remote:directory/subdirectory.
+
Configuration
+
To configure an Uptobox backend you'll need your personal api token. You'll find it in your account settings
+
Here is an example of how to make a remote called remote with the default setup. First run:
+
rclone config
+
This will guide you through an interactive setup process:
+
Current remotes:
+
+Name Type
+==== ====
+TestUptobox uptobox
+
+e) Edit existing remote
+n) New remote
+d) Delete remote
+r) Rename remote
+c) Copy remote
+s) Set configuration password
+q) Quit config
+e/n/d/r/c/s/q> n
+name> uptobox
+Type of storage to configure.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+[...]
+37 / Uptobox
+ \ "uptobox"
+[...]
+Storage> uptobox
+** See help for uptobox backend at: https://rclone.org/uptobox/ **
+
+Your API Key, get it from https://uptobox.com/my_account
+Enter a string value. Press Enter for the default ("").
+api_key> xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+Edit advanced config? (y/n)
+y) Yes
+n) No (default)
+y/n> n
+Remote config
+--------------------
+[uptobox]
+type = uptobox
+api_key = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d>
+
Once configured you can then use rclone like this,
+
List directories in top level of your Uptobox
+
rclone lsd remote:
+
List all the files in your Uptobox
+
rclone ls remote:
+
To copy a local directory to an Uptobox directory called backup
+
rclone copy /home/source remote:backup
+
Modified time and hashes
+
Uptobox supports neither modified times nor checksums.
Uptobox will delete inactive files that have not been accessed in 60 days.
+
rclone about is not supported by this backend an overview of used space can however been seen in the uptobox web interface.
+
Union
+
The union remote provides a unification similar to UnionFS using other remotes.
+
Paths may be as deep as required or a local path, e.g. remote:directory/subdirectory or /directory/subdirectory.
+
During the initial setup with rclone config you will specify the upstream remotes as a space separated list. The upstream remotes can either be a local paths or other remotes.
+
Attribute :ro and :nc can be attach to the end of path to tag the remote as read only or no create, e.g. remote:directory/subdirectory:ro or remote:directory/subdirectory:nc.
+
Subfolders can be used in upstream remotes. Assume a union remote named backup with the remotes mydrive:private/backup. Invoking rclone mkdir backup:desktop is exactly the same as invoking rclone mkdir mydrive:private/backup/desktop.
+
There will be no special handling of paths containing .. segments. Invoking rclone mkdir backup:../desktop is exactly the same as invoking rclone mkdir mydrive:private/backup/../desktop.
+
Configuration
+
Here is an example of how to make a union called remote for local folders. First run:
+
rclone config
+
This will guide you through an interactive setup process:
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> remote
+Type of storage to configure.
+Choose a number from below, or type in your own value
+[snip]
+XX / Union merges the contents of several remotes
+ \ "union"
+[snip]
+Storage> union
+List of space separated upstreams.
+Can be 'upstreama:test/dir upstreamb:', '\"upstreama:test/space:ro dir\" upstreamb:', etc.
+Enter a string value. Press Enter for the default ("").
+upstreams> remote1:dir1 remote2:dir2 remote3:dir3
+Policy to choose upstream on ACTION class.
+Enter a string value. Press Enter for the default ("epall").
+action_policy>
+Policy to choose upstream on CREATE class.
+Enter a string value. Press Enter for the default ("epmfs").
+create_policy>
+Policy to choose upstream on SEARCH class.
+Enter a string value. Press Enter for the default ("ff").
+search_policy>
+Cache time of usage and free space (in seconds). This option is only useful when a path preserving policy is used.
+Enter a signed integer. Press Enter for the default ("120").
+cache_time>
+Remote config
+--------------------
+[remote]
+type = union
+upstreams = remote1:dir1 remote2:dir2 remote3:dir3
+--------------------
+y) Yes this is OK
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+Current remotes:
+
+Name Type
+==== ====
+remote union
+
+e) Edit existing remote
+n) New remote
+d) Delete remote
+r) Rename remote
+c) Copy remote
+s) Set configuration password
+q) Quit config
+e/n/d/r/c/s/q> q
+
Once configured you can then use rclone like this,
+
List directories in top level in remote1:dir1, remote2:dir2 and remote3:dir3
+
rclone lsd remote:
+
List all the files in remote1:dir1, remote2:dir2 and remote3:dir3
+
rclone ls remote:
+
Copy another local directory to the union directory called source, which will be placed into remote3:dir3
+
rclone copy C:\source remote:source
+
Behavior / Policies
+
The behavior of union backend is inspired by trapexit/mergerfs. All functions are grouped into 3 categories: action, create and search. These functions and categories can be assigned a policy which dictates what file or directory is chosen when performing that behavior. Any policy can be assigned to a function or category though some may not be very useful in practice. For instance: rand (random) may be useful for file creation (create) but could lead to very odd behavior if used for delete if there were more than one copy of the file.
+
Function / Category classifications
+
+
+
+
+
+
+
+
+
Category
+
Description
+
Functions
+
+
+
+
+
action
+
Writing Existing file
+
move, rmdir, rmdirs, delete, purge and copy, sync (as destination when file exist)
Policies, as described below, are of two basic types. path preserving and non-path preserving.
+
All policies which start with ep (epff, eplfs, eplus, epmfs, eprand) are path preserving. ep stands for existing path.
+
A path preserving policy will only consider upstreams where the relative path being accessed already exists.
+
When using non-path preserving policies paths will be created in target upstreams as necessary.
+
Quota Relevant Policies
+
Some policies rely on quota information. These policies should be used only if your upstreams support the respective quota fields.
+
+
+
+
Policy
+
Required Field
+
+
+
+
+
lfs, eplfs
+
Free
+
+
+
mfs, epmfs
+
Free
+
+
+
lus, eplus
+
Used
+
+
+
lno, eplno
+
Objects
+
+
+
+
To check if your upstream supports the field, run rclone about remote: [flags] and see if the required field exists.
+
Filters
+
Policies basically search upstream remotes and create a list of files / paths for functions to work on. The policy is responsible for filtering and sorting. The policy type defines the sorting but filtering is mostly uniform as described below.
+
+
No search policies filter.
+
All action policies will filter out remotes which are tagged as read-only.
+
All create policies will filter out remotes which are tagged read-only or no-create.
+
+
If all remotes are filtered an error will be returned.
+
Policy descriptions
+
The policies definition are inspired by trapexit/mergerfs but not exactly the same. Some policy definition could be different due to the much larger latency of remote file systems.
+
+
+
+
+
+
+
+
Policy
+
Description
+
+
+
+
+
all
+
Search category: same as epall. Action category: same as epall. Create category: act on all upstreams.
+
+
+
epall (existing path, all)
+
Search category: Given this order configured, act on the first one found where the relative path exists. Action category: apply to all found. Create category: act on all upstreams where the relative path exists.
+
+
+
epff (existing path, first found)
+
Act on the first one found, by the time upstreams reply, where the relative path exists.
+
+
+
eplfs (existing path, least free space)
+
Of all the upstreams on which the relative path exists choose the one with the least free space.
+
+
+
eplus (existing path, least used space)
+
Of all the upstreams on which the relative path exists choose the one with the least used space.
+
+
+
eplno (existing path, least number of objects)
+
Of all the upstreams on which the relative path exists choose the one with the least number of objects.
+
+
+
epmfs (existing path, most free space)
+
Of all the upstreams on which the relative path exists choose the one with the most free space.
+
+
+
eprand (existing path, random)
+
Calls epall and then randomizes. Returns only one upstream.
+
+
+
ff (first found)
+
Search category: same as epff. Action category: same as epff. Create category: Act on the first one found by the time upstreams reply.
+
+
+
lfs (least free space)
+
Search category: same as eplfs. Action category: same as eplfs. Create category: Pick the upstream with the least available free space.
+
+
+
lus (least used space)
+
Search category: same as eplus. Action category: same as eplus. Create category: Pick the upstream with the least used space.
+
+
+
lno (least number of objects)
+
Search category: same as eplno. Action category: same as eplno. Create category: Pick the upstream with the least number of objects.
+
+
+
mfs (most free space)
+
Search category: same as epmfs. Action category: same as epmfs. Create category: Pick the upstream with the most available free space.
+
+
+
newest
+
Pick the file / directory with the largest mtime.
+
+
+
rand (random)
+
Calls all and then randomizes. Returns only one upstream.
+
+
+
+
Standard options
+
Here are the Standard options specific to union (Union merges the contents of several upstream fs).
+
--union-upstreams
+
List of space separated upstreams.
+
Can be 'upstreama:test/dir upstreamb:', '"upstreama:test/space:ro dir" upstreamb:', etc.
+
Properties:
+
+
Config: upstreams
+
Env Var: RCLONE_UNION_UPSTREAMS
+
Type: string
+
Required: true
+
+
--union-action-policy
+
Policy to choose upstream on ACTION category.
+
Properties:
+
+
Config: action_policy
+
Env Var: RCLONE_UNION_ACTION_POLICY
+
Type: string
+
Default: "epall"
+
+
--union-create-policy
+
Policy to choose upstream on CREATE category.
+
Properties:
+
+
Config: create_policy
+
Env Var: RCLONE_UNION_CREATE_POLICY
+
Type: string
+
Default: "epmfs"
+
+
--union-search-policy
+
Policy to choose upstream on SEARCH category.
+
Properties:
+
+
Config: search_policy
+
Env Var: RCLONE_UNION_SEARCH_POLICY
+
Type: string
+
Default: "ff"
+
+
--union-cache-time
+
Cache time of usage and free space (in seconds).
+
This option is only useful when a path preserving policy is used.
+
Properties:
+
+
Config: cache_time
+
Env Var: RCLONE_UNION_CACHE_TIME
+
Type: int
+
Default: 120
+
+
Advanced options
+
Here are the Advanced options specific to union (Union merges the contents of several upstream fs).
+
--union-min-free-space
+
Minimum viable free space for lfs/eplfs policies.
+
If a remote has less than this much free space then it won't be considered for use in lfs or eplfs policies.
+
Properties:
+
+
Config: min_free_space
+
Env Var: RCLONE_UNION_MIN_FREE_SPACE
+
Type: SizeSuffix
+
Default: 1Gi
+
+
Metadata
+
Any metadata supported by the underlying remote is read and written.
Paths may be as deep as required, e.g. remote:directory/subdirectory.
+
Configuration
+
To configure the WebDAV remote you will need to have a URL for it, and a username and password. If you know what kind of system you are connecting to then rclone can enable extra features.
+
Here is an example of how to make a remote called remote. First run:
+
rclone config
+
This will guide you through an interactive setup process:
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> remote
+Type of storage to configure.
+Choose a number from below, or type in your own value
+[snip]
+XX / WebDAV
+ \ "webdav"
+[snip]
+Storage> webdav
+URL of http host to connect to
+Choose a number from below, or type in your own value
+ 1 / Connect to example.com
+ \ "https://example.com"
+url> https://example.com/remote.php/webdav/
+Name of the WebDAV site/service/software you are using
+Choose a number from below, or type in your own value
+ 1 / Nextcloud
+ \ "nextcloud"
+ 2 / Owncloud
+ \ "owncloud"
+ 3 / Sharepoint Online, authenticated by Microsoft account.
+ \ "sharepoint"
+ 4 / Sharepoint with NTLM authentication. Usually self-hosted or on-premises.
+ \ "sharepoint-ntlm"
+ 5 / Other site/service or software
+ \ "other"
+vendor> 1
+User name
+user> user
+Password.
+y) Yes type in my own password
+g) Generate random password
+n) No leave this optional password blank
+y/g/n> y
+Enter the password:
+password:
+Confirm the password:
+password:
+Bearer token instead of user/pass (e.g. a Macaroon)
+bearer_token>
+Remote config
+--------------------
+[remote]
+type = webdav
+url = https://example.com/remote.php/webdav/
+vendor = nextcloud
+user = user
+pass = *** ENCRYPTED ***
+bearer_token =
+--------------------
+y) Yes this is OK
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
Once configured you can then use rclone like this,
+
List directories in top level of your WebDAV
+
rclone lsd remote:
+
List all the files in your WebDAV
+
rclone ls remote:
+
To copy a local directory to an WebDAV directory called backup
+
rclone copy /home/source remote:backup
+
Modified time and hashes
+
Plain WebDAV does not support modified times. However when used with Owncloud or Nextcloud rclone will support modified times.
+
Likewise plain WebDAV does not support hashes, however when used with Owncloud or Nextcloud rclone will support SHA1 and MD5 hashes. Depending on the exact version of Owncloud or Nextcloud hashes may appear on all objects, or only on objects which had a hash uploaded with them.
+
Standard options
+
Here are the Standard options specific to webdav (WebDAV).
+
--webdav-url
+
URL of http host to connect to.
+
E.g. https://example.com.
+
Properties:
+
+
Config: url
+
Env Var: RCLONE_WEBDAV_URL
+
Type: string
+
Required: true
+
+
--webdav-vendor
+
Name of the WebDAV site/service/software you are using.
+
Properties:
+
+
Config: vendor
+
Env Var: RCLONE_WEBDAV_VENDOR
+
Type: string
+
Required: false
+
Examples:
+
+
"nextcloud"
+
+
Nextcloud
+
+
"owncloud"
+
+
Owncloud
+
+
"sharepoint"
+
+
Sharepoint Online, authenticated by Microsoft account
+
+
"sharepoint-ntlm"
+
+
Sharepoint with NTLM authentication, usually self-hosted or on-premises
+
+
"other"
+
+
Other site/service or software
+
+
+
+
--webdav-user
+
User name.
+
In case NTLM authentication is used, the username should be in the format 'Domain'.
Default encoding is Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,Hash,Percent,BackSlash,Del,Ctl,LeftSpace,LeftTilde,RightSpace,RightPeriod,InvalidUtf8 for sharepoint-ntlm or identity otherwise.
+
Properties:
+
+
Config: encoding
+
Env Var: RCLONE_WEBDAV_ENCODING
+
Type: string
+
Required: false
+
+
--webdav-headers
+
Set HTTP headers for all transactions.
+
Use this to set additional HTTP headers for all transactions
+
The input format is comma separated list of key,value pairs. Standard CSV encoding may be used.
+
For example, to set a Cookie use 'Cookie,name=value', or '"Cookie","name=value"'.
+
You can set multiple headers, e.g. '"Cookie","name=value","Authorization","xxx"'.
+
Properties:
+
+
Config: headers
+
Env Var: RCLONE_WEBDAV_HEADERS
+
Type: CommaSepList
+
Default:
+
+
Provider notes
+
See below for notes on specific providers.
+
Owncloud
+
Click on the settings cog in the bottom right of the page and this will show the WebDAV URL that rclone needs in the config step. It will look something like https://example.com/remote.php/webdav/.
+
Owncloud supports modified times using the X-OC-Mtime header.
+
Nextcloud
+
This is configured in an identical way to Owncloud. Note that Nextcloud initially did not support streaming of files (rcat) whereas Owncloud did, but this seems to be fixed as of 2020-11-27 (tested with rclone v1.53.1 and Nextcloud Server v19).
+
Sharepoint Online
+
Rclone can be used with Sharepoint provided by OneDrive for Business or Office365 Education Accounts. This feature is only needed for a few of these Accounts, mostly Office365 Education ones. These accounts are sometimes not verified by the domain owner github#1975
+
This means that these accounts can't be added using the official API (other Accounts should work with the "onedrive" option). However, it is possible to access them using webdav.
+
To use a sharepoint remote with rclone, add it like this: First, you need to get your remote's URL:
Now take a look at your address bar, the URL should look like this: https://[YOUR-DOMAIN]-my.sharepoint.com/personal/[YOUR-EMAIL]/_layouts/15/onedrive.aspx
+
+
You'll only need this URL up to the email address. After that, you'll most likely want to add "/Documents". That subdirectory contains the actual data stored on your OneDrive.
+
Add the remote to rclone like this: Configure the url as https://[YOUR-DOMAIN]-my.sharepoint.com/personal/[YOUR-EMAIL]/Documents and use your normal account email and password for user and pass. If you have 2FA enabled, you have to generate an app password. Set the vendor to sharepoint.
Use this option in case your (hosted) Sharepoint is not tied to OneDrive accounts and uses NTLM authentication.
+
To get the url configuration, similarly to the above, first navigate to the desired directory in your browser to get the URL, then strip everything after the name of the opened directory.
+
Example: If the URL is: https://example.sharepoint.com/sites/12345/Documents/Forms/AllItems.aspx
+
The configuration to use would be: https://example.sharepoint.com/sites/12345/Documents
+
Set the vendor to sharepoint-ntlm.
+
NTLM uses domain and user name combination for authentication, set user to DOMAIN\username.
As SharePoint does some special things with uploaded documents, you won't be able to use the documents size or the documents hash to compare if a file has been changed since the upload / which file is newer.
+
For Rclone calls copying files (especially Office files such as .docx, .xlsx, etc.) from/to SharePoint (like copy, sync, etc.), you should append these flags to ensure Rclone uses the "Last Modified" datetime property to compare your documents:
+
--ignore-size --ignore-checksum --update
+
dCache
+
dCache is a storage system that supports many protocols and authentication/authorisation schemes. For WebDAV clients, it allows users to authenticate with username and password (BASIC), X.509, Kerberos, and various bearer tokens, including Macaroons and OpenID-Connect access tokens.
+
Configure as normal using the other type. Don't enter a username or password, instead enter your Macaroon as the bearer_token.
+
The config will end up looking something like this.
There is a script that obtains a Macaroon from a dCache WebDAV endpoint, and creates an rclone config file.
+
Macaroons may also be obtained from the dCacheView web-browser/JavaScript client that comes with dCache.
+
OpenID-Connect
+
dCache also supports authenticating with OpenID-Connect access tokens. OpenID-Connect is a protocol (based on OAuth 2.0) that allows services to identify users who have authenticated with some central service.
+
Support for OpenID-Connect in rclone is currently achieved using another software package called oidc-agent. This is a command-line tool that facilitates obtaining an access token. Once installed and configured, an access token is obtained by running the oidc-token command. The following example shows a (shortened) access token obtained from the XDC OIDC Provider.
Note Before the oidc-token command will work, the refresh token must be loaded into the oidc agent. This is done with the oidc-add command (e.g., oidc-add XDC). This is typically done once per login session. Full details on this and how to register oidc-agent with your OIDC Provider are provided in the oidc-agent documentation.
+
The rclone bearer_token_command configuration option is used to fetch the access token from oidc-agent.
+
Configure as a normal WebDAV endpoint, using the 'other' vendor, leaving the username and password empty. When prompted, choose to edit the advanced config and enter the command to get a bearer token (e.g., oidc-agent XDC).
+
The following example config shows a WebDAV endpoint that uses oidc-agent to supply an access token from the XDC OIDC Provider.
Here is an example of making a yandex configuration. First run
+
rclone config
+
This will guide you through an interactive setup process:
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+n/s> n
+name> remote
+Type of storage to configure.
+Choose a number from below, or type in your own value
+[snip]
+XX / Yandex Disk
+ \ "yandex"
+[snip]
+Storage> yandex
+Yandex Client Id - leave blank normally.
+client_id>
+Yandex Client Secret - leave blank normally.
+client_secret>
+Remote config
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
+y) Yes
+n) No
+y/n> y
+If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
+Log in and authorize rclone for access
+Waiting for code...
+Got code
+--------------------
+[remote]
+client_id =
+client_secret =
+token = {"access_token":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","token_type":"OAuth","expiry":"2016-12-29T12:27:11.362788025Z"}
+--------------------
+y) Yes this is OK
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+
See the remote setup docs for how to set it up on a machine with no Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the token as returned from Yandex Disk. This only runs from the moment it opens your browser to the moment you get back the verification code. This is on http://127.0.0.1:53682/ and this it may require you to unblock it temporarily if you are running a host firewall.
+
Once configured you can then use rclone like this,
+
See top level directories
+
rclone lsd remote:
+
Make a new directory
+
rclone mkdir remote:directory
+
List the contents of a directory
+
rclone ls remote:directory
+
Sync /home/local/directory to the remote path, deleting any excess files in the path.
Yandex paths may be as deep as required, e.g. remote:directory/subdirectory.
+
Modified time
+
Modified times are supported and are stored accurate to 1 ns in custom metadata called rclone_modified in RFC3339 with nanoseconds format.
+
MD5 checksums
+
MD5 checksums are natively supported by Yandex Disk.
+
Emptying Trash
+
If you wish to empty your trash you can use the rclone cleanup remote: command which will permanently delete all your trashed files. This command does not take any path arguments.
+
Quota information
+
To view your current quota you can use the rclone about remote: command which will display your usage limit (quota) and the current usage.
When uploading very large files (bigger than about 5 GiB) you will need to increase the --timeout parameter. This is because Yandex pauses (perhaps to calculate the MD5SUM for the entire file) before returning confirmation that the file has been uploaded. The default handling of timeouts in rclone is to assume a 5 minute pause is an error and close the connection - you'll see net/http: timeout awaiting response headers errors in the logs if this is happening. Setting the timeout to twice the max size of file in GiB should be enough, so if you want to upload a 30 GiB file set a timeout of 2 * 30 = 60m, that is --timeout 60m.
+
Having a Yandex Mail account is mandatory to use the Yandex.Disk subscription. Token generation will work without a mail account, but Rclone won't be able to complete any actions.
+
[403 - DiskUnsupportedUserAccountTypeError] User account type is not supported.
Here is an example of making a zoho configuration. First run
+
rclone config
+
This will guide you through an interactive setup process:
+
No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+n/s> n
+name> remote
+Type of storage to configure.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+[snip]
+XX / Zoho
+ \ "zoho"
+[snip]
+Storage> zoho
+** See help for zoho backend at: https://rclone.org/zoho/ **
+
+OAuth Client Id
+Leave blank normally.
+Enter a string value. Press Enter for the default ("").
+client_id>
+OAuth Client Secret
+Leave blank normally.
+Enter a string value. Press Enter for the default ("").
+client_secret>
+Edit advanced config? (y/n)
+y) Yes
+n) No (default)
+y/n> n
+Remote config
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
+y) Yes (default)
+n) No
+y/n>
+If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth?state=LVn0IHzxej1ZkmQw31d0wQ
+Log in and authorize rclone for access
+Waiting for code...
+Got code
+Choose a number from below, or type in your own value
+ 1 / MyTeam
+ \ "4u28602177065ff22426787a6745dba8954eb"
+Enter a Team ID> 1
+Choose a number from below, or type in your own value
+ 1 / General
+ \ "4u2869d2aa6fca04f4f2f896b6539243b85b1"
+Enter a Workspace ID> 1
+--------------------
+[remote]
+type = zoho
+token = {"access_token":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","token_type":"Zoho-oauthtoken","refresh_token":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","expiry":"2020-10-12T00:54:52.370275223+02:00"}
+root_folder_id = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d>
+
See the remote setup docs for how to set it up on a machine with no Internet browser available.
+
Rclone runs a webserver on your local computer to collect the authorization token from Zoho Workdrive. This is only from the moment your browser is opened until the token is returned. The webserver runs on http://127.0.0.1:53682/. If local port 53682 is protected by a firewall you may need to temporarily unblock the firewall to complete authorization.
+
Once configured you can then use rclone like this,
+
See top level directories
+
rclone lsd remote:
+
Make a new directory
+
rclone mkdir remote:directory
+
List the contents of a directory
+
rclone ls remote:directory
+
Sync /home/local/directory to the remote path, deleting any excess files in the path.
Zoho paths may be as deep as required, eg remote:directory/subdirectory.
+
Modified time
+
Modified times are currently not supported for Zoho Workdrive
+
Checksums
+
No checksums are supported.
+
Usage information
+
To view your current quota you can use the rclone about remote: command which will display your current usage.
+
Restricted filename characters
+
Only control characters and invalid UTF-8 are replaced. In addition most Unicode full-width characters are not supported at all and will be removed from filenames during upload.
+
Standard options
+
Here are the Standard options specific to zoho (Zoho).
+
--zoho-client-id
+
OAuth Client Id.
+
Leave blank normally.
+
Properties:
+
+
Config: client_id
+
Env Var: RCLONE_ZOHO_CLIENT_ID
+
Type: string
+
Required: false
+
+
--zoho-client-secret
+
OAuth Client Secret.
+
Leave blank normally.
+
Properties:
+
+
Config: client_secret
+
Env Var: RCLONE_ZOHO_CLIENT_SECRET
+
Type: string
+
Required: false
+
+
--zoho-region
+
Zoho region to connect to.
+
You'll have to use the region your organization is registered in. If not sure use the same top level domain as you connect to in your browser.
+
Properties:
+
+
Config: region
+
Env Var: RCLONE_ZOHO_REGION
+
Type: string
+
Required: false
+
Examples:
+
+
"com"
+
+
United states / Global
+
+
"eu"
+
+
Europe
+
+
"in"
+
+
India
+
+
"jp"
+
+
Japan
+
+
"com.cn"
+
+
China
+
+
"com.au"
+
+
Australia
+
+
+
+
Advanced options
+
Here are the Advanced options specific to zoho (Zoho).
Create a new client of type "Server-based Application". The name and website don't matter, but you must add the redirect URL http://localhost:53682/.
+
Once the client is created, you can go to the settings tab and enable it in other regions.
+
+
The client id and client secret can now be used with rclone.
+
Local Filesystem
+
Local paths are specified as normal filesystem paths, e.g. /path/to/wherever, so
+
rclone sync -i /home/source /tmp/destination
+
Will sync /home/source to /tmp/destination.
+
Configuration
+
For consistencies sake one can also configure a remote of type local in the config file, and access the local filesystem using rclone remote paths, e.g. remote:path/to/wherever, but it is probably easier not to.
+
Modified time
+
Rclone reads and writes the modified time using an accuracy determined by the OS. Typically this is 1ns on Linux, 10 ns on Windows and 1 Second on OS X.
+
Filenames
+
Filenames should be encoded in UTF-8 on disk. This is the normal case for Windows and OS X.
+
There is a bit more uncertainty in the Linux world, but new distributions will have UTF-8 encoded files names. If you are using an old Linux filesystem with non UTF-8 file names (e.g. latin1) then you can use the convmv tool to convert the filesystem to UTF-8. This tool is available in most distributions' package managers.
+
If an invalid (non-UTF8) filename is read, the invalid characters will be replaced with a quoted representation of the invalid bytes. The name gro\xdf will be transferred as gro‛DF. rclone will emit a debug message in this case (use -v to see), e.g.
+
Local file system at .: Replacing invalid UTF-8 characters in "gro\xdf"
+
Restricted characters
+
With the local backend, restrictions on the characters that are usable in file or directory names depend on the operating system. To check what rclone will replace by default on your system, run rclone help flags local-encoding.
+
On non Windows platforms the following characters are replaced when handling file names.
NB Rclone (like most unix tools such as du, rsync and tar) treats a bind mount to the same device as being on the same filesystem.
NB This flag is only available on Unix based systems. On systems where it isn't supported (e.g. Windows) it will be ignored.
-
Advanced options
-
Here are the advanced options specific to local (Local Disk).
+
Advanced options
+
Here are the Advanced options specific to local (Local Disk).
--local-nounc
Disable UNC (long path names) conversion on Windows.
Properties:
-
Config: nounc
-
Env Var: RCLONE_LOCAL_NOUNC
-
Type: string
-
Required: false
-
Examples:
+
Config: nounc
+
Env Var: RCLONE_LOCAL_NOUNC
+
Type: bool
+
Default: false
+
Examples:
+
+
"true"
+
+
Disables long file names.
+
+
+
+
--copy-links / -L
+
Follow symlinks and copy the pointed to item.
+
Properties:
+
+
Config: copy_links
+
Env Var: RCLONE_LOCAL_COPY_LINKS
+
Type: bool
+
Default: false
+
+
--links / -l
+
Translate symlinks to/from regular files with a '.rclonelink' extension.
+
Properties:
+
+
Config: links
+
Env Var: RCLONE_LOCAL_LINKS
+
Type: bool
+
Default: false
+
+
--skip-links
+
Don't warn about skipped symlinks.
+
This flag disables warning messages on skipped symlinks or junction points, as you explicitly acknowledge that they should be skipped.
+
Properties:
+
+
Config: skip_links
+
Env Var: RCLONE_LOCAL_SKIP_LINKS
+
Type: bool
+
Default: false
+
+
--local-zero-size-links
+
Assume the Stat size of links is zero (and read them instead) (deprecated).
+
Rclone used to use the Stat size of links as the link size, but this fails in quite a few places:
+
+
Windows
+
On some virtual filesystems (such ash LucidLink)
+
Android
+
+
So rclone now always reads the link.
+
Properties:
+
+
Config: zero_size_links
+
Env Var: RCLONE_LOCAL_ZERO_SIZE_LINKS
+
Type: bool
+
Default: false
+
+
--local-unicode-normalization
+
Apply unicode NFC normalization to paths and filenames.
+
This flag can be used to normalize file names into unicode NFC form that are read from the local filesystem.
+
Rclone does not normally touch the encoding of file names it reads from the file system.
+
This can be useful when using macOS as it normally provides decomposed (NFD) unicode which in some language (eg Korean) doesn't display properly on some OSes.
+
Note that rclone compares filenames with unicode normalization in the sync routine so this flag shouldn't normally be used.
+
Properties:
+
+
Config: unicode_normalization
+
Env Var: RCLONE_LOCAL_UNICODE_NORMALIZATION
+
Type: bool
+
Default: false
+
+
--local-no-check-updated
+
Don't check to see if the files change during upload.
+
Normally rclone checks the size and modification time of files as they are being uploaded and aborts with a message which starts "can't copy - source file is being updated" if the file changes during upload.
+
However on some file systems this modification time check may fail (e.g. Glusterfs #2206) so this check can be disabled with this flag.
+
If this flag is set, rclone will use its best efforts to transfer a file which is being updated. If the file is only having things appended to it (e.g. a log) then rclone will transfer the log file with the size it had the first time rclone saw it.
+
If the file is being modified throughout (not just appended to) then the transfer may fail with a hash check failure.
+
In detail, once the file has had stat() called on it for the first time we:
Force the filesystem to report itself as case sensitive.
+
Normally the local backend declares itself as case insensitive on Windows/macOS and case sensitive for everything else. Use this flag to override the default choice.
+
Properties:
+
+
Config: case_sensitive
+
Env Var: RCLONE_LOCAL_CASE_SENSITIVE
+
Type: bool
+
Default: false
+
+
--local-case-insensitive
+
Force the filesystem to report itself as case insensitive.
+
Normally the local backend declares itself as case insensitive on Windows/macOS and case sensitive for everything else. Use this flag to override the default choice.
+
Properties:
+
+
Config: case_insensitive
+
Env Var: RCLONE_LOCAL_CASE_INSENSITIVE
+
Type: bool
+
Default: false
+
+
--local-no-preallocate
+
Disable preallocation of disk space for transferred files.
+
Preallocation of disk space helps prevent filesystem fragmentation. However, some virtual filesystem layers (such as Google Drive File Stream) may incorrectly set the actual file size equal to the preallocated space, causing checksum and file size checks to fail. Use this flag to disable preallocation.
+
Properties:
+
+
Config: no_preallocate
+
Env Var: RCLONE_LOCAL_NO_PREALLOCATE
+
Type: bool
+
Default: false
+
+
--local-no-sparse
+
Disable sparse files for multi-thread downloads.
+
On Windows platforms rclone will make sparse files when doing multi-thread downloads. This avoids long pauses on large files where the OS zeros the file. However sparse files may be undesirable as they cause disk fragmentation and can be slow to work with.
+
Properties:
+
+
Config: no_sparse
+
Env Var: RCLONE_LOCAL_NO_SPARSE
+
Type: bool
+
Default: false
+
+
--local-no-set-modtime
+
Disable setting modtime.
+
Normally rclone updates modification time of files after they are done uploading. This can cause permissions issues on Linux platforms when the user rclone is running as does not own the file uploaded, such as when copying to a CIFS mount owned by another user. If this option is enabled, rclone will no longer update the modtime after copying a file.
Depending on which OS is in use the local backend may return only some of the system metadata. Setting system metadata is supported on all OSes but setting user metadata is only supported on linux, freebsd, netbsd, macOS and Solaris. It is not supported on Windows yet (see pkg/attrs#47).
+
User metadata is stored as extended attributes (which may not be supported by all file systems) under the "user.*" prefix.
+
Here are the possible system metadata items for the local backend.
Update to go1.19 and make go1.17 the minimum required version (Nick Craig-Wood)
+
Install.sh: fix arm-v7 download (Ole Frost)
+
+
fs: Warn the user when using an existing remote name without a colon (Nick Craig-Wood)
+
httplib: Add --xxx-min-tls-version option to select minimum TLS version for HTTP servers (Robert Newson)
+
librclone: Add PHP bindings and test program (Jordi Gonzalez Muñoz)
+
operations
+
+
Add --server-side-across-configs global flag for any backend (Nick Craig-Wood)
+
Optimise --copy-dest and --compare-dest (Nick Craig-Wood)
+
+
rc: add job/stopgroup to stop group (Evan Spensley)
+
serve dlna
+
+
Add --announce-interval to control SSDP Announce Interval (YanceyChiew)
+
Add --interface to Specify SSDP interface names line (Simon Bos)
+
Add support for more external subtitles (YanceyChiew)
+
Add verification of addresses (YanceyChiew)
+
+
sync: Optimise --copy-dest and --compare-dest (Nick Craig-Wood)
+
doc updates (albertony, Alexander Knorr, anonion, João Henrique Franco, Josh Soref, Lorenzo Milesi, Marco Molteni, Mark Trolley, Ole Frost, partev, Ryan Morey, Tom Mombourquette, YFdyh000)
+
+
Bug Fixes
+
+
filter
+
+
Fix incorrect filtering with UseFilter context flag and wrapping backends (Nick Craig-Wood)
+
Make sure we check --files-from when looking for a single file (Nick Craig-Wood)
+
+
rc
+
+
Fix mount/listmounts not returning the full Fs entered in mount/mount (Tom Mombourquette)
+
Handle external unmount when mounting (Isaac Aymerich)
+
Validate Daemon option is not set when mounting a volume via RC (Isaac Aymerich)
+
+
sync: Update docs and error messages to reflect fixes to overlap checks (Nick Naumann)
+
+
VFS
+
+
Reduce memory use by embedding sync.Cond (Nick Craig-Wood)
+
Reduce memory usage by re-ordering commonly used structures (Nick Craig-Wood)
+
Fix excess CPU used by VFS cache cleaner looping (Nick Craig-Wood)
+
+
Local
+
+
Obey file filters in listing to fix errors on excluded files (Nick Craig-Wood)
+
Fix "Failed to read metadata: function not implemented" on old Linux kernels (Nick Craig-Wood)
+
+
Compress
+
+
Fix crash due to nil metadata (Nick Craig-Wood)
+
Fix error handling to not use or return nil objects (Nick Craig-Wood)
+
+
Drive
+
+
Make --drive-stop-on-upload-limit obey quota exceeded error (Steve Kowalik)
+
+
FTP
+
+
Add --ftp-force-list-hidden option to show hidden items (Øyvind Heddeland Instefjord)
+
Fix hang when using ExplicitTLS to certain servers. (Nick Craig-Wood)
+
+
Google Cloud Storage
+
+
Add --gcs-endpoint flag and config parameter (Nick Craig-Wood)
+
+
Hubic
+
+
Remove backend as service has now shut down (Nick Craig-Wood)
+
+
Onedrive
+
+
Rename Onedrive(cn) 21Vianet to Vnet Group (Yen Hu)
+
Disable change notify in China region since it is not supported (Nick Craig-Wood)
+
+
S3
+
+
Implement --s3-versions flag to show old versions of objects if enabled (Nick Craig-Wood)
+
Implement --s3-version-at flag to show versions of objects at a particular time (Nick Craig-Wood)
+
Implement backend versioning command to get/set bucket versioning (Nick Craig-Wood)
+
Implement Purge to purge versions and backend cleanup-hidden (Nick Craig-Wood)
+
Add --s3-decompress flag to decompress gzip-encoded files (Nick Craig-Wood)
+
Add --s3-sse-customer-key-base64 to supply keys with binary data (Richard Bateman)
+
Try to keep the maximum precision in ModTime with --user-server-modtime (Nick Craig-Wood)
+
Drop binary metadata with an ERROR message as it can't be stored (Nick Craig-Wood)
+
Add --s3-no-system-metadata to suppress read and write of system metadata (Nick Craig-Wood)
+
+
SFTP
+
+
Fix directory creation races (Lesmiscore)
+
+
Swift
+
+
Add --swift-no-large-objects to reduce HEAD requests (Nick Craig-Wood)
+
+
Union
+
+
Propagate SlowHash feature to fix hasher interaction (Lesmiscore)
Moved root_folder_id to advanced section (Abhiraj)
+
+
Dropbox
-
Config: links
-
Env Var: RCLONE_LOCAL_LINKS
-
Type: bool
-
Default: false
-
-
--skip-links
-
Don't warn about skipped symlinks.
-
This flag disables warning messages on skipped symlinks or junction points, as you explicitly acknowledge that they should be skipped.
-
Properties:
+
Migrate from deprecated api (m8rge)
+
Add logs to show when poll interval limits are exceeded (Nick Craig-Wood)
+
Fix nil pointer exception on dropbox impersonate user not found (Nick Craig-Wood)
+
+
Fichier
-
Config: skip_links
-
Env Var: RCLONE_LOCAL_SKIP_LINKS
-
Type: bool
-
Default: false
-
-
--local-zero-size-links
-
Assume the Stat size of links is zero (and read them instead) (deprecated).
-
Rclone used to use the Stat size of links as the link size, but this fails in quite a few places:
+
Parse api error codes and them accordingly (buengese)
+
+
FTP
-
Windows
-
On some virtual filesystems (such ash LucidLink)
-
Android
-
-
So rclone now always reads the link.
-
Properties:
+
Add support for disable_utf8 option (Jason Zheng)
+
Revert to upstream github.com/jlaffaye/ftp from our fork (Nick Craig-Wood)
+
+
Google Cloud Storage
-
Config: zero_size_links
-
Env Var: RCLONE_LOCAL_ZERO_SIZE_LINKS
-
Type: bool
-
Default: false
-
-
--local-unicode-normalization
-
Apply unicode NFC normalization to paths and filenames.
-
This flag can be used to normalize file names into unicode NFC form that are read from the local filesystem.
-
Rclone does not normally touch the encoding of file names it reads from the file system.
-
This can be useful when using macOS as it normally provides decomposed (NFD) unicode which in some language (eg Korean) doesn't display properly on some OSes.
-
Note that rclone compares filenames with unicode normalization in the sync routine so this flag shouldn't normally be used.
-
Properties:
+
Add --gcs-no-check-bucket to minimise transactions and perms (Nick Gooding)
+
Add --gcs-decompress flag to decompress gzip-encoded files (Nick Craig-Wood)
-
Config: unicode_normalization
-
Env Var: RCLONE_LOCAL_UNICODE_NORMALIZATION
-
Type: bool
-
Default: false
-
-
--local-no-check-updated
-
Don't check to see if the files change during upload.
-
Normally rclone checks the size and modification time of files as they are being uploaded and aborts with a message which starts "can't copy - source file is being updated" if the file changes during upload.
-
However on some file systems this modification time check may fail (e.g. Glusterfs #2206) so this check can be disabled with this flag.
-
If this flag is set, rclone will use its best efforts to transfer a file which is being updated. If the file is only having things appended to it (e.g. a log) then rclone will transfer the log file with the size it had the first time rclone saw it.
-
If the file is being modified throughout (not just appended to) then the transfer may fail with a hash check failure.
-
In detail, once the file has had stat() called on it for the first time we:
+
by default these will be downloaded compressed (which previously failed)
Fix missing response when using custom auth handler (albertony)
+
+
Jottacloud
-
Config: one_file_system
-
Env Var: RCLONE_LOCAL_ONE_FILE_SYSTEM
-
Type: bool
-
Default: false
-
-
--local-case-sensitive
-
Force the filesystem to report itself as case sensitive.
-
Normally the local backend declares itself as case insensitive on Windows/macOS and case sensitive for everything else. Use this flag to override the default choice.
-
Properties:
+
Add support for upload to custom device and mountpoint (albertony)
+
Always store username in config and use it to avoid initial API request (albertony)
+
Fix issue with server-side copy when destination is in trash (albertony)
+
Fix listing output of remote with special characters (albertony)
+
+
Mailru
-
Config: case_sensitive
-
Env Var: RCLONE_LOCAL_CASE_SENSITIVE
-
Type: bool
-
Default: false
-
-
--local-case-insensitive
-
Force the filesystem to report itself as case insensitive.
-
Normally the local backend declares itself as case insensitive on Windows/macOS and case sensitive for everything else. Use this flag to override the default choice.
-
Properties:
+
Fix timeout by using int instead of time.Duration for keeping number of seconds (albertony)
+
+
Mega
-
Config: case_insensitive
-
Env Var: RCLONE_LOCAL_CASE_INSENSITIVE
-
Type: bool
-
Default: false
-
-
--local-no-preallocate
-
Disable preallocation of disk space for transferred files.
-
Preallocation of disk space helps prevent filesystem fragmentation. However, some virtual filesystem layers (such as Google Drive File Stream) may incorrectly set the actual file size equal to the preallocated space, causing checksum and file size checks to fail. Use this flag to disable preallocation.
-
Properties:
+
Document using MEGAcmd to help with login failures (Art M. Gallagher)
+
+
Onedrive
-
Config: no_preallocate
-
Env Var: RCLONE_LOCAL_NO_PREALLOCATE
-
Type: bool
-
Default: false
-
-
--local-no-sparse
-
Disable sparse files for multi-thread downloads.
-
On Windows platforms rclone will make sparse files when doing multi-thread downloads. This avoids long pauses on large files where the OS zeros the file. However sparse files may be undesirable as they cause disk fragmentation and can be slow to work with.
-
Properties:
+
Implement --poll-interval for onedrive (Hugo Laloge)
+
Add access scopes option (Sven Gerber)
+
+
Opendrive
-
Config: no_sparse
-
Env Var: RCLONE_LOCAL_NO_SPARSE
-
Type: bool
-
Default: false
-
-
--local-no-set-modtime
-
Disable setting modtime.
-
Normally rclone updates modification time of files after they are done uploading. This can cause permissions issues on Linux platforms when the user rclone is running as does not own the file uploaded, such as when copying to a CIFS mount owned by another user. If this option is enabled, rclone will no longer update the modtime after copying a file.
Fix ARM architecture version in .deb packages after nfpm change (Nick Craig-Wood)
Hard fork github.com/jlaffaye/ftp to fix go get github.com/rclone/rclone (Nick Craig-Wood)
-
oauthutil: Fix crash when webrowser requests /robots.txt (Nick Craig-Wood)
+
oauthutil: Fix crash when webbrowser requests /robots.txt (Nick Craig-Wood)
operations: Fix goroutine leak in case of copy retry (Ankur Gupta)
rc:
@@ -24978,7 +30458,7 @@
v1.58.0 - 2022-03-18
Add rclone to list of supported md5sum/sha1sum commands to look for (albertony)
Refactor so we only have one way of running remote commands (Nick Craig-Wood)
Fix timeout on hashing large files by sending keepalives (Nick Craig-Wood)
-
Fix unecessary seeking when uploading and downloading files (Nick Craig-Wood)
+
Fix unnecessary seeking when uploading and downloading files (Nick Craig-Wood)
Update docs on how to create known_hosts file (Nick Craig-Wood)
Storj
@@ -25872,9 +31352,9 @@
v1.54.0 - 2021-02-02
Add sort by average size in directory (Adam Plánský)
Add toggle option for average s3ize in directory - key 'a' (Adam Plánský)
Add empty folder flag into ncdu browser (Adam Plánský)
-
Add ! (errror) and . (unreadable) file flags to go with e (empty) (Nick Craig-Wood)
+
Add ! (error) and . (unreadable) file flags to go with e (empty) (Nick Craig-Wood)
-
obscure: Make rclone osbcure - ignore newline at end of line (Nick Craig-Wood)
+
obscure: Make rclone obscure - ignore newline at end of line (Nick Craig-Wood)
operations
Add logs when need to upload files to set mod times (Nick Craig-Wood)
@@ -25912,7 +31392,7 @@
v1.54.0 - 2021-02-02
move: Fix data loss when source and destination are the same object (Nick Craig-Wood)
operations
-
Fix --cutof-mode hard not cutting off immediately (Nick Craig-Wood)
+
Fix --cutoff-mode hard not cutting off immediately (Nick Craig-Wood)
Fix --immutable error message (Nick Craig-Wood)
sync
@@ -25983,7 +31463,7 @@
v1.54.0 - 2021-02-02
Box
Fix NewObject for files that differ in case (Nick Craig-Wood)
-
Fix finding directories in a case insentive way (Nick Craig-Wood)
+
Fix finding directories in a case insensitive way (Nick Craig-Wood)
Chunker
@@ -26102,7 +31582,7 @@
v1.54.0 - 2021-02-02
Sugarsync
Fix NewObject for files that differ in case (Nick Craig-Wood)
-
Fix finding directories in a case insentive way (Nick Craig-Wood)
+
Fix finding directories in a case insensitive way (Nick Craig-Wood)
Swift
@@ -26213,7 +31693,7 @@
v1.53.2 - 2020-10-26
Bug Fixes
-
acounting
+
accounting
Fix incorrect speed and transferTime in core/stats (Nick Craig-Wood)
Stabilize display order of transfers on Windows (Nick Craig-Wood)
@@ -27605,7 +33085,7 @@
v1.49.0 - 2019-08-26
Mount
-
Default --daemon-timout to 15 minutes on macOS and FreeBSD (Nick Craig-Wood)
+
Default --daemon-timeout to 15 minutes on macOS and FreeBSD (Nick Craig-Wood)
Update docs to show mounting from root OK for bucket-based (Nick Craig-Wood)
Remove nonseekable flag from write files (Nick Craig-Wood)
@@ -28077,7 +33557,7 @@
v1.46 - 2019-02-09
HTTP
Add an example with username and password which is supported but wasn't documented (Nick Craig-Wood)
-
Fix backend with --files-from and non-existent files (Nick Craig-Wood)
+
Fix backend with --files-from and nonexistent files (Nick Craig-Wood)
Hubic
@@ -28808,7 +34288,7 @@
v1.41 - 2018-04-28
Work around strange response from box FTP server
More workarounds for FTP servers to fix mkParentDir error
-
Fix no error on listing non-existent directory
+
Fix no error on listing nonexistent directory
Google Cloud Storage
@@ -28921,7 +34401,7 @@
v1.40 - 2018-03-19
Bug Fixes
-
config: fixes errors on non existing config by loading config file only on first access
+
config: fixes errors on nonexistent config by loading config file only on first access
config: retry saving the config after failure (Mateusz)
sync: when using --backup-dir don't delete files if we can't set their modtime
@@ -29734,7 +35214,7 @@
v1.34 - 2016-11-06
Command line and config file support for
-
Setting/overriding ACL - thanks Radek Senfeld
+
Setting/overriding ACL - thanks Radek Šenfeld
Setting storage class - thanks Asko Tamm
@@ -30447,7 +35927,7 @@
v0.00 - 2012-11-18
Project started
Bugs and Limitations
-
Limitations
+
Limitations
Directory timestamps aren't preserved
Rclone doesn't currently preserve the timestamps of directories. This is because rclone only really considers objects when syncing.
Rclone struggles with millions of files in a directory/bucket
@@ -30474,7 +35954,7 @@
Can rclone sync directly from
Rclone can sync between two remote cloud storage systems just fine.
Note that it effectively downloads the file and uploads it again, so the node running rclone would need to have lots of bandwidth.
The syncs would be incremental (on a file by file basis).
-
Eg
+
e.g.
rclone sync -i drive:Folder s3:bucket
Using rclone from multiple locations at the same time
You can use rclone from multiple places at the same time if you choose different subdirectory for the output, e.g.
@@ -30490,7 +35970,7 @@
Why
It would be possible to make a sync system which stored binary diffs instead of whole objects like rclone does, but that would break the 1:1 mapping of files on your hard disk to objects in the remote cloud storage system.
All the cloud storage systems support partial downloads of content, so it would be possible to make partial downloads work. However to make this work efficiently this would require storing a significant amount of metadata, which breaks the desired 1:1 mapping of files to objects.
Can rclone do bi-directional sync?
-
No, not at present. rclone only does uni-directional sync from A -> B. It may do in the future though since it has all the primitives - it just requires writing the algorithm to do it.
Yes. rclone will follow the standard environment variables for proxies, similar to cURL and other programs.
In general the variables are called http_proxy (for services reached over http) and https_proxy (for services reached over https). Most public services will be using https, but you may wish to set both.
@@ -30500,11 +35980,16 @@
Can I use rclone with an HTTP proxy
export https_proxy=$http_proxy
export HTTP_PROXY=$http_proxy
export HTTPS_PROXY=$http_proxy
+
Note: If the proxy server requires a username and password, then use
The NO_PROXY allows you to disable the proxy for specific hosts. Hosts must be comma separated, and can contain domains or parts. For instance "foo.com" also matches "bar.foo.com".
Note that the ftp backend does not support ftp_proxy yet.
+
Note that the FTP backend does not support ftp_proxy yet.
Rclone gives x509: failed to load system roots and no roots provided error
This means that rclone can't find the SSL root certificates. Likely you are running rclone on a NAS with a cut-down Linux OS, or possibly on Solaris.
Rclone (via the Go runtime) tries to load the root certificates from these places on Linux.
@@ -30541,7 +36026,7 @@
Rclone
For example: On a Windows system, you have a file with name Test:1.jpg, where : is the Unicode fullwidth colon symbol. When using rclone to copy this to your Google Drive, you will notice that the file gets renamed to Test:1.jpg, where : is the regular (halfwidth) colon.
The reason for such renames is the way rclone handles different restricted filenames on different cloud storage systems. It tries to avoid ambiguous file names as much and allow moving files between many cloud storage systems transparently, by replacing invalid characters with similar looking Unicode characters when transferring to one storage system, and replacing back again when transferring to a different storage system where the original characters are supported. When the same Unicode characters are intentionally used in file names, this replacement strategy leads to unwanted renames. Read more here.
License
-
This is free software under the terms of MIT the license (check the COPYING file included with the source code).
+
This is free software under the terms of the MIT license (check the COPYING file included with the source code).
Copyright (C) 2019 by Nick Craig-Wood https://www.craig-wood.com/nick/
Permission is hereby granted, free of charge, to any person obtaining a copy
@@ -30783,6 +36268,7 @@
diff --git a/MANUAL.md b/MANUAL.md
index 06b37f0d201e5..59c2cef308626 100644
--- a/MANUAL.md
+++ b/MANUAL.md
@@ -1,6 +1,6 @@
% rclone(1) User Manual
% Nick Craig-Wood
-% Mar 18, 2022
+% Dec 20, 2022
# Rclone syncs your files to cloud storage
@@ -92,7 +92,7 @@ Rclone helps you:
- [Move](https://rclone.org/commands/rclone_move/) files to cloud storage deleting the local after verification
- [Check](https://rclone.org/commands/rclone_check/) hashes and for missing/extra files
- [Mount](https://rclone.org/commands/rclone_mount/) your cloud storage as a network disk
-- [Serve](https://rclone.org/commands/rclone_serve/) local or remote files over [HTTP](https://rclone.org/commands/rclone_serve_http/)/[WebDav](https://rclone.org/commands/rclone_serve_webdav/)/[FTP](https://rclone.org/commands/rclone_serve_ftp/)/[SFTP](https://rclone.org/commands/rclone_serve_sftp/)/[dlna](https://rclone.org/commands/rclone_serve_dlna/)
+- [Serve](https://rclone.org/commands/rclone_serve/) local or remote files over [HTTP](https://rclone.org/commands/rclone_serve_http/)/[WebDav](https://rclone.org/commands/rclone_serve_webdav/)/[FTP](https://rclone.org/commands/rclone_serve_ftp/)/[SFTP](https://rclone.org/commands/rclone_serve_sftp/)/[DLNA](https://rclone.org/commands/rclone_serve_dlna/)
- Experimental [Web based GUI](https://rclone.org/gui/)
## Supported providers {#providers}
@@ -109,8 +109,10 @@ WebDAV or S3, that work out of the box.)
- Backblaze B2
- Box
- Ceph
+- China Mobile Ecloud Elastic Object Storage (EOS)
+- Arvan Cloud Object Storage (AOS)
- Citrix ShareFile
-- C14
+- Cloudflare R2
- DigitalOcean Spaces
- Digi Storage
- Dreamhost
@@ -121,11 +123,16 @@ WebDAV or S3, that work out of the box.)
- Google Drive
- Google Photos
- HDFS
+- Hetzner Storage Box
+- HiDrive
- HTTP
-- Hubic
+- Internet Archive
- Jottacloud
- IBM COS S3
+- IDrive e2
+- IONOS Cloud
- Koofr
+- Liara Object Storage
- Mail.ru Cloud
- Memset Memstore
- Mega
@@ -137,12 +144,14 @@ WebDAV or S3, that work out of the box.)
- OVH
- OpenDrive
- OpenStack Swift
-- Oracle Cloud Storage
+- Oracle Cloud Storage Swift
+- Oracle Object Storage
- ownCloud
- pCloud
- premiumize.me
- put.io
- QingStor
+- Qiniu Cloud Object Storage (Kodo)
- Rackspace Cloud Files
- rsync.net
- Scaleway
@@ -151,6 +160,7 @@ WebDAV or S3, that work out of the box.)
- SeaweedFS
- SFTP
- Sia
+- SMB / CIFS
- StackPath
- Storj
- SugarSync
@@ -163,25 +173,39 @@ WebDAV or S3, that work out of the box.)
- The local filesystem
-Links
+## Virtual providers
+
+These backends adapt or modify other storage providers:
+
+- Alias: Rename existing remotes
+- Cache: Cache remotes (DEPRECATED)
+- Chunker: Split large files
+- Combine: Combine multiple remotes into a directory tree
+- Compress: Compress files
+- Crypt: Encrypt files
+- Hasher: Hash files
+- Union: Join multiple remotes to work together
+
+
+## Links
* [Home page](https://rclone.org/)
* [GitHub project page for source and bug tracker](https://github.com/rclone/rclone)
* [Rclone Forum](https://forum.rclone.org)
* [Downloads](https://rclone.org/downloads/)
-# Install #
+# Install
Rclone is a Go program and comes as a single binary file.
-## Quickstart ##
+## Quickstart
* [Download](https://rclone.org/downloads/) the relevant binary.
* Extract the `rclone` executable, `rclone.exe` on Windows, from the archive.
* Run `rclone config` to setup. See [rclone config docs](https://rclone.org/docs/) for more details.
* Optionally configure [automatic execution](#autostart).
-See below for some expanded Linux / macOS instructions.
+See below for some expanded Linux / macOS / Windows instructions.
See the [usage](https://rclone.org/docs/) docs for how to use rclone, or
run `rclone -h`.
@@ -189,20 +213,22 @@ run `rclone -h`.
Already installed rclone can be easily updated to the latest version
using the [rclone selfupdate](https://rclone.org/commands/rclone_selfupdate/) command.
-## Script installation ##
+## Script installation
To install rclone on Linux/macOS/BSD systems, run:
- curl https://rclone.org/install.sh | sudo bash
+ sudo -v ; curl https://rclone.org/install.sh | sudo bash
For beta installation, run:
- curl https://rclone.org/install.sh | sudo bash -s beta
+ sudo -v ; curl https://rclone.org/install.sh | sudo bash -s beta
Note that this script checks the version of rclone installed first and
won't re-download if not needed.
-## Linux installation from precompiled binary ##
+## Linux installation {#linux}
+
+### Precompiled binary {#linux-precompiled}
Fetch and unpack
@@ -226,7 +252,9 @@ Run `rclone config` to setup. See [rclone config docs](https://rclone.org/docs/)
rclone config
-## macOS installation with brew ##
+## macOS installation {#macos}
+
+### Installation with brew {#macos-brew}
brew install rclone
@@ -235,7 +263,12 @@ NOTE: This version of rclone will not support `mount` any more (see
on macOS, either install a precompiled binary or enable the relevant option
when [installing from source](#install-from-source).
-## macOS installation from precompiled binary, using curl ##
+Note that this is a third party installer not controlled by the rclone
+developers so it may be out of date. Its current version is as below.
+
+[](https://repology.org/project/rclone/versions)
+
+### Precompiled binary, using curl {#macos-precompiled}
To avoid problems with macOS gatekeeper enforcing the binary to be signed and
notarized it is enough to download with `curl`.
@@ -263,24 +296,86 @@ Run `rclone config` to setup. See [rclone config docs](https://rclone.org/docs/)
rclone config
-## macOS installation from precompiled binary, using a web browser ##
+### Precompiled binary, using a web browser {#macos-precompiled-web}
When downloading a binary with a web browser, the browser will set the macOS
gatekeeper quarantine attribute. Starting from Catalina, when attempting to run
`rclone`, a pop-up will appear saying:
- “rclone” cannot be opened because the developer cannot be verified.
+ "rclone" cannot be opened because the developer cannot be verified.
macOS cannot verify that this app is free from malware.
The simplest fix is to run
xattr -d com.apple.quarantine rclone
-## Install with docker ##
+## Windows installation {#windows}
+
+### Precompiled binary {#windows-precompiled}
+
+Fetch the correct binary for your processor type by clicking on these
+links. If not sure, use the first link.
+
+- [Intel/AMD - 64 Bit](https://downloads.rclone.org/rclone-current-windows-amd64.zip)
+- [Intel/AMD - 32 Bit](https://downloads.rclone.org/rclone-current-windows-386.zip)
+- [ARM - 64 Bit](https://downloads.rclone.org/rclone-current-windows-arm64.zip)
+
+Open this file in the Explorer and extract `rclone.exe`. Rclone is a
+portable executable so you can place it wherever is convenient.
+
+Open a CMD window (or powershell) and run the binary. Note that rclone
+does not launch a GUI by default, it runs in the CMD Window.
+
+- Run `rclone.exe config` to setup. See [rclone config docs](https://rclone.org/docs/) for more details.
+- Optionally configure [automatic execution](#autostart).
+
+If you are planning to use the [rclone mount](https://rclone.org/commands/rclone_mount/)
+feature then you will need to install the third party utility
+[WinFsp](https://winfsp.dev/) also.
+
+### Chocolatey package manager {#windows-chocolatey}
+
+Make sure you have [Choco](https://chocolatey.org/) installed
+
+```
+choco search rclone
+choco install rclone
+```
+
+This will install rclone on your Windows machine. If you are planning
+to use [rclone mount](https://rclone.org/commands/rclone_mount/) then
+
+```
+choco install winfsp
+```
+
+will install that too.
+
+Note that this is a third party installer not controlled by the rclone
+developers so it may be out of date. Its current version is as below.
+
+[](https://repology.org/project/rclone/versions)
+
+## Package manager installation {#package-manager}
+
+Many Linux, Windows, macOS and other OS distributions package and
+distribute rclone.
+
+The distributed versions of rclone are often quite out of date and for
+this reason we recommend one of the other installation methods if
+possible.
+
+You can get an idea of how up to date or not your OS distribution's
+package is here.
+
+[](https://repology.org/project/rclone/versions)
+
+## Docker installation {#docker}
+
+The rclone developers maintain a [docker image for rclone](https://hub.docker.com/r/rclone/rclone).
-The rclone maintains a [docker image for rclone](https://hub.docker.com/r/rclone/rclone).
-These images are autobuilt by docker hub from the rclone source based
-on a minimal Alpine linux image.
+These images are built as part of the release process based on a
+minimal Alpine Linux.
The `:latest` tag will always point to the latest stable release. You
can use the `:beta` tag to get the latest build from master. You can
@@ -355,39 +450,102 @@ ls ~/data/mount
kill %1
```
-## Install from source ##
+## Source installation {#source}
-Make sure you have at least [Go](https://golang.org/) go1.15
-installed. [Download go](https://golang.org/dl/) if necessary. The
-latest release is recommended. Then
+Make sure you have git and [Go](https://golang.org/) installed.
+Go version 1.17 or newer is required, latest release is recommended.
+You can get it from your package manager, or download it from
+[golang.org/dl](https://golang.org/dl/). Then you can run the following:
-```sh
+```
git clone https://github.com/rclone/rclone.git
cd rclone
go build
-# If on macOS and mount is wanted, instead run: make GOTAGS=cmount
-./rclone version
```
-This will leave you a checked out version of rclone you can modify and
-send pull requests with. If you use `make` instead of `go build` then
-the rclone build will have the correct version information in it.
+This will check out the rclone source in subfolder rclone, which you can later
+modify and send pull requests with. Then it will build the rclone executable
+in the same folder. As an initial check you can now run `./rclone version`
+(`.\rclone version` on Windows).
+
+Note that on macOS and Windows the [mount](https://rclone.org/commands/rclone_mount/)
+command will not be available unless you specify an additional build tag `cmount`.
+
+```
+go build -tags cmount
+```
+
+This assumes you have a GCC compatible C compiler (GCC or Clang) in your PATH,
+as it uses [cgo](https://pkg.go.dev/cmd/cgo). But on Windows, the
+[cgofuse](https://github.com/winfsp/cgofuse) library that the cmount
+implementation is based on, also supports building
+[without cgo](https://github.com/golang/go/wiki/WindowsDLLs), i.e. by setting
+environment variable CGO_ENABLED to value 0 (static linking). This is how the
+official Windows release of rclone is being built, starting with version 1.59.
+It is still possible to build with cgo on Windows as well, by using the MinGW
+port of GCC, e.g. by installing it in a [MSYS2](https://www.msys2.org)
+distribution (make sure you install it in the classic mingw64 subsystem, the
+ucrt64 version is not compatible).
+
+Additionally, on Windows, you must install the third party utility
+[WinFsp](https://winfsp.dev/), with the "Developer" feature selected.
+If building with cgo, you must also set environment variable CPATH pointing to
+the fuse include directory within the WinFsp installation
+(normally `C:\Program Files (x86)\WinFsp\inc\fuse`).
+
+You may also add arguments `-ldflags -s` (with or without `-tags cmount`),
+to omit symbol table and debug information, making the executable file smaller,
+and `-trimpath` to remove references to local file system paths. This is how
+the official rclone releases are built.
+
+```
+go build -trimpath -ldflags -s -tags cmount
+```
+
+Instead of executing the `go build` command directly, you can run it via the
+Makefile. It changes the version number suffix from "-DEV" to "-beta" and
+appends commit details. It also copies the resulting rclone executable into
+your GOPATH bin folder (`$(go env GOPATH)/bin`, which corresponds to
+`~/go/bin/rclone` by default).
+
+```
+make
+```
+
+To include mount command on macOS and Windows with Makefile build:
+
+```
+make GOTAGS=cmount
+```
+
+There are other make targets that can be used for more advanced builds,
+such as cross-compiling for all supported os/architectures, embedding
+icon and version info resources into windows executable, and packaging
+results into release artifacts.
+See [Makefile](https://github.com/rclone/rclone/blob/master/Makefile)
+and [cross-compile.go](https://github.com/rclone/rclone/blob/master/bin/cross-compile.go)
+for details.
-You can also build the latest stable rclone with:
+Another alternative is to download the source, build and install rclone in one
+operation, as a regular Go package. The source will be stored it in the Go
+module cache, and the resulting executable will be in your GOPATH bin folder
+(`$(go env GOPATH)/bin`, which corresponds to `~/go/bin/rclone` by default).
- go get github.com/rclone/rclone
+With Go version 1.17 or newer:
-or the latest version (equivalent to the beta) with
+```
+go install github.com/rclone/rclone@latest
+```
- go get github.com/rclone/rclone@master
+With Go versions older than 1.17 (do **not** use the `-u` flag, it causes Go to
+try to update the dependencies that rclone uses and sometimes these don't work
+with the current version):
-These will build the binary in `$(go env GOPATH)/bin`
-(`~/go/bin/rclone` by default) after downloading the source to the go
-module cache. Note - do **not** use the `-u` flag here. This causes go
-to try to update the dependencies that rclone uses and sometimes these
-don't work with the current version of rclone.
+```
+go get github.com/rclone/rclone
+```
-## Installation with Ansible ##
+## Ansible installation {#ansible}
This can be done with [Stefan Weichinger's ansible
role](https://github.com/stefangweichinger/ansible-rclone).
@@ -403,7 +561,7 @@ Instructions
- rclone
```
-## Portable installation ##
+## Portable installation {#portable}
As mentioned [above](https://rclone.org/install/#quickstart), rclone is single
executable (`rclone`, or `rclone.exe` on Windows) that you can download as a
@@ -431,7 +589,7 @@ such as a regular [sync](https://rclone.org/commands/rclone_sync/), you will pro
to configure your rclone command in your operating system's scheduler. If you need to
expose *service*-like features, such as [remote control](https://rclone.org/rc/),
[GUI](https://rclone.org/gui/), [serve](https://rclone.org/commands/rclone_serve/)
-or [mount](https://rclone.org/commands/rclone_move/), you will often want an rclone
+or [mount](https://rclone.org/commands/rclone_mount/), you will often want an rclone
command always running in the background, and configuring it to run in a service infrastructure
may be a better option. Below are some alternatives on how to achieve this on
different operating systems.
@@ -464,7 +622,7 @@ c:\rclone\rclone.exe sync c:\files remote:/files --no-console --log-file c:\rclo
#### User account
-As mentioned in the [mount](https://rclone.org/commands/rclone_move/) documentation,
+As mentioned in the [mount](https://rclone.org/commands/rclone_mount/) documentation,
mounted drives created as Administrator are not visible to other accounts, not even the
account that was elevated as Administrator. By running the mount command as the
built-in `SYSTEM` user account, it will create drives accessible for everyone on
@@ -473,7 +631,7 @@ the system. Both scheduled task and Windows service can be used to achieve this.
NOTE: Remember that when rclone runs as the `SYSTEM` user, the user profile
that it sees will not be yours. This means that if you normally run rclone with
configuration file in the default location, to be able to use the same configuration
-when running as the system user you must explicitely tell rclone where to find
+when running as the system user you must explicitly tell rclone where to find
it with the [`--config`](https://rclone.org/docs/#config-config-file) option,
or else it will look in the system users profile path (`C:\Windows\System32\config\systemprofile`).
To test your command manually from a Command Prompt, you can run it with
@@ -481,7 +639,7 @@ the [PsExec](https://docs.microsoft.com/en-us/sysinternals/downloads/psexec)
utility from Microsoft's Sysinternals suite, which takes option `-s` to
execute commands as the `SYSTEM` user.
-#### Start from Startup folder ###
+#### Start from Startup folder
To quickly execute an rclone command you can simply create a standard
Windows Explorer shortcut for the complete rclone command you want to run. If you
@@ -496,7 +654,7 @@ functionality to set it to run as different user, or to set conditions or
actions on certain events. Setting up a scheduled task as described below
will often give you better results.
-#### Start from Task Scheduler ###
+#### Start from Task Scheduler
Task Scheduler is an administrative tool built into Windows, and it can be used to
configure rclone to be started automatically in a highly configurable way, e.g.
@@ -506,14 +664,14 @@ be available to all users it can run as the `SYSTEM` user.
For technical information, see
https://docs.microsoft.com/windows/win32/taskschd/task-scheduler-start-page.
-#### Run as service ###
+#### Run as service
For running rclone at system startup, you can create a Windows service that executes
your rclone command, as an alternative to scheduled task configured to run at startup.
-##### Mount command built-in service integration ####
+##### Mount command built-in service integration
-For mount commands, Rclone has a built-in Windows service integration via the third-party
+For mount commands, rclone has a built-in Windows service integration via the third-party
WinFsp library it uses. Registering as a regular Windows service easy, as you just have to
execute the built-in PowerShell command `New-Service` (requires administrative privileges).
@@ -533,11 +691,11 @@ Windows standard methods for managing network drives. This is currently not
officially supported by Rclone, but with WinFsp version 2019.3 B2 / v1.5B2 or later
it should be possible through path rewriting as described [here](https://github.com/rclone/rclone/issues/3340).
-##### Third-party service integration #####
+##### Third-party service integration
To Windows service running any rclone command, the excellent third-party utility
[NSSM](http://nssm.cc), the "Non-Sucking Service Manager", can be used.
-It includes some advanced features such as adjusting process periority, defining
+It includes some advanced features such as adjusting process priority, defining
process environment variables, redirect to file anything written to stdout, and
customized response to different exit codes, with a GUI to configure everything from
(although it can also be used from command line ).
@@ -601,6 +759,7 @@ See the following for detailed instructions for
* [Chunker](https://rclone.org/chunker/) - transparently splits large files for other remotes
* [Citrix ShareFile](https://rclone.org/sharefile/)
* [Compress](https://rclone.org/compress/)
+ * [Combine](https://rclone.org/combine/)
* [Crypt](https://rclone.org/crypt/) - to encrypt other remotes
* [DigitalOcean Spaces](https://rclone.org/s3/#digitalocean-spaces)
* [Digi Storage](https://rclone.org/koofr/#digi-storage)
@@ -612,8 +771,9 @@ See the following for detailed instructions for
* [Google Photos](https://rclone.org/googlephotos/)
* [Hasher](https://rclone.org/hasher/) - to handle checksums for other remotes
* [HDFS](https://rclone.org/hdfs/)
+ * [HiDrive](https://rclone.org/hidrive/)
* [HTTP](https://rclone.org/http/)
- * [Hubic](https://rclone.org/hubic/)
+ * [Internet Archive](https://rclone.org/internetarchive/)
* [Jottacloud](https://rclone.org/jottacloud/)
* [Koofr](https://rclone.org/koofr/)
* [Mail.ru Cloud](https://rclone.org/mailru/)
@@ -623,6 +783,7 @@ See the following for detailed instructions for
* [Microsoft OneDrive](https://rclone.org/onedrive/)
* [OpenStack Swift / Rackspace Cloudfiles / Memset Memstore](https://rclone.org/swift/)
* [OpenDrive](https://rclone.org/opendrive/)
+ * [Oracle Object Storage](https://rclone.org/oracleobjectstorage/)
* [Pcloud](https://rclone.org/pcloud/)
* [premiumize.me](https://rclone.org/premiumizeme/)
* [put.io](https://rclone.org/putio/)
@@ -630,6 +791,7 @@ See the following for detailed instructions for
* [Seafile](https://rclone.org/seafile/)
* [SFTP](https://rclone.org/sftp/)
* [Sia](https://rclone.org/sia/)
+ * [SMB](https://rclone.org/smb/)
* [Storj](https://rclone.org/storj/)
* [SugarSync](https://rclone.org/sugarsync/)
* [Union](https://rclone.org/union/)
@@ -715,13 +877,18 @@ Copy files from source to dest, skipping identical files.
Copy the source to the destination. Does not transfer files that are
identical on source and destination, testing by size and modification
-time or MD5SUM. Doesn't delete files from the destination.
+time or MD5SUM. Doesn't delete files from the destination. If you
+want to also delete files from destination, to make it match source,
+use the [sync](https://rclone.org/commands/rclone_sync/) command instead.
Note that it is always the contents of the directory that is synced,
-not the directory so when source:path is a directory, it's the
+not the directory itself. So when source:path is a directory, it's the
contents of source:path that are copied, not the directory name and
contents.
+To copy single files, use the [copyto](https://rclone.org/commands/rclone_copyto/)
+command instead.
+
If dest:path doesn't exist, it is created and the source:path contents
go there.
@@ -793,7 +960,9 @@ Sync the source to the destination, changing the destination
only. Doesn't transfer files that are identical on source and
destination, testing by size and modification time or MD5SUM.
Destination is updated to match source, including deleting files
-if necessary (except duplicate objects, see below).
+if necessary (except duplicate objects, see below). If you don't
+want to delete files from destination, use the
+[copy](https://rclone.org/commands/rclone_copy/) command instead.
**Important**: Since this can cause data loss, test first with the
`--dry-run` or the `--interactive`/`-i` flag.
@@ -805,13 +974,18 @@ errors at any point. Duplicate objects (files with the same name, on
those providers that support it) are also not yet handled.
It is always the contents of the directory that is synced, not the
-directory so when source:path is a directory, it's the contents of
+directory itself. So when source:path is a directory, it's the contents of
source:path that are copied, not the directory name and contents. See
-extended explanation in the `copy` command above if unsure.
+extended explanation in the [copy](https://rclone.org/commands/rclone_copy/) command if unsure.
If dest:path doesn't exist, it is created and the source:path contents
go there.
+It is not possible to sync overlapping remotes. However, you may exclude
+the destination from the sync with a filter rule or by putting an
+exclude-if-present file inside the destination directory and sync to a
+destination that is inside the source directory.
+
**Note**: Use the `-P`/`--progress` flag to view real-time transfer statistics
**Note**: Use the `rclone dedupe` command to deal with "Duplicate object/directory found in source/destination - ignoring" errors.
@@ -846,6 +1020,9 @@ Moves the contents of the source directory to the destination
directory. Rclone will error if the source and destination overlap and
the remote does not support a server-side directory move operation.
+To move single files, use the [moveto](https://rclone.org/commands/rclone_moveto/)
+command instead.
+
If no filters are in use and if possible this will server-side move
`source:path` into `dest:path`. After this `source:path` will no
longer exist.
@@ -856,7 +1033,8 @@ move will be used, otherwise it will copy it (server-side if possible)
into `dest:path` then delete the original (if no errors on copy) in
`source:path`.
-If you want to delete empty source directories after move, use the --delete-empty-src-dirs flag.
+If you want to delete empty source directories after move, use the
+`--delete-empty-src-dirs` flag.
See the [--no-traverse](https://rclone.org/docs/#no-traverse) option for controlling
whether rclone lists the destination directory or not. Supplying this
@@ -894,16 +1072,16 @@ Remove the files in path.
## Synopsis
-Remove the files in path. Unlike `purge` it obeys include/exclude
-filters so can be used to selectively delete files.
+Remove the files in path. Unlike [purge](https://rclone.org/commands/rclone_purge/) it
+obeys include/exclude filters so can be used to selectively delete files.
`rclone delete` only deletes files but leaves the directory structure
alone. If you want to delete a directory and all of its contents use
-the `purge` command.
+the [purge](https://rclone.org/commands/rclone_purge/) command.
If you supply the `--rmdirs` flag, it will remove all empty directories along with it.
-You can also use the separate command `rmdir` or `rmdirs` to
-delete empty directories only.
+You can also use the separate command [rmdir](https://rclone.org/commands/rclone_rmdir/) or
+[rmdirs](https://rclone.org/commands/rclone_rmdirs/) to delete empty directories only.
For example, to delete all files bigger than 100 MiB, you may first want to
check what would be deleted (use either):
@@ -947,9 +1125,10 @@ Remove the path and all of its contents.
Remove the path and all of its contents. Note that this does not obey
-include/exclude filters - everything will be removed. Use the `delete`
-command if you want to selectively delete files. To delete empty directories only,
-use command `rmdir` or `rmdirs`.
+include/exclude filters - everything will be removed. Use the
+[delete](https://rclone.org/commands/rclone_delete/) command if you want to selectively
+delete files. To delete empty directories only, use command
+[rmdir](https://rclone.org/commands/rclone_rmdir/) or [rmdirs](https://rclone.org/commands/rclone_rmdirs/).
**Important**: Since this can cause data loss, test first with the
`--dry-run` or the `--interactive`/`-i` flag.
@@ -1000,10 +1179,10 @@ Remove the empty directory at path.
This removes empty directory given by path. Will not remove the path if it
has any objects in it, not even empty subdirectories. Use
-command `rmdirs` (or `delete` with option `--rmdirs`)
-to do that.
+command [rmdirs](https://rclone.org/commands/rclone_rmdirs/) (or [delete](https://rclone.org/commands/rclone_delete/)
+with option `--rmdirs`) to do that.
-To delete a path and any objects in it, use `purge` command.
+To delete a path and any objects in it, use [purge](https://rclone.org/commands/rclone_purge/) command.
```
@@ -1033,6 +1212,10 @@ Checks the files in the source and destination match. It compares
sizes and hashes (MD5 or SHA1) and logs a report of files that don't
match. It doesn't alter the source or destination.
+For the [crypt](https://rclone.org/crypt/) remote there is a dedicated command,
+[cryptcheck](https://rclone.org/commands/rclone_cryptcheck/), that are able to check
+the checksums of the crypted files.
+
If you supply the `--size-only` flag, it will only compare the sizes not
the hashes as well. Use this for a quick check.
@@ -1128,7 +1311,7 @@ Note that `ls` and `lsl` recurse by default - use `--max-depth 1` to stop the re
The other list commands `lsd`,`lsf`,`lsjson` do not recurse by default - use `-R` to make them recurse.
-Listing a non-existent directory will produce an error except for
+Listing a nonexistent directory will produce an error except for
remotes which can't have empty directories (e.g. s3, swift, or gcs -
the bucket-based remotes).
@@ -1157,7 +1340,7 @@ List all directories/containers/buckets in the path.
Lists the directories in the source path to standard output. Does not
-recurse by default. Use the -R flag to recurse.
+recurse by default. Use the `-R` flag to recurse.
This command lists the total size of the directory (if known, -1 if
not), the modification time (if known, the current time if not), the
@@ -1175,7 +1358,7 @@ Or
-1 2017-01-03 14:40:54 -1 2500files
-1 2017-07-08 14:39:28 -1 4000files
-If you just want the directory names use "rclone lsf --dirs-only".
+If you just want the directory names use `rclone lsf --dirs-only`.
Any of the filtering options can be applied to this command.
@@ -1196,7 +1379,7 @@ Note that `ls` and `lsl` recurse by default - use `--max-depth 1` to stop the re
The other list commands `lsd`,`lsf`,`lsjson` do not recurse by default - use `-R` to make them recurse.
-Listing a non-existent directory will produce an error except for
+Listing a nonexistent directory will produce an error except for
remotes which can't have empty directories (e.g. s3, swift, or gcs -
the bucket-based remotes).
@@ -1255,7 +1438,7 @@ Note that `ls` and `lsl` recurse by default - use `--max-depth 1` to stop the re
The other list commands `lsd`,`lsf`,`lsjson` do not recurse by default - use `-R` to make them recurse.
-Listing a non-existent directory will produce an error except for
+Listing a nonexistent directory will produce an error except for
remotes which can't have empty directories (e.g. s3, swift, or gcs -
the bucket-based remotes).
@@ -1291,9 +1474,13 @@ not supported by the remote, no hash will be returned. With the
download flag, the file will be downloaded from the remote and
hashed locally enabling MD5 for any remote.
+For other algorithms, see the [hashsum](https://rclone.org/commands/rclone_hashsum/)
+command. Running `rclone md5sum remote:path` is equivalent
+to running `rclone hashsum MD5 remote:path`.
+
This command can also hash data received on standard input (stdin),
by not passing a remote:path, or by passing a hyphen as remote:path
-when there is data to read (if not, the hypen will be treated literaly,
+when there is data to read (if not, the hyphen will be treated literally,
as a relative path).
@@ -1332,9 +1519,13 @@ not supported by the remote, no hash will be returned. With the
download flag, the file will be downloaded from the remote and
hashed locally enabling SHA-1 for any remote.
+For other algorithms, see the [hashsum](https://rclone.org/commands/rclone_hashsum/)
+command. Running `rclone sha1sum remote:path` is equivalent
+to running `rclone hashsum SHA1 remote:path`.
+
This command can also hash data received on standard input (stdin),
by not passing a remote:path, or by passing a hyphen as remote:path
-when there is data to read (if not, the hypen will be treated literaly,
+when there is data to read (if not, the hyphen will be treated literally,
as a relative path).
This command can also hash data received on STDIN, if not passing
@@ -1365,6 +1556,28 @@ See the [global flags page](https://rclone.org/flags/) for global options not li
Prints the total size and number of objects in remote:path.
+## Synopsis
+
+
+Counts objects in the path and calculates the total size. Prints the
+result to standard output.
+
+By default the output is in human-readable format, but shows values in
+both human-readable format as well as the raw numbers (global option
+`--human-readable` is not considered). Use option `--json`
+to format output as JSON instead.
+
+Recurses by default, use `--max-depth 1` to stop the
+recursion.
+
+Some backends do not always provide file sizes, see for example
+[Google Photos](https://rclone.org/googlephotos/#size) and
+[Google Drive](https://rclone.org/drive/#limitations-of-google-docs).
+Rclone will then show a notice in the log indicating how many such
+files were encountered, and count them in as empty files in the output
+of the size command.
+
+
```
rclone size remote:path [flags]
```
@@ -1488,7 +1701,7 @@ Opendrive) that can have duplicate file names. It can be run on wrapping backend
(e.g. crypt) if they wrap a backend which supports duplicate file
names.
-However if --by-hash is passed in then dedupe will find files with
+However if `--by-hash` is passed in then dedupe will find files with
duplicate hashes instead which will work on any backend which supports
at least one hash. This can be used to find files with duplicate
content. This is known as deduping by hash.
@@ -1760,11 +1973,11 @@ See the [global flags page](https://rclone.org/flags/) for global options not li
# rclone bisync
-Perform bidirectonal synchronization between two paths.
+Perform bidirectional synchronization between two paths.
## Synopsis
-Perform bidirectonal synchronization between two paths.
+Perform bidirectional synchronization between two paths.
[Bisync](https://rclone.org/bisync/) provides a
bidirectional cloud sync solution in rclone.
@@ -1916,11 +2129,10 @@ See the [global flags page](https://rclone.org/flags/) for global options not li
# rclone completion
-generate the autocompletion script for the specified shell
+Generate the autocompletion script for the specified shell
## Synopsis
-
Generate the autocompletion script for rclone for the specified shell.
See each sub-command's help for details on how to use the generated script.
@@ -1936,34 +2148,38 @@ See the [global flags page](https://rclone.org/flags/) for global options not li
## SEE ALSO
* [rclone](https://rclone.org/commands/rclone/) - Show help for rclone commands, flags and backends.
-* [rclone completion bash](https://rclone.org/commands/rclone_completion_bash/) - generate the autocompletion script for bash
-* [rclone completion fish](https://rclone.org/commands/rclone_completion_fish/) - generate the autocompletion script for fish
-* [rclone completion powershell](https://rclone.org/commands/rclone_completion_powershell/) - generate the autocompletion script for powershell
-* [rclone completion zsh](https://rclone.org/commands/rclone_completion_zsh/) - generate the autocompletion script for zsh
+* [rclone completion bash](https://rclone.org/commands/rclone_completion_bash/) - Generate the autocompletion script for bash
+* [rclone completion fish](https://rclone.org/commands/rclone_completion_fish/) - Generate the autocompletion script for fish
+* [rclone completion powershell](https://rclone.org/commands/rclone_completion_powershell/) - Generate the autocompletion script for powershell
+* [rclone completion zsh](https://rclone.org/commands/rclone_completion_zsh/) - Generate the autocompletion script for zsh
# rclone completion bash
-generate the autocompletion script for bash
+Generate the autocompletion script for bash
## Synopsis
-
Generate the autocompletion script for the bash shell.
This script depends on the 'bash-completion' package.
If it is not installed already, you can install it via your OS's package manager.
To load completions in your current shell session:
-$ source <(rclone completion bash)
+
+ source <(rclone completion bash)
To load completions for every new session, execute once:
-Linux:
- $ rclone completion bash > /etc/bash_completion.d/rclone
-MacOS:
- $ rclone completion bash > /usr/local/etc/bash_completion.d/rclone
+
+### Linux:
+
+ rclone completion bash > /etc/bash_completion.d/rclone
+
+### macOS:
+
+ rclone completion bash > $(brew --prefix)/etc/bash_completion.d/rclone
You will need to start a new shell for this setup to take effect.
-
+
```
rclone completion bash
@@ -1980,22 +2196,23 @@ See the [global flags page](https://rclone.org/flags/) for global options not li
## SEE ALSO
-* [rclone completion](https://rclone.org/commands/rclone_completion/) - generate the autocompletion script for the specified shell
+* [rclone completion](https://rclone.org/commands/rclone_completion/) - Generate the autocompletion script for the specified shell
# rclone completion fish
-generate the autocompletion script for fish
+Generate the autocompletion script for fish
## Synopsis
-
Generate the autocompletion script for the fish shell.
To load completions in your current shell session:
-$ rclone completion fish | source
+
+ rclone completion fish | source
To load completions for every new session, execute once:
-$ rclone completion fish > ~/.config/fish/completions/rclone.fish
+
+ rclone completion fish > ~/.config/fish/completions/rclone.fish
You will need to start a new shell for this setup to take effect.
@@ -2015,19 +2232,19 @@ See the [global flags page](https://rclone.org/flags/) for global options not li
## SEE ALSO
-* [rclone completion](https://rclone.org/commands/rclone_completion/) - generate the autocompletion script for the specified shell
+* [rclone completion](https://rclone.org/commands/rclone_completion/) - Generate the autocompletion script for the specified shell
# rclone completion powershell
-generate the autocompletion script for powershell
+Generate the autocompletion script for powershell
## Synopsis
-
Generate the autocompletion script for powershell.
To load completions in your current shell session:
-PS C:\> rclone completion powershell | Out-String | Invoke-Expression
+
+ rclone completion powershell | Out-String | Invoke-Expression
To load completions for every new session, add the output of the above command
to your powershell profile.
@@ -2048,27 +2265,34 @@ See the [global flags page](https://rclone.org/flags/) for global options not li
## SEE ALSO
-* [rclone completion](https://rclone.org/commands/rclone_completion/) - generate the autocompletion script for the specified shell
+* [rclone completion](https://rclone.org/commands/rclone_completion/) - Generate the autocompletion script for the specified shell
# rclone completion zsh
-generate the autocompletion script for zsh
+Generate the autocompletion script for zsh
## Synopsis
-
Generate the autocompletion script for the zsh shell.
If shell completion is not already enabled in your environment you will need
to enable it. You can execute the following once:
-$ echo "autoload -U compinit; compinit" >> ~/.zshrc
+ echo "autoload -U compinit; compinit" >> ~/.zshrc
+
+To load completions in your current shell session:
+
+ source <(rclone completion zsh); compdef _rclone rclone
To load completions for every new session, execute once:
-# Linux:
-$ rclone completion zsh > "${fpath[1]}/_rclone"
-# macOS:
-$ rclone completion zsh > /usr/local/share/zsh/site-functions/_rclone
+
+### Linux:
+
+ rclone completion zsh > "${fpath[1]}/_rclone"
+
+### macOS:
+
+ rclone completion zsh > $(brew --prefix)/share/zsh/site-functions/_rclone
You will need to start a new shell for this setup to take effect.
@@ -2088,7 +2312,7 @@ See the [global flags page](https://rclone.org/flags/) for global options not li
## SEE ALSO
-* [rclone completion](https://rclone.org/commands/rclone_completion/) - generate the autocompletion script for the specified shell
+* [rclone completion](https://rclone.org/commands/rclone_completion/) - Generate the autocompletion script for the specified shell
# rclone config create
@@ -2130,7 +2354,7 @@ are 100% certain you are already passing obscured passwords then use
`rclone config password` command.
The flag `--non-interactive` is for use by applications that wish to
-configure rclone themeselves, rather than using rclone's text based
+configure rclone themselves, rather than using rclone's text based
configuration questions. If this flag is set, and rclone needs to ask
the user a question, a JSON blob will be returned with the question in
it.
@@ -2142,7 +2366,7 @@ This will look something like (some irrelevant detail removed):
"State": "*oauth-islocal,teamdrive,,",
"Option": {
"Name": "config_is_local",
- "Help": "Use auto config?\n * Say Y if not sure\n * Say N if you are working on a remote or headless machine\n",
+ "Help": "Use web browser to automatically authenticate rclone with remote?\n * Say Y if the machine running rclone has a web browser you can use\n * Say N if running rclone on a (remote) machine without web browser access\nIf not sure try Y. If Y failed, try N.\n",
"Default": true,
"Examples": [
{
@@ -2525,7 +2749,7 @@ are 100% certain you are already passing obscured passwords then use
`rclone config password` command.
The flag `--non-interactive` is for use by applications that wish to
-configure rclone themeselves, rather than using rclone's text based
+configure rclone themselves, rather than using rclone's text based
configuration questions. If this flag is set, and rclone needs to ask
the user a question, a JSON blob will be returned with the question in
it.
@@ -2537,7 +2761,7 @@ This will look something like (some irrelevant detail removed):
"State": "*oauth-islocal,teamdrive,,",
"Option": {
"Name": "config_is_local",
- "Help": "Use auto config?\n * Say Y if not sure\n * Say N if you are working on a remote or headless machine\n",
+ "Help": "Use web browser to automatically authenticate rclone with remote?\n * Say Y if the machine running rclone has a web browser you can use\n * Say N if running rclone on a (remote) machine without web browser access\nIf not sure try Y. If Y failed, try N.\n",
"Default": true,
"Examples": [
{
@@ -2656,8 +2880,8 @@ If source:path is a file or directory then it copies it to a file or
directory named dest:path.
This can be used to upload single files to other than their current
-name. If the source is a directory then it acts exactly like the copy
-command.
+name. If the source is a directory then it acts exactly like the
+[copy](https://rclone.org/commands/rclone_copy/) command.
So
@@ -2707,10 +2931,11 @@ Copy url content to dest.
Download a URL's content and copy it to the destination without saving
it in temporary storage.
-Setting `--auto-filename` will cause the file name to be retrieved from
-the URL (after any redirections) and used in the destination
-path. With `--print-filename` in addition, the resulting file name will
-be printed.
+Setting `--auto-filename` will attempt to automatically determine the filename from the URL
+(after any redirections) and used in the destination path.
+With `--auto-filename-header` in
+addition, if a specific filename is set in HTTP headers, it will be used instead of the name from the URL.
+With `--print-filename` in addition, the resulting file name will be printed.
Setting `--no-clobber` will prevent overwriting file on the
destination if there is one with the same name.
@@ -2726,11 +2951,12 @@ rclone copyurl https://example.com dest:path [flags]
## Options
```
- -a, --auto-filename Get the file name from the URL and use it for destination file path
- -h, --help help for copyurl
- --no-clobber Prevent overwriting file with same name
- -p, --print-filename Print the resulting name from --auto-filename
- --stdout Write the output to stdout rather than a file
+ -a, --auto-filename Get the file name from the URL and use it for destination file path
+ --header-filename Get the file name from the Content-Disposition header
+ -h, --help help for copyurl
+ --no-clobber Prevent overwriting file with same name
+ -p, --print-filename Print the resulting name from --auto-filename
+ --stdout Write the output to stdout rather than a file
```
See the [global flags page](https://rclone.org/flags/) for global options not listed here.
@@ -2746,9 +2972,9 @@ Cryptcheck checks the integrity of a crypted remote.
## Synopsis
-rclone cryptcheck checks a remote against a crypted remote. This is
-the equivalent of running rclone check, but able to check the
-checksums of the crypted remote.
+rclone cryptcheck checks a remote against a [crypted](https://rclone.org/crypt/) remote.
+This is the equivalent of running rclone [check](https://rclone.org/commands/rclone_check/),
+but able to check the checksums of the crypted remote.
For it to work the underlying remote of the cryptedremote must support
some kind of checksum.
@@ -2824,7 +3050,7 @@ Cryptdecode returns unencrypted file names.
rclone cryptdecode returns unencrypted file names when provided with
a list of encrypted file names. List limit is 10 items.
-If you supply the --reverse flag, it will return encrypted file names.
+If you supply the `--reverse` flag, it will return encrypted file names.
use it like this
@@ -2832,8 +3058,8 @@ use it like this
rclone cryptdecode --reverse encryptedremote: filename1 filename2
-Another way to accomplish this is by using the `rclone backend encode` (or `decode`)command.
-See the documentation on the `crypt` overlay for more info.
+Another way to accomplish this is by using the `rclone backend encode` (or `decode`) command.
+See the documentation on the [crypt](https://rclone.org/crypt/) overlay for more info.
```
@@ -2889,7 +3115,7 @@ Output completion script for a given shell.
Generates a shell completion script for rclone.
-Run with --help to list the supported shells.
+Run with `--help` to list the supported shells.
## Options
@@ -3073,9 +3299,12 @@ not supported by the remote, no hash will be returned. With the
download flag, the file will be downloaded from the remote and
hashed locally enabling any hash for any remote.
+For the MD5 and SHA1 algorithms there are also dedicated commands,
+[md5sum](https://rclone.org/commands/rclone_md5sum/) and [sha1sum](https://rclone.org/commands/rclone_sha1sum/).
+
This command can also hash data received on standard input (stdin),
by not passing a remote:path, or by passing a hyphen as remote:path
-when there is data to read (if not, the hypen will be treated literaly,
+when there is data to read (if not, the hyphen will be treated literally,
as a relative path).
Run without a hash to see the list of all supported hashes, e.g.
@@ -3088,6 +3317,7 @@ Run without a hash to see the list of all supported hashes, e.g.
* crc32
* sha256
* dropbox
+ * hidrive
* mailru
* quickxor
@@ -3174,7 +3404,7 @@ List all the remotes in the config file.
rclone listremotes lists all the available remotes from the config file.
-When uses with the -l flag it lists the types too.
+When used with the `--long` flag it lists the types too.
```
@@ -3215,7 +3445,7 @@ Eg
ferejej3gux/
fubuwic
-Use the --format option to control what gets listed. By default this
+Use the `--format` option to control what gets listed. By default this
is just the path, but you can use these parameters to control the
output:
@@ -3228,9 +3458,10 @@ output:
m - MimeType of object if known
e - encrypted name
T - tier of storage if known, e.g. "Hot" or "Cool"
+ M - Metadata of object in JSON blob format, eg {"key":"value"}
So if you wanted the path, size and modification time, you would use
---format "pst", or maybe --format "tsp" to put the path last.
+`--format "pst"`, or maybe `--format "tsp"` to put the path last.
Eg
@@ -3242,7 +3473,7 @@ Eg
2016-06-25 18:55:40;37600;fubuwic
If you specify "h" in the format you will get the MD5 hash by default,
-use the "--hash" flag to change which hash you want. Note that this
+use the `--hash` flag to change which hash you want. Note that this
can be returned as an empty string if it isn't available on the object
(and for directories), "ERROR" if there was an error reading it from
the object and "UNSUPPORTED" if that object does not support that hash
@@ -3264,7 +3495,7 @@ Eg
(Though "rclone md5sum ." is an easier way of typing this.)
By default the separator is ";" this can be changed with the
---separator flag. Note that separators aren't escaped in the path so
+`--separator` flag. Note that separators aren't escaped in the path so
putting it last is a good strategy.
Eg
@@ -3286,8 +3517,8 @@ Eg
test.sh,449
"this file contains a comma, in the file name.txt",6
-Note that the --absolute parameter is useful for making lists of files
-to pass to an rclone copy with the --files-from-raw flag.
+Note that the `--absolute` parameter is useful for making lists of files
+to pass to an rclone copy with the `--files-from-raw` flag.
For example, to find all the files modified within one day and copy
those only (without traversing the whole directory structure):
@@ -3314,7 +3545,7 @@ Note that `ls` and `lsl` recurse by default - use `--max-depth 1` to stop the re
The other list commands `lsd`,`lsf`,`lsjson` do not recurse by default - use `-R` to make them recurse.
-Listing a non-existent directory will produce an error except for
+Listing a nonexistent directory will produce an error except for
remotes which can't have empty directories (e.g. s3, swift, or gcs -
the bucket-based remotes).
@@ -3354,7 +3585,7 @@ List directories and objects in the path in JSON format.
The output is an array of Items, where each Item looks like this
- {
+ {
"Hashes" : {
"SHA-1" : "f572d396fae9206628714fb2ce00f72e94f2258f",
"MD5" : "b1946ac92492d2347c6235b4d2611184",
@@ -3372,29 +3603,32 @@ The output is an array of Items, where each Item looks like this
"Path" : "full/path/goes/here/file.txt",
"Size" : 6,
"Tier" : "hot",
- }
+ }
-If --hash is not specified the Hashes property won't be emitted. The
-types of hash can be specified with the --hash-type parameter (which
-may be repeated). If --hash-type is set then it implies --hash.
+If `--hash` is not specified the Hashes property won't be emitted. The
+types of hash can be specified with the `--hash-type` parameter (which
+may be repeated). If `--hash-type` is set then it implies `--hash`.
-If --no-modtime is specified then ModTime will be blank. This can
+If `--no-modtime` is specified then ModTime will be blank. This can
speed things up on remotes where reading the ModTime takes an extra
request (e.g. s3, swift).
-If --no-mimetype is specified then MimeType will be blank. This can
+If `--no-mimetype` is specified then MimeType will be blank. This can
speed things up on remotes where reading the MimeType takes an extra
request (e.g. s3, swift).
-If --encrypted is not specified the Encrypted won't be emitted.
+If `--encrypted` is not specified the Encrypted won't be emitted.
-If --dirs-only is not specified files in addition to directories are
+If `--dirs-only` is not specified files in addition to directories are
returned
-If --files-only is not specified directories in addition to the files
+If `--files-only` is not specified directories in addition to the files
will be returned.
-if --stat is set then a single JSON blob will be returned about the
+If `--metadata` is set then an additional Metadata key will be returned.
+This will have metadata in rclone standard format as a JSON object.
+
+if `--stat` is set then a single JSON blob will be returned about the
item pointed to. This will return an error if the item isn't found.
However on bucket based backends (like s3, gcs, b2, azureblob etc) if
the item isn't found it will return an empty directory as it isn't
@@ -3403,7 +3637,7 @@ possible to tell empty directories from missing directories there.
The Path field will only show folders below the remote path being listed.
If "remote:path" contains the file "subfolder/file.txt", the Path for "file.txt"
will be "subfolder/file.txt", not "remote:path/subfolder/file.txt".
-When used without --recursive the Path will always be the same as Name.
+When used without `--recursive` the Path will always be the same as Name.
If the directory is a bucket in a bucket-based backend, then
"IsBucket" will be set to true. This key won't be present unless it is
@@ -3438,7 +3672,7 @@ Note that `ls` and `lsl` recurse by default - use `--max-depth 1` to stop the re
The other list commands `lsd`,`lsf`,`lsjson` do not recurse by default - use `-R` to make them recurse.
-Listing a non-existent directory will produce an error except for
+Listing a nonexistent directory will produce an error except for
remotes which can't have empty directories (e.g. s3, swift, or gcs -
the bucket-based remotes).
@@ -3451,11 +3685,12 @@ rclone lsjson remote:path [flags]
```
--dirs-only Show only directories in the listing
- -M, --encrypted Show the encrypted names
+ --encrypted Show the encrypted names
--files-only Show only files in the listing
--hash Include hashes in the output (may take longer)
--hash-type stringArray Show only this hash type (may be repeated)
-h, --help help for lsjson
+ -M, --metadata Add metadata to the listing
--no-mimetype Don't read the mime type (can speed things up)
--no-modtime Don't read the modification time (can speed things up)
--original Show the ID of the underlying Object
@@ -3539,10 +3774,10 @@ at all, then 1 PiB is set as both the total and the free size.
To run rclone mount on Windows, you will need to
download and install [WinFsp](http://www.secfs.net/winfsp/).
-[WinFsp](https://github.com/billziss-gh/winfsp) is an open-source
+[WinFsp](https://github.com/winfsp/winfsp) is an open-source
Windows File System Proxy which makes it easy to write user space file
systems for Windows. It provides a FUSE emulation layer which rclone
-uses combination with [cgofuse](https://github.com/billziss-gh/cgofuse).
+uses combination with [cgofuse](https://github.com/winfsp/cgofuse).
Both of these packages are by Bill Zissimopoulos who was very helpful
during the implementation of rclone mount for Windows.
@@ -3562,7 +3797,7 @@ and experience unexpected program errors, freezes or other issues, consider moun
as a network drive instead.
When mounting as a fixed disk drive you can either mount to an unused drive letter,
-or to a path representing a **non-existent** subdirectory of an **existing** parent
+or to a path representing a **nonexistent** subdirectory of an **existing** parent
directory or drive. Using the special value `*` will tell rclone to
automatically assign the next available drive letter, starting with Z: and moving backward.
Examples:
@@ -3593,7 +3828,7 @@ the mapped drive, shown in Windows Explorer etc, while the complete
`\\server\share` will be reported as the remote UNC path by
`net use` etc, just like a normal network drive mapping.
-If you specify a full network share UNC path with `--volname`, this will implicitely
+If you specify a full network share UNC path with `--volname`, this will implicitly
set the `--network-mode` option, so the following two examples have same result:
rclone mount remote:path/to/files X: --network-mode
@@ -3602,7 +3837,7 @@ set the `--network-mode` option, so the following two examples have same result:
You may also specify the network share UNC path as the mountpoint itself. Then rclone
will automatically assign a drive letter, same as with `*` and use that as
mountpoint, and instead use the UNC path specified as the volume name, as if it were
-specified with the `--volname` option. This will also implicitely set
+specified with the `--volname` option. This will also implicitly set
the `--network-mode` option. This means the following two examples have same result:
rclone mount remote:path/to/files \\cloud\remote
@@ -3638,7 +3873,7 @@ The permissions on each entry will be set according to [options](#options)
The default permissions corresponds to `--file-perms 0666 --dir-perms 0777`,
i.e. read and write permissions to everyone. This means you will not be able
-to start any programs from the the mount. To be able to do that you must add
+to start any programs from the mount. To be able to do that you must add
execute permissions, e.g. `--file-perms 0777 --dir-perms 0777` to add it
to everyone. If the program needs to write files, chances are you will have
to enable [VFS File Caching](#vfs-file-caching) as well (see also [limitations](#limitations)).
@@ -3692,7 +3927,7 @@ from Microsoft's Sysinternals suite, which has option `-s` to start
processes as the SYSTEM account. Another alternative is to run the mount
command from a Windows Scheduled Task, or a Windows Service, configured
to run as the SYSTEM account. A third alternative is to use the
-[WinFsp.Launcher infrastructure](https://github.com/billziss-gh/winfsp/wiki/WinFsp-Service-Architecture)).
+[WinFsp.Launcher infrastructure](https://github.com/winfsp/winfsp/wiki/WinFsp-Service-Architecture)).
Note that when running rclone as another user, it will not use
the configuration file from your profile unless you tell it to
with the [`--config`](https://rclone.org/docs/#config-config-file) option.
@@ -3709,8 +3944,8 @@ applications won't work with their files on an rclone mount without
`--vfs-cache-mode writes` or `--vfs-cache-mode full`.
See the [VFS File Caching](#vfs-file-caching) section for more info.
-The bucket-based remotes (e.g. Swift, S3, Google Compute Storage, B2,
-Hubic) do not support the concept of empty directories, so empty
+The bucket-based remotes (e.g. Swift, S3, Google Compute Storage, B2)
+do not support the concept of empty directories, so empty
directories will have a tendency to disappear once they fall out of
the directory cache.
@@ -3874,7 +4109,7 @@ about files and directories (but not the data) in memory.
Using the `--dir-cache-time` flag, you can control how long a
directory should be considered up to date and not refreshed from the
-backend. Changes made through the mount will appear immediately or
+backend. Changes made through the VFS will appear immediately or
invalidate the cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
@@ -4031,6 +4266,38 @@ FAT/exFAT do not. Rclone will perform very badly if the cache
directory is on a filesystem which doesn't support sparse files and it
will log an ERROR message if one is detected.
+### Fingerprinting
+
+Various parts of the VFS use fingerprinting to see if a local file
+copy has changed relative to a remote file. Fingerprints are made
+from:
+
+- size
+- modification time
+- hash
+
+where available on an object.
+
+On some backends some of these attributes are slow to read (they take
+an extra API call per object, or extra work per object).
+
+For example `hash` is slow with the `local` and `sftp` backends as
+they have to read the entire file and hash it, and `modtime` is slow
+with the `s3`, `swift`, `ftp` and `qinqstor` backends because they
+need to do an extra API call to fetch it.
+
+If you use the `--vfs-fast-fingerprint` flag then rclone will not
+include the slow operations in the fingerprint. This makes the
+fingerprinting less accurate but much faster and will improve the
+opening time of cached files.
+
+If you are running a vfs cache over `local`, `s3` or `swift` backends
+then using this flag is recommended.
+
+Note that if you change the value of this flag, the fingerprints of
+the files in the cache may be invalidated and the files will need to
+be downloaded again.
+
## VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This
@@ -4071,7 +4338,7 @@ read of the modification time takes a transaction.
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
- --read-only Mount read-only.
+ --read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather
than seeking rclone will wait a short time for the in sequence read or
@@ -4083,7 +4350,7 @@ on disk cache file.
When using VFS write caching (`--vfs-cache-mode` with value writes or full),
the global flag `--transfers` can be set to adjust the number of parallel uploads of
-modified files from cache (the related global flag `--checkers` have no effect on mount).
+modified files from the cache (the related global flag `--checkers` has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
@@ -4100,28 +4367,35 @@ It is not allowed for two files in the same directory to differ only by case.
Usually file systems on macOS are case-insensitive. It is possible to make macOS
file systems case-sensitive but that is not the default.
-The `--vfs-case-insensitive` mount flag controls how rclone handles these
-two cases. If its value is "false", rclone passes file names to the mounted
-file system as-is. If the flag is "true" (or appears without a value on
+The `--vfs-case-insensitive` VFS flag controls how rclone handles these
+two cases. If its value is "false", rclone passes file names to the remote
+as-is. If the flag is "true" (or appears without a value on the
command line), rclone may perform a "fixup" as explained below.
The user may specify a file name to open/delete/rename/etc with a case
-different than what is stored on mounted file system. If an argument refers
+different than what is stored on the remote. If an argument refers
to an existing file with exactly the same name, then the case of the existing
file on the disk will be used. However, if a file name with exactly the same
name is not found but a name differing only by case exists, rclone will
transparently fixup the name. This fixup happens only when an existing file
is requested. Case sensitivity of file names created anew by rclone is
-controlled by an underlying mounted file system.
+controlled by the underlying remote.
Note that case sensitivity of the operating system running rclone (the target)
-may differ from case sensitivity of a file system mounted by rclone (the source).
+may differ from case sensitivity of a file system presented by rclone (the source).
The flag controls whether "fixup" is performed to satisfy the target.
If the flag is not provided on the command line, then its default value depends
on the operating system where rclone runs: "true" on Windows and macOS, "false"
otherwise. If the flag is provided without a value, then it is "true".
+## VFS Disk Options
+
+This flag allows you to manually set the statistics about the filing system.
+It can be useful when those statistics cannot be read correctly automatically.
+
+ --vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
+
## Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used.
@@ -4147,14 +4421,14 @@ rclone mount remote:path /path/to/mountpoint [flags]
--allow-other Allow access to other users (not supported on Windows)
--allow-root Allow access to root user (not supported on Windows)
--async-read Use asynchronous reads (not supported on Windows) (default true)
- --attr-timeout duration Time for which file/directory attributes are cached (default 1s)
+ --attr-timeout Duration Time for which file/directory attributes are cached (default 1s)
--daemon Run mount in background and exit parent process (as background output is suppressed, use --log-file with --log-format=pid,... to monitor) (not supported on Windows)
- --daemon-timeout duration Time limit for rclone to respond to kernel (not supported on Windows)
- --daemon-wait duration Time to wait for ready mount from daemon (maximum time on Linux, constant sleep time on OSX/BSD) (not supported on Windows) (default 1m0s)
+ --daemon-timeout Duration Time limit for rclone to respond to kernel (not supported on Windows) (default 0s)
+ --daemon-wait Duration Time to wait for ready mount from daemon (maximum time on Linux, constant sleep time on OSX/BSD) (not supported on Windows) (default 1m0s)
--debug-fuse Debug the FUSE internals - needs -v
--default-permissions Makes kernel enforce access control based on the file mode (not supported on Windows)
--devname string Set the device name - default is remote:path
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--fuse-flag stringArray Flags or arguments to be passed direct to libfuse/WinFsp (repeat if required)
@@ -4168,22 +4442,24 @@ rclone mount remote:path /path/to/mountpoint [flags]
--noappledouble Ignore Apple Double (._) and .DS_Store files (supported on OSX only) (default true)
--noapplexattr Ignore all "com.apple.*" extended attributes (supported on OSX only)
-o, --option stringArray Option for libfuse/WinFsp (repeat if required)
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
--volname string Set the volume name (supported on Windows and OSX only)
--write-back-cache Makes kernel buffer writes before sending them to rclone (without this, writethrough caching is used) (not supported on Windows)
```
@@ -4206,7 +4482,7 @@ directory named dest:path.
This can be used to rename files or upload single files to other than
their existing name. If the source is a directory then it acts exactly
-like the move command.
+like the [move](https://rclone.org/commands/rclone_move/) command.
So
@@ -4267,30 +4543,54 @@ builds an in memory representation. rclone ncdu can be used during
this scanning phase and you will see it building up the directory
structure as it goes along.
-Here are the keys - press '?' to toggle the help on and off
+You can interact with the user interface using key presses,
+press '?' to toggle the help on and off. The supported keys are:
↑,↓ or k,j to Move
→,l to enter
←,h to return
- c toggle counts
g toggle graph
+ c toggle counts
a toggle average size in directory
+ m toggle modified time
u toggle human-readable format
- n,s,C,A sort by name,size,count,average size
+ n,s,C,A,M sort by name,size,count,asize,mtime
d delete file/directory
+ v select file/directory
+ V enter visual select mode
+ D delete selected files/directories
y copy current path to clipboard
Y display current path
- ^L refresh screen
+ ^L refresh screen (fix screen corruption)
? to toggle help on and off
- q/ESC/c-C to quit
+ q/ESC/^c to quit
+
+Listed files/directories may be prefixed by a one-character flag,
+some of them combined with a description in brackets at end of line.
+These flags have the following meaning:
+
+ e means this is an empty directory, i.e. contains no files (but
+ may contain empty subdirectories)
+ ~ means this is a directory where some of the files (possibly in
+ subdirectories) have unknown size, and therefore the directory
+ size may be underestimated (and average size inaccurate, as it
+ is average of the files with known sizes).
+ . means an error occurred while reading a subdirectory, and
+ therefore the directory size may be underestimated (and average
+ size inaccurate)
+ ! means an error occurred while reading this directory
This an homage to the [ncdu tool](https://dev.yorhel.nl/ncdu) but for
rclone remotes. It is missing lots of features at the moment
but is useful as it stands.
-Note that it might take some time to delete big files/folders. The
+Note that it might take some time to delete big files/directories. The
UI won't respond in the meantime since the deletion is done synchronously.
+For a non-interactive listing of the remote, see the
+[tree](https://rclone.org/commands/rclone_tree/) command. To just get the total size of
+the remote you can also use the [size](https://rclone.org/commands/rclone_size/) command.
+
```
rclone ncdu remote:path [flags]
@@ -4329,7 +4629,7 @@ This command can also accept a password through STDIN instead of an
argument by passing a hyphen as an argument. This will use the first
line of STDIN as the password not including the trailing newline.
-echo "secretpassword" | rclone obscure -
+ echo "secretpassword" | rclone obscure -
If there is no data on STDIN to read, rclone obscure will default to
obfuscating the hyphen itself.
@@ -4362,26 +4662,26 @@ Run a command against a running rclone.
-This runs a command against a running rclone. Use the --url flag to
+This runs a command against a running rclone. Use the `--url` flag to
specify an non default URL to connect on. This can be either a
":port" which is taken to mean "http://localhost:port" or a
"host:port" which is taken to mean "http://host:port"
-A username and password can be passed in with --user and --pass.
+A username and password can be passed in with `--user` and `--pass`.
-Note that --rc-addr, --rc-user, --rc-pass will be read also for --url,
---user, --pass.
+Note that `--rc-addr`, `--rc-user`, `--rc-pass` will be read also for
+`--url`, `--user`, `--pass`.
Arguments should be passed in as parameter=value.
The result will be returned as a JSON object by default.
-The --json parameter can be used to pass in a JSON blob as an input
+The `--json` parameter can be used to pass in a JSON blob as an input
instead of key=value arguments. This is the only way of passing in
more complicated values.
-The -o/--opt option can be used to set a key "opt" with key, value
-options in the form "-o key=value" or "-o key". It can be repeated as
+The `-o`/`--opt` option can be used to set a key "opt" with key, value
+options in the form `-o key=value` or `-o key`. It can be repeated as
many times as required. This is useful for rc commands which take the
"opt" parameter which by convention is a dictionary of strings.
@@ -4392,7 +4692,7 @@ Will place this in the "opt" value
{"key":"value", "key2","")
-The -a/--arg option can be used to set strings in the "arg" value. It
+The `-a`/`--arg` option can be used to set strings in the "arg" value. It
can be repeated as many times as required. This is useful for rc
commands which take the "arg" parameter which by convention is a list
of strings.
@@ -4403,13 +4703,13 @@ Will place this in the "arg" value
["value", "value2"]
-Use --loopback to connect to the rclone instance running "rclone rc".
+Use `--loopback` to connect to the rclone instance running `rclone rc`.
This is very useful for testing commands without having to run an
rclone rc server, e.g.:
rclone rc --loopback operations/about fs=/
-Use "rclone rc" to see a list of all possible commands.
+Use `rclone rc` to see a list of all possible commands.
```
rclone rc commands parameter [flags]
@@ -4460,11 +4760,11 @@ must fit into RAM. The cutoff needs to be small enough to adhere
the limits of your remote, please see there. Generally speaking,
setting this cutoff too high will decrease your performance.
-Use the |--size| flag to preallocate the file in advance at the remote end
+Use the `--size` flag to preallocate the file in advance at the remote end
and actually stream it, even if remote backend doesn't support streaming.
-|--size| should be the exact size of the input stream in bytes. If the
-size of the stream is different in length to the |--size| passed in
+`--size` should be the exact size of the input stream in bytes. If the
+size of the stream is different in length to the `--size` passed in
then the transfer will likely fail.
Note that the upload can also not be retried because the data is
@@ -4506,6 +4806,101 @@ the browser when rclone is run.
See the [rc documentation](https://rclone.org/rc/) for more info on the rc flags.
+## Server options
+
+Use `--addr` to specify which IP address and port the server should
+listen on, eg `--addr 1.2.3.4:8000` or `--addr :8080` to listen to all
+IPs. By default it only listens on localhost. You can use port
+:0 to let the OS choose an available port.
+
+If you set `--addr` to listen on a public or LAN accessible IP address
+then using Authentication is advised - see the next section for info.
+
+You can use a unix socket by setting the url to `unix:///path/to/socket`
+or just by using an absolute path name. Note that unix sockets bypass the
+authentication - this is expected to be done with file system permissions.
+
+`--addr` may be repeated to listen on multiple IPs/ports/sockets.
+
+`--server-read-timeout` and `--server-write-timeout` can be used to
+control the timeouts on the server. Note that this is the total time
+for a transfer.
+
+`--max-header-bytes` controls the maximum number of bytes the server will
+accept in the HTTP header.
+
+`--baseurl` controls the URL prefix that rclone serves from. By default
+rclone will serve from the root. If you used `--baseurl "/rclone"` then
+rclone would serve from a URL starting with "/rclone/". This is
+useful if you wish to proxy rclone serve. Rclone automatically
+inserts leading and trailing "/" on `--baseurl`, so `--baseurl "rclone"`,
+`--baseurl "/rclone"` and `--baseurl "/rclone/"` are all treated
+identically.
+
+### TLS (SSL)
+
+By default this will serve over http. If you want you can serve over
+https. You will need to supply the `--cert` and `--key` flags.
+If you wish to do client side certificate validation then you will need to
+supply `--client-ca` also.
+
+`--cert` should be a either a PEM encoded certificate or a concatenation
+of that with the CA certificate. `--key` should be the PEM encoded
+private key and `--client-ca` should be the PEM encoded client
+certificate authority certificate.
+
+--min-tls-version is minimum TLS version that is acceptable. Valid
+ values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default
+ "tls1.0").
+
+### Template
+
+`--template` allows a user to specify a custom markup template for HTTP
+and WebDAV serve functions. The server exports the following markup
+to be used within the template to server pages:
+
+| Parameter | Description |
+| :---------- | :---------- |
+| .Name | The full path of a file/directory. |
+| .Title | Directory listing of .Name |
+| .Sort | The current sort used. This is changeable via ?sort= parameter |
+| | Sort Options: namedirfirst,name,size,time (default namedirfirst) |
+| .Order | The current ordering used. This is changeable via ?order= parameter |
+| | Order Options: asc,desc (default asc) |
+| .Query | Currently unused. |
+| .Breadcrumb | Allows for creating a relative navigation |
+|-- .Link | The relative to the root link of the Text. |
+|-- .Text | The Name of the directory. |
+| .Entries | Information about a specific file/directory. |
+|-- .URL | The 'url' of an entry. |
+|-- .Leaf | Currently same as 'URL' but intended to be 'just' the name. |
+|-- .IsDir | Boolean for if an entry is a directory or not. |
+|-- .Size | Size in Bytes of the entry. |
+|-- .ModTime | The UTC timestamp of an entry. |
+
+### Authentication
+
+By default this will serve files without needing a login.
+
+You can either use an htpasswd file which can take lots of users, or
+set a single username and password with the `--user` and `--pass` flags.
+
+Use `--htpasswd /path/to/htpasswd` to provide an htpasswd file. This is
+in standard apache format and supports MD5, SHA1 and BCrypt for basic
+authentication. Bcrypt is recommended.
+
+To create an htpasswd file:
+
+ touch htpasswd
+ htpasswd -B htpasswd user
+ htpasswd -B htpasswd anotherUser
+
+The password file can be updated while rclone is running.
+
+Use `--realm` to set the authentication realm.
+
+Use `--salt` to change the password hashing salt from the default.
+
```
rclone rcd * [flags]
@@ -4535,15 +4930,16 @@ that only contain empty directories), that it finds under the path.
The root path itself will also be removed if it is empty, unless
you supply the `--leave-root` flag.
-Use command `rmdir` to delete just the empty directory
-given by path, not recurse.
+Use command [rmdir](https://rclone.org/commands/rclone_rmdir/) to delete just the empty
+directory given by path, not recurse.
This is useful for tidying up remotes that rclone has left a lot of
-empty directories in. For example the `delete` command will
-delete files but leave the directory structure (unless used with
-option `--rmdirs`).
+empty directories in. For example the [delete](https://rclone.org/commands/rclone_delete/)
+command will delete files but leave the directory structure (unless
+used with option `--rmdirs`).
-To delete a path and any objects in it, use `purge` command.
+To delete a path and any objects in it, use [purge](https://rclone.org/commands/rclone_purge/)
+command.
```
@@ -4646,8 +5042,8 @@ Serve a remote over a protocol.
## Synopsis
-rclone serve is used to serve a remote over a given protocol. This
-command requires the use of a subcommand to specify the protocol, e.g.
+Serve a remote over a given protocol. Requires the use of a
+subcommand to specify the protocol, e.g.
rclone serve http remote:
@@ -4675,7 +5071,7 @@ See the [global flags page](https://rclone.org/flags/) for global options not li
* [rclone serve http](https://rclone.org/commands/rclone_serve_http/) - Serve the remote over HTTP.
* [rclone serve restic](https://rclone.org/commands/rclone_serve_restic/) - Serve the remote for restic's REST API.
* [rclone serve sftp](https://rclone.org/commands/rclone_serve_sftp/) - Serve the remote over SFTP.
-* [rclone serve webdav](https://rclone.org/commands/rclone_serve_webdav/) - Serve remote:path over webdav.
+* [rclone serve webdav](https://rclone.org/commands/rclone_serve_webdav/) - Serve remote:path over WebDAV.
# rclone serve dlna
@@ -4683,14 +5079,16 @@ Serve remote:path over DLNA
## Synopsis
-rclone serve dlna is a DLNA media server for media stored in an rclone remote. Many
-devices, such as the Xbox and PlayStation, can automatically discover this server in the LAN
-and play audio/video from it. VLC is also supported. Service discovery uses UDP multicast
-packets (SSDP) and will thus only work on LANs.
+Run a DLNA media server for media stored in an rclone remote. Many
+devices, such as the Xbox and PlayStation, can automatically discover
+this server in the LAN and play audio/video from it. VLC is also
+supported. Service discovery uses UDP multicast packets (SSDP) and
+will thus only work on LANs.
-Rclone will list all files present in the remote, without filtering based on media formats or
-file extensions. Additionally, there is no media transcoding support. This means that some
-players might show files that they are not able to play back correctly.
+Rclone will list all files present in the remote, without filtering
+based on media formats or file extensions. Additionally, there is no
+media transcoding support. This means that some players might show
+files that they are not able to play back correctly.
## Server options
@@ -4723,7 +5121,7 @@ about files and directories (but not the data) in memory.
Using the `--dir-cache-time` flag, you can control how long a
directory should be considered up to date and not refreshed from the
-backend. Changes made through the mount will appear immediately or
+backend. Changes made through the VFS will appear immediately or
invalidate the cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
@@ -4880,6 +5278,38 @@ FAT/exFAT do not. Rclone will perform very badly if the cache
directory is on a filesystem which doesn't support sparse files and it
will log an ERROR message if one is detected.
+### Fingerprinting
+
+Various parts of the VFS use fingerprinting to see if a local file
+copy has changed relative to a remote file. Fingerprints are made
+from:
+
+- size
+- modification time
+- hash
+
+where available on an object.
+
+On some backends some of these attributes are slow to read (they take
+an extra API call per object, or extra work per object).
+
+For example `hash` is slow with the `local` and `sftp` backends as
+they have to read the entire file and hash it, and `modtime` is slow
+with the `s3`, `swift`, `ftp` and `qinqstor` backends because they
+need to do an extra API call to fetch it.
+
+If you use the `--vfs-fast-fingerprint` flag then rclone will not
+include the slow operations in the fingerprint. This makes the
+fingerprinting less accurate but much faster and will improve the
+opening time of cached files.
+
+If you are running a vfs cache over `local`, `s3` or `swift` backends
+then using this flag is recommended.
+
+Note that if you change the value of this flag, the fingerprints of
+the files in the cache may be invalidated and the files will need to
+be downloaded again.
+
## VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This
@@ -4920,7 +5350,7 @@ read of the modification time takes a transaction.
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
- --read-only Mount read-only.
+ --read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather
than seeking rclone will wait a short time for the in sequence read or
@@ -4932,7 +5362,7 @@ on disk cache file.
When using VFS write caching (`--vfs-cache-mode` with value writes or full),
the global flag `--transfers` can be set to adjust the number of parallel uploads of
-modified files from cache (the related global flag `--checkers` have no effect on mount).
+modified files from the cache (the related global flag `--checkers` has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
@@ -4949,28 +5379,35 @@ It is not allowed for two files in the same directory to differ only by case.
Usually file systems on macOS are case-insensitive. It is possible to make macOS
file systems case-sensitive but that is not the default.
-The `--vfs-case-insensitive` mount flag controls how rclone handles these
-two cases. If its value is "false", rclone passes file names to the mounted
-file system as-is. If the flag is "true" (or appears without a value on
+The `--vfs-case-insensitive` VFS flag controls how rclone handles these
+two cases. If its value is "false", rclone passes file names to the remote
+as-is. If the flag is "true" (or appears without a value on the
command line), rclone may perform a "fixup" as explained below.
The user may specify a file name to open/delete/rename/etc with a case
-different than what is stored on mounted file system. If an argument refers
+different than what is stored on the remote. If an argument refers
to an existing file with exactly the same name, then the case of the existing
file on the disk will be used. However, if a file name with exactly the same
name is not found but a name differing only by case exists, rclone will
transparently fixup the name. This fixup happens only when an existing file
is requested. Case sensitivity of file names created anew by rclone is
-controlled by an underlying mounted file system.
+controlled by the underlying remote.
Note that case sensitivity of the operating system running rclone (the target)
-may differ from case sensitivity of a file system mounted by rclone (the source).
+may differ from case sensitivity of a file system presented by rclone (the source).
The flag controls whether "fixup" is performed to satisfy the target.
If the flag is not provided on the command line, then its default value depends
on the operating system where rclone runs: "true" on Windows and macOS, "false"
otherwise. If the flag is provided without a value, then it is "true".
+## VFS Disk Options
+
+This flag allows you to manually set the statistics about the filing system.
+It can be useful when those statistics cannot be read correctly automatically.
+
+ --vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
+
## Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used.
@@ -4993,32 +5430,36 @@ rclone serve dlna remote:path [flags]
```
--addr string The ip:port or :port to bind the DLNA http server to (default ":7879")
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --announce-interval Duration The interval between SSDP announcements (default 12m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
-h, --help help for dlna
+ --interface stringArray The interface to use for SSDP (repeat as necessary)
--log-trace Enable trace logging of SOAP traffic
--name string Name of DLNA server
--no-checksum Don't compare checksums on up/download
--no-modtime Don't read/write the modification time (can speed things up)
--no-seek Don't allow seeking in files
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
```
See the [global flags page](https://rclone.org/flags/) for global options not listed here.
@@ -5091,7 +5532,7 @@ about files and directories (but not the data) in memory.
Using the `--dir-cache-time` flag, you can control how long a
directory should be considered up to date and not refreshed from the
-backend. Changes made through the mount will appear immediately or
+backend. Changes made through the VFS will appear immediately or
invalidate the cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
@@ -5248,6 +5689,38 @@ FAT/exFAT do not. Rclone will perform very badly if the cache
directory is on a filesystem which doesn't support sparse files and it
will log an ERROR message if one is detected.
+### Fingerprinting
+
+Various parts of the VFS use fingerprinting to see if a local file
+copy has changed relative to a remote file. Fingerprints are made
+from:
+
+- size
+- modification time
+- hash
+
+where available on an object.
+
+On some backends some of these attributes are slow to read (they take
+an extra API call per object, or extra work per object).
+
+For example `hash` is slow with the `local` and `sftp` backends as
+they have to read the entire file and hash it, and `modtime` is slow
+with the `s3`, `swift`, `ftp` and `qinqstor` backends because they
+need to do an extra API call to fetch it.
+
+If you use the `--vfs-fast-fingerprint` flag then rclone will not
+include the slow operations in the fingerprint. This makes the
+fingerprinting less accurate but much faster and will improve the
+opening time of cached files.
+
+If you are running a vfs cache over `local`, `s3` or `swift` backends
+then using this flag is recommended.
+
+Note that if you change the value of this flag, the fingerprints of
+the files in the cache may be invalidated and the files will need to
+be downloaded again.
+
## VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This
@@ -5288,7 +5761,7 @@ read of the modification time takes a transaction.
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
- --read-only Mount read-only.
+ --read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather
than seeking rclone will wait a short time for the in sequence read or
@@ -5300,7 +5773,7 @@ on disk cache file.
When using VFS write caching (`--vfs-cache-mode` with value writes or full),
the global flag `--transfers` can be set to adjust the number of parallel uploads of
-modified files from cache (the related global flag `--checkers` have no effect on mount).
+modified files from the cache (the related global flag `--checkers` has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
@@ -5317,28 +5790,35 @@ It is not allowed for two files in the same directory to differ only by case.
Usually file systems on macOS are case-insensitive. It is possible to make macOS
file systems case-sensitive but that is not the default.
-The `--vfs-case-insensitive` mount flag controls how rclone handles these
-two cases. If its value is "false", rclone passes file names to the mounted
-file system as-is. If the flag is "true" (or appears without a value on
+The `--vfs-case-insensitive` VFS flag controls how rclone handles these
+two cases. If its value is "false", rclone passes file names to the remote
+as-is. If the flag is "true" (or appears without a value on the
command line), rclone may perform a "fixup" as explained below.
The user may specify a file name to open/delete/rename/etc with a case
-different than what is stored on mounted file system. If an argument refers
+different than what is stored on the remote. If an argument refers
to an existing file with exactly the same name, then the case of the existing
file on the disk will be used. However, if a file name with exactly the same
name is not found but a name differing only by case exists, rclone will
transparently fixup the name. This fixup happens only when an existing file
is requested. Case sensitivity of file names created anew by rclone is
-controlled by an underlying mounted file system.
+controlled by the underlying remote.
Note that case sensitivity of the operating system running rclone (the target)
-may differ from case sensitivity of a file system mounted by rclone (the source).
+may differ from case sensitivity of a file system presented by rclone (the source).
The flag controls whether "fixup" is performed to satisfy the target.
If the flag is not provided on the command line, then its default value depends
on the operating system where rclone runs: "true" on Windows and macOS, "false"
otherwise. If the flag is provided without a value, then it is "true".
+## VFS Disk Options
+
+This flag allows you to manually set the statistics about the filing system.
+It can be useful when those statistics cannot be read correctly automatically.
+
+ --vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
+
## Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used.
@@ -5364,15 +5844,15 @@ rclone serve docker [flags]
--allow-other Allow access to other users (not supported on Windows)
--allow-root Allow access to root user (not supported on Windows)
--async-read Use asynchronous reads (not supported on Windows) (default true)
- --attr-timeout duration Time for which file/directory attributes are cached (default 1s)
+ --attr-timeout Duration Time for which file/directory attributes are cached (default 1s)
--base-dir string Base directory for volumes (default "/var/lib/docker-volumes/rclone")
--daemon Run mount in background and exit parent process (as background output is suppressed, use --log-file with --log-format=pid,... to monitor) (not supported on Windows)
- --daemon-timeout duration Time limit for rclone to respond to kernel (not supported on Windows)
- --daemon-wait duration Time to wait for ready mount from daemon (maximum time on Linux, constant sleep time on OSX/BSD) (not supported on Windows) (default 1m0s)
+ --daemon-timeout Duration Time limit for rclone to respond to kernel (not supported on Windows) (default 0s)
+ --daemon-wait Duration Time to wait for ready mount from daemon (maximum time on Linux, constant sleep time on OSX/BSD) (not supported on Windows) (default 1m0s)
--debug-fuse Debug the FUSE internals - needs -v
--default-permissions Makes kernel enforce access control based on the file mode (not supported on Windows)
--devname string Set the device name - default is remote:path
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--forget-state Skip restoring previous state
@@ -5388,24 +5868,26 @@ rclone serve docker [flags]
--noappledouble Ignore Apple Double (._) and .DS_Store files (supported on OSX only) (default true)
--noapplexattr Ignore all "com.apple.*" extended attributes (supported on OSX only)
-o, --option stringArray Option for libfuse/WinFsp (repeat if required)
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
--socket-addr string Address or absolute path (default: /run/docker/plugins/rclone.sock)
--socket-gid int GID for unix socket (default: current process GID) (default 1000)
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
--volname string Set the volume name (supported on Windows and OSX only)
--write-back-cache Makes kernel buffer writes before sending them to rclone (without this, writethrough caching is used) (not supported on Windows)
```
@@ -5423,9 +5905,9 @@ Serve remote:path over FTP.
## Synopsis
-rclone serve ftp implements a basic ftp server to serve the
-remote over FTP protocol. This can be viewed with a ftp client
-or you can make a remote of type ftp to read and write it.
+Run a basic FTP server to serve a remote over FTP protocol.
+This can be viewed with a FTP client or you can make a remote of
+type FTP to read and write it.
## Server options
@@ -5461,7 +5943,7 @@ about files and directories (but not the data) in memory.
Using the `--dir-cache-time` flag, you can control how long a
directory should be considered up to date and not refreshed from the
-backend. Changes made through the mount will appear immediately or
+backend. Changes made through the VFS will appear immediately or
invalidate the cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
@@ -5618,6 +6100,38 @@ FAT/exFAT do not. Rclone will perform very badly if the cache
directory is on a filesystem which doesn't support sparse files and it
will log an ERROR message if one is detected.
+### Fingerprinting
+
+Various parts of the VFS use fingerprinting to see if a local file
+copy has changed relative to a remote file. Fingerprints are made
+from:
+
+- size
+- modification time
+- hash
+
+where available on an object.
+
+On some backends some of these attributes are slow to read (they take
+an extra API call per object, or extra work per object).
+
+For example `hash` is slow with the `local` and `sftp` backends as
+they have to read the entire file and hash it, and `modtime` is slow
+with the `s3`, `swift`, `ftp` and `qinqstor` backends because they
+need to do an extra API call to fetch it.
+
+If you use the `--vfs-fast-fingerprint` flag then rclone will not
+include the slow operations in the fingerprint. This makes the
+fingerprinting less accurate but much faster and will improve the
+opening time of cached files.
+
+If you are running a vfs cache over `local`, `s3` or `swift` backends
+then using this flag is recommended.
+
+Note that if you change the value of this flag, the fingerprints of
+the files in the cache may be invalidated and the files will need to
+be downloaded again.
+
## VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This
@@ -5658,7 +6172,7 @@ read of the modification time takes a transaction.
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
- --read-only Mount read-only.
+ --read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather
than seeking rclone will wait a short time for the in sequence read or
@@ -5670,7 +6184,7 @@ on disk cache file.
When using VFS write caching (`--vfs-cache-mode` with value writes or full),
the global flag `--transfers` can be set to adjust the number of parallel uploads of
-modified files from cache (the related global flag `--checkers` have no effect on mount).
+modified files from the cache (the related global flag `--checkers` has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
@@ -5687,28 +6201,35 @@ It is not allowed for two files in the same directory to differ only by case.
Usually file systems on macOS are case-insensitive. It is possible to make macOS
file systems case-sensitive but that is not the default.
-The `--vfs-case-insensitive` mount flag controls how rclone handles these
-two cases. If its value is "false", rclone passes file names to the mounted
-file system as-is. If the flag is "true" (or appears without a value on
+The `--vfs-case-insensitive` VFS flag controls how rclone handles these
+two cases. If its value is "false", rclone passes file names to the remote
+as-is. If the flag is "true" (or appears without a value on the
command line), rclone may perform a "fixup" as explained below.
The user may specify a file name to open/delete/rename/etc with a case
-different than what is stored on mounted file system. If an argument refers
+different than what is stored on the remote. If an argument refers
to an existing file with exactly the same name, then the case of the existing
file on the disk will be used. However, if a file name with exactly the same
name is not found but a name differing only by case exists, rclone will
transparently fixup the name. This fixup happens only when an existing file
is requested. Case sensitivity of file names created anew by rclone is
-controlled by an underlying mounted file system.
+controlled by the underlying remote.
Note that case sensitivity of the operating system running rclone (the target)
-may differ from case sensitivity of a file system mounted by rclone (the source).
+may differ from case sensitivity of a file system presented by rclone (the source).
The flag controls whether "fixup" is performed to satisfy the target.
If the flag is not provided on the command line, then its default value depends
on the operating system where rclone runs: "true" on Windows and macOS, "false"
otherwise. If the flag is provided without a value, then it is "true".
+## VFS Disk Options
+
+This flag allows you to manually set the statistics about the filing system.
+It can be useful when those statistics cannot be read correctly automatically.
+
+ --vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
+
## Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used.
@@ -5814,7 +6335,7 @@ rclone serve ftp remote:path [flags]
--addr string IPaddress:Port or :Port to bind server to (default "localhost:2121")
--auth-proxy string A program to use to create the backend from the auth
--cert string TLS PEM key (concatenation of certificate and CA certificate)
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
@@ -5825,24 +6346,26 @@ rclone serve ftp remote:path [flags]
--no-seek Don't allow seeking in files
--pass string Password for authentication (empty value allow every password)
--passive-port string Passive port range to use (default "30000-32000")
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
--public-ip string Public IP address to advertise for passive connections
- --read-only Mount read-only
+ --read-only Only allow read-only access
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
--user string User name for authentication (default "anonymous")
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
```
See the [global flags page](https://rclone.org/flags/) for global options not listed here.
@@ -5857,59 +6380,69 @@ Serve the remote over HTTP.
## Synopsis
-rclone serve http implements a basic web server to serve the remote
-over HTTP. This can be viewed in a web browser or you can make a
-remote of type http read from it.
+Run a basic web server to serve a remote over HTTP.
+This can be viewed in a web browser or you can make a remote of type
+http read from it.
-You can use the filter flags (e.g. --include, --exclude) to control what
+You can use the filter flags (e.g. `--include`, `--exclude`) to control what
is served.
-The server will log errors. Use -v to see access logs.
+The server will log errors. Use `-v` to see access logs.
---bwlimit will be respected for file transfers. Use --stats to
+`--bwlimit` will be respected for file transfers. Use `--stats` to
control the stats printing.
## Server options
-Use --addr to specify which IP address and port the server should
-listen on, eg --addr 1.2.3.4:8000 or --addr :8080 to listen to all
+Use `--addr` to specify which IP address and port the server should
+listen on, eg `--addr 1.2.3.4:8000` or `--addr :8080` to listen to all
IPs. By default it only listens on localhost. You can use port
:0 to let the OS choose an available port.
-If you set --addr to listen on a public or LAN accessible IP address
+If you set `--addr` to listen on a public or LAN accessible IP address
then using Authentication is advised - see the next section for info.
---server-read-timeout and --server-write-timeout can be used to
+You can use a unix socket by setting the url to `unix:///path/to/socket`
+or just by using an absolute path name. Note that unix sockets bypass the
+authentication - this is expected to be done with file system permissions.
+
+`--addr` may be repeated to listen on multiple IPs/ports/sockets.
+
+`--server-read-timeout` and `--server-write-timeout` can be used to
control the timeouts on the server. Note that this is the total time
for a transfer.
---max-header-bytes controls the maximum number of bytes the server will
+`--max-header-bytes` controls the maximum number of bytes the server will
accept in the HTTP header.
---baseurl controls the URL prefix that rclone serves from. By default
-rclone will serve from the root. If you used --baseurl "/rclone" then
+`--baseurl` controls the URL prefix that rclone serves from. By default
+rclone will serve from the root. If you used `--baseurl "/rclone"` then
rclone would serve from a URL starting with "/rclone/". This is
useful if you wish to proxy rclone serve. Rclone automatically
-inserts leading and trailing "/" on --baseurl, so --baseurl "rclone",
---baseurl "/rclone" and --baseurl "/rclone/" are all treated
+inserts leading and trailing "/" on `--baseurl`, so `--baseurl "rclone"`,
+`--baseurl "/rclone"` and `--baseurl "/rclone/"` are all treated
identically.
-### SSL/TLS
+### TLS (SSL)
By default this will serve over http. If you want you can serve over
-https. You will need to supply the --cert and --key flags. If you
-wish to do client side certificate validation then you will need to
-supply --client-ca also.
+https. You will need to supply the `--cert` and `--key` flags.
+If you wish to do client side certificate validation then you will need to
+supply `--client-ca` also.
---cert should be a either a PEM encoded certificate or a concatenation
-of that with the CA certificate. --key should be the PEM encoded
-private key and --client-ca should be the PEM encoded client
+`--cert` should be a either a PEM encoded certificate or a concatenation
+of that with the CA certificate. `--key` should be the PEM encoded
+private key and `--client-ca` should be the PEM encoded client
certificate authority certificate.
+--min-tls-version is minimum TLS version that is acceptable. Valid
+ values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default
+ "tls1.0").
+
### Template
---template allows a user to specify a custom markup template for http
-and webdav serve functions. The server exports the following markup
+`--template` allows a user to specify a custom markup template for HTTP
+and WebDAV serve functions. The server exports the following markup
to be used within the template to server pages:
| Parameter | Description |
@@ -5936,9 +6469,9 @@ to be used within the template to server pages:
By default this will serve files without needing a login.
You can either use an htpasswd file which can take lots of users, or
-set a single username and password with the --user and --pass flags.
+set a single username and password with the `--user` and `--pass` flags.
-Use --htpasswd /path/to/htpasswd to provide an htpasswd file. This is
+Use `--htpasswd /path/to/htpasswd` to provide an htpasswd file. This is
in standard apache format and supports MD5, SHA1 and BCrypt for basic
authentication. Bcrypt is recommended.
@@ -5950,9 +6483,9 @@ To create an htpasswd file:
The password file can be updated while rclone is running.
-Use --realm to set the authentication realm.
+Use `--realm` to set the authentication realm.
-Use --salt to change the password hashing salt from the default.
+Use `--salt` to change the password hashing salt from the default.
## VFS - Virtual File System
@@ -5972,7 +6505,7 @@ about files and directories (but not the data) in memory.
Using the `--dir-cache-time` flag, you can control how long a
directory should be considered up to date and not refreshed from the
-backend. Changes made through the mount will appear immediately or
+backend. Changes made through the VFS will appear immediately or
invalidate the cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
@@ -6129,6 +6662,38 @@ FAT/exFAT do not. Rclone will perform very badly if the cache
directory is on a filesystem which doesn't support sparse files and it
will log an ERROR message if one is detected.
+### Fingerprinting
+
+Various parts of the VFS use fingerprinting to see if a local file
+copy has changed relative to a remote file. Fingerprints are made
+from:
+
+- size
+- modification time
+- hash
+
+where available on an object.
+
+On some backends some of these attributes are slow to read (they take
+an extra API call per object, or extra work per object).
+
+For example `hash` is slow with the `local` and `sftp` backends as
+they have to read the entire file and hash it, and `modtime` is slow
+with the `s3`, `swift`, `ftp` and `qinqstor` backends because they
+need to do an extra API call to fetch it.
+
+If you use the `--vfs-fast-fingerprint` flag then rclone will not
+include the slow operations in the fingerprint. This makes the
+fingerprinting less accurate but much faster and will improve the
+opening time of cached files.
+
+If you are running a vfs cache over `local`, `s3` or `swift` backends
+then using this flag is recommended.
+
+Note that if you change the value of this flag, the fingerprints of
+the files in the cache may be invalidated and the files will need to
+be downloaded again.
+
## VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This
@@ -6169,7 +6734,7 @@ read of the modification time takes a transaction.
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
- --read-only Mount read-only.
+ --read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather
than seeking rclone will wait a short time for the in sequence read or
@@ -6181,7 +6746,7 @@ on disk cache file.
When using VFS write caching (`--vfs-cache-mode` with value writes or full),
the global flag `--transfers` can be set to adjust the number of parallel uploads of
-modified files from cache (the related global flag `--checkers` have no effect on mount).
+modified files from the cache (the related global flag `--checkers` has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
@@ -6198,28 +6763,35 @@ It is not allowed for two files in the same directory to differ only by case.
Usually file systems on macOS are case-insensitive. It is possible to make macOS
file systems case-sensitive but that is not the default.
-The `--vfs-case-insensitive` mount flag controls how rclone handles these
-two cases. If its value is "false", rclone passes file names to the mounted
-file system as-is. If the flag is "true" (or appears without a value on
+The `--vfs-case-insensitive` VFS flag controls how rclone handles these
+two cases. If its value is "false", rclone passes file names to the remote
+as-is. If the flag is "true" (or appears without a value on the
command line), rclone may perform a "fixup" as explained below.
The user may specify a file name to open/delete/rename/etc with a case
-different than what is stored on mounted file system. If an argument refers
+different than what is stored on the remote. If an argument refers
to an existing file with exactly the same name, then the case of the existing
file on the disk will be used. However, if a file name with exactly the same
name is not found but a name differing only by case exists, rclone will
transparently fixup the name. This fixup happens only when an existing file
is requested. Case sensitivity of file names created anew by rclone is
-controlled by an underlying mounted file system.
+controlled by the underlying remote.
Note that case sensitivity of the operating system running rclone (the target)
-may differ from case sensitivity of a file system mounted by rclone (the source).
+may differ from case sensitivity of a file system presented by rclone (the source).
The flag controls whether "fixup" is performed to satisfy the target.
If the flag is not provided on the command line, then its default value depends
on the operating system where rclone runs: "true" on Windows and macOS, "false"
otherwise. If the flag is provided without a value, then it is "true".
+## VFS Disk Options
+
+This flag allows you to manually set the statistics about the filing system.
+It can be useful when those statistics cannot be read correctly automatically.
+
+ --vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
+
## Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used.
@@ -6241,44 +6813,47 @@ rclone serve http remote:path [flags]
## Options
```
- --addr string IPaddress:Port or :Port to bind server to (default "127.0.0.1:8080")
+ --addr stringArray IPaddress:Port or :Port to bind server to (default [127.0.0.1:8080])
--baseurl string Prefix for URLs - leave blank for root
- --cert string SSL PEM key (concatenation of certificate and CA certificate)
+ --cert string TLS PEM key (concatenation of certificate and CA certificate)
--client-ca string Client certificate authority to verify clients with
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
-h, --help help for http
--htpasswd string A htpasswd file - if not provided no authentication is done
- --key string SSL PEM Private key
+ --key string TLS PEM Private key
--max-header-bytes int Maximum size of request header (default 4096)
+ --min-tls-version string Minimum TLS version that is acceptable (default "tls1.0")
--no-checksum Don't compare checksums on up/download
--no-modtime Don't read/write the modification time (can speed things up)
--no-seek Don't allow seeking in files
--pass string Password for authentication
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
--realm string Realm for authentication
--salt string Password hashing salt (default "dlPL2MqE")
- --server-read-timeout duration Timeout for server reading data (default 1h0m0s)
- --server-write-timeout duration Timeout for server writing data (default 1h0m0s)
+ --server-read-timeout Duration Timeout for server reading data (default 1h0m0s)
+ --server-write-timeout Duration Timeout for server writing data (default 1h0m0s)
--template string User-specified template
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
--user string User name for authentication
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
```
See the [global flags page](https://rclone.org/flags/) for global options not listed here.
@@ -6293,8 +6868,8 @@ Serve the remote for restic's REST API.
## Synopsis
-rclone serve restic implements restic's REST backend API
-over HTTP. This allows restic to use rclone as a data storage
+Run a basic web server to serve a remote over restic's REST backend
+API over HTTP. This allows restic to use rclone as a data storage
mechanism for cloud providers that restic does not support directly.
[Restic](https://restic.net/) is a command-line program for doing
@@ -6302,8 +6877,8 @@ backups.
The server will log errors. Use -v to see access logs.
---bwlimit will be respected for file transfers. Use --stats to
-control the stats printing.
+`--bwlimit` will be respected for file transfers.
+Use `--stats` to control the stats printing.
## Setting up rclone for use by restic ###
@@ -6322,11 +6897,11 @@ Where you can replace "backup" in the above by whatever path in the
remote you wish to use.
By default this will serve on "localhost:8080" you can change this
-with use of the "--addr" flag.
+with use of the `--addr` flag.
You might wish to start this server on boot.
-Adding --cache-objects=false will cause rclone to stop caching objects
+Adding `--cache-objects=false` will cause rclone to stop caching objects
returned from the List call. Caching is normally desirable as it speeds
up downloading objects, saves transactions and uses very little memory.
@@ -6372,65 +6947,64 @@ these **must** end with /. Eg
### Private repositories ####
-The "--private-repos" flag can be used to limit users to repositories starting
+The`--private-repos` flag can be used to limit users to repositories starting
with a path of `//`.
## Server options
-Use --addr to specify which IP address and port the server should
-listen on, e.g. --addr 1.2.3.4:8000 or --addr :8080 to listen to all
+Use `--addr` to specify which IP address and port the server should
+listen on, eg `--addr 1.2.3.4:8000` or `--addr :8080` to listen to all
IPs. By default it only listens on localhost. You can use port
:0 to let the OS choose an available port.
-If you set --addr to listen on a public or LAN accessible IP address
+If you set `--addr` to listen on a public or LAN accessible IP address
then using Authentication is advised - see the next section for info.
---server-read-timeout and --server-write-timeout can be used to
+You can use a unix socket by setting the url to `unix:///path/to/socket`
+or just by using an absolute path name. Note that unix sockets bypass the
+authentication - this is expected to be done with file system permissions.
+
+`--addr` may be repeated to listen on multiple IPs/ports/sockets.
+
+`--server-read-timeout` and `--server-write-timeout` can be used to
control the timeouts on the server. Note that this is the total time
for a transfer.
---max-header-bytes controls the maximum number of bytes the server will
+`--max-header-bytes` controls the maximum number of bytes the server will
accept in the HTTP header.
---baseurl controls the URL prefix that rclone serves from. By default
-rclone will serve from the root. If you used --baseurl "/rclone" then
+`--baseurl` controls the URL prefix that rclone serves from. By default
+rclone will serve from the root. If you used `--baseurl "/rclone"` then
rclone would serve from a URL starting with "/rclone/". This is
useful if you wish to proxy rclone serve. Rclone automatically
-inserts leading and trailing "/" on --baseurl, so --baseurl "rclone",
---baseurl "/rclone" and --baseurl "/rclone/" are all treated
+inserts leading and trailing "/" on `--baseurl`, so `--baseurl "rclone"`,
+`--baseurl "/rclone"` and `--baseurl "/rclone/"` are all treated
identically.
---template allows a user to specify a custom markup template for http
-and webdav serve functions. The server exports the following markup
-to be used within the template to server pages:
+### TLS (SSL)
-| Parameter | Description |
-| :---------- | :---------- |
-| .Name | The full path of a file/directory. |
-| .Title | Directory listing of .Name |
-| .Sort | The current sort used. This is changeable via ?sort= parameter |
-| | Sort Options: namedirfirst,name,size,time (default namedirfirst) |
-| .Order | The current ordering used. This is changeable via ?order= parameter |
-| | Order Options: asc,desc (default asc) |
-| .Query | Currently unused. |
-| .Breadcrumb | Allows for creating a relative navigation |
-|-- .Link | The relative to the root link of the Text. |
-|-- .Text | The Name of the directory. |
-| .Entries | Information about a specific file/directory. |
-|-- .URL | The 'url' of an entry. |
-|-- .Leaf | Currently same as 'URL' but intended to be 'just' the name. |
-|-- .IsDir | Boolean for if an entry is a directory or not. |
-|-- .Size | Size in Bytes of the entry. |
-|-- .ModTime | The UTC timestamp of an entry. |
+By default this will serve over http. If you want you can serve over
+https. You will need to supply the `--cert` and `--key` flags.
+If you wish to do client side certificate validation then you will need to
+supply `--client-ca` also.
+
+`--cert` should be a either a PEM encoded certificate or a concatenation
+of that with the CA certificate. `--key` should be the PEM encoded
+private key and `--client-ca` should be the PEM encoded client
+certificate authority certificate.
+
+--min-tls-version is minimum TLS version that is acceptable. Valid
+ values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default
+ "tls1.0").
### Authentication
By default this will serve files without needing a login.
You can either use an htpasswd file which can take lots of users, or
-set a single username and password with the --user and --pass flags.
+set a single username and password with the `--user` and `--pass` flags.
-Use --htpasswd /path/to/htpasswd to provide an htpasswd file. This is
+Use `--htpasswd /path/to/htpasswd` to provide an htpasswd file. This is
in standard apache format and supports MD5, SHA1 and BCrypt for basic
authentication. Bcrypt is recommended.
@@ -6442,19 +7016,9 @@ To create an htpasswd file:
The password file can be updated while rclone is running.
-Use --realm to set the authentication realm.
+Use `--realm` to set the authentication realm.
-### SSL/TLS
-
-By default this will serve over http. If you want you can serve over
-https. You will need to supply the --cert and --key flags. If you
-wish to do client side certificate validation then you will need to
-supply --client-ca also.
-
---cert should be either a PEM encoded certificate or a concatenation
-of that with the CA certificate. --key should be the PEM encoded
-private key and --client-ca should be the PEM encoded client
-certificate authority certificate.
+Use `--salt` to change the password hashing salt from the default.
```
@@ -6464,23 +7028,24 @@ rclone serve restic remote:path [flags]
## Options
```
- --addr string IPaddress:Port or :Port to bind server to (default "localhost:8080")
+ --addr stringArray IPaddress:Port or :Port to bind server to (default [127.0.0.1:8080])
--append-only Disallow deletion of repository data
--baseurl string Prefix for URLs - leave blank for root
--cache-objects Cache listed objects (default true)
- --cert string SSL PEM key (concatenation of certificate and CA certificate)
+ --cert string TLS PEM key (concatenation of certificate and CA certificate)
--client-ca string Client certificate authority to verify clients with
-h, --help help for restic
- --htpasswd string htpasswd file - if not provided no authentication is done
- --key string SSL PEM Private key
+ --htpasswd string A htpasswd file - if not provided no authentication is done
+ --key string TLS PEM Private key
--max-header-bytes int Maximum size of request header (default 4096)
+ --min-tls-version string Minimum TLS version that is acceptable (default "tls1.0")
--pass string Password for authentication
--private-repos Users can only access their private repo
- --realm string Realm for authentication (default "rclone")
- --server-read-timeout duration Timeout for server reading data (default 1h0m0s)
- --server-write-timeout duration Timeout for server writing data (default 1h0m0s)
+ --realm string Realm for authentication
+ --salt string Password hashing salt (default "dlPL2MqE")
+ --server-read-timeout Duration Timeout for server reading data (default 1h0m0s)
+ --server-write-timeout Duration Timeout for server writing data (default 1h0m0s)
--stdio Run an HTTP2 server on stdin/stdout
- --template string User-specified template
--user string User name for authentication
```
@@ -6496,52 +7061,55 @@ Serve the remote over SFTP.
## Synopsis
-rclone serve sftp implements an SFTP server to serve the remote
-over SFTP. This can be used with an SFTP client or you can make a
-remote of type sftp to use with it.
+Run an SFTP server to serve a remote over SFTP. This can be used
+with an SFTP client or you can make a remote of type [sftp](/sftp) to use with it.
-You can use the filter flags (e.g. --include, --exclude) to control what
-is served.
+You can use the [filter](/filtering) flags (e.g. `--include`, `--exclude`)
+to control what is served.
-The server will log errors. Use -v to see access logs.
+The server will respond to a small number of shell commands, mainly
+md5sum, sha1sum and df, which enable it to provide support for checksums
+and the about feature when accessed from an sftp remote.
---bwlimit will be respected for file transfers. Use --stats to
-control the stats printing.
+Note that this server uses standard 32 KiB packet payload size, which
+means you must not configure the client to expect anything else, e.g.
+with the [chunk_size](https://rclone.org/sftp/#sftp-chunk-size) option on an sftp remote.
-You must provide some means of authentication, either with --user/--pass,
-an authorized keys file (specify location with --authorized-keys - the
-default is the same as ssh), an --auth-proxy, or set the --no-auth flag for no
-authentication when logging in.
+The server will log errors. Use `-v` to see access logs.
+
+`--bwlimit` will be respected for file transfers.
+Use `--stats` to control the stats printing.
-Note that this also implements a small number of shell commands so
-that it can provide md5sum/sha1sum/df information for the rclone sftp
-backend. This means that is can support SHA1SUMs, MD5SUMs and the
-about command when paired with the rclone sftp backend.
+You must provide some means of authentication, either with
+`--user`/`--pass`, an authorized keys file (specify location with
+`--authorized-keys` - the default is the same as ssh), an
+`--auth-proxy`, or set the `--no-auth` flag for no
+authentication when logging in.
-If you don't supply a host --key then rclone will generate rsa, ecdsa
+If you don't supply a host `--key` then rclone will generate rsa, ecdsa
and ed25519 variants, and cache them for later use in rclone's cache
-directory (see "rclone help flags cache-dir") in the "serve-sftp"
+directory (see `rclone help flags cache-dir`) in the "serve-sftp"
directory.
By default the server binds to localhost:2022 - if you want it to be
-reachable externally then supply "--addr :2022" for example.
+reachable externally then supply `--addr :2022` for example.
-Note that the default of "--vfs-cache-mode off" is fine for the rclone
+Note that the default of `--vfs-cache-mode off` is fine for the rclone
sftp backend, but it may not be with other SFTP clients.
-If --stdio is specified, rclone will serve SFTP over stdio, which can
+If `--stdio` is specified, rclone will serve SFTP over stdio, which can
be used with sshd via ~/.ssh/authorized_keys, for example:
restrict,command="rclone serve sftp --stdio ./photos" ssh-rsa ...
-On the client you need to set "--transfers 1" when using --stdio.
+On the client you need to set `--transfers 1` when using `--stdio`.
Otherwise multiple instances of the rclone server are started by OpenSSH
which can lead to "corrupted on transfer" errors. This is the case because
the client chooses indiscriminately which server to send commands to while
the servers all have different views of the state of the filing system.
The "restrict" in authorized_keys prevents SHA1SUMs and MD5SUMs from beeing
-used. Omitting "restrict" and using --sftp-path-override to enable
+used. Omitting "restrict" and using `--sftp-path-override` to enable
checksumming is possible but less secure and you could use the SFTP server
provided by OpenSSH in this case.
@@ -6564,7 +7132,7 @@ about files and directories (but not the data) in memory.
Using the `--dir-cache-time` flag, you can control how long a
directory should be considered up to date and not refreshed from the
-backend. Changes made through the mount will appear immediately or
+backend. Changes made through the VFS will appear immediately or
invalidate the cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
@@ -6721,6 +7289,38 @@ FAT/exFAT do not. Rclone will perform very badly if the cache
directory is on a filesystem which doesn't support sparse files and it
will log an ERROR message if one is detected.
+### Fingerprinting
+
+Various parts of the VFS use fingerprinting to see if a local file
+copy has changed relative to a remote file. Fingerprints are made
+from:
+
+- size
+- modification time
+- hash
+
+where available on an object.
+
+On some backends some of these attributes are slow to read (they take
+an extra API call per object, or extra work per object).
+
+For example `hash` is slow with the `local` and `sftp` backends as
+they have to read the entire file and hash it, and `modtime` is slow
+with the `s3`, `swift`, `ftp` and `qinqstor` backends because they
+need to do an extra API call to fetch it.
+
+If you use the `--vfs-fast-fingerprint` flag then rclone will not
+include the slow operations in the fingerprint. This makes the
+fingerprinting less accurate but much faster and will improve the
+opening time of cached files.
+
+If you are running a vfs cache over `local`, `s3` or `swift` backends
+then using this flag is recommended.
+
+Note that if you change the value of this flag, the fingerprints of
+the files in the cache may be invalidated and the files will need to
+be downloaded again.
+
## VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This
@@ -6761,7 +7361,7 @@ read of the modification time takes a transaction.
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
- --read-only Mount read-only.
+ --read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather
than seeking rclone will wait a short time for the in sequence read or
@@ -6773,7 +7373,7 @@ on disk cache file.
When using VFS write caching (`--vfs-cache-mode` with value writes or full),
the global flag `--transfers` can be set to adjust the number of parallel uploads of
-modified files from cache (the related global flag `--checkers` have no effect on mount).
+modified files from the cache (the related global flag `--checkers` has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
@@ -6790,28 +7390,35 @@ It is not allowed for two files in the same directory to differ only by case.
Usually file systems on macOS are case-insensitive. It is possible to make macOS
file systems case-sensitive but that is not the default.
-The `--vfs-case-insensitive` mount flag controls how rclone handles these
-two cases. If its value is "false", rclone passes file names to the mounted
-file system as-is. If the flag is "true" (or appears without a value on
+The `--vfs-case-insensitive` VFS flag controls how rclone handles these
+two cases. If its value is "false", rclone passes file names to the remote
+as-is. If the flag is "true" (or appears without a value on the
command line), rclone may perform a "fixup" as explained below.
The user may specify a file name to open/delete/rename/etc with a case
-different than what is stored on mounted file system. If an argument refers
+different than what is stored on the remote. If an argument refers
to an existing file with exactly the same name, then the case of the existing
file on the disk will be used. However, if a file name with exactly the same
name is not found but a name differing only by case exists, rclone will
transparently fixup the name. This fixup happens only when an existing file
is requested. Case sensitivity of file names created anew by rclone is
-controlled by an underlying mounted file system.
+controlled by the underlying remote.
Note that case sensitivity of the operating system running rclone (the target)
-may differ from case sensitivity of a file system mounted by rclone (the source).
+may differ from case sensitivity of a file system presented by rclone (the source).
The flag controls whether "fixup" is performed to satisfy the target.
If the flag is not provided on the command line, then its default value depends
on the operating system where rclone runs: "true" on Windows and macOS, "false"
otherwise. If the flag is provided without a value, then it is "true".
+## VFS Disk Options
+
+This flag allows you to manually set the statistics about the filing system.
+It can be useful when those statistics cannot be read correctly automatically.
+
+ --vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
+
## Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used.
@@ -6917,7 +7524,7 @@ rclone serve sftp remote:path [flags]
--addr string IPaddress:Port or :Port to bind server to (default "localhost:2022")
--auth-proxy string A program to use to create the backend from the auth
--authorized-keys string Authorized keys file (default "~/.ssh/authorized_keys")
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
@@ -6928,24 +7535,26 @@ rclone serve sftp remote:path [flags]
--no-modtime Don't read/write the modification time (can speed things up)
--no-seek Don't allow seeking in files
--pass string Password for authentication
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
- --stdio Run an sftp server on run stdin/stdout
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
+ --stdio Run an sftp server on stdin/stdout
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
--user string User name for authentication
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
```
See the [global flags page](https://rclone.org/flags/) for global options not listed here.
@@ -6956,17 +7565,15 @@ See the [global flags page](https://rclone.org/flags/) for global options not li
# rclone serve webdav
-Serve remote:path over webdav.
+Serve remote:path over WebDAV.
## Synopsis
+Run a basic WebDAV server to serve a remote over HTTP via the
+WebDAV protocol. This can be viewed with a WebDAV client, through a web
+browser, or you can make a remote of type WebDAV to read and write it.
-rclone serve webdav implements a basic webdav server to serve the
-remote over HTTP via the webdav protocol. This can be viewed with a
-webdav client, through a web browser, or you can make a remote of
-type webdav to read and write it.
-
-## Webdav options
+## WebDAV options
### --etag-hash
@@ -6975,38 +7582,61 @@ based on the ModTime and Size of the object.
If this flag is set to "auto" then rclone will choose the first
supported hash on the backend or you can use a named hash such as
-"MD5" or "SHA-1".
-
-Use "rclone hashsum" to see the full list.
+"MD5" or "SHA-1". Use the [hashsum](https://rclone.org/commands/rclone_hashsum/) command
+to see the full list.
## Server options
-Use --addr to specify which IP address and port the server should
-listen on, e.g. --addr 1.2.3.4:8000 or --addr :8080 to listen to all
+Use `--addr` to specify which IP address and port the server should
+listen on, eg `--addr 1.2.3.4:8000` or `--addr :8080` to listen to all
IPs. By default it only listens on localhost. You can use port
:0 to let the OS choose an available port.
-If you set --addr to listen on a public or LAN accessible IP address
+If you set `--addr` to listen on a public or LAN accessible IP address
then using Authentication is advised - see the next section for info.
---server-read-timeout and --server-write-timeout can be used to
+You can use a unix socket by setting the url to `unix:///path/to/socket`
+or just by using an absolute path name. Note that unix sockets bypass the
+authentication - this is expected to be done with file system permissions.
+
+`--addr` may be repeated to listen on multiple IPs/ports/sockets.
+
+`--server-read-timeout` and `--server-write-timeout` can be used to
control the timeouts on the server. Note that this is the total time
for a transfer.
---max-header-bytes controls the maximum number of bytes the server will
+`--max-header-bytes` controls the maximum number of bytes the server will
accept in the HTTP header.
---baseurl controls the URL prefix that rclone serves from. By default
-rclone will serve from the root. If you used --baseurl "/rclone" then
+`--baseurl` controls the URL prefix that rclone serves from. By default
+rclone will serve from the root. If you used `--baseurl "/rclone"` then
rclone would serve from a URL starting with "/rclone/". This is
useful if you wish to proxy rclone serve. Rclone automatically
-inserts leading and trailing "/" on --baseurl, so --baseurl "rclone",
---baseurl "/rclone" and --baseurl "/rclone/" are all treated
+inserts leading and trailing "/" on `--baseurl`, so `--baseurl "rclone"`,
+`--baseurl "/rclone"` and `--baseurl "/rclone/"` are all treated
identically.
---template allows a user to specify a custom markup template for http
-and webdav serve functions. The server exports the following markup
+### TLS (SSL)
+
+By default this will serve over http. If you want you can serve over
+https. You will need to supply the `--cert` and `--key` flags.
+If you wish to do client side certificate validation then you will need to
+supply `--client-ca` also.
+
+`--cert` should be a either a PEM encoded certificate or a concatenation
+of that with the CA certificate. `--key` should be the PEM encoded
+private key and `--client-ca` should be the PEM encoded client
+certificate authority certificate.
+
+--min-tls-version is minimum TLS version that is acceptable. Valid
+ values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default
+ "tls1.0").
+
+### Template
+
+`--template` allows a user to specify a custom markup template for HTTP
+and WebDAV serve functions. The server exports the following markup
to be used within the template to server pages:
| Parameter | Description |
@@ -7033,9 +7663,9 @@ to be used within the template to server pages:
By default this will serve files without needing a login.
You can either use an htpasswd file which can take lots of users, or
-set a single username and password with the --user and --pass flags.
+set a single username and password with the `--user` and `--pass` flags.
-Use --htpasswd /path/to/htpasswd to provide an htpasswd file. This is
+Use `--htpasswd /path/to/htpasswd` to provide an htpasswd file. This is
in standard apache format and supports MD5, SHA1 and BCrypt for basic
authentication. Bcrypt is recommended.
@@ -7047,19 +7677,9 @@ To create an htpasswd file:
The password file can be updated while rclone is running.
-Use --realm to set the authentication realm.
+Use `--realm` to set the authentication realm.
-### SSL/TLS
-
-By default this will serve over http. If you want you can serve over
-https. You will need to supply the --cert and --key flags. If you
-wish to do client side certificate validation then you will need to
-supply --client-ca also.
-
---cert should be either a PEM encoded certificate or a concatenation
-of that with the CA certificate. --key should be the PEM encoded
-private key and --client-ca should be the PEM encoded client
-certificate authority certificate.
+Use `--salt` to change the password hashing salt from the default.
## VFS - Virtual File System
@@ -7079,7 +7699,7 @@ about files and directories (but not the data) in memory.
Using the `--dir-cache-time` flag, you can control how long a
directory should be considered up to date and not refreshed from the
-backend. Changes made through the mount will appear immediately or
+backend. Changes made through the VFS will appear immediately or
invalidate the cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
@@ -7236,6 +7856,38 @@ FAT/exFAT do not. Rclone will perform very badly if the cache
directory is on a filesystem which doesn't support sparse files and it
will log an ERROR message if one is detected.
+### Fingerprinting
+
+Various parts of the VFS use fingerprinting to see if a local file
+copy has changed relative to a remote file. Fingerprints are made
+from:
+
+- size
+- modification time
+- hash
+
+where available on an object.
+
+On some backends some of these attributes are slow to read (they take
+an extra API call per object, or extra work per object).
+
+For example `hash` is slow with the `local` and `sftp` backends as
+they have to read the entire file and hash it, and `modtime` is slow
+with the `s3`, `swift`, `ftp` and `qinqstor` backends because they
+need to do an extra API call to fetch it.
+
+If you use the `--vfs-fast-fingerprint` flag then rclone will not
+include the slow operations in the fingerprint. This makes the
+fingerprinting less accurate but much faster and will improve the
+opening time of cached files.
+
+If you are running a vfs cache over `local`, `s3` or `swift` backends
+then using this flag is recommended.
+
+Note that if you change the value of this flag, the fingerprints of
+the files in the cache may be invalidated and the files will need to
+be downloaded again.
+
## VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This
@@ -7276,7 +7928,7 @@ read of the modification time takes a transaction.
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
- --read-only Mount read-only.
+ --read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather
than seeking rclone will wait a short time for the in sequence read or
@@ -7288,7 +7940,7 @@ on disk cache file.
When using VFS write caching (`--vfs-cache-mode` with value writes or full),
the global flag `--transfers` can be set to adjust the number of parallel uploads of
-modified files from cache (the related global flag `--checkers` have no effect on mount).
+modified files from the cache (the related global flag `--checkers` has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
@@ -7305,28 +7957,35 @@ It is not allowed for two files in the same directory to differ only by case.
Usually file systems on macOS are case-insensitive. It is possible to make macOS
file systems case-sensitive but that is not the default.
-The `--vfs-case-insensitive` mount flag controls how rclone handles these
-two cases. If its value is "false", rclone passes file names to the mounted
-file system as-is. If the flag is "true" (or appears without a value on
+The `--vfs-case-insensitive` VFS flag controls how rclone handles these
+two cases. If its value is "false", rclone passes file names to the remote
+as-is. If the flag is "true" (or appears without a value on the
command line), rclone may perform a "fixup" as explained below.
The user may specify a file name to open/delete/rename/etc with a case
-different than what is stored on mounted file system. If an argument refers
+different than what is stored on the remote. If an argument refers
to an existing file with exactly the same name, then the case of the existing
file on the disk will be used. However, if a file name with exactly the same
name is not found but a name differing only by case exists, rclone will
transparently fixup the name. This fixup happens only when an existing file
is requested. Case sensitivity of file names created anew by rclone is
-controlled by an underlying mounted file system.
+controlled by the underlying remote.
Note that case sensitivity of the operating system running rclone (the target)
-may differ from case sensitivity of a file system mounted by rclone (the source).
+may differ from case sensitivity of a file system presented by rclone (the source).
The flag controls whether "fixup" is performed to satisfy the target.
If the flag is not provided on the command line, then its default value depends
on the operating system where rclone runs: "true" on Windows and macOS, "false"
otherwise. If the flag is provided without a value, then it is "true".
+## VFS Disk Options
+
+This flag allows you to manually set the statistics about the filing system.
+It can be useful when those statistics cannot be read correctly automatically.
+
+ --vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
+
## Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used.
@@ -7429,46 +8088,50 @@ rclone serve webdav remote:path [flags]
## Options
```
- --addr string IPaddress:Port or :Port to bind server to (default "localhost:8080")
+ --addr stringArray IPaddress:Port or :Port to bind server to (default [127.0.0.1:8080])
--auth-proxy string A program to use to create the backend from the auth
--baseurl string Prefix for URLs - leave blank for root
- --cert string SSL PEM key (concatenation of certificate and CA certificate)
+ --cert string TLS PEM key (concatenation of certificate and CA certificate)
--client-ca string Client certificate authority to verify clients with
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--disable-dir-list Disable HTML directory list on GET request for a directory
--etag-hash string Which hash to use for the ETag, or auto or blank for off
--file-perms FileMode File permissions (default 0666)
--gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
-h, --help help for webdav
- --htpasswd string htpasswd file - if not provided no authentication is done
- --key string SSL PEM Private key
+ --htpasswd string A htpasswd file - if not provided no authentication is done
+ --key string TLS PEM Private key
--max-header-bytes int Maximum size of request header (default 4096)
+ --min-tls-version string Minimum TLS version that is acceptable (default "tls1.0")
--no-checksum Don't compare checksums on up/download
--no-modtime Don't read/write the modification time (can speed things up)
--no-seek Don't allow seeking in files
--pass string Password for authentication
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
- --realm string Realm for authentication (default "rclone")
- --server-read-timeout duration Timeout for server reading data (default 1h0m0s)
- --server-write-timeout duration Timeout for server writing data (default 1h0m0s)
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
+ --realm string Realm for authentication
+ --salt string Password hashing salt (default "dlPL2MqE")
+ --server-read-timeout Duration Timeout for server reading data (default 1h0m0s)
+ --server-write-timeout Duration Timeout for server writing data (default 1h0m0s)
--template string User-specified template
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
--user string User name for authentication
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
```
See the [global flags page](https://rclone.org/flags/) for global options not listed here.
@@ -7555,6 +8218,7 @@ See the [global flags page](https://rclone.org/flags/) for global options not li
* [rclone test changenotify](https://rclone.org/commands/rclone_test_changenotify/) - Log any change notify requests for the remote passed in.
* [rclone test histogram](https://rclone.org/commands/rclone_test_histogram/) - Makes a histogram of file name characters.
* [rclone test info](https://rclone.org/commands/rclone_test_info/) - Discovers file name or other limitations for paths.
+* [rclone test makefile](https://rclone.org/commands/rclone_test_makefile/) - Make files with random contents of the size given
* [rclone test makefiles](https://rclone.org/commands/rclone_test_makefiles/) - Make a random file hierarchy in a directory
* [rclone test memory](https://rclone.org/commands/rclone_test_memory/) - Load all the objects at remote:path into memory and report memory stats.
@@ -7570,7 +8234,7 @@ rclone test changenotify remote: [flags]
```
-h, --help help for changenotify
- --poll-interval duration Time to wait between polling for changes (default 10s)
+ --poll-interval Duration Time to wait between polling for changes (default 10s)
```
See the [global flags page](https://rclone.org/flags/) for global options not listed here.
@@ -7635,7 +8299,7 @@ rclone test info [remote:path]+ [flags]
--check-normalization Check UTF-8 Normalization
--check-streaming Check uploads with indeterminate file size
-h, --help help for info
- --upload-wait duration Wait after writing a file
+ --upload-wait Duration Wait after writing a file (default 0s)
--write-json string Write results to file
```
@@ -7645,6 +8309,32 @@ See the [global flags page](https://rclone.org/flags/) for global options not li
* [rclone test](https://rclone.org/commands/rclone_test/) - Run a test command
+# rclone test makefile
+
+Make files with random contents of the size given
+
+```
+rclone test makefile []+ [flags]
+```
+
+## Options
+
+```
+ --ascii Fill files with random ASCII printable bytes only
+ --chargen Fill files with a ASCII chargen pattern
+ -h, --help help for makefile
+ --pattern Fill files with a periodic pattern
+ --seed int Seed for the random number generator (0 for random) (default 1)
+ --sparse Make the files sparse (appear to be filled with ASCII 0x00)
+ --zero Fill files with ASCII 0x00
+```
+
+See the [global flags page](https://rclone.org/flags/) for global options not listed here.
+
+## SEE ALSO
+
+* [rclone test](https://rclone.org/commands/rclone_test/) - Run a test command
+
# rclone test makefiles
Make a random file hierarchy in a directory
@@ -7656,14 +8346,20 @@ rclone test makefiles [flags]
## Options
```
+ --ascii Fill files with random ASCII printable bytes only
+ --chargen Fill files with a ASCII chargen pattern
--files int Number of files to create (default 1000)
--files-per-directory int Average number of files per directory (default 10)
-h, --help help for makefiles
+ --max-depth int Maximum depth of directory hierarchy (default 10)
--max-file-size SizeSuffix Maximum size of files to create (default 100)
--max-name-length int Maximum size of file names (default 12)
--min-file-size SizeSuffix Minimum size of file to create
--min-name-length int Minimum size of file names (default 4)
+ --pattern Fill files with a periodic pattern
--seed int Seed for the random number generator (0 for random) (default 1)
+ --sparse Make the files sparse (appear to be filled with ASCII 0x00)
+ --zero Fill files with ASCII 0x00
```
See the [global flags page](https://rclone.org/flags/) for global options not listed here.
@@ -7764,12 +8460,16 @@ For example
1 directories, 5 files
You can use any of the filtering options with the tree command (e.g.
---include and --exclude). You can also use --fast-list.
+`--include` and `--exclude`. You can also use `--fast-list`.
The tree command has many options for controlling the listing which
-are compatible with the tree command. Note that not all of them have
+are compatible with the tree command, for example you can include file
+sizes with `--size`. Note that not all of them have
short options as they conflict with rclone's short options.
+For a more interactive navigation of the remote see the
+[ncdu](https://rclone.org/commands/rclone_ncdu/) command.
+
```
rclone tree remote:path [flags]
@@ -7779,7 +8479,6 @@ rclone tree remote:path [flags]
```
-a, --all All files are listed (list . files too)
- -C, --color Turn colorization on always
-d, --dirs-only List directories only
--dirsfirst List directories before files (-U disables)
--full-path Print the full path prefix for each file
@@ -8003,8 +8702,17 @@ Will get their own names
### Valid remote names
Remote names are case sensitive, and must adhere to the following rules:
- - May only contain `0`-`9`, `A`-`Z`, `a`-`z`, `_`, `-`, `.` and space.
+ - May contain number, letter, `_`, `-`, `.` and space.
- May not start with `-` or space.
+ - May not end with space.
+
+Starting with rclone version 1.61, any Unicode numbers and letters are allowed,
+while in older versions it was limited to plain ASCII (0-9, A-Z, a-z). If you use
+the same rclone configuration from different shells, which may be configured with
+different character encoding, you must be cautious to use characters that are
+possible to write in all of them. This is mostly a problem on Windows, where
+the console traditionally uses a non-Unicode character set - defined
+by the so-called "code page".
Quoting and the shell
---------------------
@@ -8092,6 +8800,126 @@ This can be used when scripting to make aged backups efficiently, e.g.
rclone sync -i remote:current-backup remote:previous-backup
rclone sync -i /path/to/files remote:current-backup
+## Metadata support {#metadata}
+
+Metadata is data about a file which isn't the contents of the file.
+Normally rclone only preserves the modification time and the content
+(MIME) type where possible.
+
+Rclone supports preserving all the available metadata on files (not
+directories) when using the `--metadata` or `-M` flag.
+
+Exactly what metadata is supported and what that support means depends
+on the backend. Backends that support metadata have a metadata section
+in their docs and are listed in the [features table](https://rclone.org/overview/#features)
+(Eg [local](https://rclone.org/local/#metadata), [s3](/s3/#metadata))
+
+Rclone only supports a one-time sync of metadata. This means that
+metadata will be synced from the source object to the destination
+object only when the source object has changed and needs to be
+re-uploaded. If the metadata subsequently changes on the source object
+without changing the object itself then it won't be synced to the
+destination object. This is in line with the way rclone syncs
+`Content-Type` without the `--metadata` flag.
+
+Using `--metadata` when syncing from local to local will preserve file
+attributes such as file mode, owner, extended attributes (not
+Windows).
+
+Note that arbitrary metadata may be added to objects using the
+`--metadata-set key=value` flag when the object is first uploaded.
+This flag can be repeated as many times as necessary.
+
+### Types of metadata
+
+Metadata is divided into two type. System metadata and User metadata.
+
+Metadata which the backend uses itself is called system metadata. For
+example on the local backend the system metadata `uid` will store the
+user ID of the file when used on a unix based platform.
+
+Arbitrary metadata is called user metadata and this can be set however
+is desired.
+
+When objects are copied from backend to backend, they will attempt to
+interpret system metadata if it is supplied. Metadata may change from
+being user metadata to system metadata as objects are copied between
+different backends. For example copying an object from s3 sets the
+`content-type` metadata. In a backend which understands this (like
+`azureblob`) this will become the Content-Type of the object. In a
+backend which doesn't understand this (like the `local` backend) this
+will become user metadata. However should the local object be copied
+back to s3, the Content-Type will be set correctly.
+
+### Metadata framework
+
+Rclone implements a metadata framework which can read metadata from an
+object and write it to the object when (and only when) it is being
+uploaded.
+
+This metadata is stored as a dictionary with string keys and string
+values.
+
+There are some limits on the names of the keys (these may be clarified
+further in the future).
+
+- must be lower case
+- may be `a-z` `0-9` containing `.` `-` or `_`
+- length is backend dependent
+
+Each backend can provide system metadata that it understands. Some
+backends can also store arbitrary user metadata.
+
+Where possible the key names are standardized, so, for example, it is
+possible to copy object metadata from s3 to azureblob for example and
+metadata will be translated appropriately.
+
+Some backends have limits on the size of the metadata and rclone will
+give errors on upload if they are exceeded.
+
+### Metadata preservation
+
+The goal of the implementation is to
+
+1. Preserve metadata if at all possible
+2. Interpret metadata if at all possible
+
+The consequences of 1 is that you can copy an S3 object to a local
+disk then back to S3 losslessly. Likewise you can copy a local file
+with file attributes and xattrs from local disk to s3 and back again
+losslessly.
+
+The consequence of 2 is that you can copy an S3 object with metadata
+to Azureblob (say) and have the metadata appear on the Azureblob
+object also.
+
+### Standard system metadata
+
+Here is a table of standard system metadata which, if appropriate, a
+backend may implement.
+
+| key | description | example |
+|---------------------|-------------|---------|
+| mode | File type and mode: octal, unix style | 0100664 |
+| uid | User ID of owner: decimal number | 500 |
+| gid | Group ID of owner: decimal number | 500 |
+| rdev | Device ID (if special file) => hexadecimal | 0 |
+| atime | Time of last access: RFC 3339 | 2006-01-02T15:04:05.999999999Z07:00 |
+| mtime | Time of last modification: RFC 3339 | 2006-01-02T15:04:05.999999999Z07:00 |
+| btime | Time of file creation (birth): RFC 3339 | 2006-01-02T15:04:05.999999999Z07:00 |
+| cache-control | Cache-Control header | no-cache |
+| content-disposition | Content-Disposition header | inline |
+| content-encoding | Content-Encoding header | gzip |
+| content-language | Content-Language header | en-US |
+| content-type | Content-Type header | text/plain |
+
+The metadata keys `mtime` and `content-type` will take precedence if
+supplied in the metadata over reading the `Content-Type` or
+modification time of the source object.
+
+Hashes are not included in system metadata as there is a well defined
+way of reading those already.
+
Options
-------
@@ -8106,10 +8934,34 @@ it to `false`. It is also possible to specify `--boolean=false` or
parsed as `--boolean` and the `false` is parsed as an extra command
line argument for rclone.
-Options which use TIME use the go time parser. A duration string is a
-possibly signed sequence of decimal numbers, each with optional
-fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid
-time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
+### Time or duration options {#time-option}
+
+TIME or DURATION options can be specified as a duration string or a
+time string.
+
+A duration string is a possibly signed sequence of decimal numbers,
+each with optional fraction and a unit suffix, such as "300ms",
+"-1.5h" or "2h45m". Default units are seconds or the following
+abbreviations are valid:
+
+ * `ms` - Milliseconds
+ * `s` - Seconds
+ * `m` - Minutes
+ * `h` - Hours
+ * `d` - Days
+ * `w` - Weeks
+ * `M` - Months
+ * `y` - Years
+
+These can also be specified as an absolute time in the following
+formats:
+
+- RFC3339 - e.g. `2006-01-02T15:04:05Z` or `2006-01-02T15:04:05+07:00`
+- ISO8601 Date and time, local timezone - `2006-01-02T15:04:05`
+- ISO8601 Date and time, local timezone - `2006-01-02 15:04:05`
+- ISO8601 Date - `2006-01-02` (YYYY-MM-DD)
+
+### Size options {#size-option}
Options which use SIZE use KiB (multiples of 1024 bytes) by default.
However, a suffix of `B` for Byte, `K` for KiB, `M` for MiB,
@@ -8128,7 +8980,8 @@ been added) in DIR, then it will be overwritten.
The remote in use must support server-side move or copy and you must
use the same remote as the destination of the sync. The backup
-directory must not overlap the destination directory.
+directory must not overlap the destination directory without it being
+excluded by a filter rule.
For example
@@ -8162,7 +9015,7 @@ would mean limit the upload and download bandwidth to 10 MiB/s.
single limit, specify the desired bandwidth in KiB/s, or use a
suffix B|K|M|G|T|P. The default is `0` which means to not limit bandwidth.
-The upload and download bandwidth can be specified seperately, as
+The upload and download bandwidth can be specified separately, as
`--bwlimit UP:DOWN`, so
--bwlimit 10M:100k
@@ -8306,12 +9159,22 @@ objects to transfer is held in memory before the transfers start.
### --checkers=N ###
-The number of checkers to run in parallel. Checkers do the equality
-checking of files during a sync. For some storage systems (e.g. S3,
-Swift, Dropbox) this can take a significant amount of time so they are
-run in parallel.
+Originally controlling just the number of file checkers to run in parallel,
+e.g. by `rclone copy`. Now a fairly universal parallelism control
+used by `rclone` in several places.
+
+Note: checkers do the equality checking of files during a sync.
+For some storage systems (e.g. S3, Swift, Dropbox) this can take
+a significant amount of time so they are run in parallel.
-The default is to run 8 checkers in parallel.
+The default is to run 8 checkers in parallel. However, in case
+of slow-reacting backends you may need to lower (rather than increase)
+this default by setting `--checkers` to 4 or less threads. This is
+especially advised if you are experiencing backend server crashes
+during file checking phase (e.g. on subsequent or top-up backups
+where little or no file copying is done and checking takes up
+most of the time). Increase this setting only with utmost care,
+while monitoring your server health and file checking throughput.
### -c, --checksum ###
@@ -8333,6 +9196,16 @@ quicker than without the `--checksum` flag.
When using this flag, rclone won't update mtimes of remote files if
they are incorrect as it would normally.
+### --color WHEN ###
+
+Specifiy when colors (and other ANSI codes) should be added to the output.
+
+`AUTO` (default) only allows ANSI codes when the output is a terminal
+
+`NEVER` never allow ANSI codes
+
+`ALWAYS` always add ANSI codes, regardless of the output format (terminal or file)
+
### --compare-dest=DIR ###
When using `sync`, `copy` or `move` DIR is checked in addition to the
@@ -8456,7 +9329,9 @@ See `--compare-dest` and `--backup-dir`.
### --dedupe-mode MODE ###
-Mode to run dedupe command in. One of `interactive`, `skip`, `first`, `newest`, `oldest`, `rename`. The default is `interactive`. See the dedupe command for more information as to what these options mean.
+Mode to run dedupe command in. One of `interactive`, `skip`, `first`,
+`newest`, `oldest`, `rename`. The default is `interactive`.
+See the dedupe command for more information as to what these options mean.
### --disable FEATURE,FEATURE,... ###
@@ -8608,22 +9483,22 @@ unit prefix appended to the value (e.g. `9.762Ki`), while in more textual output
the full unit is shown (e.g. `9.762 KiB`). For counts the SI standard notation is
used, e.g. prefix `k` for kilo. Used with file counts, `1k` means 1000 files.
-The various [list](commands/rclone_ls/) commands output raw numbers by default.
+The various [list](https://rclone.org/commands/rclone_ls/) commands output raw numbers by default.
Option `--human-readable` will make them output values in human-readable format
instead (with the short unit prefix).
-The [about](commands/rclone_about/) command outputs human-readable by default,
+The [about](https://rclone.org/commands/rclone_about/) command outputs human-readable by default,
with a command-specific option `--full` to output the raw numbers instead.
-Command [size](commands/rclone_size/) outputs both human-readable and raw numbers
+Command [size](https://rclone.org/commands/rclone_size/) outputs both human-readable and raw numbers
in the same output.
-The [tree](commands/rclone_tree/) command also considers `--human-readable`, but
+The [tree](https://rclone.org/commands/rclone_tree/) command also considers `--human-readable`, but
it will not use the exact same notation as the other commands: It rounds to one
decimal, and uses single letter suffix, e.g. `K` instead of `Ki`. The reason for
this is that it relies on an external library.
-The interactive command [ncdu](commands/rclone_ncdu/) shows human-readable by
+The interactive command [ncdu](https://rclone.org/commands/rclone_ncdu/) shows human-readable by
default, and responds to key `u` for toggling human-readable format.
### --ignore-case-sync ###
@@ -8754,7 +9629,12 @@ have a signal to rotate logs.
### --log-format LIST ###
-Comma separated list of log format options. Accepted options are `date`, `time`, `microseconds`, `pid`, `longfile`, `shortfile`, `UTC`. Any other keywords will be silently ignored. `pid` will tag log messages with process identifier which useful with `rclone mount --daemon`. Other accepted options are explained in the [go documentation](https://pkg.go.dev/log#pkg-constants). The default log format is "`date`,`time`".
+Comma separated list of log format options. Accepted options are `date`,
+`time`, `microseconds`, `pid`, `longfile`, `shortfile`, `UTC`. Any other
+keywords will be silently ignored. `pid` will tag log messages with process
+identifier which useful with `rclone mount --daemon`. Other accepted
+options are explained in the [go documentation](https://pkg.go.dev/log#pkg-constants).
+The default log format is "`date`,`time`".
### --log-level LEVEL ###
@@ -8856,6 +9736,18 @@ When the limit is reached all transfers will stop immediately.
Rclone will exit with exit code 8 if the transfer limit is reached.
+## --metadata / -M
+
+Setting this flag enables rclone to copy the metadata from the source
+to the destination. For local backends this is ownership, permissions,
+xattr etc. See the [#metadata](metadata section) for more info.
+
+### --metadata-set key=value
+
+Add metadata `key` = `value` when uploading. This can be repeated as
+many times as required. See the [#metadata](metadata section) for more
+info.
+
### --cutoff-mode=hard|soft|cautious ###
This modifies the behavior of `--max-transfer`
@@ -9160,6 +10052,18 @@ This sets the interval between each retry specified by `--retries`
The default is `0`. Use `0` to disable.
+### --server-side-across-configs ###
+
+Allow server-side operations (e.g. copy or move) to work across
+different configurations.
+
+This can be useful if you wish to do a server-side copy or move
+between two remotes which use the same backend but are configured
+differently.
+
+Note that this isn't enabled by default because it isn't easy for
+rclone to tell if it will work between any two configurations.
+
### --size-only ###
Normally rclone will look at modification time and size of files to
@@ -9348,13 +10252,22 @@ By default, rclone doesn't keep track of renamed files, so if you
rename a file locally then sync it to a remote, rclone will delete the
old file on the remote and upload a new copy.
-If you use this flag, and the remote supports server-side copy or
-server-side move, and the source and destination have a compatible
-hash, then this will track renames during `sync`
-operations and perform renaming server-side.
+An rclone sync with `--track-renames` runs like a normal sync, but keeps
+track of objects which exist in the destination but not in the source
+(which would normally be deleted), and which objects exist in the
+source but not the destination (which would normally be transferred).
+These objects are then candidates for renaming.
+
+After the sync, rclone matches up the source only and destination only
+objects using the `--track-renames-strategy` specified and either
+renames the destination object or transfers the source and deletes the
+destination object. `--track-renames` is stateless like all of
+rclone's syncs.
-Files will be matched by size and hash - if both match then a rename
-will be considered.
+To use this flag the destination must support server-side copy or
+server-side move, and to use a hash based `--track-renames-strategy`
+(the default) the source and the destination must have a compatible
+hash.
If the destination does not support server-side copy or move, rclone
will fall back to the default behaviour and log an error level message
@@ -9372,7 +10285,7 @@ Note also that `--track-renames` is incompatible with
### --track-renames-strategy (hash,modtime,leaf,size) ###
-This option changes the matching criteria for `--track-renames`.
+This option changes the file matching criteria for `--track-renames`.
The matching is controlled by a comma separated selection of these tokens:
@@ -9381,15 +10294,15 @@ The matching is controlled by a comma separated selection of these tokens:
- `leaf` - the name of the file not including its directory name
- `size` - the size of the file (this is always enabled)
-So using `--track-renames-strategy modtime,leaf` would match files
+The default option is `hash`.
+
+Using `--track-renames-strategy modtime,leaf` would match files
based on modification time, the leaf of the file name and the size
only.
Using `--track-renames-strategy modtime` or `leaf` can enable
`--track-renames` support for encrypted destinations.
-If nothing is specified, the default option is matching by `hash`es.
-
Note that the `hash` strategy is not supported with encrypted destinations.
### --delete-(before,during,after) ###
@@ -9425,7 +10338,7 @@ quickly using the least amount of memory.
However, some remotes have a way of listing all files beneath a
directory in one (or a small number) of transactions. These tend to
-be the bucket-based remotes (e.g. S3, B2, GCS, Swift, Hubic).
+be the bucket-based remotes (e.g. S3, B2, GCS, Swift).
If you use the `--fast-list` flag then rclone will use this method for
listing directories. This will have the following consequences for
@@ -9462,6 +10375,8 @@ of timeouts or bigger if you have lots of bandwidth and a fast remote.
The default is to run 4 file transfers in parallel.
+Look at --multi-thread-streams if you would like to control single file transfers.
+
### -u, --update ###
This forces rclone to skip any files which exist on the destination
@@ -9489,7 +10404,7 @@ In all other cases the file will not be updated.
Consider using the `--modify-window` flag to compensate for time skews
between the source and the backend, for backends that do not support
mod times, and instead use uploaded times. However, if the backend
-does not support checksums, note that sync'ing or copying within the
+does not support checksums, note that syncing or copying within the
time skew window may still result in additional transfers for safety.
### --use-mmap ###
@@ -9533,6 +10448,9 @@ With `-vv` rclone will become very verbose telling you about every
file it considers and transfers. Please send bug reports with a log
with this setting.
+When setting verbosity as an environment variable, use
+`RCLONE_VERBOSE=1` or `RCLONE_VERBOSE=2` for `-v` and `-vv` respectively.
+
### -V, --version ###
Prints the version number
@@ -9791,6 +10709,7 @@ For the filtering options
* `--filter-from`
* `--exclude`
* `--exclude-from`
+ * `--exclude-if-present`
* `--include`
* `--include-from`
* `--files-from`
@@ -9800,6 +10719,12 @@ For the filtering options
* `--min-age`
* `--max-age`
* `--dump filters`
+ * `--metadata-include`
+ * `--metadata-include-from`
+ * `--metadata-exclude`
+ * `--metadata-exclude-from`
+ * `--metadata-filter`
+ * `--metadata-filter-from`
See the [filtering section](https://rclone.org/filtering/).
@@ -9898,6 +10823,10 @@ override the environment variable setting.
Or to always use the trash in drive `--drive-use-trash`, set
`RCLONE_DRIVE_USE_TRASH=true`.
+Verbosity is slightly different, the environment variable
+equivalent of `--verbose` or `-v` is `RCLONE_VERBOSE=1`,
+or for `-vv`, `RCLONE_VERBOSE=2`.
+
The same parser is used for the options and the environment variables
so they take exactly the same form.
@@ -10001,15 +10930,16 @@ two ways of doing it, described below.
## Configuring using rclone authorize ##
-On the headless box run `rclone` config but answer `N` to the `Use
-auto config?` question.
+On the headless box run `rclone` config but answer `N` to the `Use web browser
+to automatically authenticate?` question.
```
...
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes (default)
n) No
y/n> n
@@ -10079,6 +11009,28 @@ Now transfer it to the remote box (scp, cut paste, ftp, sftp, etc.) and
place it in the correct place (use `rclone config file` on the remote
box to find out where).
+## Configuring using SSH Tunnel ##
+
+Linux and MacOS users can utilize SSH Tunnel to redirect the headless box port 53682 to local machine by using the following command:
+```
+ssh -L localhost:53682:localhost:53682 username@remote_server
+```
+Then on the headless box run `rclone` config and answer `Y` to the `Use web
+browser to automatically authenticate?` question.
+
+```
+...
+Remote config
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
+y) Yes (default)
+n) No
+y/n> y
+```
+Then copy and paste the auth url `http://127.0.0.1:53682/auth?state=xxxxxxxxxxxx` to the browser on your local machine, complete the auth and it is done.
+
# Filtering, includes and excludes
Filter flags determine which files rclone `sync`, `move`, `ls`, `lsl`,
@@ -10107,7 +11059,7 @@ you expect. Instead use a `--filter...` flag.
## Patterns for matching path/file names
-### Pattern syntax
+### Pattern syntax {#patterns}
Here is a formal definition of the pattern syntax,
[examples](#examples) are below.
@@ -10207,7 +11159,11 @@ The regular expressions used are as defined in the [Go regular
expression reference](https://golang.org/pkg/regexp/syntax/). Regular
expressions should be enclosed in `{{` `}}`. They will match only the
last path segment if the glob doesn't start with `/` or the whole path
-name if it does.
+name if it does. Note that rclone does not attempt to parse the
+supplied regular expression, meaning that using any regular expression
+filter will prevent rclone from using [directory filter rules](#directory_filter),
+as it will instead check every path against
+the supplied regular expression(s).
Here is how the `{{regexp}}` is transformed into an full regular
expression to match the entire path:
@@ -10249,7 +11205,7 @@ them into regular expressions.
| Rooted | `/*.jpg` | `/file.jpg` | `/file.png` |
| | | `/file2.jpg` | `/dir/file.jpg` |
| Alternates | `*.{jpg,png}` | `/file.jpg` | `/file.gif` |
-| | | `/dir/file.gif` | `/dir/file.gif` |
+| | | `/dir/file.png` | `/dir/file.gif` |
| Path Wildcard | `dir/**` | `/dir/anyfile` | `file.png` |
| | | `/subdir/dir/subsubdir/anyfile` | `/subdir/file.png` |
| Any Char | `*.t?t` | `/file.txt` | `/file.qxt` |
@@ -10265,7 +11221,7 @@ them into regular expressions.
| Rooted Regexp | `/{{.*\.jpe?g}}` | `/file.jpeg` | `/file.png` |
| | | `/file.jpg` | `/dir/file.jpg` |
-## How filter rules are applied to files
+## How filter rules are applied to files {#how-filter-rules-work}
Rclone path/file name filters are made up of one or more of the following flags:
@@ -10323,7 +11279,7 @@ currently a means provided to pass regular expression filter options into
rclone directly though character class filter rules contain character
classes. [Go regular expression reference](https://golang.org/pkg/regexp/syntax/)
-### How filter rules are applied to directories
+### How filter rules are applied to directories {#directory_filter}
Rclone commands are applied to path/file names not
directories. The entire contents of a directory can be matched
@@ -10339,10 +11295,14 @@ recurse into subdirectories. This potentially optimises access to a remote
by avoiding listing unnecessary directories. Whether optimisation is
desirable depends on the specific filter rules and source remote content.
+If any [regular expression filters](#regexp) are in use, then no
+directory recursion optimisation is possible, as rclone must check
+every path against the supplied regular expression(s).
+
Directory recursion optimisation occurs if either:
* A source remote does not support the rclone `ListR` primitive. local,
-sftp, Microsoft OneDrive and WebDav do not support `ListR`. Google
+sftp, Microsoft OneDrive and WebDAV do not support `ListR`. Google
Drive and most bucket type storage do. [Full list](https://rclone.org/overview/#optional-features)
* On other remotes (those that support `ListR`), if the rclone command is not naturally recursive, and
@@ -10745,6 +11705,8 @@ Default units are `KiB` but abbreviations `K`, `M`, `G`, `T` or `P` are valid.
E.g. `rclone ls remote: --min-size 50k` lists files on `remote:` of 50 KiB
size or larger.
+See [the size option docs](https://rclone.org/docs/#size-option) for more info.
+
### `--max-size` - Don't transfer any file larger than this
Controls the maximum size file within the scope of an rclone command.
@@ -10753,33 +11715,19 @@ Default units are `KiB` but abbreviations `K`, `M`, `G`, `T` or `P` are valid.
E.g. `rclone ls remote: --max-size 1G` lists files on `remote:` of 1 GiB
size or smaller.
+See [the size option docs](https://rclone.org/docs/#size-option) for more info.
+
### `--max-age` - Don't transfer any file older than this
Controls the maximum age of files within the scope of an rclone command.
-Default units are seconds or the following abbreviations are valid:
-
- * `ms` - Milliseconds
- * `s` - Seconds
- * `m` - Minutes
- * `h` - Hours
- * `d` - Days
- * `w` - Weeks
- * `M` - Months
- * `y` - Years
-
-`--max-age` can also be specified as an absolute time in the following
-formats:
-
-- RFC3339 - e.g. `2006-01-02T15:04:05Z` or `2006-01-02T15:04:05+07:00`
-- ISO8601 Date and time, local timezone - `2006-01-02T15:04:05`
-- ISO8601 Date and time, local timezone - `2006-01-02 15:04:05`
-- ISO8601 Date - `2006-01-02` (YYYY-MM-DD)
`--max-age` applies only to files and not to directories.
E.g. `rclone ls remote: --max-age 2d` lists files on `remote:` of 2 days
old or less.
+See [the time option docs](https://rclone.org/docs/#time-option) for valid formats.
+
### `--min-age` - Don't transfer any file younger than this
Controls the minimum age of files within the scope of an rclone command.
@@ -10790,6 +11738,8 @@ Controls the minimum age of files within the scope of an rclone command.
E.g. `rclone ls remote: --min-age 2d` lists files on `remote:` of 2 days
old or more.
+See [the time option docs](https://rclone.org/docs/#time-option) for valid formats.
+
## Other flags
### `--delete-excluded` - Delete files on dest excluded from sync
@@ -10818,7 +11768,9 @@ Useful for debugging.
The `--exclude-if-present` flag controls whether a directory is
within the scope of an rclone command based on the presence of a
-named file within it.
+named file within it. The flag can be repeated to check for
+multiple file names, presence of any of them will exclude the
+directory.
This flag has a priority over other filter flags.
@@ -10832,7 +11784,42 @@ E.g. for the following directory structure:
The command `rclone ls --exclude-if-present .ignore dir1` does
not list `dir3`, `file3` or `.ignore`.
-`--exclude-if-present` can only be used once in an rclone command.
+## Metadata filters {#metadata}
+
+The metadata filters work in a very similar way to the normal file
+name filters, except they match [metadata](https://rclone.org/docs/#metadata) on the
+object.
+
+The metadata should be specified as `key=value` patterns. This may be
+wildcarded using the normal [filter patterns](#patterns) or [regular
+expressions](#regexp).
+
+For example if you wished to list only local files with a mode of
+`100664` you could do that with:
+
+ rclone lsf -M --files-only --metadata-include "mode=100664" .
+
+Or if you wished to show files with an `atime`, `mtime` or `btime` at a given date:
+
+ rclone lsf -M --files-only --metadata-include "[abm]time=2022-12-16*" .
+
+Like file filtering, metadata filtering only applies to files not to
+directories.
+
+The filters can be applied using these flags.
+
+- `--metadata-include` - Include metadatas matching pattern
+- `--metadata-include-from` - Read metadata include patterns from file (use - to read from stdin)
+- `--metadata-exclude` - Exclude metadatas matching pattern
+- `--metadata-exclude-from` - Read metadata exclude patterns from file (use - to read from stdin)
+- `--metadata-filter` - Add a metadata filtering rule
+- `--metadata-filter-from` - Read metadata filtering patterns from a file (use - to read from stdin)
+
+Each flag can be repeated. See the section on [how filter rules are
+applied](#how-filter-rules-work) for more details - these flags work
+in an identical way to the file name filtering flags, but instead of
+file name patterns have metadata patterns.
+
## Common pitfalls
@@ -10952,10 +11939,10 @@ If you have questions then please ask them on the [rclone forum](https://forum.r
If rclone is run with the `--rc` flag then it starts an HTTP server
which can be used to remote control rclone using its API.
-You can either use the [rclone rc](#api-rc) command to access the API
+You can either use the [rc](#api-rc) command to access the API
or [use HTTP directly](#api-http).
-If you just want to run a remote control then see the [rcd command](https://rclone.org/commands/rclone_rcd/).
+If you just want to run a remote control then see the [rcd](https://rclone.org/commands/rclone_rcd/) command.
## Supported parameters
@@ -10985,6 +11972,11 @@ SSL PEM Private key
Maximum size of request header (default 4096)
+### --rc-min-tls-version=VALUE
+
+The minimum TLS version that is acceptable. Valid values are "tls1.0",
+"tls1.1", "tls1.2" and "tls1.3" (default "tls1.0").
+
### --rc-user=VALUE
User name for authentication.
@@ -11094,6 +12086,16 @@ use these methods. The alternative is to use `--rc-user` and
Default Off.
+### --rc-baseurl
+
+Prefix for URLs.
+
+Default is root
+
+### --rc-template
+
+User-specified template.
+
## Accessing the remote control via the rclone rc command {#api-rc}
Rclone itself implements the remote control protocol in its `rclone
@@ -11331,7 +12333,7 @@ The parameters can be a string as per the rest of rclone, eg
`s3:bucket/path` or `:sftp:/my/dir`. They can also be specified as
JSON blobs.
-If specifyng a JSON blob it should be a object mapping strings to
+If specifying a JSON blob it should be a object mapping strings to
strings. These values will be used to configure the remote. There are
3 special values which may be set:
@@ -11479,7 +12481,7 @@ This takes the following parameters:
- result - result to restart with - used with continue
-See the [config create command](https://rclone.org/commands/rclone_config_create/) command for more information on the above.
+See the [config create](https://rclone.org/commands/rclone_config_create/) command for more information on the above.
**Authentication is required for this call.**
@@ -11489,7 +12491,7 @@ Parameters:
- name - name of remote to delete
-See the [config delete command](https://rclone.org/commands/rclone_config_delete/) command for more information on the above.
+See the [config delete](https://rclone.org/commands/rclone_config_delete/) command for more information on the above.
**Authentication is required for this call.**
@@ -11500,7 +12502,7 @@ Returns a JSON object:
Where keys are remote names and values are the config parameters.
-See the [config dump command](https://rclone.org/commands/rclone_config_dump/) command for more information on the above.
+See the [config dump](https://rclone.org/commands/rclone_config_dump/) command for more information on the above.
**Authentication is required for this call.**
@@ -11510,7 +12512,7 @@ Parameters:
- name - name of remote to get
-See the [config dump command](https://rclone.org/commands/rclone_config_dump/) command for more information on the above.
+See the [config dump](https://rclone.org/commands/rclone_config_dump/) command for more information on the above.
**Authentication is required for this call.**
@@ -11519,7 +12521,7 @@ See the [config dump command](https://rclone.org/commands/rclone_config_dump/) c
Returns
- remotes - array of remote names
-See the [listremotes command](https://rclone.org/commands/rclone_listremotes/) command for more information on the above.
+See the [listremotes](https://rclone.org/commands/rclone_listremotes/) command for more information on the above.
**Authentication is required for this call.**
@@ -11531,7 +12533,7 @@ This takes the following parameters:
- parameters - a map of \{ "key": "value" \} pairs
-See the [config password command](https://rclone.org/commands/rclone_config_password/) command for more information on the above.
+See the [config password](https://rclone.org/commands/rclone_config_password/) command for more information on the above.
**Authentication is required for this call.**
@@ -11540,7 +12542,15 @@ See the [config password command](https://rclone.org/commands/rclone_config_pass
Returns a JSON object:
- providers - array of objects
-See the [config providers command](https://rclone.org/commands/rclone_config_providers/) command for more information on the above.
+See the [config providers](https://rclone.org/commands/rclone_config_providers/) command for more information on the above.
+
+**Authentication is required for this call.**
+
+### config/setpath: Set the path of the config file {#config-setpath}
+
+Parameters:
+
+- path - path to the config file to use
**Authentication is required for this call.**
@@ -11560,7 +12570,7 @@ This takes the following parameters:
- result - result to restart with - used with continue
-See the [config update command](https://rclone.org/commands/rclone_config_update/) command for more information on the above.
+See the [config update](https://rclone.org/commands/rclone_config_update/) command for more information on the above.
**Authentication is required for this call.**
@@ -11642,7 +12652,7 @@ Returns:
"result": ""
}
-OR
+OR
{
"error": true,
"result": ""
@@ -11837,6 +12847,22 @@ Parameters:
- rate - int
+### debug/set-gc-percent: Call runtime/debug.SetGCPercent for setting the garbage collection target percentage. {#debug-set-gc-percent}
+
+SetGCPercent sets the garbage collection target percentage: a collection is triggered
+when the ratio of freshly allocated data to live data remaining after the previous collection
+reaches this percentage. SetGCPercent returns the previous setting. The initial setting is the
+value of the GOGC environment variable at startup, or 100 if the variable is not set.
+
+This setting may be effectively reduced in order to maintain a memory limit.
+A negative percentage effectively disables garbage collection, unless the memory limit is reached.
+
+See https://pkg.go.dev/runtime/debug#SetMemoryLimit for more details.
+
+Parameters:
+
+- gc-percent - int
+
### debug/set-mutex-profile-fraction: Set runtime.SetMutexProfileFraction for mutex profiling. {#debug-set-mutex-profile-fraction}
SetMutexProfileFraction controls the fraction of mutex contention
@@ -11858,6 +12884,38 @@ Results:
- previousRate - int
+### debug/set-soft-memory-limit: Call runtime/debug.SetMemoryLimit for setting a soft memory limit for the runtime. {#debug-set-soft-memory-limit}
+
+SetMemoryLimit provides the runtime with a soft memory limit.
+
+The runtime undertakes several processes to try to respect this memory limit, including
+adjustments to the frequency of garbage collections and returning memory to the underlying
+system more aggressively. This limit will be respected even if GOGC=off (or, if SetGCPercent(-1) is executed).
+
+The input limit is provided as bytes, and includes all memory mapped, managed, and not
+released by the Go runtime. Notably, it does not account for space used by the Go binary
+and memory external to Go, such as memory managed by the underlying system on behalf of
+the process, or memory managed by non-Go code inside the same process.
+Examples of excluded memory sources include: OS kernel memory held on behalf of the process,
+memory allocated by C code, and memory mapped by syscall.Mmap (because it is not managed by the Go runtime).
+
+A zero limit or a limit that's lower than the amount of memory used by the Go runtime may cause
+the garbage collector to run nearly continuously. However, the application may still make progress.
+
+The memory limit is always respected by the Go runtime, so to effectively disable this behavior,
+set the limit very high. math.MaxInt64 is the canonical value for disabling the limit, but values
+much greater than the available memory on the underlying system work just as well.
+
+See https://go.dev/doc/gc-guide for a detailed guide explaining the soft memory limit in more detail,
+as well as a variety of common use-cases and scenarios.
+
+SetMemoryLimit returns the previously set memory limit. A negative input does not adjust the limit,
+and allows for retrieval of the currently set memory limit.
+
+Parameters:
+
+- mem-limit - int
+
### fscache/clear: Clear the Fs cache. {#fscache-clear}
This clears the fs cache. This is where remotes created from backends
@@ -11911,6 +12969,12 @@ Parameters:
- jobid - id of the job (integer).
+### job/stopgroup: Stop all running jobs in a group {#job-stopgroup}
+
+Parameters:
+
+- group - name of the group (string).
+
### mount/listmounts: Show current mount points {#mount-listmounts}
This shows currently mounted points, which can be used for performing an unmount.
@@ -11986,9 +13050,11 @@ Example:
**Authentication is required for this call.**
-### mount/unmountall: Show current mount points {#mount-unmountall}
+### mount/unmountall: Unmount all active mounts {#mount-unmountall}
-This shows currently mounted points, which can be used for performing an unmount.
+rclone allows Linux, FreeBSD, macOS and Windows to
+mount any of Rclone's cloud storage systems as a file system with
+FUSE.
This takes no parameters and returns error if unmount does not succeed.
@@ -12006,7 +13072,7 @@ This takes the following parameters:
The result is as returned from rclone about --json
-See the [about command](https://rclone.org/commands/rclone_size/) command for more information on the above.
+See the [about](https://rclone.org/commands/rclone_about/) command for more information on the above.
**Authentication is required for this call.**
@@ -12016,7 +13082,7 @@ This takes the following parameters:
- fs - a remote name string e.g. "drive:"
-See the [cleanup command](https://rclone.org/commands/rclone_cleanup/) command for more information on the above.
+See the [cleanup](https://rclone.org/commands/rclone_cleanup/) command for more information on the above.
**Authentication is required for this call.**
@@ -12039,7 +13105,8 @@ This takes the following parameters:
- remote - a path within that remote e.g. "dir"
- url - string, URL to read from
- autoFilename - boolean, set to true to retrieve destination file name from url
-See the [copyurl command](https://rclone.org/commands/rclone_copyurl/) command for more information on the above.
+
+See the [copyurl](https://rclone.org/commands/rclone_copyurl/) command for more information on the above.
**Authentication is required for this call.**
@@ -12049,7 +13116,7 @@ This takes the following parameters:
- fs - a remote name string e.g. "drive:"
-See the [delete command](https://rclone.org/commands/rclone_delete/) command for more information on the above.
+See the [delete](https://rclone.org/commands/rclone_delete/) command for more information on the above.
**Authentication is required for this call.**
@@ -12060,7 +13127,7 @@ This takes the following parameters:
- fs - a remote name string e.g. "drive:"
- remote - a path within that remote e.g. "dir"
-See the [deletefile command](https://rclone.org/commands/rclone_deletefile/) command for more information on the above.
+See the [deletefile](https://rclone.org/commands/rclone_deletefile/) command for more information on the above.
**Authentication is required for this call.**
@@ -12074,46 +13141,103 @@ This returns info about the remote passed in;
```
{
- // optional features and whether they are available or not
- "Features": {
- "About": true,
- "BucketBased": false,
- "CanHaveEmptyDirectories": true,
- "CaseInsensitive": false,
- "ChangeNotify": false,
- "CleanUp": false,
- "Copy": false,
- "DirCacheFlush": false,
- "DirMove": true,
- "DuplicateFiles": false,
- "GetTier": false,
- "ListR": false,
- "MergeDirs": false,
- "Move": true,
- "OpenWriterAt": true,
- "PublicLink": false,
- "Purge": true,
- "PutStream": true,
- "PutUnchecked": false,
- "ReadMimeType": false,
- "ServerSideAcrossConfigs": false,
- "SetTier": false,
- "SetWrapper": false,
- "UnWrap": false,
- "WrapFs": false,
- "WriteMimeType": false
- },
- // Names of hashes available
- "Hashes": [
- "MD5",
- "SHA-1",
- "DropboxHash",
- "QuickXorHash"
- ],
- "Name": "local", // Name as created
- "Precision": 1, // Precision of timestamps in ns
- "Root": "/", // Path as created
- "String": "Local file system at /" // how the remote will appear in logs
+ // optional features and whether they are available or not
+ "Features": {
+ "About": true,
+ "BucketBased": false,
+ "BucketBasedRootOK": false,
+ "CanHaveEmptyDirectories": true,
+ "CaseInsensitive": false,
+ "ChangeNotify": false,
+ "CleanUp": false,
+ "Command": true,
+ "Copy": false,
+ "DirCacheFlush": false,
+ "DirMove": true,
+ "Disconnect": false,
+ "DuplicateFiles": false,
+ "GetTier": false,
+ "IsLocal": true,
+ "ListR": false,
+ "MergeDirs": false,
+ "MetadataInfo": true,
+ "Move": true,
+ "OpenWriterAt": true,
+ "PublicLink": false,
+ "Purge": true,
+ "PutStream": true,
+ "PutUnchecked": false,
+ "ReadMetadata": true,
+ "ReadMimeType": false,
+ "ServerSideAcrossConfigs": false,
+ "SetTier": false,
+ "SetWrapper": false,
+ "Shutdown": false,
+ "SlowHash": true,
+ "SlowModTime": false,
+ "UnWrap": false,
+ "UserInfo": false,
+ "UserMetadata": true,
+ "WrapFs": false,
+ "WriteMetadata": true,
+ "WriteMimeType": false
+ },
+ // Names of hashes available
+ "Hashes": [
+ "md5",
+ "sha1",
+ "whirlpool",
+ "crc32",
+ "sha256",
+ "dropbox",
+ "mailru",
+ "quickxor"
+ ],
+ "Name": "local", // Name as created
+ "Precision": 1, // Precision of timestamps in ns
+ "Root": "/", // Path as created
+ "String": "Local file system at /", // how the remote will appear in logs
+ // Information about the system metadata for this backend
+ "MetadataInfo": {
+ "System": {
+ "atime": {
+ "Help": "Time of last access",
+ "Type": "RFC 3339",
+ "Example": "2006-01-02T15:04:05.999999999Z07:00"
+ },
+ "btime": {
+ "Help": "Time of file birth (creation)",
+ "Type": "RFC 3339",
+ "Example": "2006-01-02T15:04:05.999999999Z07:00"
+ },
+ "gid": {
+ "Help": "Group ID of owner",
+ "Type": "decimal number",
+ "Example": "500"
+ },
+ "mode": {
+ "Help": "File type and mode",
+ "Type": "octal, unix style",
+ "Example": "0100664"
+ },
+ "mtime": {
+ "Help": "Time of last modification",
+ "Type": "RFC 3339",
+ "Example": "2006-01-02T15:04:05.999999999Z07:00"
+ },
+ "rdev": {
+ "Help": "Device ID (if special file)",
+ "Type": "hexadecimal",
+ "Example": "1abc"
+ },
+ "uid": {
+ "Help": "User ID of owner",
+ "Type": "decimal number",
+ "Example": "500"
+ }
+ },
+ "Help": "Textual help string\n"
+ }
}
```
@@ -12136,6 +13260,7 @@ This takes the following parameters:
- noMimeType - If set don't show mime types
- dirsOnly - If set only show directories
- filesOnly - If set only show files
+ - metadata - If set return metadata of objects also
- hashTypes - array of strings of hash types to show if showHash set
Returns:
@@ -12143,7 +13268,7 @@ Returns:
- list
- This is an array of objects as described in the lsjson command
-See the [lsjson command](https://rclone.org/commands/rclone_lsjson/) for more information on the above and examples.
+See the [lsjson](https://rclone.org/commands/rclone_lsjson/) command for more information on the above and examples.
**Authentication is required for this call.**
@@ -12154,7 +13279,7 @@ This takes the following parameters:
- fs - a remote name string e.g. "drive:"
- remote - a path within that remote e.g. "dir"
-See the [mkdir command](https://rclone.org/commands/rclone_mkdir/) command for more information on the above.
+See the [mkdir](https://rclone.org/commands/rclone_mkdir/) command for more information on the above.
**Authentication is required for this call.**
@@ -12182,7 +13307,7 @@ Returns:
- url - URL of the resource
-See the [link command](https://rclone.org/commands/rclone_link/) command for more information on the above.
+See the [link](https://rclone.org/commands/rclone_link/) command for more information on the above.
**Authentication is required for this call.**
@@ -12193,7 +13318,7 @@ This takes the following parameters:
- fs - a remote name string e.g. "drive:"
- remote - a path within that remote e.g. "dir"
-See the [purge command](https://rclone.org/commands/rclone_purge/) command for more information on the above.
+See the [purge](https://rclone.org/commands/rclone_purge/) command for more information on the above.
**Authentication is required for this call.**
@@ -12204,7 +13329,7 @@ This takes the following parameters:
- fs - a remote name string e.g. "drive:"
- remote - a path within that remote e.g. "dir"
-See the [rmdir command](https://rclone.org/commands/rclone_rmdir/) command for more information on the above.
+See the [rmdir](https://rclone.org/commands/rclone_rmdir/) command for more information on the above.
**Authentication is required for this call.**
@@ -12215,7 +13340,8 @@ This takes the following parameters:
- fs - a remote name string e.g. "drive:"
- remote - a path within that remote e.g. "dir"
- leaveRoot - boolean, set to true not to delete the root
-See the [rmdirs command](https://rclone.org/commands/rclone_rmdirs/) command for more information on the above.
+
+See the [rmdirs](https://rclone.org/commands/rclone_rmdirs/) command for more information on the above.
**Authentication is required for this call.**
@@ -12230,7 +13356,7 @@ Returns:
- count - number of files
- bytes - number of bytes in those files
-See the [size command](https://rclone.org/commands/rclone_size/) command for more information on the above.
+See the [size](https://rclone.org/commands/rclone_size/) command for more information on the above.
**Authentication is required for this call.**
@@ -12250,7 +13376,7 @@ The result is
Note that if you are only interested in files then it is much more
efficient to set the filesOnly flag in the options.
-See the [lsjson command](https://rclone.org/commands/rclone_lsjson/) for more information on the above and examples.
+See the [lsjson](https://rclone.org/commands/rclone_lsjson/) command for more information on the above and examples.
**Authentication is required for this call.**
@@ -12261,7 +13387,8 @@ This takes the following parameters:
- fs - a remote name string e.g. "drive:"
- remote - a path within that remote e.g. "dir"
- each part in body represents a file to be uploaded
-See the [uploadfile command](https://rclone.org/commands/rclone_uploadfile/) command for more information on the above.
+
+See the [uploadfile](https://rclone.org/commands/rclone_uploadfile/) command for more information on the above.
**Authentication is required for this call.**
@@ -12441,7 +13568,7 @@ check that parameter passing is working properly.
**Authentication is required for this call.**
-### sync/bisync: Perform bidirectonal synchronization between two paths. {#sync-bisync}
+### sync/bisync: Perform bidirectional synchronization between two paths. {#sync-bisync}
This takes the following parameters
@@ -12476,7 +13603,7 @@ This takes the following parameters:
- createEmptySrcDirs - create empty src directories on destination if set
-See the [copy command](https://rclone.org/commands/rclone_copy/) command for more information on the above.
+See the [copy](https://rclone.org/commands/rclone_copy/) command for more information on the above.
**Authentication is required for this call.**
@@ -12490,7 +13617,7 @@ This takes the following parameters:
- deleteEmptySrcDirs - delete empty src directories if set
-See the [move command](https://rclone.org/commands/rclone_move/) command for more information on the above.
+See the [move](https://rclone.org/commands/rclone_move/) command for more information on the above.
**Authentication is required for this call.**
@@ -12503,7 +13630,7 @@ This takes the following parameters:
- createEmptySrcDirs - create empty src directories on destination if set
-See the [sync command](https://rclone.org/commands/rclone_sync/) command for more information on the above.
+See the [sync](https://rclone.org/commands/rclone_sync/) command for more information on the above.
**Authentication is required for this call.**
@@ -12854,47 +13981,50 @@ show through.
Here is an overview of the major features of each cloud storage system.
-| Name | Hash | ModTime | Case Insensitive | Duplicate Files | MIME Type |
-| ---------------------------- |:-----------:|:-------:|:----------------:|:---------------:|:---------:|
-| 1Fichier | Whirlpool | No | No | Yes | R |
-| Akamai Netstorage | MD5, SHA256 | Yes | No | No | R |
-| Amazon Drive | MD5 | No | Yes | No | R |
-| Amazon S3 (or S3 compatible) | MD5 | Yes | No | No | R/W |
-| Backblaze B2 | SHA1 | Yes | No | No | R/W |
-| Box | SHA1 | Yes | Yes | No | - |
-| Citrix ShareFile | MD5 | Yes | Yes | No | - |
-| Dropbox | DBHASH ¹ | Yes | Yes | No | - |
-| Enterprise File Fabric | - | Yes | Yes | No | R/W |
-| FTP | - | No | No | No | - |
-| Google Cloud Storage | MD5 | Yes | No | No | R/W |
-| Google Drive | MD5 | Yes | No | Yes | R/W |
-| Google Photos | - | No | No | Yes | R |
-| HDFS | - | Yes | No | No | - |
-| HTTP | - | No | No | No | R |
-| Hubic | MD5 | Yes | No | No | R/W |
-| Jottacloud | MD5 | Yes | Yes | No | R |
-| Koofr | MD5 | No | Yes | No | - |
-| Mail.ru Cloud | Mailru ⁶ | Yes | Yes | No | - |
-| Mega | - | No | No | Yes | - |
-| Memory | MD5 | Yes | No | No | - |
-| Microsoft Azure Blob Storage | MD5 | Yes | No | No | R/W |
-| Microsoft OneDrive | SHA1 ⁵ | Yes | Yes | No | R |
-| OpenDrive | MD5 | Yes | Yes | Partial ⁸ | - |
-| OpenStack Swift | MD5 | Yes | No | No | R/W |
-| pCloud | MD5, SHA1 ⁷ | Yes | No | No | W |
-| premiumize.me | - | No | Yes | No | R |
-| put.io | CRC-32 | Yes | No | Yes | R |
-| QingStor | MD5 | No | No | No | R/W |
-| Seafile | - | No | No | No | - |
-| SFTP | MD5, SHA1 ² | Yes | Depends | No | - |
-| Sia | - | No | No | No | - |
-| SugarSync | - | No | No | No | - |
-| Storj | - | Yes | No | No | - |
-| Uptobox | - | No | No | Yes | - |
-| WebDAV | MD5, SHA1 ³ | Yes ⁴ | Depends | No | - |
-| Yandex Disk | MD5 | Yes | No | No | R |
-| Zoho WorkDrive | - | No | No | No | - |
-| The local filesystem | All | Yes | Depends | No | - |
+| Name | Hash | ModTime | Case Insensitive | Duplicate Files | MIME Type | Metadata |
+| ---------------------------- |:----------------:|:-------:|:----------------:|:---------------:|:---------:|:--------:|
+| 1Fichier | Whirlpool | - | No | Yes | R | - |
+| Akamai Netstorage | MD5, SHA256 | R/W | No | No | R | - |
+| Amazon Drive | MD5 | - | Yes | No | R | - |
+| Amazon S3 (or S3 compatible) | MD5 | R/W | No | No | R/W | RWU |
+| Backblaze B2 | SHA1 | R/W | No | No | R/W | - |
+| Box | SHA1 | R/W | Yes | No | - | - |
+| Citrix ShareFile | MD5 | R/W | Yes | No | - | - |
+| Dropbox | DBHASH ¹ | R | Yes | No | - | - |
+| Enterprise File Fabric | - | R/W | Yes | No | R/W | - |
+| FTP | - | R/W ¹⁰ | No | No | - | - |
+| Google Cloud Storage | MD5 | R/W | No | No | R/W | - |
+| Google Drive | MD5 | R/W | No | Yes | R/W | - |
+| Google Photos | - | - | No | Yes | R | - |
+| HDFS | - | R/W | No | No | - | - |
+| HiDrive | HiDrive ¹² | R/W | No | No | - | - |
+| HTTP | - | R | No | No | R | - |
+| Internet Archive | MD5, SHA1, CRC32 | R/W ¹¹ | No | No | - | RWU |
+| Jottacloud | MD5 | R/W | Yes | No | R | - |
+| Koofr | MD5 | - | Yes | No | - | - |
+| Mail.ru Cloud | Mailru ⁶ | R/W | Yes | No | - | - |
+| Mega | - | - | No | Yes | - | - |
+| Memory | MD5 | R/W | No | No | - | - |
+| Microsoft Azure Blob Storage | MD5 | R/W | No | No | R/W | - |
+| Microsoft OneDrive | SHA1 ⁵ | R/W | Yes | No | R | - |
+| OpenDrive | MD5 | R/W | Yes | Partial ⁸ | - | - |
+| OpenStack Swift | MD5 | R/W | No | No | R/W | - |
+| Oracle Object Storage | MD5 | R/W | No | No | R/W | - |
+| pCloud | MD5, SHA1 ⁷ | R | No | No | W | - |
+| premiumize.me | - | - | Yes | No | R | - |
+| put.io | CRC-32 | R/W | No | Yes | R | - |
+| QingStor | MD5 | - ⁹ | No | No | R/W | - |
+| Seafile | - | - | No | No | - | - |
+| SFTP | MD5, SHA1 ² | R/W | Depends | No | - | - |
+| Sia | - | - | No | No | - | - |
+| SMB | - | - | Yes | No | - | - |
+| SugarSync | - | - | No | No | - | - |
+| Storj | - | R | No | No | - | - |
+| Uptobox | - | - | No | Yes | - | - |
+| WebDAV | MD5, SHA1 ³ | R ⁴ | Depends | No | - | - |
+| Yandex Disk | MD5 | R/W | No | No | R | - |
+| Zoho WorkDrive | - | - | No | No | - | - |
+| The local filesystem | All | R/W | Depends | No | - | RWU |
### Notes
@@ -12923,6 +14053,20 @@ storage platform has been determined to allow duplicate files, and it
is possible to create them with `rclone`. It may be that this is a
mistake or an unsupported feature.
+⁹ QingStor does not support SetModTime for objects bigger than 5 GiB.
+
+¹⁰ FTP supports modtimes for the major FTP servers, and also others
+if they advertised required protocol extensions. See [this](https://rclone.org/ftp/#modified-time)
+for more details.
+
+¹¹ Internet Archive requires option `wait_archive` to be set to a non-zero value
+for full modtime support.
+
+¹² HiDrive supports [its own custom
+hash](https://static.hidrive.com/dev/0001).
+It combines SHA1 sums for each 4 KiB block hierarchically to a single
+top-level sum.
+
### Hash ###
The cloud storage system supports various hash types of the objects.
@@ -12935,13 +14079,36 @@ systems they must support a common hash type.
### ModTime ###
-The cloud storage system supports setting modification times on
-objects. If it does then this enables a using the modification times
-as part of the sync. If not then only the size will be checked by
-default, though the MD5SUM can be checked with the `--checksum` flag.
-
-All cloud storage systems support some kind of date on the object and
-these will be set when transferring from the cloud storage system.
+Almost all cloud storage systems store some sort of timestamp
+on objects, but several of them not something that is appropriate
+to use for syncing. E.g. some backends will only write a timestamp
+that represent the time of the upload. To be relevant for syncing
+it should be able to store the modification time of the source
+object. If this is not the case, rclone will only check the file
+size by default, though can be configured to check the file hash
+(with the `--checksum` flag). Ideally it should also be possible to
+change the timestamp of an existing file without having to re-upload it.
+
+Storage systems with a `-` in the ModTime column, means the
+modification read on objects is not the modification time of the
+file when uploaded. It is most likely the time the file was uploaded,
+or possibly something else (like the time the picture was taken in
+Google Photos).
+
+Storage systems with a `R` (for read-only) in the ModTime column,
+means the it keeps modification times on objects, and updates them
+when uploading objects, but it does not support changing only the
+modification time (`SetModTime` operation) without re-uploading,
+possibly not even without deleting existing first. Some operations
+in rclone, such as `copy` and `sync` commands, will automatically
+check for `SetModTime` support and re-upload if necessary to keep
+the modification times in sync. Other commands will not work
+without `SetModTime` support, e.g. `touch` command on an existing
+file will fail, and changes to modification time only on a files
+in a `mount` will be silently ignored.
+
+Storage systems with `R/W` (for read/write) in the ModTime column,
+means they do also support modtime-only operations.
### Case Insensitive ###
@@ -13141,35 +14308,36 @@ list of all possible values by passing an invalid value to this
flag, e.g. `--local-encoding "help"`. The command `rclone help flags encoding`
will show you the defaults for the backends.
-| Encoding | Characters |
-| --------- | ---------- |
-| Asterisk | `*` |
-| BackQuote | `` ` `` |
-| BackSlash | `\` |
-| Colon | `:` |
-| CrLf | CR 0x0D, LF 0x0A |
-| Ctl | All control characters 0x00-0x1F |
-| Del | DEL 0x7F |
-| Dollar | `$` |
-| Dot | `.` or `..` as entire string |
-| DoubleQuote | `"` |
-| Hash | `#` |
-| InvalidUtf8 | An invalid UTF-8 character (e.g. latin1) |
-| LeftCrLfHtVt | CR 0x0D, LF 0x0A,HT 0x09, VT 0x0B on the left of a string |
-| LeftPeriod | `.` on the left of a string |
-| LeftSpace | SPACE on the left of a string |
-| LeftTilde | `~` on the left of a string |
-| LtGt | `<`, `>` |
-| None | No characters are encoded |
-| Percent | `%` |
-| Pipe | \| |
-| Question | `?` |
-| RightCrLfHtVt | CR 0x0D, LF 0x0A, HT 0x09, VT 0x0B on the right of a string |
-| RightPeriod | `.` on the right of a string |
-| RightSpace | SPACE on the right of a string |
-| SingleQuote | `'` |
-| Slash | `/` |
-| SquareBracket | `[`, `]` |
+| Encoding | Characters | Encoded as |
+| --------- | ---------- | ---------- |
+| Asterisk | `*` | `*` |
+| BackQuote | `` ` `` | ``` |
+| BackSlash | `\` | `\` |
+| Colon | `:` | `:` |
+| CrLf | CR 0x0D, LF 0x0A | `␍`, `␊` |
+| Ctl | All control characters 0x00-0x1F | `␀␁␂␃␄␅␆␇␈␉␊␋␌␍␎␏␐␑␒␓␔␕␖␗␘␙␚␛␜␝␞␟` |
+| Del | DEL 0x7F | `␡` |
+| Dollar | `$` | `$` |
+| Dot | `.` or `..` as entire string | `.`, `..` |
+| DoubleQuote | `"` | `"` |
+| Hash | `#` | `#` |
+| InvalidUtf8 | An invalid UTF-8 character (e.g. latin1) | `�` |
+| LeftCrLfHtVt | CR 0x0D, LF 0x0A, HT 0x09, VT 0x0B on the left of a string | `␍`, `␊`, `␉`, `␋` |
+| LeftPeriod | `.` on the left of a string | `.` |
+| LeftSpace | SPACE on the left of a string | `␠` |
+| LeftTilde | `~` on the left of a string | `~` |
+| LtGt | `<`, `>` | `<`, `>` |
+| None | No characters are encoded | |
+| Percent | `%` | `%` |
+| Pipe | \| | `|` |
+| Question | `?` | `?` |
+| RightCrLfHtVt | CR 0x0D, LF 0x0A, HT 0x09, VT 0x0B on the right of a string | `␍`, `␊`, `␉`, `␋` |
+| RightPeriod | `.` on the right of a string | `.` |
+| RightSpace | SPACE on the right of a string | `␠` |
+| Semicolon | `;` | `;` |
+| SingleQuote | `'` | `'` |
+| Slash | `/` | `/` |
+| SquareBracket | `[`, `]` | `[`, `]` |
##### Encoding example: FTP
@@ -13244,6 +14412,22 @@ remote which supports writing (`W`) then rclone will preserve the MIME
types. Otherwise they will be guessed from the extension, or the
remote itself may assign the MIME type.
+### Metadata
+
+Backends may or may support reading or writing metadata. They may
+support reading and writing system metadata (metadata intrinsic to
+that backend) and/or user metadata (general purpose metadata).
+
+The levels of metadata support are
+
+| Key | Explanation |
+|-----|-------------|
+| `R` | Read only System Metadata |
+| `RW` | Read and write System Metadata |
+| `RWU` | Read and write System Metadata and read and write User Metadata |
+
+See [the metadata docs](https://rclone.org/docs/#metadata) for more info.
+
## Optional Features ##
All rclone remotes support a base command set. Other features depend
@@ -13252,8 +14436,9 @@ upon backend-specific capabilities.
| Name | Purge | Copy | Move | DirMove | CleanUp | ListR | StreamUpload | LinkSharing | About | EmptyDir |
| ---------------------------- |:-----:|:----:|:----:|:-------:|:-------:|:-----:|:------------:|:------------:|:-----:|:--------:|
| 1Fichier | No | Yes | Yes | No | No | No | No | Yes | No | Yes |
+| Akamai Netstorage | Yes | No | No | No | No | Yes | Yes | No | No | Yes |
| Amazon Drive | Yes | No | Yes | Yes | No | No | No | No | No | Yes |
-| Amazon S3 | No | Yes | No | No | Yes | Yes | Yes | Yes | No | No |
+| Amazon S3 (or S3 compatible) | No | Yes | No | No | Yes | Yes | Yes | Yes | No | No |
| Backblaze B2 | No | Yes | No | No | Yes | Yes | Yes | Yes | No | No |
| Box | Yes | Yes | Yes | Yes | Yes ‡‡ | No | Yes | Yes | Yes | Yes |
| Citrix ShareFile | Yes | Yes | Yes | Yes | No | No | Yes | No | No | Yes |
@@ -13264,9 +14449,11 @@ upon backend-specific capabilities.
| Google Drive | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Google Photos | No | No | No | No | No | No | No | No | No | No |
| HDFS | Yes | No | Yes | Yes | No | No | Yes | No | Yes | Yes |
+| HiDrive | Yes | Yes | Yes | Yes | No | No | Yes | No | No | Yes |
| HTTP | No | No | No | No | No | No | No | No | No | Yes |
-| Hubic | Yes † | Yes | No | No | No | Yes | Yes | No | Yes | No |
+| Internet Archive | No | Yes | No | No | Yes | Yes | No | Yes | Yes | No |
| Jottacloud | Yes | Yes | Yes | Yes | Yes | Yes | No | Yes | Yes | Yes |
+| Koofr | Yes | Yes | Yes | Yes | No | No | Yes | Yes | Yes | Yes |
| Mail.ru Cloud | Yes | Yes | Yes | Yes | Yes | No | No | Yes | Yes | Yes |
| Mega | Yes | No | Yes | Yes | Yes | No | No | Yes | Yes | Yes |
| Memory | No | Yes | No | No | No | Yes | Yes | No | No | No |
@@ -13274,14 +14461,17 @@ upon backend-specific capabilities.
| Microsoft OneDrive | Yes | Yes | Yes | Yes | Yes | No | No | Yes | Yes | Yes |
| OpenDrive | Yes | Yes | Yes | Yes | No | No | No | No | No | Yes |
| OpenStack Swift | Yes † | Yes | No | No | No | Yes | Yes | No | Yes | No |
+| Oracle Object Storage | No | Yes | No | No | Yes | Yes | Yes | No | No | No |
| pCloud | Yes | Yes | Yes | Yes | Yes | No | No | Yes | Yes | Yes |
| premiumize.me | Yes | No | Yes | Yes | No | No | No | Yes | Yes | Yes |
| put.io | Yes | No | Yes | Yes | Yes | No | Yes | No | Yes | Yes |
| QingStor | No | Yes | No | No | Yes | Yes | No | No | No | No |
| Seafile | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| SFTP | No | No | Yes | Yes | No | No | Yes | No | Yes | Yes |
+| Sia | No | No | No | No | No | No | Yes | No | No | Yes |
+| SMB | No | No | Yes | Yes | No | No | Yes | No | No | Yes |
| SugarSync | Yes | Yes | Yes | Yes | No | No | Yes | Yes | No | Yes |
-| Storj | Yes † | No | Yes | No | No | Yes | Yes | No | No | No |
+| Storj | Yes † | Yes | Yes | No | No | Yes | Yes | No | No | No |
| Uptobox | No | Yes | Yes | Yes | No | No | No | No | No | No |
| WebDAV | Yes | Yes | Yes | Yes | No | No | Yes ‡ | No | Yes | Yes |
| Yandex Disk | Yes | Yes | Yes | Yes | Yes | No | Yes | Yes | Yes | Yes |
@@ -13293,7 +14483,7 @@ upon backend-specific capabilities.
This deletes a directory quicker than just deleting all the files in
the directory.
-† Note Swift, Hubic, and Storj implement this in order to delete
+† Note Swift and Storj implement this in order to delete
directory markers but they don't actually have a quicker way of deleting
files other than deleting them individually.
@@ -13396,9 +14586,10 @@ These flags are available for every command.
-c, --checksum Skip based on checksum (if available) & size, not mod-time & size
--client-cert string Client SSL certificate (PEM) for mutual TLS auth
--client-key string Client SSL private key (PEM) for mutual TLS auth
+ --color string When to show colors (and other ANSI codes) AUTO|NEVER|ALWAYS (default "AUTO")
--compare-dest stringArray Include additional comma separated server-side paths during comparison
--config string Config file (default "$HOME/.config/rclone/rclone.conf")
- --contimeout duration Connect timeout (default 1m0s)
+ --contimeout Duration Connect timeout (default 1m0s)
--copy-dest stringArray Implies --compare-dest but also copies files from paths into destination
--cpuprofile string Write cpu profile to file
--cutoff-mode string Mode to stop transfers when reaching the max transfer limit HARD|SOFT|CAUTIOUS (default "HARD")
@@ -13407,6 +14598,7 @@ These flags are available for every command.
--delete-during When synchronizing, delete files during transfer
--delete-excluded Delete files on dest excluded from sync
--disable string Disable a comma separated list of features (use --disable help to see a list)
+ --disable-http-keep-alives Disable HTTP keep-alives and use each connection once.
--disable-http2 Disable HTTP/2 in the global transport
-n, --dry-run Do a trial run with no permanent changes
--dscp string Set DSCP value to connections, value or name, e.g. CS1, LE, DF, AF21
@@ -13415,16 +14607,16 @@ These flags are available for every command.
--dump-headers Dump HTTP headers - may contain sensitive info
--error-on-no-transfer Sets exit code 9 if no files are transferred, useful in scripts
--exclude stringArray Exclude files matching pattern
- --exclude-from stringArray Read exclude patterns from file (use - to read from stdin)
- --exclude-if-present string Exclude directories if filename is present
- --expect-continue-timeout duration Timeout when using expect / 100-continue in HTTP (default 1s)
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --expect-continue-timeout Duration Timeout when using expect / 100-continue in HTTP (default 1s)
--fast-list Use recursive list if available; uses more memory but fewer transactions
--files-from stringArray Read list of source-file names from file (use - to read from stdin)
--files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
- -f, --filter stringArray Add a file-filtering rule
- --filter-from stringArray Read filtering patterns from a file (use - to read from stdin)
- --fs-cache-expire-duration duration Cache remotes for this long (0 to disable caching) (default 5m0s)
- --fs-cache-expire-interval duration Interval to check for expired remotes (default 1m0s)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --fs-cache-expire-duration Duration Cache remotes for this long (0 to disable caching) (default 5m0s)
+ --fs-cache-expire-interval Duration Interval to check for expired remotes (default 1m0s)
--header stringArray Set HTTP header for all transactions
--header-download stringArray Set HTTP header for download transactions
--header-upload stringArray Set HTTP header for upload transactions
@@ -13438,9 +14630,9 @@ These flags are available for every command.
-I, --ignore-times Don't skip files that match size and time - transfer all files
--immutable Do not modify files, fail if existing files have been modified
--include stringArray Include files matching pattern
- --include-from stringArray Read include patterns from file (use - to read from stdin)
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
-i, --interactive Enable interactive mode
- --kv-lock-time duration Maximum time to keep key-value database locked by process (default 1s)
+ --kv-lock-time Duration Maximum time to keep key-value database locked by process (default 1s)
--log-file string Log everything to this file
--log-format string Comma separated list of log format options (default "date,time")
--log-level string Log level DEBUG|INFO|NOTICE|ERROR (default "NOTICE")
@@ -13450,14 +14642,22 @@ These flags are available for every command.
--max-backlog int Maximum number of objects in sync or check backlog (default 10000)
--max-delete int When synchronizing, limit the number of deletes (default -1)
--max-depth int If set limits the recursion depth to this (default -1)
- --max-duration duration Maximum duration rclone will transfer data for
+ --max-duration Duration Maximum duration rclone will transfer data for (default 0s)
--max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
--max-stats-groups int Maximum number of stats groups to keep in memory, on max oldest is discarded (default 1000)
--max-transfer SizeSuffix Maximum size of data to transfer (default off)
--memprofile string Write memory profile to file
+ -M, --metadata If set, preserve metadata when copying objects
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --metadata-set stringArray Add metadata key=value when uploading
--min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
--min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
- --modify-window duration Max time diff to be considered the same (default 1ns)
+ --modify-window Duration Max time diff to be considered the same (default 1ns)
--multi-thread-cutoff SizeSuffix Use multi-thread downloads for files above this size (default 250Mi)
--multi-thread-streams int Max number of streams to use for multi-thread downloads (default 4)
--no-check-certificate Do not verify the server SSL certificate (insecure)
@@ -13473,24 +14673,26 @@ These flags are available for every command.
--progress-terminal-title Show progress on the terminal title (requires -P/--progress)
-q, --quiet Print as little stuff as possible
--rc Enable the remote control server
- --rc-addr string IPaddress:Port or :Port to bind server to (default "localhost:5572")
+ --rc-addr stringArray IPaddress:Port or :Port to bind server to (default [localhost:5572])
--rc-allow-origin string Set the allowed origin for CORS
--rc-baseurl string Prefix for URLs - leave blank for root
- --rc-cert string SSL PEM key (concatenation of certificate and CA certificate)
+ --rc-cert string TLS PEM key (concatenation of certificate and CA certificate)
--rc-client-ca string Client certificate authority to verify clients with
--rc-enable-metrics Enable prometheus metrics on /metrics
--rc-files string Path to local files to serve on the HTTP server
- --rc-htpasswd string htpasswd file - if not provided no authentication is done
- --rc-job-expire-duration duration Expire finished async jobs older than this value (default 1m0s)
- --rc-job-expire-interval duration Interval to check for expired async jobs (default 10s)
- --rc-key string SSL PEM Private key
+ --rc-htpasswd string A htpasswd file - if not provided no authentication is done
+ --rc-job-expire-duration Duration Expire finished async jobs older than this value (default 1m0s)
+ --rc-job-expire-interval Duration Interval to check for expired async jobs (default 10s)
+ --rc-key string TLS PEM Private key
--rc-max-header-bytes int Maximum size of request header (default 4096)
+ --rc-min-tls-version string Minimum TLS version that is acceptable (default "tls1.0")
--rc-no-auth Don't require auth for certain methods
--rc-pass string Password for authentication
- --rc-realm string Realm for authentication (default "rclone")
+ --rc-realm string Realm for authentication
+ --rc-salt string Password hashing salt (default "dlPL2MqE")
--rc-serve Enable the serving of remote objects
- --rc-server-read-timeout duration Timeout for server reading data (default 1h0m0s)
- --rc-server-write-timeout duration Timeout for server writing data (default 1h0m0s)
+ --rc-server-read-timeout Duration Timeout for server reading data (default 1h0m0s)
+ --rc-server-write-timeout Duration Timeout for server writing data (default 1h0m0s)
--rc-template string User-specified template
--rc-user string User name for authentication
--rc-web-fetch-url string URL to fetch the releases for webgui (default "https://api.github.com/repos/rclone/rclone-webui-react/releases/latest")
@@ -13500,9 +14702,10 @@ These flags are available for every command.
--rc-web-gui-update Check and update to latest version of web gui
--refresh-times Refresh the modtime of remote files
--retries int Retry operations this many times if they fail (default 3)
- --retries-sleep duration Interval between retrying operations if they fail, e.g. 500ms, 60s, 5m (0 to disable)
+ --retries-sleep Duration Interval between retrying operations if they fail, e.g. 500ms, 60s, 5m (0 to disable) (default 0s)
+ --server-side-across-configs Allow server-side operations (e.g. copy) to work across different configs
--size-only Skip based on size only, not mod-time or checksum
- --stats duration Interval between printing stats, e.g. 500ms, 60s, 5m (0 to disable) (default 1m0s)
+ --stats Duration Interval between printing stats, e.g. 500ms, 60s, 5m (0 to disable) (default 1m0s)
--stats-file-name-length int Max file name length in stats (0 for no limit) (default 45)
--stats-log-level string Log level to show --stats output DEBUG|INFO|NOTICE|ERROR (default "INFO")
--stats-one-line Make the stats fit on one line
@@ -13515,7 +14718,7 @@ These flags are available for every command.
--syslog Use Syslog for logging
--syslog-facility string Facility for syslog, e.g. KERN,USER,... (default "DAEMON")
--temp-dir string Directory rclone will use for temporary files (default "/tmp")
- --timeout duration IO idle timeout (default 5m0s)
+ --timeout Duration IO idle timeout (default 5m0s)
--tpslimit float Limit HTTP transactions per second to this
--tpslimit-burst int Max burst of transactions for --tpslimit (default 1)
--track-renames When synchronizing, track file renames and do a server-side move if possible
@@ -13526,7 +14729,7 @@ These flags are available for every command.
--use-json-log Use json log format
--use-mmap Use mmap allocator (see docs)
--use-server-modtime Use server modified time instead of object metadata
- --user-agent string Set the user-agent to a specified string (default "rclone/v1.58.0")
+ --user-agent string Set the user-agent to a specified string (default "rclone/v1.61.0")
-v, --verbose count Print lots more stuff (repeat for more)
```
@@ -13536,469 +14739,543 @@ These flags are available for every command. They control the backends
and may be set in the config file.
```
- --acd-auth-url string Auth server URL
- --acd-client-id string OAuth Client Id
- --acd-client-secret string OAuth Client Secret
- --acd-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
- --acd-templink-threshold SizeSuffix Files >= this size will be downloaded via their tempLink (default 9Gi)
- --acd-token string OAuth Access Token as a JSON blob
- --acd-token-url string Token server url
- --acd-upload-wait-per-gb Duration Additional time per GiB to wait after a failed complete upload to see if it appears (default 3m0s)
- --alias-remote string Remote or path to alias
- --azureblob-access-tier string Access tier of blob: hot, cool or archive
- --azureblob-account string Storage Account Name
- --azureblob-archive-tier-delete Delete archive tier blobs before overwriting
- --azureblob-chunk-size SizeSuffix Upload chunk size (default 4Mi)
- --azureblob-disable-checksum Don't store MD5 checksum with object metadata
- --azureblob-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,RightPeriod,InvalidUtf8)
- --azureblob-endpoint string Endpoint for the service
- --azureblob-key string Storage Account Key
- --azureblob-list-chunk int Size of blob list (default 5000)
- --azureblob-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
- --azureblob-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
- --azureblob-msi-client-id string Object ID of the user-assigned MSI to use, if any
- --azureblob-msi-mi-res-id string Azure resource ID of the user-assigned MSI to use, if any
- --azureblob-msi-object-id string Object ID of the user-assigned MSI to use, if any
- --azureblob-no-head-object If set, do not do HEAD before GET when getting objects
- --azureblob-public-access string Public access level of a container: blob or container
- --azureblob-sas-url string SAS URL for container level access only
- --azureblob-service-principal-file string Path to file containing credentials for use with a service principal
- --azureblob-upload-concurrency int Concurrency for multipart uploads (default 16)
- --azureblob-upload-cutoff string Cutoff for switching to chunked upload (<= 256 MiB) (deprecated)
- --azureblob-use-emulator Uses local storage emulator if provided as 'true'
- --azureblob-use-msi Use a managed service identity to authenticate (only works in Azure)
- --b2-account string Account ID or Application Key ID
- --b2-chunk-size SizeSuffix Upload chunk size (default 96Mi)
- --b2-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4Gi)
- --b2-disable-checksum Disable checksums for large (> upload cutoff) files
- --b2-download-auth-duration Duration Time before the authorization token will expire in s or suffix ms|s|m|h|d (default 1w)
- --b2-download-url string Custom endpoint for downloads
- --b2-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --b2-endpoint string Endpoint for the service
- --b2-hard-delete Permanently delete files on remote removal, otherwise hide files
- --b2-key string Application Key
- --b2-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
- --b2-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
- --b2-test-mode string A flag string for X-Bz-Test-Mode header for debugging
- --b2-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
- --b2-versions Include old versions in directory listings
- --box-access-token string Box App Primary Access Token
- --box-auth-url string Auth server URL
- --box-box-config-file string Box App config.json location
- --box-box-sub-type string (default "user")
- --box-client-id string OAuth Client Id
- --box-client-secret string OAuth Client Secret
- --box-commit-retries int Max number of times to try committing a multipart file (default 100)
- --box-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,RightSpace,InvalidUtf8,Dot)
- --box-list-chunk int Size of listing chunk 1-1000 (default 1000)
- --box-owned-by string Only show items owned by the login (email address) passed in
- --box-root-folder-id string Fill in for rclone to use a non root folder as its starting point
- --box-token string OAuth Access Token as a JSON blob
- --box-token-url string Token server url
- --box-upload-cutoff SizeSuffix Cutoff for switching to multipart upload (>= 50 MiB) (default 50Mi)
- --cache-chunk-clean-interval Duration How often should the cache perform cleanups of the chunk storage (default 1m0s)
- --cache-chunk-no-memory Disable the in-memory cache for storing chunks during streaming
- --cache-chunk-path string Directory to cache chunk files (default "$HOME/.cache/rclone/cache-backend")
- --cache-chunk-size SizeSuffix The size of a chunk (partial file data) (default 5Mi)
- --cache-chunk-total-size SizeSuffix The total size that the chunks can take up on the local disk (default 10Gi)
- --cache-db-path string Directory to store file structure metadata DB (default "$HOME/.cache/rclone/cache-backend")
- --cache-db-purge Clear all the cached data for this remote on start
- --cache-db-wait-time Duration How long to wait for the DB to be available - 0 is unlimited (default 1s)
- --cache-info-age Duration How long to cache file structure information (directory listings, file size, times, etc.) (default 6h0m0s)
- --cache-plex-insecure string Skip all certificate verification when connecting to the Plex server
- --cache-plex-password string The password of the Plex user (obscured)
- --cache-plex-url string The URL of the Plex server
- --cache-plex-username string The username of the Plex user
- --cache-read-retries int How many times to retry a read from a cache storage (default 10)
- --cache-remote string Remote to cache
- --cache-rps int Limits the number of requests per second to the source FS (-1 to disable) (default -1)
- --cache-tmp-upload-path string Directory to keep temporary files until they are uploaded
- --cache-tmp-wait-time Duration How long should files be stored in local cache before being uploaded (default 15s)
- --cache-workers int How many workers should run in parallel to download chunks (default 4)
- --cache-writes Cache file data on writes through the FS
- --chunker-chunk-size SizeSuffix Files larger than chunk size will be split in chunks (default 2Gi)
- --chunker-fail-hard Choose how chunker should handle files with missing or invalid chunks
- --chunker-hash-type string Choose how chunker handles hash sums (default "md5")
- --chunker-remote string Remote to chunk/unchunk
- --compress-level int GZIP compression level (-2 to 9) (default -1)
- --compress-mode string Compression mode (default "gzip")
- --compress-ram-cache-limit SizeSuffix Some remotes don't allow the upload of files with unknown size (default 20Mi)
- --compress-remote string Remote to compress
- -L, --copy-links Follow symlinks and copy the pointed to item
- --crypt-directory-name-encryption Option to either encrypt directory names or leave them intact (default true)
- --crypt-filename-encoding string How to encode the encrypted filename to text string (default "base32")
- --crypt-filename-encryption string How to encrypt the filenames (default "standard")
- --crypt-no-data-encryption Option to either encrypt file data or leave it unencrypted
- --crypt-password string Password or pass phrase for encryption (obscured)
- --crypt-password2 string Password or pass phrase for salt (obscured)
- --crypt-remote string Remote to encrypt/decrypt
- --crypt-server-side-across-configs Allow server-side operations (e.g. copy) to work across different crypt configs
- --crypt-show-mapping For all files listed show how the names encrypt
- --drive-acknowledge-abuse Set to allow files which return cannotDownloadAbusiveFile to be downloaded
- --drive-allow-import-name-change Allow the filetype to change when uploading Google docs
- --drive-auth-owner-only Only consider files owned by the authenticated user
- --drive-auth-url string Auth server URL
- --drive-chunk-size SizeSuffix Upload chunk size (default 8Mi)
- --drive-client-id string Google Application Client Id
- --drive-client-secret string OAuth Client Secret
- --drive-copy-shortcut-content Server side copy contents of shortcuts instead of the shortcut
- --drive-disable-http2 Disable drive using http2 (default true)
- --drive-encoding MultiEncoder The encoding for the backend (default InvalidUtf8)
- --drive-export-formats string Comma separated list of preferred formats for downloading Google docs (default "docx,xlsx,pptx,svg")
- --drive-formats string Deprecated: See export_formats
- --drive-impersonate string Impersonate this user when using a service account
- --drive-import-formats string Comma separated list of preferred formats for uploading Google docs
- --drive-keep-revision-forever Keep new head revision of each file forever
- --drive-list-chunk int Size of listing chunk 100-1000, 0 to disable (default 1000)
- --drive-pacer-burst int Number of API calls to allow without sleeping (default 100)
- --drive-pacer-min-sleep Duration Minimum time to sleep between API calls (default 100ms)
- --drive-root-folder-id string ID of the root folder
- --drive-scope string Scope that rclone should use when requesting access from drive
- --drive-server-side-across-configs Allow server-side operations (e.g. copy) to work across different drive configs
- --drive-service-account-credentials string Service Account Credentials JSON blob
- --drive-service-account-file string Service Account Credentials JSON file path
- --drive-shared-with-me Only show files that are shared with me
- --drive-size-as-quota Show sizes as storage quota usage, not actual size
- --drive-skip-checksum-gphotos Skip MD5 checksum on Google photos and videos only
- --drive-skip-dangling-shortcuts If set skip dangling shortcut files
- --drive-skip-gdocs Skip google documents in all listings
- --drive-skip-shortcuts If set skip shortcut files
- --drive-starred-only Only show files that are starred
- --drive-stop-on-download-limit Make download limit errors be fatal
- --drive-stop-on-upload-limit Make upload limit errors be fatal
- --drive-team-drive string ID of the Shared Drive (Team Drive)
- --drive-token string OAuth Access Token as a JSON blob
- --drive-token-url string Token server url
- --drive-trashed-only Only show files that are in the trash
- --drive-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 8Mi)
- --drive-use-created-date Use file created date instead of modified date
- --drive-use-shared-date Use date file was shared instead of modified date
- --drive-use-trash Send files to the trash instead of deleting permanently (default true)
- --drive-v2-download-min-size SizeSuffix If Object's are greater, use drive v2 API to download (default off)
- --dropbox-auth-url string Auth server URL
- --dropbox-batch-commit-timeout Duration Max time to wait for a batch to finish comitting (default 10m0s)
- --dropbox-batch-mode string Upload file batching sync|async|off (default "sync")
- --dropbox-batch-size int Max number of files in upload batch
- --dropbox-batch-timeout Duration Max time to allow an idle upload batch before uploading (default 0s)
- --dropbox-chunk-size SizeSuffix Upload chunk size (< 150Mi) (default 48Mi)
- --dropbox-client-id string OAuth Client Id
- --dropbox-client-secret string OAuth Client Secret
- --dropbox-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,RightSpace,InvalidUtf8,Dot)
- --dropbox-impersonate string Impersonate this user when using a business account
- --dropbox-shared-files Instructs rclone to work on individual shared files
- --dropbox-shared-folders Instructs rclone to work on shared folders
- --dropbox-token string OAuth Access Token as a JSON blob
- --dropbox-token-url string Token server url
- --fichier-api-key string Your API Key, get it from https://1fichier.com/console/params.pl
- --fichier-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,SingleQuote,BackQuote,Dollar,BackSlash,Del,Ctl,LeftSpace,RightSpace,InvalidUtf8,Dot)
- --fichier-file-password string If you want to download a shared file that is password protected, add this parameter (obscured)
- --fichier-folder-password string If you want to list the files in a shared folder that is password protected, add this parameter (obscured)
- --fichier-shared-folder string If you want to download a shared folder, add this parameter
- --filefabric-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,InvalidUtf8,Dot)
- --filefabric-permanent-token string Permanent Authentication Token
- --filefabric-root-folder-id string ID of the root folder
- --filefabric-token string Session Token
- --filefabric-token-expiry string Token expiry time
- --filefabric-url string URL of the Enterprise File Fabric to connect to
- --filefabric-version string Version read from the file fabric
- --ftp-ask-password Allow asking for FTP password when needed
- --ftp-close-timeout Duration Maximum time to wait for a response to close (default 1m0s)
- --ftp-concurrency int Maximum number of FTP simultaneous connections, 0 for unlimited
- --ftp-disable-epsv Disable using EPSV even if server advertises support
- --ftp-disable-mlsd Disable using MLSD even if server advertises support
- --ftp-disable-tls13 Disable TLS 1.3 (workaround for FTP servers with buggy TLS)
- --ftp-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,RightSpace,Dot)
- --ftp-explicit-tls Use Explicit FTPS (FTP over TLS)
- --ftp-host string FTP host to connect to
- --ftp-idle-timeout Duration Max time before closing idle connections (default 1m0s)
- --ftp-no-check-certificate Do not verify the TLS certificate of the server
- --ftp-pass string FTP password (obscured)
- --ftp-port int FTP port number (default 21)
- --ftp-shut-timeout Duration Maximum time to wait for data connection closing status (default 1m0s)
- --ftp-tls Use Implicit FTPS (FTP over TLS)
- --ftp-tls-cache-size int Size of TLS session cache for all control and data connections (default 32)
- --ftp-user string FTP username (default "$USER")
- --ftp-writing-mdtm Use MDTM to set modification time (VsFtpd quirk)
- --gcs-anonymous Access public buckets and objects without credentials
- --gcs-auth-url string Auth server URL
- --gcs-bucket-acl string Access Control List for new buckets
- --gcs-bucket-policy-only Access checks should use bucket-level IAM policies
- --gcs-client-id string OAuth Client Id
- --gcs-client-secret string OAuth Client Secret
- --gcs-encoding MultiEncoder The encoding for the backend (default Slash,CrLf,InvalidUtf8,Dot)
- --gcs-location string Location for the newly created buckets
- --gcs-object-acl string Access Control List for new objects
- --gcs-project-number string Project number
- --gcs-service-account-file string Service Account Credentials JSON file path
- --gcs-storage-class string The storage class to use when storing objects in Google Cloud Storage
- --gcs-token string OAuth Access Token as a JSON blob
- --gcs-token-url string Token server url
- --gphotos-auth-url string Auth server URL
- --gphotos-client-id string OAuth Client Id
- --gphotos-client-secret string OAuth Client Secret
- --gphotos-encoding MultiEncoder The encoding for the backend (default Slash,CrLf,InvalidUtf8,Dot)
- --gphotos-include-archived Also view and download archived media
- --gphotos-read-only Set to make the Google Photos backend read only
- --gphotos-read-size Set to read the size of media items
- --gphotos-start-year int Year limits the photos to be downloaded to those which are uploaded after the given year (default 2000)
- --gphotos-token string OAuth Access Token as a JSON blob
- --gphotos-token-url string Token server url
- --hasher-auto-size SizeSuffix Auto-update checksum for files smaller than this size (disabled by default)
- --hasher-hashes CommaSepList Comma separated list of supported checksum types (default md5,sha1)
- --hasher-max-age Duration Maximum time to keep checksums in cache (0 = no cache, off = cache forever) (default off)
- --hasher-remote string Remote to cache checksums for (e.g. myRemote:path)
- --hdfs-data-transfer-protection string Kerberos data transfer protection: authentication|integrity|privacy
- --hdfs-encoding MultiEncoder The encoding for the backend (default Slash,Colon,Del,Ctl,InvalidUtf8,Dot)
- --hdfs-namenode string Hadoop name node and port
- --hdfs-service-principal-name string Kerberos service principal name for the namenode
- --hdfs-username string Hadoop user name
- --http-headers CommaSepList Set HTTP headers for all transactions
- --http-no-head Don't use HEAD requests
- --http-no-slash Set this if the site doesn't end directories with /
- --http-url string URL of http host to connect to
- --hubic-auth-url string Auth server URL
- --hubic-chunk-size SizeSuffix Above this size files will be chunked into a _segments container (default 5Gi)
- --hubic-client-id string OAuth Client Id
- --hubic-client-secret string OAuth Client Secret
- --hubic-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8)
- --hubic-no-chunk Don't chunk files during streaming upload
- --hubic-token string OAuth Access Token as a JSON blob
- --hubic-token-url string Token server url
- --jottacloud-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,Del,Ctl,InvalidUtf8,Dot)
- --jottacloud-hard-delete Delete files permanently rather than putting them into the trash
- --jottacloud-md5-memory-limit SizeSuffix Files bigger than this will be cached on disk to calculate the MD5 if required (default 10Mi)
- --jottacloud-no-versions Avoid server side versioning by deleting files and recreating files instead of overwriting them
- --jottacloud-trashed-only Only show files that are in the trash
- --jottacloud-upload-resume-limit SizeSuffix Files bigger than this can be resumed if the upload fail's (default 10Mi)
- --koofr-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --koofr-endpoint string The Koofr API endpoint to use
- --koofr-mountid string Mount ID of the mount to use
- --koofr-password string Your password for rclone (generate one at https://app.koofr.net/app/admin/preferences/password) (obscured)
- --koofr-provider string Choose your storage provider
- --koofr-setmtime Does the backend support setting modification time (default true)
- --koofr-user string Your user name
- -l, --links Translate symlinks to/from regular files with a '.rclonelink' extension
- --local-case-insensitive Force the filesystem to report itself as case insensitive
- --local-case-sensitive Force the filesystem to report itself as case sensitive
- --local-encoding MultiEncoder The encoding for the backend (default Slash,Dot)
- --local-no-check-updated Don't check to see if the files change during upload
- --local-no-preallocate Disable preallocation of disk space for transferred files
- --local-no-set-modtime Disable setting modtime
- --local-no-sparse Disable sparse files for multi-thread downloads
- --local-nounc string Disable UNC (long path names) conversion on Windows
- --local-unicode-normalization Apply unicode NFC normalization to paths and filenames
- --local-zero-size-links Assume the Stat size of links is zero (and read them instead) (deprecated)
- --mailru-check-hash What should copy do if file checksum is mismatched or invalid (default true)
- --mailru-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --mailru-pass string Password (obscured)
- --mailru-speedup-enable Skip full upload if there is another file with same data hash (default true)
- --mailru-speedup-file-patterns string Comma separated list of file name patterns eligible for speedup (put by hash) (default "*.mkv,*.avi,*.mp4,*.mp3,*.zip,*.gz,*.rar,*.pdf")
- --mailru-speedup-max-disk SizeSuffix This option allows you to disable speedup (put by hash) for large files (default 3Gi)
- --mailru-speedup-max-memory SizeSuffix Files larger than the size given below will always be hashed on disk (default 32Mi)
- --mailru-user string User name (usually email)
- --mega-debug Output more debug from Mega
- --mega-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
- --mega-hard-delete Delete files permanently rather than putting them into the trash
- --mega-pass string Password (obscured)
- --mega-user string User name
- --netstorage-account string Set the NetStorage account name
- --netstorage-host string Domain+path of NetStorage host to connect to
- --netstorage-protocol string Select between HTTP or HTTPS protocol (default "https")
- --netstorage-secret string Set the NetStorage account secret/G2O key for authentication (obscured)
- -x, --one-file-system Don't cross filesystem boundaries (unix/macOS only)
- --onedrive-auth-url string Auth server URL
- --onedrive-chunk-size SizeSuffix Chunk size to upload files with - must be multiple of 320k (327,680 bytes) (default 10Mi)
- --onedrive-client-id string OAuth Client Id
- --onedrive-client-secret string OAuth Client Secret
- --onedrive-disable-site-permission Disable the request for Sites.Read.All permission
- --onedrive-drive-id string The ID of the drive to use
- --onedrive-drive-type string The type of the drive (personal | business | documentLibrary)
- --onedrive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,LeftSpace,LeftTilde,RightSpace,RightPeriod,InvalidUtf8,Dot)
- --onedrive-expose-onenote-files Set to make OneNote files show up in directory listings
- --onedrive-link-password string Set the password for links created by the link command
- --onedrive-link-scope string Set the scope of the links created by the link command (default "anonymous")
- --onedrive-link-type string Set the type of the links created by the link command (default "view")
- --onedrive-list-chunk int Size of listing chunk (default 1000)
- --onedrive-no-versions Remove all versions on modifying operations
- --onedrive-region string Choose national cloud region for OneDrive (default "global")
- --onedrive-root-folder-id string ID of the root folder
- --onedrive-server-side-across-configs Allow server-side operations (e.g. copy) to work across different onedrive configs
- --onedrive-token string OAuth Access Token as a JSON blob
- --onedrive-token-url string Token server url
- --opendrive-chunk-size SizeSuffix Files will be uploaded in chunks this size (default 10Mi)
- --opendrive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,LeftSpace,LeftCrLfHtVt,RightSpace,RightCrLfHtVt,InvalidUtf8,Dot)
- --opendrive-password string Password (obscured)
- --opendrive-username string Username
- --pcloud-auth-url string Auth server URL
- --pcloud-client-id string OAuth Client Id
- --pcloud-client-secret string OAuth Client Secret
- --pcloud-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --pcloud-hostname string Hostname to connect to (default "api.pcloud.com")
- --pcloud-root-folder-id string Fill in for rclone to use a non root folder as its starting point (default "d0")
- --pcloud-token string OAuth Access Token as a JSON blob
- --pcloud-token-url string Token server url
- --premiumizeme-encoding MultiEncoder The encoding for the backend (default Slash,DoubleQuote,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --putio-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --qingstor-access-key-id string QingStor Access Key ID
- --qingstor-chunk-size SizeSuffix Chunk size to use for uploading (default 4Mi)
- --qingstor-connection-retries int Number of connection retries (default 3)
- --qingstor-encoding MultiEncoder The encoding for the backend (default Slash,Ctl,InvalidUtf8)
- --qingstor-endpoint string Enter an endpoint URL to connection QingStor API
- --qingstor-env-auth Get QingStor credentials from runtime
- --qingstor-secret-access-key string QingStor Secret Access Key (password)
- --qingstor-upload-concurrency int Concurrency for multipart uploads (default 1)
- --qingstor-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
- --qingstor-zone string Zone to connect to
- --s3-access-key-id string AWS Access Key ID
- --s3-acl string Canned ACL used when creating buckets and storing or copying objects
- --s3-bucket-acl string Canned ACL used when creating buckets
- --s3-chunk-size SizeSuffix Chunk size to use for uploading (default 5Mi)
- --s3-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4.656Gi)
- --s3-disable-checksum Don't store MD5 checksum with object metadata
- --s3-disable-http2 Disable usage of http2 for S3 backends
- --s3-download-url string Custom endpoint for downloads
- --s3-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
- --s3-endpoint string Endpoint for S3 API
- --s3-env-auth Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars)
- --s3-force-path-style If true use path style access if false use virtual hosted style (default true)
- --s3-leave-parts-on-error If true avoid calling abort upload on a failure, leaving all successfully uploaded parts on S3 for manual recovery
- --s3-list-chunk int Size of listing chunk (response list for each ListObject S3 request) (default 1000)
- --s3-list-url-encode Tristate Whether to url encode listings: true/false/unset (default unset)
- --s3-list-version int Version of ListObjects to use: 1,2 or 0 for auto
- --s3-location-constraint string Location constraint - must be set to match the Region
- --s3-max-upload-parts int Maximum number of parts in a multipart upload (default 10000)
- --s3-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
- --s3-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
- --s3-no-check-bucket If set, don't attempt to check the bucket exists or create it
- --s3-no-head If set, don't HEAD uploaded objects to check integrity
- --s3-no-head-object If set, do not do HEAD before GET when getting objects
- --s3-profile string Profile to use in the shared credentials file
- --s3-provider string Choose your S3 provider
- --s3-region string Region to connect to
- --s3-requester-pays Enables requester pays option when interacting with S3 bucket
- --s3-secret-access-key string AWS Secret Access Key (password)
- --s3-server-side-encryption string The server-side encryption algorithm used when storing this object in S3
- --s3-session-token string An AWS session token
- --s3-shared-credentials-file string Path to the shared credentials file
- --s3-sse-customer-algorithm string If using SSE-C, the server-side encryption algorithm used when storing this object in S3
- --s3-sse-customer-key string If using SSE-C you must provide the secret encryption key used to encrypt/decrypt your data
- --s3-sse-customer-key-md5 string If using SSE-C you may provide the secret encryption key MD5 checksum (optional)
- --s3-sse-kms-key-id string If using KMS ID you must provide the ARN of Key
- --s3-storage-class string The storage class to use when storing new objects in S3
- --s3-upload-concurrency int Concurrency for multipart uploads (default 4)
- --s3-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
- --s3-use-accelerate-endpoint If true use the AWS S3 accelerated endpoint
- --s3-use-multipart-etag Tristate Whether to use ETag in multipart uploads for verification (default unset)
- --s3-v2-auth If true use v2 authentication
- --seafile-2fa Two-factor authentication ('true' if the account has 2FA enabled)
- --seafile-create-library Should rclone create a library if it doesn't exist
- --seafile-encoding MultiEncoder The encoding for the backend (default Slash,DoubleQuote,BackSlash,Ctl,InvalidUtf8)
- --seafile-library string Name of the library
- --seafile-library-key string Library password (for encrypted libraries only) (obscured)
- --seafile-pass string Password (obscured)
- --seafile-url string URL of seafile host to connect to
- --seafile-user string User name (usually email address)
- --sftp-ask-password Allow asking for SFTP password when needed
- --sftp-disable-concurrent-reads If set don't use concurrent reads
- --sftp-disable-concurrent-writes If set don't use concurrent writes
- --sftp-disable-hashcheck Disable the execution of SSH commands to determine if remote file hashing is available
- --sftp-host string SSH host to connect to
- --sftp-idle-timeout Duration Max time before closing idle connections (default 1m0s)
- --sftp-key-file string Path to PEM-encoded private key file
- --sftp-key-file-pass string The passphrase to decrypt the PEM-encoded private key file (obscured)
- --sftp-key-pem string Raw PEM-encoded private key
- --sftp-key-use-agent When set forces the usage of the ssh-agent
- --sftp-known-hosts-file string Optional path to known_hosts file
- --sftp-md5sum-command string The command used to read md5 hashes
- --sftp-pass string SSH password, leave blank to use ssh-agent (obscured)
- --sftp-path-override string Override path used by SSH connection
- --sftp-port int SSH port number (default 22)
- --sftp-pubkey-file string Optional path to public key file
- --sftp-server-command string Specifies the path or command to run a sftp server on the remote host
- --sftp-set-modtime Set the modified time on the remote if set (default true)
- --sftp-sha1sum-command string The command used to read sha1 hashes
- --sftp-skip-links Set to skip any symlinks and any other non regular files
- --sftp-subsystem string Specifies the SSH2 subsystem on the remote host (default "sftp")
- --sftp-use-fstat If set use fstat instead of stat
- --sftp-use-insecure-cipher Enable the use of insecure ciphers and key exchange methods
- --sftp-user string SSH username (default "$USER")
- --sharefile-chunk-size SizeSuffix Upload chunk size (default 64Mi)
- --sharefile-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,LeftSpace,LeftPeriod,RightSpace,RightPeriod,InvalidUtf8,Dot)
- --sharefile-endpoint string Endpoint for API calls
- --sharefile-root-folder-id string ID of the root folder
- --sharefile-upload-cutoff SizeSuffix Cutoff for switching to multipart upload (default 128Mi)
- --sia-api-password string Sia Daemon API Password (obscured)
- --sia-api-url string Sia daemon API URL, like http://sia.daemon.host:9980 (default "http://127.0.0.1:9980")
- --sia-encoding MultiEncoder The encoding for the backend (default Slash,Question,Hash,Percent,Del,Ctl,InvalidUtf8,Dot)
- --sia-user-agent string Siad User Agent (default "Sia-Agent")
- --skip-links Don't warn about skipped symlinks
- --storj-access-grant string Access grant
- --storj-api-key string API key
- --storj-passphrase string Encryption passphrase
- --storj-provider string Choose an authentication method (default "existing")
- --storj-satellite-address string Satellite address (default "us-central-1.storj.io")
- --sugarsync-access-key-id string Sugarsync Access Key ID
- --sugarsync-app-id string Sugarsync App ID
- --sugarsync-authorization string Sugarsync authorization
- --sugarsync-authorization-expiry string Sugarsync authorization expiry
- --sugarsync-deleted-id string Sugarsync deleted folder id
- --sugarsync-encoding MultiEncoder The encoding for the backend (default Slash,Ctl,InvalidUtf8,Dot)
- --sugarsync-hard-delete Permanently delete files if true
- --sugarsync-private-access-key string Sugarsync Private Access Key
- --sugarsync-refresh-token string Sugarsync refresh token
- --sugarsync-root-id string Sugarsync root id
- --sugarsync-user string Sugarsync user
- --swift-application-credential-id string Application Credential ID (OS_APPLICATION_CREDENTIAL_ID)
- --swift-application-credential-name string Application Credential Name (OS_APPLICATION_CREDENTIAL_NAME)
- --swift-application-credential-secret string Application Credential Secret (OS_APPLICATION_CREDENTIAL_SECRET)
- --swift-auth string Authentication URL for server (OS_AUTH_URL)
- --swift-auth-token string Auth Token from alternate authentication - optional (OS_AUTH_TOKEN)
- --swift-auth-version int AuthVersion - optional - set to (1,2,3) if your auth URL has no version (ST_AUTH_VERSION)
- --swift-chunk-size SizeSuffix Above this size files will be chunked into a _segments container (default 5Gi)
- --swift-domain string User domain - optional (v3 auth) (OS_USER_DOMAIN_NAME)
- --swift-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8)
- --swift-endpoint-type string Endpoint type to choose from the service catalogue (OS_ENDPOINT_TYPE) (default "public")
- --swift-env-auth Get swift credentials from environment variables in standard OpenStack form
- --swift-key string API key or password (OS_PASSWORD)
- --swift-leave-parts-on-error If true avoid calling abort upload on a failure
- --swift-no-chunk Don't chunk files during streaming upload
- --swift-region string Region name - optional (OS_REGION_NAME)
- --swift-storage-policy string The storage policy to use when creating a new container
- --swift-storage-url string Storage URL - optional (OS_STORAGE_URL)
- --swift-tenant string Tenant name - optional for v1 auth, this or tenant_id required otherwise (OS_TENANT_NAME or OS_PROJECT_NAME)
- --swift-tenant-domain string Tenant domain - optional (v3 auth) (OS_PROJECT_DOMAIN_NAME)
- --swift-tenant-id string Tenant ID - optional for v1 auth, this or tenant required otherwise (OS_TENANT_ID)
- --swift-user string User name to log in (OS_USERNAME)
- --swift-user-id string User ID to log in - optional - most swift systems use user and leave this blank (v3 auth) (OS_USER_ID)
- --union-action-policy string Policy to choose upstream on ACTION category (default "epall")
- --union-cache-time int Cache time of usage and free space (in seconds) (default 120)
- --union-create-policy string Policy to choose upstream on CREATE category (default "epmfs")
- --union-search-policy string Policy to choose upstream on SEARCH category (default "ff")
- --union-upstreams string List of space separated upstreams
- --uptobox-access-token string Your access token
- --uptobox-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,BackQuote,Del,Ctl,LeftSpace,InvalidUtf8,Dot)
- --webdav-bearer-token string Bearer token instead of user/pass (e.g. a Macaroon)
- --webdav-bearer-token-command string Command to run to get a bearer token
- --webdav-encoding string The encoding for the backend
- --webdav-headers CommaSepList Set HTTP headers for all transactions
- --webdav-pass string Password (obscured)
- --webdav-url string URL of http host to connect to
- --webdav-user string User name
- --webdav-vendor string Name of the Webdav site/service/software you are using
- --yandex-auth-url string Auth server URL
- --yandex-client-id string OAuth Client Id
- --yandex-client-secret string OAuth Client Secret
- --yandex-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,InvalidUtf8,Dot)
- --yandex-hard-delete Delete files permanently rather than putting them into the trash
- --yandex-token string OAuth Access Token as a JSON blob
- --yandex-token-url string Token server url
- --zoho-auth-url string Auth server URL
- --zoho-client-id string OAuth Client Id
- --zoho-client-secret string OAuth Client Secret
- --zoho-encoding MultiEncoder The encoding for the backend (default Del,Ctl,InvalidUtf8)
- --zoho-region string Zoho region to connect to
- --zoho-token string OAuth Access Token as a JSON blob
- --zoho-token-url string Token server url
+ --acd-auth-url string Auth server URL
+ --acd-client-id string OAuth Client Id
+ --acd-client-secret string OAuth Client Secret
+ --acd-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
+ --acd-templink-threshold SizeSuffix Files >= this size will be downloaded via their tempLink (default 9Gi)
+ --acd-token string OAuth Access Token as a JSON blob
+ --acd-token-url string Token server url
+ --acd-upload-wait-per-gb Duration Additional time per GiB to wait after a failed complete upload to see if it appears (default 3m0s)
+ --alias-remote string Remote or path to alias
+ --azureblob-access-tier string Access tier of blob: hot, cool or archive
+ --azureblob-account string Azure Storage Account Name
+ --azureblob-archive-tier-delete Delete archive tier blobs before overwriting
+ --azureblob-chunk-size SizeSuffix Upload chunk size (default 4Mi)
+ --azureblob-client-certificate-password string Password for the certificate file (optional) (obscured)
+ --azureblob-client-certificate-path string Path to a PEM or PKCS12 certificate file including the private key
+ --azureblob-client-id string The ID of the client in use
+ --azureblob-client-secret string One of the service principal's client secrets
+ --azureblob-client-send-certificate-chain Send the certificate chain when using certificate auth
+ --azureblob-disable-checksum Don't store MD5 checksum with object metadata
+ --azureblob-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,RightPeriod,InvalidUtf8)
+ --azureblob-endpoint string Endpoint for the service
+ --azureblob-env-auth Read credentials from runtime (environment variables, CLI or MSI)
+ --azureblob-key string Storage Account Shared Key
+ --azureblob-list-chunk int Size of blob list (default 5000)
+ --azureblob-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
+ --azureblob-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
+ --azureblob-msi-client-id string Object ID of the user-assigned MSI to use, if any
+ --azureblob-msi-mi-res-id string Azure resource ID of the user-assigned MSI to use, if any
+ --azureblob-msi-object-id string Object ID of the user-assigned MSI to use, if any
+ --azureblob-no-check-container If set, don't attempt to check the container exists or create it
+ --azureblob-no-head-object If set, do not do HEAD before GET when getting objects
+ --azureblob-password string The user's password (obscured)
+ --azureblob-public-access string Public access level of a container: blob or container
+ --azureblob-sas-url string SAS URL for container level access only
+ --azureblob-service-principal-file string Path to file containing credentials for use with a service principal
+ --azureblob-tenant string ID of the service principal's tenant. Also called its directory ID
+ --azureblob-upload-concurrency int Concurrency for multipart uploads (default 16)
+ --azureblob-upload-cutoff string Cutoff for switching to chunked upload (<= 256 MiB) (deprecated)
+ --azureblob-use-emulator Uses local storage emulator if provided as 'true'
+ --azureblob-use-msi Use a managed service identity to authenticate (only works in Azure)
+ --azureblob-username string User name (usually an email address)
+ --b2-account string Account ID or Application Key ID
+ --b2-chunk-size SizeSuffix Upload chunk size (default 96Mi)
+ --b2-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4Gi)
+ --b2-disable-checksum Disable checksums for large (> upload cutoff) files
+ --b2-download-auth-duration Duration Time before the authorization token will expire in s or suffix ms|s|m|h|d (default 1w)
+ --b2-download-url string Custom endpoint for downloads
+ --b2-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --b2-endpoint string Endpoint for the service
+ --b2-hard-delete Permanently delete files on remote removal, otherwise hide files
+ --b2-key string Application Key
+ --b2-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
+ --b2-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
+ --b2-test-mode string A flag string for X-Bz-Test-Mode header for debugging
+ --b2-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
+ --b2-version-at Time Show file versions as they were at the specified time (default off)
+ --b2-versions Include old versions in directory listings
+ --box-access-token string Box App Primary Access Token
+ --box-auth-url string Auth server URL
+ --box-box-config-file string Box App config.json location
+ --box-box-sub-type string (default "user")
+ --box-client-id string OAuth Client Id
+ --box-client-secret string OAuth Client Secret
+ --box-commit-retries int Max number of times to try committing a multipart file (default 100)
+ --box-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,RightSpace,InvalidUtf8,Dot)
+ --box-list-chunk int Size of listing chunk 1-1000 (default 1000)
+ --box-owned-by string Only show items owned by the login (email address) passed in
+ --box-root-folder-id string Fill in for rclone to use a non root folder as its starting point
+ --box-token string OAuth Access Token as a JSON blob
+ --box-token-url string Token server url
+ --box-upload-cutoff SizeSuffix Cutoff for switching to multipart upload (>= 50 MiB) (default 50Mi)
+ --cache-chunk-clean-interval Duration How often should the cache perform cleanups of the chunk storage (default 1m0s)
+ --cache-chunk-no-memory Disable the in-memory cache for storing chunks during streaming
+ --cache-chunk-path string Directory to cache chunk files (default "$HOME/.cache/rclone/cache-backend")
+ --cache-chunk-size SizeSuffix The size of a chunk (partial file data) (default 5Mi)
+ --cache-chunk-total-size SizeSuffix The total size that the chunks can take up on the local disk (default 10Gi)
+ --cache-db-path string Directory to store file structure metadata DB (default "$HOME/.cache/rclone/cache-backend")
+ --cache-db-purge Clear all the cached data for this remote on start
+ --cache-db-wait-time Duration How long to wait for the DB to be available - 0 is unlimited (default 1s)
+ --cache-info-age Duration How long to cache file structure information (directory listings, file size, times, etc.) (default 6h0m0s)
+ --cache-plex-insecure string Skip all certificate verification when connecting to the Plex server
+ --cache-plex-password string The password of the Plex user (obscured)
+ --cache-plex-url string The URL of the Plex server
+ --cache-plex-username string The username of the Plex user
+ --cache-read-retries int How many times to retry a read from a cache storage (default 10)
+ --cache-remote string Remote to cache
+ --cache-rps int Limits the number of requests per second to the source FS (-1 to disable) (default -1)
+ --cache-tmp-upload-path string Directory to keep temporary files until they are uploaded
+ --cache-tmp-wait-time Duration How long should files be stored in local cache before being uploaded (default 15s)
+ --cache-workers int How many workers should run in parallel to download chunks (default 4)
+ --cache-writes Cache file data on writes through the FS
+ --chunker-chunk-size SizeSuffix Files larger than chunk size will be split in chunks (default 2Gi)
+ --chunker-fail-hard Choose how chunker should handle files with missing or invalid chunks
+ --chunker-hash-type string Choose how chunker handles hash sums (default "md5")
+ --chunker-remote string Remote to chunk/unchunk
+ --combine-upstreams SpaceSepList Upstreams for combining
+ --compress-level int GZIP compression level (-2 to 9) (default -1)
+ --compress-mode string Compression mode (default "gzip")
+ --compress-ram-cache-limit SizeSuffix Some remotes don't allow the upload of files with unknown size (default 20Mi)
+ --compress-remote string Remote to compress
+ -L, --copy-links Follow symlinks and copy the pointed to item
+ --crypt-directory-name-encryption Option to either encrypt directory names or leave them intact (default true)
+ --crypt-filename-encoding string How to encode the encrypted filename to text string (default "base32")
+ --crypt-filename-encryption string How to encrypt the filenames (default "standard")
+ --crypt-no-data-encryption Option to either encrypt file data or leave it unencrypted
+ --crypt-password string Password or pass phrase for encryption (obscured)
+ --crypt-password2 string Password or pass phrase for salt (obscured)
+ --crypt-remote string Remote to encrypt/decrypt
+ --crypt-server-side-across-configs Allow server-side operations (e.g. copy) to work across different crypt configs
+ --crypt-show-mapping For all files listed show how the names encrypt
+ --drive-acknowledge-abuse Set to allow files which return cannotDownloadAbusiveFile to be downloaded
+ --drive-allow-import-name-change Allow the filetype to change when uploading Google docs
+ --drive-auth-owner-only Only consider files owned by the authenticated user
+ --drive-auth-url string Auth server URL
+ --drive-chunk-size SizeSuffix Upload chunk size (default 8Mi)
+ --drive-client-id string Google Application Client Id
+ --drive-client-secret string OAuth Client Secret
+ --drive-copy-shortcut-content Server side copy contents of shortcuts instead of the shortcut
+ --drive-disable-http2 Disable drive using http2 (default true)
+ --drive-encoding MultiEncoder The encoding for the backend (default InvalidUtf8)
+ --drive-export-formats string Comma separated list of preferred formats for downloading Google docs (default "docx,xlsx,pptx,svg")
+ --drive-formats string Deprecated: See export_formats
+ --drive-impersonate string Impersonate this user when using a service account
+ --drive-import-formats string Comma separated list of preferred formats for uploading Google docs
+ --drive-keep-revision-forever Keep new head revision of each file forever
+ --drive-list-chunk int Size of listing chunk 100-1000, 0 to disable (default 1000)
+ --drive-pacer-burst int Number of API calls to allow without sleeping (default 100)
+ --drive-pacer-min-sleep Duration Minimum time to sleep between API calls (default 100ms)
+ --drive-resource-key string Resource key for accessing a link-shared file
+ --drive-root-folder-id string ID of the root folder
+ --drive-scope string Scope that rclone should use when requesting access from drive
+ --drive-server-side-across-configs Allow server-side operations (e.g. copy) to work across different drive configs
+ --drive-service-account-credentials string Service Account Credentials JSON blob
+ --drive-service-account-file string Service Account Credentials JSON file path
+ --drive-shared-with-me Only show files that are shared with me
+ --drive-size-as-quota Show sizes as storage quota usage, not actual size
+ --drive-skip-checksum-gphotos Skip MD5 checksum on Google photos and videos only
+ --drive-skip-dangling-shortcuts If set skip dangling shortcut files
+ --drive-skip-gdocs Skip google documents in all listings
+ --drive-skip-shortcuts If set skip shortcut files
+ --drive-starred-only Only show files that are starred
+ --drive-stop-on-download-limit Make download limit errors be fatal
+ --drive-stop-on-upload-limit Make upload limit errors be fatal
+ --drive-team-drive string ID of the Shared Drive (Team Drive)
+ --drive-token string OAuth Access Token as a JSON blob
+ --drive-token-url string Token server url
+ --drive-trashed-only Only show files that are in the trash
+ --drive-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 8Mi)
+ --drive-use-created-date Use file created date instead of modified date
+ --drive-use-shared-date Use date file was shared instead of modified date
+ --drive-use-trash Send files to the trash instead of deleting permanently (default true)
+ --drive-v2-download-min-size SizeSuffix If Object's are greater, use drive v2 API to download (default off)
+ --dropbox-auth-url string Auth server URL
+ --dropbox-batch-commit-timeout Duration Max time to wait for a batch to finish committing (default 10m0s)
+ --dropbox-batch-mode string Upload file batching sync|async|off (default "sync")
+ --dropbox-batch-size int Max number of files in upload batch
+ --dropbox-batch-timeout Duration Max time to allow an idle upload batch before uploading (default 0s)
+ --dropbox-chunk-size SizeSuffix Upload chunk size (< 150Mi) (default 48Mi)
+ --dropbox-client-id string OAuth Client Id
+ --dropbox-client-secret string OAuth Client Secret
+ --dropbox-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,RightSpace,InvalidUtf8,Dot)
+ --dropbox-impersonate string Impersonate this user when using a business account
+ --dropbox-shared-files Instructs rclone to work on individual shared files
+ --dropbox-shared-folders Instructs rclone to work on shared folders
+ --dropbox-token string OAuth Access Token as a JSON blob
+ --dropbox-token-url string Token server url
+ --fichier-api-key string Your API Key, get it from https://1fichier.com/console/params.pl
+ --fichier-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,SingleQuote,BackQuote,Dollar,BackSlash,Del,Ctl,LeftSpace,RightSpace,InvalidUtf8,Dot)
+ --fichier-file-password string If you want to download a shared file that is password protected, add this parameter (obscured)
+ --fichier-folder-password string If you want to list the files in a shared folder that is password protected, add this parameter (obscured)
+ --fichier-shared-folder string If you want to download a shared folder, add this parameter
+ --filefabric-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,InvalidUtf8,Dot)
+ --filefabric-permanent-token string Permanent Authentication Token
+ --filefabric-root-folder-id string ID of the root folder
+ --filefabric-token string Session Token
+ --filefabric-token-expiry string Token expiry time
+ --filefabric-url string URL of the Enterprise File Fabric to connect to
+ --filefabric-version string Version read from the file fabric
+ --ftp-ask-password Allow asking for FTP password when needed
+ --ftp-close-timeout Duration Maximum time to wait for a response to close (default 1m0s)
+ --ftp-concurrency int Maximum number of FTP simultaneous connections, 0 for unlimited
+ --ftp-disable-epsv Disable using EPSV even if server advertises support
+ --ftp-disable-mlsd Disable using MLSD even if server advertises support
+ --ftp-disable-tls13 Disable TLS 1.3 (workaround for FTP servers with buggy TLS)
+ --ftp-disable-utf8 Disable using UTF-8 even if server advertises support
+ --ftp-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,RightSpace,Dot)
+ --ftp-explicit-tls Use Explicit FTPS (FTP over TLS)
+ --ftp-force-list-hidden Use LIST -a to force listing of hidden files and folders. This will disable the use of MLSD
+ --ftp-host string FTP host to connect to
+ --ftp-idle-timeout Duration Max time before closing idle connections (default 1m0s)
+ --ftp-no-check-certificate Do not verify the TLS certificate of the server
+ --ftp-pass string FTP password (obscured)
+ --ftp-port int FTP port number (default 21)
+ --ftp-shut-timeout Duration Maximum time to wait for data connection closing status (default 1m0s)
+ --ftp-tls Use Implicit FTPS (FTP over TLS)
+ --ftp-tls-cache-size int Size of TLS session cache for all control and data connections (default 32)
+ --ftp-user string FTP username (default "$USER")
+ --ftp-writing-mdtm Use MDTM to set modification time (VsFtpd quirk)
+ --gcs-anonymous Access public buckets and objects without credentials
+ --gcs-auth-url string Auth server URL
+ --gcs-bucket-acl string Access Control List for new buckets
+ --gcs-bucket-policy-only Access checks should use bucket-level IAM policies
+ --gcs-client-id string OAuth Client Id
+ --gcs-client-secret string OAuth Client Secret
+ --gcs-decompress If set this will decompress gzip encoded objects
+ --gcs-encoding MultiEncoder The encoding for the backend (default Slash,CrLf,InvalidUtf8,Dot)
+ --gcs-endpoint string Endpoint for the service
+ --gcs-location string Location for the newly created buckets
+ --gcs-no-check-bucket If set, don't attempt to check the bucket exists or create it
+ --gcs-object-acl string Access Control List for new objects
+ --gcs-project-number string Project number
+ --gcs-service-account-file string Service Account Credentials JSON file path
+ --gcs-storage-class string The storage class to use when storing objects in Google Cloud Storage
+ --gcs-token string OAuth Access Token as a JSON blob
+ --gcs-token-url string Token server url
+ --gphotos-auth-url string Auth server URL
+ --gphotos-client-id string OAuth Client Id
+ --gphotos-client-secret string OAuth Client Secret
+ --gphotos-encoding MultiEncoder The encoding for the backend (default Slash,CrLf,InvalidUtf8,Dot)
+ --gphotos-include-archived Also view and download archived media
+ --gphotos-read-only Set to make the Google Photos backend read only
+ --gphotos-read-size Set to read the size of media items
+ --gphotos-start-year int Year limits the photos to be downloaded to those which are uploaded after the given year (default 2000)
+ --gphotos-token string OAuth Access Token as a JSON blob
+ --gphotos-token-url string Token server url
+ --hasher-auto-size SizeSuffix Auto-update checksum for files smaller than this size (disabled by default)
+ --hasher-hashes CommaSepList Comma separated list of supported checksum types (default md5,sha1)
+ --hasher-max-age Duration Maximum time to keep checksums in cache (0 = no cache, off = cache forever) (default off)
+ --hasher-remote string Remote to cache checksums for (e.g. myRemote:path)
+ --hdfs-data-transfer-protection string Kerberos data transfer protection: authentication|integrity|privacy
+ --hdfs-encoding MultiEncoder The encoding for the backend (default Slash,Colon,Del,Ctl,InvalidUtf8,Dot)
+ --hdfs-namenode string Hadoop name node and port
+ --hdfs-service-principal-name string Kerberos service principal name for the namenode
+ --hdfs-username string Hadoop user name
+ --hidrive-auth-url string Auth server URL
+ --hidrive-chunk-size SizeSuffix Chunksize for chunked uploads (default 48Mi)
+ --hidrive-client-id string OAuth Client Id
+ --hidrive-client-secret string OAuth Client Secret
+ --hidrive-disable-fetching-member-count Do not fetch number of objects in directories unless it is absolutely necessary
+ --hidrive-encoding MultiEncoder The encoding for the backend (default Slash,Dot)
+ --hidrive-endpoint string Endpoint for the service (default "https://api.hidrive.strato.com/2.1")
+ --hidrive-root-prefix string The root/parent folder for all paths (default "/")
+ --hidrive-scope-access string Access permissions that rclone should use when requesting access from HiDrive (default "rw")
+ --hidrive-scope-role string User-level that rclone should use when requesting access from HiDrive (default "user")
+ --hidrive-token string OAuth Access Token as a JSON blob
+ --hidrive-token-url string Token server url
+ --hidrive-upload-concurrency int Concurrency for chunked uploads (default 4)
+ --hidrive-upload-cutoff SizeSuffix Cutoff/Threshold for chunked uploads (default 96Mi)
+ --http-headers CommaSepList Set HTTP headers for all transactions
+ --http-no-head Don't use HEAD requests
+ --http-no-slash Set this if the site doesn't end directories with /
+ --http-url string URL of HTTP host to connect to
+ --internetarchive-access-key-id string IAS3 Access Key
+ --internetarchive-disable-checksum Don't ask the server to test against MD5 checksum calculated by rclone (default true)
+ --internetarchive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,CrLf,Del,Ctl,InvalidUtf8,Dot)
+ --internetarchive-endpoint string IAS3 Endpoint (default "https://s3.us.archive.org")
+ --internetarchive-front-endpoint string Host of InternetArchive Frontend (default "https://archive.org")
+ --internetarchive-secret-access-key string IAS3 Secret Key (password)
+ --internetarchive-wait-archive Duration Timeout for waiting the server's processing tasks (specifically archive and book_op) to finish (default 0s)
+ --jottacloud-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,Del,Ctl,InvalidUtf8,Dot)
+ --jottacloud-hard-delete Delete files permanently rather than putting them into the trash
+ --jottacloud-md5-memory-limit SizeSuffix Files bigger than this will be cached on disk to calculate the MD5 if required (default 10Mi)
+ --jottacloud-no-versions Avoid server side versioning by deleting files and recreating files instead of overwriting them
+ --jottacloud-trashed-only Only show files that are in the trash
+ --jottacloud-upload-resume-limit SizeSuffix Files bigger than this can be resumed if the upload fail's (default 10Mi)
+ --koofr-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --koofr-endpoint string The Koofr API endpoint to use
+ --koofr-mountid string Mount ID of the mount to use
+ --koofr-password string Your password for rclone (generate one at https://app.koofr.net/app/admin/preferences/password) (obscured)
+ --koofr-provider string Choose your storage provider
+ --koofr-setmtime Does the backend support setting modification time (default true)
+ --koofr-user string Your user name
+ -l, --links Translate symlinks to/from regular files with a '.rclonelink' extension
+ --local-case-insensitive Force the filesystem to report itself as case insensitive
+ --local-case-sensitive Force the filesystem to report itself as case sensitive
+ --local-encoding MultiEncoder The encoding for the backend (default Slash,Dot)
+ --local-no-check-updated Don't check to see if the files change during upload
+ --local-no-preallocate Disable preallocation of disk space for transferred files
+ --local-no-set-modtime Disable setting modtime
+ --local-no-sparse Disable sparse files for multi-thread downloads
+ --local-nounc Disable UNC (long path names) conversion on Windows
+ --local-unicode-normalization Apply unicode NFC normalization to paths and filenames
+ --local-zero-size-links Assume the Stat size of links is zero (and read them instead) (deprecated)
+ --mailru-check-hash What should copy do if file checksum is mismatched or invalid (default true)
+ --mailru-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --mailru-pass string Password (obscured)
+ --mailru-speedup-enable Skip full upload if there is another file with same data hash (default true)
+ --mailru-speedup-file-patterns string Comma separated list of file name patterns eligible for speedup (put by hash) (default "*.mkv,*.avi,*.mp4,*.mp3,*.zip,*.gz,*.rar,*.pdf")
+ --mailru-speedup-max-disk SizeSuffix This option allows you to disable speedup (put by hash) for large files (default 3Gi)
+ --mailru-speedup-max-memory SizeSuffix Files larger than the size given below will always be hashed on disk (default 32Mi)
+ --mailru-user string User name (usually email)
+ --mega-debug Output more debug from Mega
+ --mega-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
+ --mega-hard-delete Delete files permanently rather than putting them into the trash
+ --mega-pass string Password (obscured)
+ --mega-user string User name
+ --netstorage-account string Set the NetStorage account name
+ --netstorage-host string Domain+path of NetStorage host to connect to
+ --netstorage-protocol string Select between HTTP or HTTPS protocol (default "https")
+ --netstorage-secret string Set the NetStorage account secret/G2O key for authentication (obscured)
+ -x, --one-file-system Don't cross filesystem boundaries (unix/macOS only)
+ --onedrive-access-scopes SpaceSepList Set scopes to be requested by rclone (default Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All Sites.Read.All offline_access)
+ --onedrive-auth-url string Auth server URL
+ --onedrive-chunk-size SizeSuffix Chunk size to upload files with - must be multiple of 320k (327,680 bytes) (default 10Mi)
+ --onedrive-client-id string OAuth Client Id
+ --onedrive-client-secret string OAuth Client Secret
+ --onedrive-drive-id string The ID of the drive to use
+ --onedrive-drive-type string The type of the drive (personal | business | documentLibrary)
+ --onedrive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,LeftSpace,LeftTilde,RightSpace,RightPeriod,InvalidUtf8,Dot)
+ --onedrive-expose-onenote-files Set to make OneNote files show up in directory listings
+ --onedrive-link-password string Set the password for links created by the link command
+ --onedrive-link-scope string Set the scope of the links created by the link command (default "anonymous")
+ --onedrive-link-type string Set the type of the links created by the link command (default "view")
+ --onedrive-list-chunk int Size of listing chunk (default 1000)
+ --onedrive-no-versions Remove all versions on modifying operations
+ --onedrive-region string Choose national cloud region for OneDrive (default "global")
+ --onedrive-root-folder-id string ID of the root folder
+ --onedrive-server-side-across-configs Allow server-side operations (e.g. copy) to work across different onedrive configs
+ --onedrive-token string OAuth Access Token as a JSON blob
+ --onedrive-token-url string Token server url
+ --oos-chunk-size SizeSuffix Chunk size to use for uploading (default 5Mi)
+ --oos-compartment string Object storage compartment OCID
+ --oos-config-file string Path to OCI config file (default "~/.oci/config")
+ --oos-config-profile string Profile name inside the oci config file (default "Default")
+ --oos-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4.656Gi)
+ --oos-copy-timeout Duration Timeout for copy (default 1m0s)
+ --oos-disable-checksum Don't store MD5 checksum with object metadata
+ --oos-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
+ --oos-endpoint string Endpoint for Object storage API
+ --oos-leave-parts-on-error If true avoid calling abort upload on a failure, leaving all successfully uploaded parts on S3 for manual recovery
+ --oos-namespace string Object storage namespace
+ --oos-no-check-bucket If set, don't attempt to check the bucket exists or create it
+ --oos-provider string Choose your Auth Provider (default "env_auth")
+ --oos-region string Object storage Region
+ --oos-upload-concurrency int Concurrency for multipart uploads (default 10)
+ --oos-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
+ --opendrive-chunk-size SizeSuffix Files will be uploaded in chunks this size (default 10Mi)
+ --opendrive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,LeftSpace,LeftCrLfHtVt,RightSpace,RightCrLfHtVt,InvalidUtf8,Dot)
+ --opendrive-password string Password (obscured)
+ --opendrive-username string Username
+ --pcloud-auth-url string Auth server URL
+ --pcloud-client-id string OAuth Client Id
+ --pcloud-client-secret string OAuth Client Secret
+ --pcloud-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --pcloud-hostname string Hostname to connect to (default "api.pcloud.com")
+ --pcloud-password string Your pcloud password (obscured)
+ --pcloud-root-folder-id string Fill in for rclone to use a non root folder as its starting point (default "d0")
+ --pcloud-token string OAuth Access Token as a JSON blob
+ --pcloud-token-url string Token server url
+ --pcloud-username string Your pcloud username
+ --premiumizeme-encoding MultiEncoder The encoding for the backend (default Slash,DoubleQuote,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --putio-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --qingstor-access-key-id string QingStor Access Key ID
+ --qingstor-chunk-size SizeSuffix Chunk size to use for uploading (default 4Mi)
+ --qingstor-connection-retries int Number of connection retries (default 3)
+ --qingstor-encoding MultiEncoder The encoding for the backend (default Slash,Ctl,InvalidUtf8)
+ --qingstor-endpoint string Enter an endpoint URL to connection QingStor API
+ --qingstor-env-auth Get QingStor credentials from runtime
+ --qingstor-secret-access-key string QingStor Secret Access Key (password)
+ --qingstor-upload-concurrency int Concurrency for multipart uploads (default 1)
+ --qingstor-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
+ --qingstor-zone string Zone to connect to
+ --s3-access-key-id string AWS Access Key ID
+ --s3-acl string Canned ACL used when creating buckets and storing or copying objects
+ --s3-bucket-acl string Canned ACL used when creating buckets
+ --s3-chunk-size SizeSuffix Chunk size to use for uploading (default 5Mi)
+ --s3-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4.656Gi)
+ --s3-decompress If set this will decompress gzip encoded objects
+ --s3-disable-checksum Don't store MD5 checksum with object metadata
+ --s3-disable-http2 Disable usage of http2 for S3 backends
+ --s3-download-url string Custom endpoint for downloads
+ --s3-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
+ --s3-endpoint string Endpoint for S3 API
+ --s3-env-auth Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars)
+ --s3-force-path-style If true use path style access if false use virtual hosted style (default true)
+ --s3-leave-parts-on-error If true avoid calling abort upload on a failure, leaving all successfully uploaded parts on S3 for manual recovery
+ --s3-list-chunk int Size of listing chunk (response list for each ListObject S3 request) (default 1000)
+ --s3-list-url-encode Tristate Whether to url encode listings: true/false/unset (default unset)
+ --s3-list-version int Version of ListObjects to use: 1,2 or 0 for auto
+ --s3-location-constraint string Location constraint - must be set to match the Region
+ --s3-max-upload-parts int Maximum number of parts in a multipart upload (default 10000)
+ --s3-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
+ --s3-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
+ --s3-might-gzip Tristate Set this if the backend might gzip objects (default unset)
+ --s3-no-check-bucket If set, don't attempt to check the bucket exists or create it
+ --s3-no-head If set, don't HEAD uploaded objects to check integrity
+ --s3-no-head-object If set, do not do HEAD before GET when getting objects
+ --s3-no-system-metadata Suppress setting and reading of system metadata
+ --s3-profile string Profile to use in the shared credentials file
+ --s3-provider string Choose your S3 provider
+ --s3-region string Region to connect to
+ --s3-requester-pays Enables requester pays option when interacting with S3 bucket
+ --s3-secret-access-key string AWS Secret Access Key (password)
+ --s3-server-side-encryption string The server-side encryption algorithm used when storing this object in S3
+ --s3-session-token string An AWS session token
+ --s3-shared-credentials-file string Path to the shared credentials file
+ --s3-sse-customer-algorithm string If using SSE-C, the server-side encryption algorithm used when storing this object in S3
+ --s3-sse-customer-key string To use SSE-C you may provide the secret encryption key used to encrypt/decrypt your data
+ --s3-sse-customer-key-base64 string If using SSE-C you must provide the secret encryption key encoded in base64 format to encrypt/decrypt your data
+ --s3-sse-customer-key-md5 string If using SSE-C you may provide the secret encryption key MD5 checksum (optional)
+ --s3-sse-kms-key-id string If using KMS ID you must provide the ARN of Key
+ --s3-storage-class string The storage class to use when storing new objects in S3
+ --s3-upload-concurrency int Concurrency for multipart uploads (default 4)
+ --s3-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
+ --s3-use-accelerate-endpoint If true use the AWS S3 accelerated endpoint
+ --s3-use-multipart-etag Tristate Whether to use ETag in multipart uploads for verification (default unset)
+ --s3-use-presigned-request Whether to use a presigned request or PutObject for single part uploads
+ --s3-v2-auth If true use v2 authentication
+ --s3-version-at Time Show file versions as they were at the specified time (default off)
+ --s3-versions Include old versions in directory listings
+ --seafile-2fa Two-factor authentication ('true' if the account has 2FA enabled)
+ --seafile-create-library Should rclone create a library if it doesn't exist
+ --seafile-encoding MultiEncoder The encoding for the backend (default Slash,DoubleQuote,BackSlash,Ctl,InvalidUtf8)
+ --seafile-library string Name of the library
+ --seafile-library-key string Library password (for encrypted libraries only) (obscured)
+ --seafile-pass string Password (obscured)
+ --seafile-url string URL of seafile host to connect to
+ --seafile-user string User name (usually email address)
+ --sftp-ask-password Allow asking for SFTP password when needed
+ --sftp-chunk-size SizeSuffix Upload and download chunk size (default 32Ki)
+ --sftp-ciphers SpaceSepList Space separated list of ciphers to be used for session encryption, ordered by preference
+ --sftp-concurrency int The maximum number of outstanding requests for one file (default 64)
+ --sftp-disable-concurrent-reads If set don't use concurrent reads
+ --sftp-disable-concurrent-writes If set don't use concurrent writes
+ --sftp-disable-hashcheck Disable the execution of SSH commands to determine if remote file hashing is available
+ --sftp-host string SSH host to connect to
+ --sftp-idle-timeout Duration Max time before closing idle connections (default 1m0s)
+ --sftp-key-exchange SpaceSepList Space separated list of key exchange algorithms, ordered by preference
+ --sftp-key-file string Path to PEM-encoded private key file
+ --sftp-key-file-pass string The passphrase to decrypt the PEM-encoded private key file (obscured)
+ --sftp-key-pem string Raw PEM-encoded private key
+ --sftp-key-use-agent When set forces the usage of the ssh-agent
+ --sftp-known-hosts-file string Optional path to known_hosts file
+ --sftp-macs SpaceSepList Space separated list of MACs (message authentication code) algorithms, ordered by preference
+ --sftp-md5sum-command string The command used to read md5 hashes
+ --sftp-pass string SSH password, leave blank to use ssh-agent (obscured)
+ --sftp-path-override string Override path used by SSH shell commands
+ --sftp-port int SSH port number (default 22)
+ --sftp-pubkey-file string Optional path to public key file
+ --sftp-server-command string Specifies the path or command to run a sftp server on the remote host
+ --sftp-set-env SpaceSepList Environment variables to pass to sftp and commands
+ --sftp-set-modtime Set the modified time on the remote if set (default true)
+ --sftp-sha1sum-command string The command used to read sha1 hashes
+ --sftp-shell-type string The type of SSH shell on remote server, if any
+ --sftp-skip-links Set to skip any symlinks and any other non regular files
+ --sftp-subsystem string Specifies the SSH2 subsystem on the remote host (default "sftp")
+ --sftp-use-fstat If set use fstat instead of stat
+ --sftp-use-insecure-cipher Enable the use of insecure ciphers and key exchange methods
+ --sftp-user string SSH username (default "$USER")
+ --sharefile-chunk-size SizeSuffix Upload chunk size (default 64Mi)
+ --sharefile-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,LeftSpace,LeftPeriod,RightSpace,RightPeriod,InvalidUtf8,Dot)
+ --sharefile-endpoint string Endpoint for API calls
+ --sharefile-root-folder-id string ID of the root folder
+ --sharefile-upload-cutoff SizeSuffix Cutoff for switching to multipart upload (default 128Mi)
+ --sia-api-password string Sia Daemon API Password (obscured)
+ --sia-api-url string Sia daemon API URL, like http://sia.daemon.host:9980 (default "http://127.0.0.1:9980")
+ --sia-encoding MultiEncoder The encoding for the backend (default Slash,Question,Hash,Percent,Del,Ctl,InvalidUtf8,Dot)
+ --sia-user-agent string Siad User Agent (default "Sia-Agent")
+ --skip-links Don't warn about skipped symlinks
+ --smb-case-insensitive Whether the server is configured to be case-insensitive (default true)
+ --smb-domain string Domain name for NTLM authentication (default "WORKGROUP")
+ --smb-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,RightSpace,RightPeriod,InvalidUtf8,Dot)
+ --smb-hide-special-share Hide special shares (e.g. print$) which users aren't supposed to access (default true)
+ --smb-host string SMB server hostname to connect to
+ --smb-idle-timeout Duration Max time before closing idle connections (default 1m0s)
+ --smb-pass string SMB password (obscured)
+ --smb-port int SMB port number (default 445)
+ --smb-user string SMB username (default "$USER")
+ --storj-access-grant string Access grant
+ --storj-api-key string API key
+ --storj-passphrase string Encryption passphrase
+ --storj-provider string Choose an authentication method (default "existing")
+ --storj-satellite-address string Satellite address (default "us-central-1.storj.io")
+ --sugarsync-access-key-id string Sugarsync Access Key ID
+ --sugarsync-app-id string Sugarsync App ID
+ --sugarsync-authorization string Sugarsync authorization
+ --sugarsync-authorization-expiry string Sugarsync authorization expiry
+ --sugarsync-deleted-id string Sugarsync deleted folder id
+ --sugarsync-encoding MultiEncoder The encoding for the backend (default Slash,Ctl,InvalidUtf8,Dot)
+ --sugarsync-hard-delete Permanently delete files if true
+ --sugarsync-private-access-key string Sugarsync Private Access Key
+ --sugarsync-refresh-token string Sugarsync refresh token
+ --sugarsync-root-id string Sugarsync root id
+ --sugarsync-user string Sugarsync user
+ --swift-application-credential-id string Application Credential ID (OS_APPLICATION_CREDENTIAL_ID)
+ --swift-application-credential-name string Application Credential Name (OS_APPLICATION_CREDENTIAL_NAME)
+ --swift-application-credential-secret string Application Credential Secret (OS_APPLICATION_CREDENTIAL_SECRET)
+ --swift-auth string Authentication URL for server (OS_AUTH_URL)
+ --swift-auth-token string Auth Token from alternate authentication - optional (OS_AUTH_TOKEN)
+ --swift-auth-version int AuthVersion - optional - set to (1,2,3) if your auth URL has no version (ST_AUTH_VERSION)
+ --swift-chunk-size SizeSuffix Above this size files will be chunked into a _segments container (default 5Gi)
+ --swift-domain string User domain - optional (v3 auth) (OS_USER_DOMAIN_NAME)
+ --swift-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8)
+ --swift-endpoint-type string Endpoint type to choose from the service catalogue (OS_ENDPOINT_TYPE) (default "public")
+ --swift-env-auth Get swift credentials from environment variables in standard OpenStack form
+ --swift-key string API key or password (OS_PASSWORD)
+ --swift-leave-parts-on-error If true avoid calling abort upload on a failure
+ --swift-no-chunk Don't chunk files during streaming upload
+ --swift-no-large-objects Disable support for static and dynamic large objects
+ --swift-region string Region name - optional (OS_REGION_NAME)
+ --swift-storage-policy string The storage policy to use when creating a new container
+ --swift-storage-url string Storage URL - optional (OS_STORAGE_URL)
+ --swift-tenant string Tenant name - optional for v1 auth, this or tenant_id required otherwise (OS_TENANT_NAME or OS_PROJECT_NAME)
+ --swift-tenant-domain string Tenant domain - optional (v3 auth) (OS_PROJECT_DOMAIN_NAME)
+ --swift-tenant-id string Tenant ID - optional for v1 auth, this or tenant required otherwise (OS_TENANT_ID)
+ --swift-user string User name to log in (OS_USERNAME)
+ --swift-user-id string User ID to log in - optional - most swift systems use user and leave this blank (v3 auth) (OS_USER_ID)
+ --union-action-policy string Policy to choose upstream on ACTION category (default "epall")
+ --union-cache-time int Cache time of usage and free space (in seconds) (default 120)
+ --union-create-policy string Policy to choose upstream on CREATE category (default "epmfs")
+ --union-min-free-space SizeSuffix Minimum viable free space for lfs/eplfs policies (default 1Gi)
+ --union-search-policy string Policy to choose upstream on SEARCH category (default "ff")
+ --union-upstreams string List of space separated upstreams
+ --uptobox-access-token string Your access token
+ --uptobox-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,BackQuote,Del,Ctl,LeftSpace,InvalidUtf8,Dot)
+ --webdav-bearer-token string Bearer token instead of user/pass (e.g. a Macaroon)
+ --webdav-bearer-token-command string Command to run to get a bearer token
+ --webdav-encoding string The encoding for the backend
+ --webdav-headers CommaSepList Set HTTP headers for all transactions
+ --webdav-pass string Password (obscured)
+ --webdav-url string URL of http host to connect to
+ --webdav-user string User name
+ --webdav-vendor string Name of the WebDAV site/service/software you are using
+ --yandex-auth-url string Auth server URL
+ --yandex-client-id string OAuth Client Id
+ --yandex-client-secret string OAuth Client Secret
+ --yandex-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,InvalidUtf8,Dot)
+ --yandex-hard-delete Delete files permanently rather than putting them into the trash
+ --yandex-token string OAuth Access Token as a JSON blob
+ --yandex-token-url string Token server url
+ --zoho-auth-url string Auth server URL
+ --zoho-client-id string OAuth Client Id
+ --zoho-client-secret string OAuth Client Secret
+ --zoho-encoding MultiEncoder The encoding for the backend (default Del,Ctl,InvalidUtf8)
+ --zoho-region string Zoho region to connect to
+ --zoho-token string OAuth Access Token as a JSON blob
+ --zoho-token-url string Token server url
```
# Docker Volume Plugin
@@ -14660,7 +15937,7 @@ Optional Flags:
Arbitrary rclone flags may be specified on the
[bisync command line](https://rclone.org/commands/rclone_bisync/), for example
-`rclone bsync ./testdir/path1/ gdrive:testdir/path2/ --drive-skip-gdocs -v -v --timeout 10s`
+`rclone bisync ./testdir/path1/ gdrive:testdir/path2/ --drive-skip-gdocs -v -v --timeout 10s`
Note that interactions of various rclone flags with bisync process flow
has not been fully tested yet.
@@ -14877,7 +16154,7 @@ Most of these events come up due to a error status from an internal call.
On such a critical error the `{...}.path1.lst` and `{...}.path2.lst`
listing files are renamed to extension `.lst-err`, which blocks any future
bisync runs (since the normal `.lst` files are not found).
-Bisync keeps them under `bisync` subdirectory of the rclone cache direcory,
+Bisync keeps them under `bisync` subdirectory of the rclone cache directory,
typically at `${HOME}/.cache/rclone/bisync/` on Linux.
Some errors are considered temporary and re-running the bisync is not blocked.
@@ -14917,6 +16194,7 @@ Bisync is considered _BETA_ and has been tested with the following backends:
- OneDrive
- S3
- SFTP
+- Yandex Disk
It has not been fully tested with other services yet.
If it works, or sorta works, please let us know and we'll update the list.
@@ -14974,7 +16252,7 @@ don't have spelling case differences (`Smile.jpg` vs. `smile.jpg`).
## Windows support {#windows}
Bisync has been tested on Windows 8.1, Windows 10 Pro 64-bit and on Windows
-Github runners.
+GitHub runners.
Drive letters are allowed, including drive letters mapped to network drives
(`rclone bisync J:\localsync GDrive:`).
@@ -15254,7 +16532,7 @@ consider using the flag
Google docs exist as virtual files on Google Drive and cannot be transferred
to other filesystems natively. While it is possible to export a Google doc to
-a normal file (with `.xlsx` extension, for example), it's not possible
+a normal file (with `.xlsx` extension, for example), it is not possible
to import a normal file back into a Google document.
Bisync's handling of Google Doc files is to flag them in the run log output
@@ -15482,7 +16760,7 @@ test command flags can be equally prefixed by a single `-` or double dash.
synched tree even if there are check file mismatches in the test tree.
- Some Dropbox tests can fail, notably printing the following message:
`src and dst identical but can't set mod time without deleting and re-uploading`
- This is expected and happens due a way Dropbox handles modificaion times.
+ This is expected and happens due a way Dropbox handles modification times.
You should use the `-refresh-times` test flag to make up for this.
- If Dropbox tests hit request limit for you and print error message
`too_many_requests/...: Too many requests or write operations.`
@@ -15492,7 +16770,7 @@ test command flags can be equally prefixed by a single `-` or double dash.
### Updating golden results
Sometimes even a slight change in the bisync source can cause little changes
-spread around many log files. Updating them manually would be a nighmare.
+spread around many log files. Updating them manually would be a nightmare.
The `-golden` flag will store the `test.log` and `*.lst` listings from each
test case into respective golden directories. Golden results will
@@ -15755,7 +17033,7 @@ as they can't be used in JSON strings.
### Standard options
-Here are the standard options specific to fichier (1Fichier).
+Here are the Standard options specific to fichier (1Fichier).
#### --fichier-api-key
@@ -15770,7 +17048,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to fichier (1Fichier).
+Here are the Advanced options specific to fichier (1Fichier).
#### --fichier-shared-folder
@@ -15831,8 +17109,7 @@ this capability cannot determine free space for an rclone mount or
use policy `mfs` (most free space) as a member of an rclone union
remote.
-See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features)
-See [rclone about](https://rclone.org/commands/rclone_about/)
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
# Alias
@@ -15854,6 +17131,11 @@ Invoking `rclone mkdir backup:../desktop` is exactly the same as invoking
The empty path is not allowed as a remote. To alias the current directory
use `.` instead.
+The target remote can also be a [connection string](https://rclone.org/docs/#connection-strings).
+This can be used to modify the config of a remote for different uses, e.g.
+the alias `myDriveTrash` with the target remote `myDrive,trashed_only:`
+can be used to only show the trashed files in `myDrive`.
+
## Configuration
Here is an example of how to make an alias called `remote` for local folder.
@@ -15922,7 +17204,7 @@ Copy another local directory to the alias directory called source
### Standard options
-Here are the standard options specific to alias (Alias for an existing remote).
+Here are the Standard options specific to alias (Alias for an existing remote).
#### --alias-remote
@@ -16014,9 +17296,10 @@ Token server url - leave blank to use Amazon's.
token_url> Optional token URL
Remote config
Make sure your Redirect URL is set to "http://127.0.0.1:53682/" in your custom config.
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -16096,7 +17379,7 @@ rclone it will take you to an `amazon.com` page to log in. Your
### Standard options
-Here are the standard options specific to amazon cloud drive (Amazon Drive).
+Here are the Standard options specific to amazon cloud drive (Amazon Drive).
#### --acd-client-id
@@ -16126,7 +17409,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to amazon cloud drive (Amazon Drive).
+Here are the Advanced options specific to amazon cloud drive (Amazon Drive).
#### --acd-token
@@ -16270,8 +17553,7 @@ this capability cannot determine free space for an rclone mount or
use policy `mfs` (most free space) as a member of an rclone union
remote.
-See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features)
-See [rclone about](https://rclone.org/commands/rclone_about/)
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
# Amazon S3 Storage Providers
@@ -16281,10 +17563,18 @@ The S3 backend can be used with a number of different providers:
- AWS S3
- Alibaba Cloud (Aliyun) Object Storage System (OSS)
- Ceph
+- China Mobile Ecloud Elastic Object Storage (EOS)
+- Cloudflare R2
+- Arvan Cloud Object Storage (AOS)
- DigitalOcean Spaces
- Dreamhost
+- Huawei OBS
- IBM COS S3
+- IDrive e2
+- IONOS Cloud
+- Liara Object Storage
- Minio
+- Qiniu Cloud Object Storage (Kodo)
- RackCorp Object Storage
- Scaleway
- Seagate Lyve Cloud
@@ -16339,7 +17629,7 @@ name> remote
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / Amazon S3 Compliant Storage Providers including AWS, Ceph, Dreamhost, IBM COS, Minio, and Tencent COS
+XX / Amazon S3 Compliant Storage Providers including AWS, Ceph, ChinaMobile, ArvanCloud, Dreamhost, IBM COS, Liara, Minio, and Tencent COS
\ "s3"
[snip]
Storage> s3
@@ -16349,7 +17639,7 @@ Choose a number from below, or type in your own value
\ "AWS"
2 / Ceph Object Storage
\ "Ceph"
- 3 / Digital Ocean Spaces
+ 3 / DigitalOcean Spaces
\ "DigitalOcean"
4 / Dreamhost DreamObjects
\ "Dreamhost"
@@ -16597,7 +17887,7 @@ upload.
Rclone's default directory traversal is to process each directory
individually. This takes one API call per directory. Using the
-`--fast-list` flag will read all info about the the objects into
+`--fast-list` flag will read all info about the objects into
memory first using a smaller number of API calls (one per 1000
objects). See the [rclone docs](https://rclone.org/docs/#fast-list) for more details.
@@ -16649,6 +17939,74 @@ This will mean that these objects do not have an MD5 checksum.
Note that reading this from the object takes an additional `HEAD`
request as the metadata isn't returned in object listings.
+### Versions
+
+When bucket versioning is enabled (this can be done with rclone with
+the [`rclone backend versioning`](#versioning) command) when rclone
+uploads a new version of a file it creates a
+[new version of it](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Versioning.html)
+Likewise when you delete a file, the old version will be marked hidden
+and still be available.
+
+Old versions of files, where available, are visible using the
+[`--s3-versions`](#s3-versions) flag.
+
+It is also possible to view a bucket as it was at a certain point in
+time, using the [`--s3-version-at`](#s3-version-at) flag. This will
+show the file versions as they were at that time, showing files that
+have been deleted afterwards, and hiding files that were created
+since.
+
+If you wish to remove all the old versions then you can use the
+[`rclone backend cleanup-hidden remote:bucket`](#cleanup-hidden)
+command which will delete all the old hidden versions of files,
+leaving the current ones intact. You can also supply a path and only
+old versions under that path will be deleted, e.g.
+`rclone backend cleanup-hidden remote:bucket/path/to/stuff`.
+
+When you `purge` a bucket, the current and the old versions will be
+deleted then the bucket will be deleted.
+
+However `delete` will cause the current versions of the files to
+become hidden old versions.
+
+Here is a session showing the listing and retrieval of an old
+version followed by a `cleanup` of the old versions.
+
+Show current version and all the versions with `--s3-versions` flag.
+
+```
+$ rclone -q ls s3:cleanup-test
+ 9 one.txt
+
+$ rclone -q --s3-versions ls s3:cleanup-test
+ 9 one.txt
+ 8 one-v2016-07-04-141032-000.txt
+ 16 one-v2016-07-04-141003-000.txt
+ 15 one-v2016-07-02-155621-000.txt
+```
+
+Retrieve an old version
+
+```
+$ rclone -q --s3-versions copy s3:cleanup-test/one-v2016-07-04-141003-000.txt /tmp
+
+$ ls -l /tmp/one-v2016-07-04-141003-000.txt
+-rw-rw-r-- 1 ncw ncw 16 Jul 2 17:46 /tmp/one-v2016-07-04-141003-000.txt
+```
+
+Clean up all the old versions and show that they've gone.
+
+```
+$ rclone -q backend cleanup-hidden s3:cleanup-test
+
+$ rclone -q ls s3:cleanup-test
+ 9 one.txt
+
+$ rclone -q --s3-versions ls s3:cleanup-test
+ 9 one.txt
+```
+
### Cleanup
If you run `rclone cleanup s3:bucket` then it will remove all pending
@@ -16836,7 +18194,7 @@ A simple solution is to set the `--s3-upload-cutoff 0` and force all the files t
### Standard options
-Here are the standard options specific to s3 (Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, Digital Ocean, Dreamhost, IBM COS, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent COS).
+Here are the Standard options specific to s3 (Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, IONOS Cloud, Liara, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS, Qiniu and Wasabi).
#### --s3-provider
@@ -16855,14 +18213,28 @@ Properties:
- Alibaba Cloud Object Storage System (OSS) formerly Aliyun
- "Ceph"
- Ceph Object Storage
+ - "ChinaMobile"
+ - China Mobile Ecloud Elastic Object Storage (EOS)
+ - "Cloudflare"
+ - Cloudflare R2 Storage
+ - "ArvanCloud"
+ - Arvan Cloud Object Storage (AOS)
- "DigitalOcean"
- - Digital Ocean Spaces
+ - DigitalOcean Spaces
- "Dreamhost"
- Dreamhost DreamObjects
+ - "HuaweiOBS"
+ - Huawei Object Storage Service
- "IBMCOS"
- IBM COS S3
+ - "IDrive"
+ - IDrive e2
+ - "IONOS"
+ - IONOS Cloud
- "LyveCloud"
- Seagate Lyve Cloud
+ - "Liara"
+ - Liara Object Storage
- "Minio"
- Minio Object Storage
- "Netease"
@@ -16881,6 +18253,8 @@ Properties:
- Tencent Cloud Object Storage (COS)
- "Wasabi"
- Wasabi Object Storage
+ - "Qiniu"
+ - Qiniu Object Storage (Kodo)
- "Other"
- Any other S3 compatible provider
@@ -17085,6 +18459,122 @@ Properties:
- Amsterdam, The Netherlands
- "fr-par"
- Paris, France
+ - "pl-waw"
+ - Warsaw, Poland
+
+#### --s3-region
+
+Region to connect to. - the location where your bucket will be created and your data stored. Need bo be same with your endpoint.
+
+
+Properties:
+
+- Config: region
+- Env Var: RCLONE_S3_REGION
+- Provider: HuaweiOBS
+- Type: string
+- Required: false
+- Examples:
+ - "af-south-1"
+ - AF-Johannesburg
+ - "ap-southeast-2"
+ - AP-Bangkok
+ - "ap-southeast-3"
+ - AP-Singapore
+ - "cn-east-3"
+ - CN East-Shanghai1
+ - "cn-east-2"
+ - CN East-Shanghai2
+ - "cn-north-1"
+ - CN North-Beijing1
+ - "cn-north-4"
+ - CN North-Beijing4
+ - "cn-south-1"
+ - CN South-Guangzhou
+ - "ap-southeast-1"
+ - CN-Hong Kong
+ - "sa-argentina-1"
+ - LA-Buenos Aires1
+ - "sa-peru-1"
+ - LA-Lima1
+ - "na-mexico-1"
+ - LA-Mexico City1
+ - "sa-chile-1"
+ - LA-Santiago2
+ - "sa-brazil-1"
+ - LA-Sao Paulo1
+ - "ru-northwest-2"
+ - RU-Moscow2
+
+#### --s3-region
+
+Region to connect to.
+
+Properties:
+
+- Config: region
+- Env Var: RCLONE_S3_REGION
+- Provider: Cloudflare
+- Type: string
+- Required: false
+- Examples:
+ - "auto"
+ - R2 buckets are automatically distributed across Cloudflare's data centers for low latency.
+
+#### --s3-region
+
+Region to connect to.
+
+Properties:
+
+- Config: region
+- Env Var: RCLONE_S3_REGION
+- Provider: Qiniu
+- Type: string
+- Required: false
+- Examples:
+ - "cn-east-1"
+ - The default endpoint - a good choice if you are unsure.
+ - East China Region 1.
+ - Needs location constraint cn-east-1.
+ - "cn-east-2"
+ - East China Region 2.
+ - Needs location constraint cn-east-2.
+ - "cn-north-1"
+ - North China Region 1.
+ - Needs location constraint cn-north-1.
+ - "cn-south-1"
+ - South China Region 1.
+ - Needs location constraint cn-south-1.
+ - "us-north-1"
+ - North America Region.
+ - Needs location constraint us-north-1.
+ - "ap-southeast-1"
+ - Southeast Asia Region 1.
+ - Needs location constraint ap-southeast-1.
+ - "ap-northeast-1"
+ - Northeast Asia Region 1.
+ - Needs location constraint ap-northeast-1.
+
+#### --s3-region
+
+Region where your bucket will be created and your data stored.
+
+
+Properties:
+
+- Config: region
+- Env Var: RCLONE_S3_REGION
+- Provider: IONOS
+- Type: string
+- Required: false
+- Examples:
+ - "de"
+ - Frankfurt, Germany
+ - "eu-central-2"
+ - Berlin, Germany
+ - "eu-south-2"
+ - Logrono, Spain
#### --s3-region
@@ -17096,7 +18586,7 @@ Properties:
- Config: region
- Env Var: RCLONE_S3_REGION
-- Provider: !AWS,Alibaba,RackCorp,Scaleway,Storj,TencentCOS
+- Provider: !AWS,Alibaba,ChinaMobile,Cloudflare,IONOS,ArvanCloud,Liara,Qiniu,RackCorp,Scaleway,Storj,TencentCOS,HuaweiOBS,IDrive
- Type: string
- Required: false
- Examples:
@@ -17123,6 +18613,98 @@ Properties:
#### --s3-endpoint
+Endpoint for China Mobile Ecloud Elastic Object Storage (EOS) API.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_S3_ENDPOINT
+- Provider: ChinaMobile
+- Type: string
+- Required: false
+- Examples:
+ - "eos-wuxi-1.cmecloud.cn"
+ - The default endpoint - a good choice if you are unsure.
+ - East China (Suzhou)
+ - "eos-jinan-1.cmecloud.cn"
+ - East China (Jinan)
+ - "eos-ningbo-1.cmecloud.cn"
+ - East China (Hangzhou)
+ - "eos-shanghai-1.cmecloud.cn"
+ - East China (Shanghai-1)
+ - "eos-zhengzhou-1.cmecloud.cn"
+ - Central China (Zhengzhou)
+ - "eos-hunan-1.cmecloud.cn"
+ - Central China (Changsha-1)
+ - "eos-zhuzhou-1.cmecloud.cn"
+ - Central China (Changsha-2)
+ - "eos-guangzhou-1.cmecloud.cn"
+ - South China (Guangzhou-2)
+ - "eos-dongguan-1.cmecloud.cn"
+ - South China (Guangzhou-3)
+ - "eos-beijing-1.cmecloud.cn"
+ - North China (Beijing-1)
+ - "eos-beijing-2.cmecloud.cn"
+ - North China (Beijing-2)
+ - "eos-beijing-4.cmecloud.cn"
+ - North China (Beijing-3)
+ - "eos-huhehaote-1.cmecloud.cn"
+ - North China (Huhehaote)
+ - "eos-chengdu-1.cmecloud.cn"
+ - Southwest China (Chengdu)
+ - "eos-chongqing-1.cmecloud.cn"
+ - Southwest China (Chongqing)
+ - "eos-guiyang-1.cmecloud.cn"
+ - Southwest China (Guiyang)
+ - "eos-xian-1.cmecloud.cn"
+ - Nouthwest China (Xian)
+ - "eos-yunnan.cmecloud.cn"
+ - Yunnan China (Kunming)
+ - "eos-yunnan-2.cmecloud.cn"
+ - Yunnan China (Kunming-2)
+ - "eos-tianjin-1.cmecloud.cn"
+ - Tianjin China (Tianjin)
+ - "eos-jilin-1.cmecloud.cn"
+ - Jilin China (Changchun)
+ - "eos-hubei-1.cmecloud.cn"
+ - Hubei China (Xiangyan)
+ - "eos-jiangxi-1.cmecloud.cn"
+ - Jiangxi China (Nanchang)
+ - "eos-gansu-1.cmecloud.cn"
+ - Gansu China (Lanzhou)
+ - "eos-shanxi-1.cmecloud.cn"
+ - Shanxi China (Taiyuan)
+ - "eos-liaoning-1.cmecloud.cn"
+ - Liaoning China (Shenyang)
+ - "eos-hebei-1.cmecloud.cn"
+ - Hebei China (Shijiazhuang)
+ - "eos-fujian-1.cmecloud.cn"
+ - Fujian China (Xiamen)
+ - "eos-guangxi-1.cmecloud.cn"
+ - Guangxi China (Nanning)
+ - "eos-anhui-1.cmecloud.cn"
+ - Anhui China (Huainan)
+
+#### --s3-endpoint
+
+Endpoint for Arvan Cloud Object Storage (AOS) API.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_S3_ENDPOINT
+- Provider: ArvanCloud
+- Type: string
+- Required: false
+- Examples:
+ - "s3.ir-thr-at1.arvanstorage.com"
+ - The default endpoint - a good choice if you are unsure.
+ - Tehran Iran (Asiatech)
+ - "s3.ir-tbz-sh1.arvanstorage.com"
+ - Tabriz Iran (Shahriar)
+
+#### --s3-endpoint
+
Endpoint for IBM COS S3 API.
Specify if using an IBM COS On Premise.
@@ -17262,6 +18844,43 @@ Properties:
#### --s3-endpoint
+Endpoint for IONOS S3 Object Storage.
+
+Specify the endpoint from the same region.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_S3_ENDPOINT
+- Provider: IONOS
+- Type: string
+- Required: false
+- Examples:
+ - "s3-eu-central-1.ionoscloud.com"
+ - Frankfurt, Germany
+ - "s3-eu-central-2.ionoscloud.com"
+ - Berlin, Germany
+ - "s3-eu-south-2.ionoscloud.com"
+ - Logrono, Spain
+
+#### --s3-endpoint
+
+Endpoint for Liara Object Storage API.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_S3_ENDPOINT
+- Provider: Liara
+- Type: string
+- Required: false
+- Examples:
+ - "storage.iran.liara.space"
+ - The default endpoint
+ - Iran
+
+#### --s3-endpoint
+
Endpoint for OSS API.
Properties:
@@ -17325,6 +18944,49 @@ Properties:
#### --s3-endpoint
+Endpoint for OBS API.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_S3_ENDPOINT
+- Provider: HuaweiOBS
+- Type: string
+- Required: false
+- Examples:
+ - "obs.af-south-1.myhuaweicloud.com"
+ - AF-Johannesburg
+ - "obs.ap-southeast-2.myhuaweicloud.com"
+ - AP-Bangkok
+ - "obs.ap-southeast-3.myhuaweicloud.com"
+ - AP-Singapore
+ - "obs.cn-east-3.myhuaweicloud.com"
+ - CN East-Shanghai1
+ - "obs.cn-east-2.myhuaweicloud.com"
+ - CN East-Shanghai2
+ - "obs.cn-north-1.myhuaweicloud.com"
+ - CN North-Beijing1
+ - "obs.cn-north-4.myhuaweicloud.com"
+ - CN North-Beijing4
+ - "obs.cn-south-1.myhuaweicloud.com"
+ - CN South-Guangzhou
+ - "obs.ap-southeast-1.myhuaweicloud.com"
+ - CN-Hong Kong
+ - "obs.sa-argentina-1.myhuaweicloud.com"
+ - LA-Buenos Aires1
+ - "obs.sa-peru-1.myhuaweicloud.com"
+ - LA-Lima1
+ - "obs.na-mexico-1.myhuaweicloud.com"
+ - LA-Mexico City1
+ - "obs.sa-chile-1.myhuaweicloud.com"
+ - LA-Santiago2
+ - "obs.sa-brazil-1.myhuaweicloud.com"
+ - LA-Sao Paulo1
+ - "obs.ru-northwest-2.myhuaweicloud.com"
+ - RU-Moscow2
+
+#### --s3-endpoint
+
Endpoint for Scaleway Object Storage.
Properties:
@@ -17339,6 +19001,8 @@ Properties:
- Amsterdam Endpoint
- "s3.fr-par.scw.cloud"
- Paris Endpoint
+ - "s3.pl-waw.scw.cloud"
+ - Warsaw Endpoint
#### --s3-endpoint
@@ -17482,6 +19146,33 @@ Properties:
#### --s3-endpoint
+Endpoint for Qiniu Object Storage.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_S3_ENDPOINT
+- Provider: Qiniu
+- Type: string
+- Required: false
+- Examples:
+ - "s3-cn-east-1.qiniucs.com"
+ - East China Endpoint 1
+ - "s3-cn-east-2.qiniucs.com"
+ - East China Endpoint 2
+ - "s3-cn-north-1.qiniucs.com"
+ - North China Endpoint 1
+ - "s3-cn-south-1.qiniucs.com"
+ - South China Endpoint 1
+ - "s3-us-north-1.qiniucs.com"
+ - North America Endpoint 1
+ - "s3-ap-southeast-1.qiniucs.com"
+ - Southeast Asia Endpoint 1
+ - "s3-ap-northeast-1.qiniucs.com"
+ - Northeast Asia Endpoint 1
+
+#### --s3-endpoint
+
Endpoint for S3 API.
Required when using an S3 clone.
@@ -17490,18 +19181,24 @@ Properties:
- Config: endpoint
- Env Var: RCLONE_S3_ENDPOINT
-- Provider: !AWS,IBMCOS,TencentCOS,Alibaba,Scaleway,StackPath,Storj,RackCorp
+- Provider: !AWS,IBMCOS,IDrive,IONOS,TencentCOS,HuaweiOBS,Alibaba,ChinaMobile,Liara,ArvanCloud,Scaleway,StackPath,Storj,RackCorp,Qiniu
- Type: string
- Required: false
- Examples:
- "objects-us-east-1.dream.io"
- Dream Objects endpoint
+ - "syd1.digitaloceanspaces.com"
+ - DigitalOcean Spaces Sydney 1
+ - "sfo3.digitaloceanspaces.com"
+ - DigitalOcean Spaces San Francisco 3
+ - "fra1.digitaloceanspaces.com"
+ - DigitalOcean Spaces Frankfurt 1
- "nyc3.digitaloceanspaces.com"
- - Digital Ocean Spaces New York 3
+ - DigitalOcean Spaces New York 3
- "ams3.digitaloceanspaces.com"
- - Digital Ocean Spaces Amsterdam 3
+ - DigitalOcean Spaces Amsterdam 3
- "sgp1.digitaloceanspaces.com"
- - Digital Ocean Spaces Singapore 1
+ - DigitalOcean Spaces Singapore 1
- "localhost:8333"
- SeaweedFS S3 localhost
- "s3.us-east-1.lyvecloud.seagate.com"
@@ -17511,15 +19208,35 @@ Properties:
- "s3.ap-southeast-1.lyvecloud.seagate.com"
- Seagate Lyve Cloud AP Southeast 1 (Singapore)
- "s3.wasabisys.com"
- - Wasabi US East endpoint
+ - Wasabi US East 1 (N. Virginia)
+ - "s3.us-east-2.wasabisys.com"
+ - Wasabi US East 2 (N. Virginia)
+ - "s3.us-central-1.wasabisys.com"
+ - Wasabi US Central 1 (Texas)
- "s3.us-west-1.wasabisys.com"
- - Wasabi US West endpoint
+ - Wasabi US West 1 (Oregon)
+ - "s3.ca-central-1.wasabisys.com"
+ - Wasabi CA Central 1 (Toronto)
- "s3.eu-central-1.wasabisys.com"
- - Wasabi EU Central endpoint
+ - Wasabi EU Central 1 (Amsterdam)
+ - "s3.eu-central-2.wasabisys.com"
+ - Wasabi EU Central 2 (Frankfurt)
+ - "s3.eu-west-1.wasabisys.com"
+ - Wasabi EU West 1 (London)
+ - "s3.eu-west-2.wasabisys.com"
+ - Wasabi EU West 2 (Paris)
- "s3.ap-northeast-1.wasabisys.com"
- Wasabi AP Northeast 1 (Tokyo) endpoint
- "s3.ap-northeast-2.wasabisys.com"
- Wasabi AP Northeast 2 (Osaka) endpoint
+ - "s3.ap-southeast-1.wasabisys.com"
+ - Wasabi AP Southeast 1 (Singapore)
+ - "s3.ap-southeast-2.wasabisys.com"
+ - Wasabi AP Southeast 2 (Sydney)
+ - "storage.iran.liara.space"
+ - Liara Iran endpoint
+ - "s3.ir-thr-at1.arvanstorage.com"
+ - ArvanCloud Tehran Iran (Asiatech) endpoint
#### --s3-location-constraint
@@ -17588,6 +19305,100 @@ Properties:
#### --s3-location-constraint
+Location constraint - must match endpoint.
+
+Used when creating buckets only.
+
+Properties:
+
+- Config: location_constraint
+- Env Var: RCLONE_S3_LOCATION_CONSTRAINT
+- Provider: ChinaMobile
+- Type: string
+- Required: false
+- Examples:
+ - "wuxi1"
+ - East China (Suzhou)
+ - "jinan1"
+ - East China (Jinan)
+ - "ningbo1"
+ - East China (Hangzhou)
+ - "shanghai1"
+ - East China (Shanghai-1)
+ - "zhengzhou1"
+ - Central China (Zhengzhou)
+ - "hunan1"
+ - Central China (Changsha-1)
+ - "zhuzhou1"
+ - Central China (Changsha-2)
+ - "guangzhou1"
+ - South China (Guangzhou-2)
+ - "dongguan1"
+ - South China (Guangzhou-3)
+ - "beijing1"
+ - North China (Beijing-1)
+ - "beijing2"
+ - North China (Beijing-2)
+ - "beijing4"
+ - North China (Beijing-3)
+ - "huhehaote1"
+ - North China (Huhehaote)
+ - "chengdu1"
+ - Southwest China (Chengdu)
+ - "chongqing1"
+ - Southwest China (Chongqing)
+ - "guiyang1"
+ - Southwest China (Guiyang)
+ - "xian1"
+ - Nouthwest China (Xian)
+ - "yunnan"
+ - Yunnan China (Kunming)
+ - "yunnan2"
+ - Yunnan China (Kunming-2)
+ - "tianjin1"
+ - Tianjin China (Tianjin)
+ - "jilin1"
+ - Jilin China (Changchun)
+ - "hubei1"
+ - Hubei China (Xiangyan)
+ - "jiangxi1"
+ - Jiangxi China (Nanchang)
+ - "gansu1"
+ - Gansu China (Lanzhou)
+ - "shanxi1"
+ - Shanxi China (Taiyuan)
+ - "liaoning1"
+ - Liaoning China (Shenyang)
+ - "hebei1"
+ - Hebei China (Shijiazhuang)
+ - "fujian1"
+ - Fujian China (Xiamen)
+ - "guangxi1"
+ - Guangxi China (Nanning)
+ - "anhui1"
+ - Anhui China (Huainan)
+
+#### --s3-location-constraint
+
+Location constraint - must match endpoint.
+
+Used when creating buckets only.
+
+Properties:
+
+- Config: location_constraint
+- Env Var: RCLONE_S3_LOCATION_CONSTRAINT
+- Provider: ArvanCloud
+- Type: string
+- Required: false
+- Examples:
+ - "ir-thr-at1"
+ - Tehran Iran (Asiatech)
+ - "ir-tbz-sh1"
+ - Tabriz Iran (Shahriar)
+
+#### --s3-location-constraint
+
Location constraint - must match endpoint when using IBM Cloud Public.
For on-prem COS, do not make a selection from this list, hit enter.
@@ -17721,13 +19532,42 @@ Properties:
Location constraint - must be set to match the Region.
+Used when creating buckets only.
+
+Properties:
+
+- Config: location_constraint
+- Env Var: RCLONE_S3_LOCATION_CONSTRAINT
+- Provider: Qiniu
+- Type: string
+- Required: false
+- Examples:
+ - "cn-east-1"
+ - East China Region 1
+ - "cn-east-2"
+ - East China Region 2
+ - "cn-north-1"
+ - North China Region 1
+ - "cn-south-1"
+ - South China Region 1
+ - "us-north-1"
+ - North America Region 1
+ - "ap-southeast-1"
+ - Southeast Asia Region 1
+ - "ap-northeast-1"
+ - Northeast Asia Region 1
+
+#### --s3-location-constraint
+
+Location constraint - must be set to match the Region.
+
Leave blank if not sure. Used when creating buckets only.
Properties:
- Config: location_constraint
- Env Var: RCLONE_S3_LOCATION_CONSTRAINT
-- Provider: !AWS,IBMCOS,Alibaba,RackCorp,Scaleway,StackPath,Storj,TencentCOS
+- Provider: !AWS,Alibaba,HuaweiOBS,ChinaMobile,Cloudflare,IBMCOS,IDrive,IONOS,Liara,ArvanCloud,Qiniu,RackCorp,Scaleway,StackPath,Storj,TencentCOS
- Type: string
- Required: false
@@ -17742,11 +19582,15 @@ For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview
Note that this ACL is applied when server-side copying objects as S3
doesn't copy the ACL from the source but rather writes a fresh one.
+If the acl is an empty string then no X-Amz-Acl: header is added and
+the default (private) will be used.
+
+
Properties:
- Config: acl
- Env Var: RCLONE_S3_ACL
-- Provider: !Storj
+- Provider: !Storj,Cloudflare
- Type: string
- Required: false
- Examples:
@@ -17799,7 +19643,7 @@ Properties:
- Config: server_side_encryption
- Env Var: RCLONE_S3_SERVER_SIDE_ENCRYPTION
-- Provider: AWS,Ceph,Minio
+- Provider: AWS,Ceph,ChinaMobile,Minio
- Type: string
- Required: false
- Examples:
@@ -17881,6 +19725,57 @@ Properties:
#### --s3-storage-class
+The storage class to use when storing new objects in ChinaMobile.
+
+Properties:
+
+- Config: storage_class
+- Env Var: RCLONE_S3_STORAGE_CLASS
+- Provider: ChinaMobile
+- Type: string
+- Required: false
+- Examples:
+ - ""
+ - Default
+ - "STANDARD"
+ - Standard storage class
+ - "GLACIER"
+ - Archive storage mode
+ - "STANDARD_IA"
+ - Infrequent access storage mode
+
+#### --s3-storage-class
+
+The storage class to use when storing new objects in Liara
+
+Properties:
+
+- Config: storage_class
+- Env Var: RCLONE_S3_STORAGE_CLASS
+- Provider: Liara
+- Type: string
+- Required: false
+- Examples:
+ - "STANDARD"
+ - Standard storage class
+
+#### --s3-storage-class
+
+The storage class to use when storing new objects in ArvanCloud.
+
+Properties:
+
+- Config: storage_class
+- Env Var: RCLONE_S3_STORAGE_CLASS
+- Provider: ArvanCloud
+- Type: string
+- Required: false
+- Examples:
+ - "STANDARD"
+ - Standard storage class
+
+#### --s3-storage-class
+
The storage class to use when storing new objects in Tencent COS.
Properties:
@@ -17921,9 +19816,30 @@ Properties:
- Archived storage.
- Prices are lower, but it needs to be restored first to be accessed.
+#### --s3-storage-class
+
+The storage class to use when storing new objects in Qiniu.
+
+Properties:
+
+- Config: storage_class
+- Env Var: RCLONE_S3_STORAGE_CLASS
+- Provider: Qiniu
+- Type: string
+- Required: false
+- Examples:
+ - "STANDARD"
+ - Standard storage class
+ - "LINE"
+ - Infrequent access storage mode
+ - "GLACIER"
+ - Archive storage mode
+ - "DEEP_ARCHIVE"
+ - Deep archive storage mode
+
### Advanced options
-Here are the advanced options specific to s3 (Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, Digital Ocean, Dreamhost, IBM COS, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent COS).
+Here are the Advanced options specific to s3 (Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, IONOS Cloud, Liara, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS, Qiniu and Wasabi).
#### --s3-bucket-acl
@@ -17934,6 +19850,10 @@ For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview
Note that this ACL is applied when only when creating buckets. If it
isn't set then "acl" is used instead.
+If the "acl" and "bucket_acl" are empty strings then no X-Amz-Acl:
+header is added and the default (private) will be used.
+
+
Properties:
- Config: bucket_acl
@@ -17975,7 +19895,7 @@ Properties:
- Config: sse_customer_algorithm
- Env Var: RCLONE_S3_SSE_CUSTOMER_ALGORITHM
-- Provider: AWS,Ceph,Minio
+- Provider: AWS,Ceph,ChinaMobile,Minio
- Type: string
- Required: false
- Examples:
@@ -17986,13 +19906,32 @@ Properties:
#### --s3-sse-customer-key
-If using SSE-C you must provide the secret encryption key used to encrypt/decrypt your data.
+To use SSE-C you may provide the secret encryption key used to encrypt/decrypt your data.
+
+Alternatively you can provide --sse-customer-key-base64.
Properties:
- Config: sse_customer_key
- Env Var: RCLONE_S3_SSE_CUSTOMER_KEY
-- Provider: AWS,Ceph,Minio
+- Provider: AWS,Ceph,ChinaMobile,Minio
+- Type: string
+- Required: false
+- Examples:
+ - ""
+ - None
+
+#### --s3-sse-customer-key-base64
+
+If using SSE-C you must provide the secret encryption key encoded in base64 format to encrypt/decrypt your data.
+
+Alternatively you can provide --sse-customer-key.
+
+Properties:
+
+- Config: sse_customer_key_base64
+- Env Var: RCLONE_S3_SSE_CUSTOMER_KEY_BASE64
+- Provider: AWS,Ceph,ChinaMobile,Minio
- Type: string
- Required: false
- Examples:
@@ -18010,7 +19949,7 @@ Properties:
- Config: sse_customer_key_md5
- Env Var: RCLONE_S3_SSE_CUSTOMER_KEY_MD5
-- Provider: AWS,Ceph,Minio
+- Provider: AWS,Ceph,ChinaMobile,Minio
- Type: string
- Required: false
- Examples:
@@ -18055,6 +19994,13 @@ most 10,000 chunks, this means that by default the maximum size of
a file you can stream upload is 48 GiB. If you wish to stream upload
larger files then you will need to increase chunk_size.
+Increasing the chunk size decreases the accuracy of the progress
+statistics displayed with "-P" flag. Rclone treats chunk as sent when
+it's buffered by the AWS SDK, when in fact it may still be uploading.
+A bigger chunk size means a bigger AWS SDK buffer and progress
+reporting more deviating from the truth.
+
+
Properties:
- Config: chunk_size
@@ -18460,6 +20406,137 @@ Properties:
- Type: Tristate
- Default: unset
+#### --s3-use-presigned-request
+
+Whether to use a presigned request or PutObject for single part uploads
+
+If this is false rclone will use PutObject from the AWS SDK to upload
+an object.
+
+Versions of rclone < 1.59 use presigned requests to upload a single
+part object and setting this flag to true will re-enable that
+functionality. This shouldn't be necessary except in exceptional
+circumstances or for testing.
+
+
+Properties:
+
+- Config: use_presigned_request
+- Env Var: RCLONE_S3_USE_PRESIGNED_REQUEST
+- Type: bool
+- Default: false
+
+#### --s3-versions
+
+Include old versions in directory listings.
+
+Properties:
+
+- Config: versions
+- Env Var: RCLONE_S3_VERSIONS
+- Type: bool
+- Default: false
+
+#### --s3-version-at
+
+Show file versions as they were at the specified time.
+
+The parameter should be a date, "2006-01-02", datetime "2006-01-02
+15:04:05" or a duration for that long ago, eg "100d" or "1h".
+
+Note that when using this no file write operations are permitted,
+so you can't upload files or delete them.
+
+See [the time option docs](https://rclone.org/docs/#time-option) for valid formats.
+
+
+Properties:
+
+- Config: version_at
+- Env Var: RCLONE_S3_VERSION_AT
+- Type: Time
+- Default: off
+
+#### --s3-decompress
+
+If set this will decompress gzip encoded objects.
+
+It is possible to upload objects to S3 with "Content-Encoding: gzip"
+set. Normally rclone will download these files as compressed objects.
+
+If this flag is set then rclone will decompress these files with
+"Content-Encoding: gzip" as they are received. This means that rclone
+can't check the size and hash but the file contents will be decompressed.
+
+
+Properties:
+
+- Config: decompress
+- Env Var: RCLONE_S3_DECOMPRESS
+- Type: bool
+- Default: false
+
+#### --s3-might-gzip
+
+Set this if the backend might gzip objects.
+
+Normally providers will not alter objects when they are downloaded. If
+an object was not uploaded with `Content-Encoding: gzip` then it won't
+be set on download.
+
+However some providers may gzip objects even if they weren't uploaded
+with `Content-Encoding: gzip` (eg Cloudflare).
+
+A symptom of this would be receiving errors like
+
+ ERROR corrupted on transfer: sizes differ NNN vs MMM
+
+If you set this flag and rclone downloads an object with
+Content-Encoding: gzip set and chunked transfer encoding, then rclone
+will decompress the object on the fly.
+
+If this is set to unset (the default) then rclone will choose
+according to the provider setting what to apply, but you can override
+rclone's choice here.
+
+
+Properties:
+
+- Config: might_gzip
+- Env Var: RCLONE_S3_MIGHT_GZIP
+- Type: Tristate
+- Default: unset
+
+#### --s3-no-system-metadata
+
+Suppress setting and reading of system metadata
+
+Properties:
+
+- Config: no_system_metadata
+- Env Var: RCLONE_S3_NO_SYSTEM_METADATA
+- Type: bool
+- Default: false
+
+### Metadata
+
+User metadata is stored as x-amz-meta- keys. S3 metadata keys are case insensitive and are always returned in lower case.
+
+Here are the possible system metadata items for the s3 backend.
+
+| Name | Help | Type | Example | Read Only |
+|------|------|------|---------|-----------|
+| btime | Time of file birth (creation) read from Last-Modified header | RFC 3339 | 2006-01-02T15:04:05.999999999Z07:00 | **Y** |
+| cache-control | Cache-Control header | string | no-cache | N |
+| content-disposition | Content-Disposition header | string | inline | N |
+| content-encoding | Content-Encoding header | string | gzip | N |
+| content-language | Content-Language header | string | en-US | N |
+| content-type | Content-Type header | string | text/plain | N |
+| mtime | Time of last modification, read from rclone metadata | RFC 3339 | 2006-01-02T15:04:05.999999999Z07:00 | N |
+| tier | Tier of the object | string | GLACIER | **Y** |
+
+See the [metadata](https://rclone.org/docs/#metadata) docs for more info.
+
## Backend commands
Here are the commands specific to the s3 backend.
@@ -18470,7 +20547,7 @@ Run them with
The help below will explain what arguments each command takes.
-See [the "rclone backend" command](https://rclone.org/commands/rclone_backend/) for more
+See the [backend](https://rclone.org/commands/rclone_backend/) command for more
info on how to pass options and arguments.
These can be run on a running backend using the rc command
@@ -18583,9 +20660,42 @@ Options:
- "max-age": Max age of upload to delete
+### cleanup-hidden
+
+Remove old versions of files.
+
+ rclone backend cleanup-hidden remote: [options] [+]
+
+This command removes any old hidden versions of files
+on a versions enabled bucket.
+
+Note that you can use -i/--dry-run with this command to see what it
+would do.
+
+ rclone backend cleanup-hidden s3:bucket/path/to/dir
+
+
+### versioning
+
+Set/get versioning support for a bucket.
+
+ rclone backend versioning remote: [options] [+]
+
+This command sets versioning support if a parameter is
+passed and then returns the current versioning status for the bucket
+supplied.
+
+ rclone backend versioning s3:bucket # read status only
+ rclone backend versioning s3:bucket Enabled
+ rclone backend versioning s3:bucket Suspended
+
+It may return "Enabled", "Suspended" or "Unversioned". Note that once versioning
+has been enabled the status can't be set back to "Unversioned".
+
-### Anonymous access to public buckets ###
+
+### Anonymous access to public buckets
If you want to use rclone to access a public bucket, configure with a
blank `access_key_id` and `secret_access_key`. Your config should end
@@ -18619,12 +20729,19 @@ You will be able to list and copy data but not upload it.
This is the provider used as main example and described in the [configuration](#configuration) section above.
### AWS Snowball Edge
-[AWS Snowball](https://aws.amazon.com/snowball/) is a hardware appliance used for transferring
-bulk data back to AWS. Its main software interface is S3 object storage.
-To use rclone with AWS Snowball Edge devices, configure as standard for an 'S3 Compatible Service'
-be sure to set `upload_cutoff = 0` otherwise you will run into authentication header issues as
-the snowball device does not support query parameter based authentication.
+[AWS Snowball](https://aws.amazon.com/snowball/) is a hardware
+appliance used for transferring bulk data back to AWS. Its main
+software interface is S3 object storage.
+
+To use rclone with AWS Snowball Edge devices, configure as standard
+for an 'S3 Compatible Service'.
+
+If using rclone pre v1.59 be sure to set `upload_cutoff = 0` otherwise
+you will run into authentication header issues as the snowball device
+does not support query parameter based authentication.
+
+With rclone v1.59 or later setting `upload_cutoff` should not be necessary.
eg.
```
@@ -18663,10 +20780,11 @@ server_side_encryption =
storage_class =
```
-If you are using an older version of CEPH, e.g. 10.2.x Jewel, then you
-may need to supply the parameter `--s3-upload-cutoff 0` or put this in
-the config file as `upload_cutoff 0` to work around a bug which causes
-uploading of small files to fail.
+If you are using an older version of CEPH (e.g. 10.2.x Jewel) and a
+version of rclone before v1.59 then you may need to supply the
+parameter `--s3-upload-cutoff 0` or put this in the config file as
+`upload_cutoff 0` to work around a bug which causes uploading of small
+files to fail.
Note also that Ceph sometimes puts `/` in the passwords it gives
users. If you read the secret access key using the command line tools
@@ -18693,6 +20811,106 @@ removed).
Because this is a json dump, it is encoding the `/` as `\/`, so if you
use the secret key as `xxxxxx/xxxx` it will work fine.
+### Cloudflare R2 {#cloudflare-r2}
+
+[Cloudflare R2](https://blog.cloudflare.com/r2-open-beta/) Storage
+allows developers to store large amounts of unstructured data without
+the costly egress bandwidth fees associated with typical cloud storage
+services.
+
+Here is an example of making a Cloudflare R2 configuration. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process.
+
+Note that all buckets are private, and all are stored in the same
+"auto" region. It is necessary to use Cloudflare workers to share the
+content of a bucket publicly.
+
+```
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> r2
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+...
+XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS and Wasabi
+ \ (s3)
+...
+Storage> s3
+Option provider.
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+...
+XX / Cloudflare R2 Storage
+ \ (Cloudflare)
+...
+provider> Cloudflare
+Option env_auth.
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth> 1
+Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> ACCESS_KEY
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> SECRET_ACCESS_KEY
+Option region.
+Region to connect to.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / R2 buckets are automatically distributed across Cloudflare's data centers for low latency.
+ \ (auto)
+region> 1
+Option endpoint.
+Endpoint for S3 API.
+Required when using an S3 clone.
+Enter a value. Press Enter to leave empty.
+endpoint> https://ACCOUNT_ID.r2.cloudflarestorage.com
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> n
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+```
+
+This will leave your config looking something like:
+
+```
+[r2]
+type = s3
+provider = Cloudflare
+access_key_id = ACCESS_KEY
+secret_access_key = SECRET_ACCESS_KEY
+region = auto
+endpoint = https://ACCOUNT_ID.r2.cloudflarestorage.com
+acl = private
+```
+
+Now run `rclone lsf r2:` to see your buckets and `rclone lsf
+r2:bucket` to look within a bucket.
+
### Dreamhost
Dreamhost [DreamObjects](https://www.dreamhost.com/cloud/storage/) is
@@ -18762,6 +20980,133 @@ Once configured, you can create a new Space and begin copying files. For example
rclone mkdir spaces:my-new-space
rclone copy /path/to/files spaces:my-new-space
```
+### Huawei OBS {#huawei-obs}
+
+Object Storage Service (OBS) provides stable, secure, efficient, and easy-to-use cloud storage that lets you store virtually any volume of unstructured data in any format and access it from anywhere.
+
+OBS provides an S3 interface, you can copy and modify the following configuration and add it to your rclone configuration file.
+```
+[obs]
+type = s3
+provider = HuaweiOBS
+access_key_id = your-access-key-id
+secret_access_key = your-secret-access-key
+region = af-south-1
+endpoint = obs.af-south-1.myhuaweicloud.com
+acl = private
+```
+
+Or you can also configure via the interactive command line:
+```
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> obs
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+[snip]
+ 5 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS and Wasabi
+ \ (s3)
+[snip]
+Storage> 5
+Option provider.
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+[snip]
+ 9 / Huawei Object Storage Service
+ \ (HuaweiOBS)
+[snip]
+provider> 9
+Option env_auth.
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth> 1
+Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> your-access-key-id
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> your-secret-access-key
+Option region.
+Region to connect to.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / AF-Johannesburg
+ \ (af-south-1)
+ 2 / AP-Bangkok
+ \ (ap-southeast-2)
+[snip]
+region> 1
+Option endpoint.
+Endpoint for OBS API.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / AF-Johannesburg
+ \ (obs.af-south-1.myhuaweicloud.com)
+ 2 / AP-Bangkok
+ \ (obs.ap-southeast-2.myhuaweicloud.com)
+[snip]
+endpoint> 1
+Option acl.
+Canned ACL used when creating buckets and storing or copying objects.
+This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+[snip]
+acl> 1
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n>
+--------------------
+[obs]
+type = s3
+provider = HuaweiOBS
+access_key_id = your-access-key-id
+secret_access_key = your-secret-access-key
+region = af-south-1
+endpoint = obs.af-south-1.myhuaweicloud.com
+acl = private
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+Current remotes:
+
+Name Type
+==== ====
+obs s3
+
+e) Edit existing remote
+n) New remote
+d) Delete remote
+r) Rename remote
+c) Copy remote
+s) Set configuration password
+q) Quit config
+e/n/d/r/c/s/q> q
+```
### IBM COS (S3)
@@ -18791,12 +21136,12 @@ Choose a number from below, or type in your own value
\ "alias"
2 / Amazon Drive
\ "amazon cloud drive"
- 3 / Amazon S3 Complaint Storage Providers (Dreamhost, Ceph, Minio, IBM COS)
+ 3 / Amazon S3 Complaint Storage Providers (Dreamhost, Ceph, ChinaMobile, Liara, ArvanCloud, Minio, IBM COS)
\ "s3"
4 / Backblaze B2
\ "b2"
[snip]
- 23 / http Connection
+ 23 / HTTP
\ "http"
Storage> 3
```
@@ -18935,6 +21280,279 @@ acl> 1
rclone delete IBM-COS-XREGION:newbucket/file.txt
```
+### IDrive e2 {#idrive-e2}
+
+Here is an example of making an [IDrive e2](https://www.idrive.com/e2/)
+configuration. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process.
+
+```
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+
+Enter name for new remote.
+name> e2
+
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+[snip]
+XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS and Wasabi
+ \ (s3)
+[snip]
+Storage> s3
+
+Option provider.
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+[snip]
+XX / IDrive e2
+ \ (IDrive)
+[snip]
+provider> IDrive
+
+Option env_auth.
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth>
+
+Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> YOUR_ACCESS_KEY
+
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> YOUR_SECRET_KEY
+
+Option acl.
+Canned ACL used when creating buckets and storing or copying objects.
+This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+ 2 | The AllUsers group gets READ access.
+ \ (public-read)
+ / Owner gets FULL_CONTROL.
+ 3 | The AllUsers group gets READ and WRITE access.
+ | Granting this on a bucket is generally not recommended.
+ \ (public-read-write)
+ / Owner gets FULL_CONTROL.
+ 4 | The AuthenticatedUsers group gets READ access.
+ \ (authenticated-read)
+ / Object owner gets FULL_CONTROL.
+ 5 | Bucket owner gets READ access.
+ | If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
+ \ (bucket-owner-read)
+ / Both the object owner and the bucket owner get FULL_CONTROL over the object.
+ 6 | If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
+ \ (bucket-owner-full-control)
+acl>
+
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n>
+
+Configuration complete.
+Options:
+- type: s3
+- provider: IDrive
+- access_key_id: YOUR_ACCESS_KEY
+- secret_access_key: YOUR_SECRET_KEY
+- endpoint: q9d9.la12.idrivee2-5.com
+Keep this "e2" remote?
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+```
+
+### IONOS Cloud {#ionos}
+
+[IONOS S3 Object Storage](https://cloud.ionos.com/storage/object-storage) is a service offered by IONOS for storing and accessing unstructured data.
+To connect to the service, you will need an access key and a secret key. These can be found in the [Data Center Designer](https://dcd.ionos.com/), by selecting **Manager resources** > **Object Storage Key Manager**.
+
+
+Here is an example of a configuration. First, run `rclone config`. This will walk you through an interactive setup process. Type `n` to add the new remote, and then enter a name:
+
+```
+Enter name for new remote.
+name> ionos-fra
+```
+
+Type `s3` to choose the connection type:
+```
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+[snip]
+XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, IONOS Cloud, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS and Wasabi
+ \ (s3)
+[snip]
+Storage> s3
+```
+
+Type `IONOS`:
+```
+Option provider.
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+[snip]
+XX / IONOS Cloud
+ \ (IONOS)
+[snip]
+provider> IONOS
+```
+
+Press Enter to choose the default option `Enter AWS credentials in the next step`:
+```
+Option env_auth.
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth>
+```
+
+Enter your Access Key and Secret key. These can be retrieved in the [Data Center Designer](https://dcd.ionos.com/), click on the menu “Manager resources” / "Object Storage Key Manager".
+```
+Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> YOUR_ACCESS_KEY
+
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> YOUR_SECRET_KEY
+```
+
+Choose the region where your bucket is located:
+```
+Option region.
+Region where your bucket will be created and your data stored.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / Frankfurt, Germany
+ \ (de)
+ 2 / Berlin, Germany
+ \ (eu-central-2)
+ 3 / Logrono, Spain
+ \ (eu-south-2)
+region> 2
+```
+
+Choose the endpoint from the same region:
+```
+Option endpoint.
+Endpoint for IONOS S3 Object Storage.
+Specify the endpoint from the same region.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / Frankfurt, Germany
+ \ (s3-eu-central-1.ionoscloud.com)
+ 2 / Berlin, Germany
+ \ (s3-eu-central-2.ionoscloud.com)
+ 3 / Logrono, Spain
+ \ (s3-eu-south-2.ionoscloud.com)
+endpoint> 1
+```
+
+Press Enter to choose the default option or choose the desired ACL setting:
+```
+Option acl.
+Canned ACL used when creating buckets and storing or copying objects.
+This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+[snip]
+acl>
+```
+
+Press Enter to skip the advanced config:
+```
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n>
+```
+
+Press Enter to save the configuration, and then `q` to quit the configuration process:
+```
+Configuration complete.
+Options:
+- type: s3
+- provider: IONOS
+- access_key_id: YOUR_ACCESS_KEY
+- secret_access_key: YOUR_SECRET_KEY
+- endpoint: s3-eu-central-1.ionoscloud.com
+Keep this "ionos-fra" remote?
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+```
+
+Done! Now you can try some commands (for macOS, use `./rclone` instead of `rclone`).
+
+1) Create a bucket (the name must be unique within the whole IONOS S3)
+```
+rclone mkdir ionos-fra:my-bucket
+```
+2) List available buckets
+```
+rclone lsd ionos-fra:
+```
+4) Copy a file from local to remote
+```
+rclone copy /Users/file.txt ionos-fra:my-bucket
+```
+3) List contents of a bucket
+```
+rclone ls ionos-fra:my-bucket
+```
+5) Copy a file from remote to local
+```
+rclone copy ionos-fra:my-bucket/file.txt
+```
+
### Minio
[Minio](https://minio.io/) is an object storage server built for cloud application developers and devops.
@@ -19002,6 +21620,207 @@ So once set up, for example, to copy files into a bucket
rclone copy /path/to/files minio:bucket
```
+### Qiniu Cloud Object Storage (Kodo) {#qiniu}
+
+[Qiniu Cloud Object Storage (Kodo)](https://www.qiniu.com/en/products/kodo), a completely independent-researched core technology which is proven by repeated customer experience has occupied absolute leading market leader position. Kodo can be widely applied to mass data management.
+
+To configure access to Qiniu Kodo, follow the steps below:
+
+1. Run `rclone config` and select `n` for a new remote.
+
+```
+rclone config
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+```
+
+2. Give the name of the configuration. For example, name it 'qiniu'.
+
+```
+name> qiniu
+```
+
+3. Select `s3` storage.
+
+```
+Choose a number from below, or type in your own value
+ 1 / 1Fichier
+ \ (fichier)
+ 2 / Akamai NetStorage
+ \ (netstorage)
+ 3 / Alias for an existing remote
+ \ (alias)
+ 4 / Amazon Drive
+ \ (amazon cloud drive)
+ 5 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, Liara, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS, Qiniu and Wasabi
+ \ (s3)
+[snip]
+Storage> s3
+```
+
+4. Select `Qiniu` provider.
+```
+Choose a number from below, or type in your own value
+1 / Amazon Web Services (AWS) S3
+ \ "AWS"
+[snip]
+22 / Qiniu Object Storage (Kodo)
+ \ (Qiniu)
+[snip]
+provider> Qiniu
+```
+
+5. Enter your SecretId and SecretKey of Qiniu Kodo.
+
+```
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Enter a boolean value (true or false). Press Enter for the default ("false").
+Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+env_auth> 1
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a string value. Press Enter for the default ("").
+access_key_id> AKIDxxxxxxxxxx
+AWS Secret Access Key (password)
+Leave blank for anonymous access or runtime credentials.
+Enter a string value. Press Enter for the default ("").
+secret_access_key> xxxxxxxxxxx
+```
+
+6. Select endpoint for Qiniu Kodo. This is the standard endpoint for different region.
+
+```
+ / The default endpoint - a good choice if you are unsure.
+ 1 | East China Region 1.
+ | Needs location constraint cn-east-1.
+ \ (cn-east-1)
+ / East China Region 2.
+ 2 | Needs location constraint cn-east-2.
+ \ (cn-east-2)
+ / North China Region 1.
+ 3 | Needs location constraint cn-north-1.
+ \ (cn-north-1)
+ / South China Region 1.
+ 4 | Needs location constraint cn-south-1.
+ \ (cn-south-1)
+ / North America Region.
+ 5 | Needs location constraint us-north-1.
+ \ (us-north-1)
+ / Southeast Asia Region 1.
+ 6 | Needs location constraint ap-southeast-1.
+ \ (ap-southeast-1)
+ / Northeast Asia Region 1.
+ 7 | Needs location constraint ap-northeast-1.
+ \ (ap-northeast-1)
+[snip]
+endpoint> 1
+
+Option endpoint.
+Endpoint for Qiniu Object Storage.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / East China Endpoint 1
+ \ (s3-cn-east-1.qiniucs.com)
+ 2 / East China Endpoint 2
+ \ (s3-cn-east-2.qiniucs.com)
+ 3 / North China Endpoint 1
+ \ (s3-cn-north-1.qiniucs.com)
+ 4 / South China Endpoint 1
+ \ (s3-cn-south-1.qiniucs.com)
+ 5 / North America Endpoint 1
+ \ (s3-us-north-1.qiniucs.com)
+ 6 / Southeast Asia Endpoint 1
+ \ (s3-ap-southeast-1.qiniucs.com)
+ 7 / Northeast Asia Endpoint 1
+ \ (s3-ap-northeast-1.qiniucs.com)
+endpoint> 1
+
+Option location_constraint.
+Location constraint - must be set to match the Region.
+Used when creating buckets only.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / East China Region 1
+ \ (cn-east-1)
+ 2 / East China Region 2
+ \ (cn-east-2)
+ 3 / North China Region 1
+ \ (cn-north-1)
+ 4 / South China Region 1
+ \ (cn-south-1)
+ 5 / North America Region 1
+ \ (us-north-1)
+ 6 / Southeast Asia Region 1
+ \ (ap-southeast-1)
+ 7 / Northeast Asia Region 1
+ \ (ap-northeast-1)
+location_constraint> 1
+```
+
+7. Choose acl and storage class.
+
+```
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+ 2 | The AllUsers group gets READ access.
+ \ (public-read)
+[snip]
+acl> 2
+The storage class to use when storing new objects in Tencent COS.
+Enter a string value. Press Enter for the default ("").
+Choose a number from below, or type in your own value
+ 1 / Standard storage class
+ \ (STANDARD)
+ 2 / Infrequent access storage mode
+ \ (LINE)
+ 3 / Archive storage mode
+ \ (GLACIER)
+ 4 / Deep archive storage mode
+ \ (DEEP_ARCHIVE)
+[snip]
+storage_class> 1
+Edit advanced config? (y/n)
+y) Yes
+n) No (default)
+y/n> n
+Remote config
+--------------------
+[qiniu]
+- type: s3
+- provider: Qiniu
+- access_key_id: xxx
+- secret_access_key: xxx
+- region: cn-east-1
+- endpoint: s3-cn-east-1.qiniucs.com
+- location_constraint: cn-east-1
+- acl: public-read
+- storage_class: STANDARD
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+Current remotes:
+
+Name Type
+==== ====
+qiniu s3
+```
+
### RackCorp {#RackCorp}
[RackCorp Object Storage](https://www.rackcorp.com/storage/s3storage) is an S3 compatible object storage platform from your friendly cloud provider RackCorp.
@@ -19048,6 +21867,9 @@ server_side_encryption =
storage_class =
```
+[C14 Cold Storage](https://www.online.net/en/storage/c14-cold-storage) is the low-cost S3 Glacier alternative from Scaleway and it works the same way as on S3 by accepting the "GLACIER" `storage_class`.
+So you can configure your remote with the `storage_class = GLACIER` option to upload directly to C14. Don't forget that in this state you can't read files back after, you will need to restore them to "STANDARD" storage_class first before being able to read them (see "restore" section above)
+
### Seagate Lyve Cloud {#lyve}
[Seagate Lyve Cloud](https://www.seagate.com/gb/en/services/cloud/storage/) is an S3
@@ -19073,7 +21895,7 @@ Choose `s3` backend
Type of storage to configure.
Choose a number from below, or type in your own value.
[snip]
-XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, Digital Ocean, Dreamhost, IBM COS, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent COS
+XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Liara, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent COS
\ (s3)
[snip]
Storage> s3
@@ -19260,7 +22082,7 @@ name> wasabi
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / Amazon S3 (also Dreamhost, Ceph, Minio)
+XX / Amazon S3 (also Dreamhost, Ceph, ChinaMobile, ArvanCloud, Minio, Liara)
\ "s3"
[snip]
Storage> s3
@@ -19374,7 +22196,7 @@ Type of storage to configure.
Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
[snip]
- 4 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, Digital Ocean, Dreamhost, IBM COS, Minio, and Tencent COS
+ 4 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Liara, Minio, and Tencent COS
\ "s3"
[snip]
Storage> s3
@@ -19464,6 +22286,465 @@ d) Delete this remote
y/e/d> y
```
+### China Mobile Ecloud Elastic Object Storage (EOS) {#china-mobile-ecloud-eos}
+
+Here is an example of making an [China Mobile Ecloud Elastic Object Storage (EOS)](https:///ecloud.10086.cn/home/product-introduction/eos/)
+configuration. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process.
+
+```
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> ChinaMobile
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+ ...
+ 5 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent COS
+ \ (s3)
+ ...
+Storage> s3
+Option provider.
+Choose your S3 provider.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ ...
+ 4 / China Mobile Ecloud Elastic Object Storage (EOS)
+ \ (ChinaMobile)
+ ...
+provider> ChinaMobile
+Option env_auth.
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own boolean value (true or false).
+Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+env_auth>
+Option access_key_id.
+AWS Access Key ID.
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+access_key_id> accesskeyid
+Option secret_access_key.
+AWS Secret Access Key (password).
+Leave blank for anonymous access or runtime credentials.
+Enter a value. Press Enter to leave empty.
+secret_access_key> secretaccesskey
+Option endpoint.
+Endpoint for China Mobile Ecloud Elastic Object Storage (EOS) API.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / The default endpoint - a good choice if you are unsure.
+ 1 | East China (Suzhou)
+ \ (eos-wuxi-1.cmecloud.cn)
+ 2 / East China (Jinan)
+ \ (eos-jinan-1.cmecloud.cn)
+ 3 / East China (Hangzhou)
+ \ (eos-ningbo-1.cmecloud.cn)
+ 4 / East China (Shanghai-1)
+ \ (eos-shanghai-1.cmecloud.cn)
+ 5 / Central China (Zhengzhou)
+ \ (eos-zhengzhou-1.cmecloud.cn)
+ 6 / Central China (Changsha-1)
+ \ (eos-hunan-1.cmecloud.cn)
+ 7 / Central China (Changsha-2)
+ \ (eos-zhuzhou-1.cmecloud.cn)
+ 8 / South China (Guangzhou-2)
+ \ (eos-guangzhou-1.cmecloud.cn)
+ 9 / South China (Guangzhou-3)
+ \ (eos-dongguan-1.cmecloud.cn)
+10 / North China (Beijing-1)
+ \ (eos-beijing-1.cmecloud.cn)
+11 / North China (Beijing-2)
+ \ (eos-beijing-2.cmecloud.cn)
+12 / North China (Beijing-3)
+ \ (eos-beijing-4.cmecloud.cn)
+13 / North China (Huhehaote)
+ \ (eos-huhehaote-1.cmecloud.cn)
+14 / Southwest China (Chengdu)
+ \ (eos-chengdu-1.cmecloud.cn)
+15 / Southwest China (Chongqing)
+ \ (eos-chongqing-1.cmecloud.cn)
+16 / Southwest China (Guiyang)
+ \ (eos-guiyang-1.cmecloud.cn)
+17 / Nouthwest China (Xian)
+ \ (eos-xian-1.cmecloud.cn)
+18 / Yunnan China (Kunming)
+ \ (eos-yunnan.cmecloud.cn)
+19 / Yunnan China (Kunming-2)
+ \ (eos-yunnan-2.cmecloud.cn)
+20 / Tianjin China (Tianjin)
+ \ (eos-tianjin-1.cmecloud.cn)
+21 / Jilin China (Changchun)
+ \ (eos-jilin-1.cmecloud.cn)
+22 / Hubei China (Xiangyan)
+ \ (eos-hubei-1.cmecloud.cn)
+23 / Jiangxi China (Nanchang)
+ \ (eos-jiangxi-1.cmecloud.cn)
+24 / Gansu China (Lanzhou)
+ \ (eos-gansu-1.cmecloud.cn)
+25 / Shanxi China (Taiyuan)
+ \ (eos-shanxi-1.cmecloud.cn)
+26 / Liaoning China (Shenyang)
+ \ (eos-liaoning-1.cmecloud.cn)
+27 / Hebei China (Shijiazhuang)
+ \ (eos-hebei-1.cmecloud.cn)
+28 / Fujian China (Xiamen)
+ \ (eos-fujian-1.cmecloud.cn)
+29 / Guangxi China (Nanning)
+ \ (eos-guangxi-1.cmecloud.cn)
+30 / Anhui China (Huainan)
+ \ (eos-anhui-1.cmecloud.cn)
+endpoint> 1
+Option location_constraint.
+Location constraint - must match endpoint.
+Used when creating buckets only.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / East China (Suzhou)
+ \ (wuxi1)
+ 2 / East China (Jinan)
+ \ (jinan1)
+ 3 / East China (Hangzhou)
+ \ (ningbo1)
+ 4 / East China (Shanghai-1)
+ \ (shanghai1)
+ 5 / Central China (Zhengzhou)
+ \ (zhengzhou1)
+ 6 / Central China (Changsha-1)
+ \ (hunan1)
+ 7 / Central China (Changsha-2)
+ \ (zhuzhou1)
+ 8 / South China (Guangzhou-2)
+ \ (guangzhou1)
+ 9 / South China (Guangzhou-3)
+ \ (dongguan1)
+10 / North China (Beijing-1)
+ \ (beijing1)
+11 / North China (Beijing-2)
+ \ (beijing2)
+12 / North China (Beijing-3)
+ \ (beijing4)
+13 / North China (Huhehaote)
+ \ (huhehaote1)
+14 / Southwest China (Chengdu)
+ \ (chengdu1)
+15 / Southwest China (Chongqing)
+ \ (chongqing1)
+16 / Southwest China (Guiyang)
+ \ (guiyang1)
+17 / Nouthwest China (Xian)
+ \ (xian1)
+18 / Yunnan China (Kunming)
+ \ (yunnan)
+19 / Yunnan China (Kunming-2)
+ \ (yunnan2)
+20 / Tianjin China (Tianjin)
+ \ (tianjin1)
+21 / Jilin China (Changchun)
+ \ (jilin1)
+22 / Hubei China (Xiangyan)
+ \ (hubei1)
+23 / Jiangxi China (Nanchang)
+ \ (jiangxi1)
+24 / Gansu China (Lanzhou)
+ \ (gansu1)
+25 / Shanxi China (Taiyuan)
+ \ (shanxi1)
+26 / Liaoning China (Shenyang)
+ \ (liaoning1)
+27 / Hebei China (Shijiazhuang)
+ \ (hebei1)
+28 / Fujian China (Xiamen)
+ \ (fujian1)
+29 / Guangxi China (Nanning)
+ \ (guangxi1)
+30 / Anhui China (Huainan)
+ \ (anhui1)
+location_constraint> 1
+Option acl.
+Canned ACL used when creating buckets and storing or copying objects.
+This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Note that this ACL is applied when server-side copying objects as S3
+doesn't copy the ACL from the source but rather writes a fresh one.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+ 2 | The AllUsers group gets READ access.
+ \ (public-read)
+ / Owner gets FULL_CONTROL.
+ 3 | The AllUsers group gets READ and WRITE access.
+ | Granting this on a bucket is generally not recommended.
+ \ (public-read-write)
+ / Owner gets FULL_CONTROL.
+ 4 | The AuthenticatedUsers group gets READ access.
+ \ (authenticated-read)
+ / Object owner gets FULL_CONTROL.
+acl> private
+Option server_side_encryption.
+The server-side encryption algorithm used when storing this object in S3.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / None
+ \ ()
+ 2 / AES256
+ \ (AES256)
+server_side_encryption>
+Option storage_class.
+The storage class to use when storing new objects in ChinaMobile.
+Choose a number from below, or type in your own value.
+Press Enter to leave empty.
+ 1 / Default
+ \ ()
+ 2 / Standard storage class
+ \ (STANDARD)
+ 3 / Archive storage mode
+ \ (GLACIER)
+ 4 / Infrequent access storage mode
+ \ (STANDARD_IA)
+storage_class>
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> n
+--------------------
+[ChinaMobile]
+type = s3
+provider = ChinaMobile
+access_key_id = accesskeyid
+secret_access_key = secretaccesskey
+endpoint = eos-wuxi-1.cmecloud.cn
+location_constraint = wuxi1
+acl = private
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+```
+
+### Liara {#liara-cloud}
+
+Here is an example of making a [Liara Object Storage](https://liara.ir/landing/object-storage)
+configuration. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process.
+
+```
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+n/s> n
+name> Liara
+Type of storage to configure.
+Choose a number from below, or type in your own value
+[snip]
+XX / Amazon S3 (also Dreamhost, Ceph, ChinaMobile, ArvanCloud, Liara, Minio)
+ \ "s3"
+[snip]
+Storage> s3
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars). Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+env_auth> 1
+AWS Access Key ID - leave blank for anonymous access or runtime credentials.
+access_key_id> YOURACCESSKEY
+AWS Secret Access Key (password) - leave blank for anonymous access or runtime credentials.
+secret_access_key> YOURSECRETACCESSKEY
+Region to connect to.
+Choose a number from below, or type in your own value
+ / The default endpoint
+ 1 | US Region, Northern Virginia, or Pacific Northwest.
+ | Leave location constraint empty.
+ \ "us-east-1"
+[snip]
+region>
+Endpoint for S3 API.
+Leave blank if using Liara to use the default endpoint for the region.
+Specify if using an S3 clone such as Ceph.
+endpoint> storage.iran.liara.space
+Canned ACL used when creating buckets and/or storing objects in S3.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Choose a number from below, or type in your own value
+ 1 / Owner gets FULL_CONTROL. No one else has access rights (default).
+ \ "private"
+[snip]
+acl>
+The server-side encryption algorithm used when storing this object in S3.
+Choose a number from below, or type in your own value
+ 1 / None
+ \ ""
+ 2 / AES256
+ \ "AES256"
+server_side_encryption>
+The storage class to use when storing objects in S3.
+Choose a number from below, or type in your own value
+ 1 / Default
+ \ ""
+ 2 / Standard storage class
+ \ "STANDARD"
+storage_class>
+Remote config
+--------------------
+[Liara]
+env_auth = false
+access_key_id = YOURACCESSKEY
+secret_access_key = YOURSECRETACCESSKEY
+endpoint = storage.iran.liara.space
+location_constraint =
+acl =
+server_side_encryption =
+storage_class =
+--------------------
+y) Yes this is OK
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+```
+
+This will leave the config file looking like this.
+
+```
+[Liara]
+type = s3
+provider = Liara
+env_auth = false
+access_key_id = YOURACCESSKEY
+secret_access_key = YOURSECRETACCESSKEY
+region =
+endpoint = storage.iran.liara.space
+location_constraint =
+acl =
+server_side_encryption =
+storage_class =
+```
+
+### ArvanCloud {#arvan-cloud}
+
+[ArvanCloud](https://www.arvancloud.com/en/products/cloud-storage) ArvanCloud Object Storage goes beyond the limited traditional file storage.
+It gives you access to backup and archived files and allows sharing.
+Files like profile image in the app, images sent by users or scanned documents can be stored securely and easily in our Object Storage service.
+
+ArvanCloud provides an S3 interface which can be configured for use with
+rclone like this.
+
+```
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+n/s> n
+name> ArvanCloud
+Type of storage to configure.
+Choose a number from below, or type in your own value
+[snip]
+XX / Amazon S3 (also Dreamhost, Ceph, ChinaMobile, ArvanCloud, Liara, Minio)
+ \ "s3"
+[snip]
+Storage> s3
+Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars). Only applies if access_key_id and secret_access_key is blank.
+Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+env_auth> 1
+AWS Access Key ID - leave blank for anonymous access or runtime credentials.
+access_key_id> YOURACCESSKEY
+AWS Secret Access Key (password) - leave blank for anonymous access or runtime credentials.
+secret_access_key> YOURSECRETACCESSKEY
+Region to connect to.
+Choose a number from below, or type in your own value
+ / The default endpoint - a good choice if you are unsure.
+ 1 | US Region, Northern Virginia, or Pacific Northwest.
+ | Leave location constraint empty.
+ \ "us-east-1"
+[snip]
+region>
+Endpoint for S3 API.
+Leave blank if using ArvanCloud to use the default endpoint for the region.
+Specify if using an S3 clone such as Ceph.
+endpoint> s3.arvanstorage.com
+Location constraint - must be set to match the Region. Used when creating buckets only.
+Choose a number from below, or type in your own value
+ 1 / Empty for Iran-Tehran Region.
+ \ ""
+[snip]
+location_constraint>
+Canned ACL used when creating buckets and/or storing objects in S3.
+For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+Choose a number from below, or type in your own value
+ 1 / Owner gets FULL_CONTROL. No one else has access rights (default).
+ \ "private"
+[snip]
+acl>
+The server-side encryption algorithm used when storing this object in S3.
+Choose a number from below, or type in your own value
+ 1 / None
+ \ ""
+ 2 / AES256
+ \ "AES256"
+server_side_encryption>
+The storage class to use when storing objects in S3.
+Choose a number from below, or type in your own value
+ 1 / Default
+ \ ""
+ 2 / Standard storage class
+ \ "STANDARD"
+storage_class>
+Remote config
+--------------------
+[ArvanCloud]
+env_auth = false
+access_key_id = YOURACCESSKEY
+secret_access_key = YOURSECRETACCESSKEY
+region = ir-thr-at1
+endpoint = s3.arvanstorage.com
+location_constraint =
+acl =
+server_side_encryption =
+storage_class =
+--------------------
+y) Yes this is OK
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+```
+
+This will leave the config file looking like this.
+
+```
+[ArvanCloud]
+type = s3
+provider = ArvanCloud
+env_auth = false
+access_key_id = YOURACCESSKEY
+secret_access_key = YOURSECRETACCESSKEY
+region =
+endpoint = s3.arvanstorage.com
+location_constraint =
+acl =
+server_side_encryption =
+storage_class =
+```
+
### Tencent COS {#tencent-cos}
[Tencent Cloud Object Storage (COS)](https://intl.cloud.tencent.com/product/cos) is a distributed storage service offered by Tencent Cloud for unstructured data. It is secure, stable, massive, convenient, low-delay and low-cost.
@@ -19497,7 +22778,7 @@ Choose a number from below, or type in your own value
\ "alias"
3 / Amazon Drive
\ "amazon cloud drive"
- 4 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, Digital Ocean, Dreamhost, IBM COS, Minio, and Tencent COS
+ 4 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Liara, Minio, and Tencent COS
\ "s3"
[snip]
Storage> s3
@@ -19710,8 +22991,7 @@ this capability cannot determine free space for an rclone mount or
use policy `mfs` (most free space) as a member of an rclone union
remote.
-See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features)
-See [rclone about](https://rclone.org/commands/rclone_about/)
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
# Backblaze B2
@@ -19883,6 +23163,11 @@ the file instead of hiding it.
Old versions of files, where available, are visible using the
`--b2-versions` flag.
+It is also possible to view a bucket as it was at a certain point in time,
+using the `--b2-version-at` flag. This will show the file versions as they
+were at that time, showing files that have been deleted afterwards, and
+hiding files that were created since.
+
If you wish to remove all the old versions then you can use the
`rclone cleanup remote:bucket` command which will delete all the old
versions of files, leaving the current ones intact. You can also
@@ -20033,7 +23318,7 @@ https://f002.backblazeb2.com/file/bucket/path/folder/file3?Authorization=xxxxxxx
### Standard options
-Here are the standard options specific to b2 (Backblaze B2).
+Here are the Standard options specific to b2 (Backblaze B2).
#### --b2-account
@@ -20070,7 +23355,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to b2 (Backblaze B2).
+Here are the Advanced options specific to b2 (Backblaze B2).
#### --b2-endpoint
@@ -20120,6 +23405,20 @@ Properties:
- Type: bool
- Default: false
+#### --b2-version-at
+
+Show file versions as they were at the specified time.
+
+Note that when using this no file write operations are permitted,
+so you can't upload files or delete them.
+
+Properties:
+
+- Config: version_at
+- Env Var: RCLONE_B2_VERSION_AT
+- Type: Time
+- Default: off
+
#### --b2-upload-cutoff
Cutoff for switching to chunked upload.
@@ -20271,8 +23570,7 @@ this capability cannot determine free space for an rclone mount or
use policy `mfs` (most free space) as a member of an rclone union
remote.
-See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features)
-See [rclone about](https://rclone.org/commands/rclone_about/)
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
# Box
@@ -20327,9 +23625,10 @@ Choose a number from below, or type in your own value
\ "enterprise"
box_sub_type>
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -20446,9 +23745,10 @@ Already have a token - refresh?
y) Yes
n) No
y/n> y
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -20538,7 +23838,7 @@ the `root_folder_id` in the config.
### Standard options
-Here are the standard options specific to box (Box).
+Here are the Standard options specific to box (Box).
#### --box-client-id
@@ -20612,7 +23912,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to box (Box).
+Here are the Advanced options specific to box (Box).
#### --box-token
@@ -20732,15 +24032,16 @@ Reverse Solidus).
Box only supports filenames up to 255 characters in length.
+Box has [API rate limits](https://developer.box.com/guides/api-calls/permissions-and-errors/rate-limits/) that sometimes reduce the speed of rclone.
+
`rclone about` is not supported by the Box backend. Backends without
this capability cannot determine free space for an rclone mount or
use policy `mfs` (most free space) as a member of an rclone union
remote.
-See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features)
-See [rclone about](https://rclone.org/commands/rclone_about/)
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
-# Cache (DEPRECATED)
+# Cache
The `cache` remote wraps another existing remote and stores file structure
and its data for long running tasks like `rclone mount`.
@@ -21044,7 +24345,7 @@ Params:
### Standard options
-Here are the standard options specific to cache (Cache a remote).
+Here are the Standard options specific to cache (Cache a remote).
#### --cache-remote
@@ -21160,7 +24461,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to cache (Cache a remote).
+Here are the Advanced options specific to cache (Cache a remote).
#### --cache-plex-token
@@ -21409,7 +24710,7 @@ Run them with
The help below will explain what arguments each command takes.
-See [the "rclone backend" command](https://rclone.org/commands/rclone_backend/) for more
+See the [backend](https://rclone.org/commands/rclone_backend/) command for more
info on how to pass options and arguments.
These can be run on a running backend using the rc command
@@ -21423,7 +24724,7 @@ Print stats on the cache backend in JSON format.
-# Chunker (BETA)
+# Chunker
The `chunker` overlay transparently splits large files into smaller chunks
during upload to wrapped remote and transparently assembles them back
@@ -21733,7 +25034,7 @@ Changing `transactions` is dangerous and requires explicit migration.
### Standard options
-Here are the standard options specific to chunker (Transparently chunk/split large files).
+Here are the Standard options specific to chunker (Transparently chunk/split large files).
#### --chunker-remote
@@ -21792,7 +25093,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to chunker (Transparently chunk/split large files).
+Here are the Advanced options specific to chunker (Transparently chunk/split large files).
#### --chunker-name-format
@@ -21942,9 +25243,10 @@ y) Yes
n) No
y/n> n
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -22036,7 +25338,7 @@ as they can't be used in JSON strings.
### Standard options
-Here are the standard options specific to sharefile (Citrix Sharefile).
+Here are the Standard options specific to sharefile (Citrix Sharefile).
#### --sharefile-root-folder-id
@@ -22065,7 +25367,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to sharefile (Citrix Sharefile).
+Here are the Advanced options specific to sharefile (Citrix Sharefile).
#### --sharefile-upload-cutoff
@@ -22137,10 +25439,9 @@ this capability cannot determine free space for an rclone mount or
use policy `mfs` (most free space) as a member of an rclone union
remote.
-See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features)
-See [rclone about](https://rclone.org/commands/rclone_about/)
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
-# Crypt
+# Crypt
Rclone `crypt` remotes encrypt and decrypt other remotes.
@@ -22362,7 +25663,7 @@ If you intend to use the wrapped remote both directly for keeping
unencrypted content, as well as through a crypt remote for encrypted
content, it is recommended to point the crypt remote to a separate
directory within the wrapped remote. If you use a bucket-based storage
-system (e.g. Swift, S3, Google Compute Storage, B2, Hubic) it is generally
+system (e.g. Swift, S3, Google Compute Storage, B2) it is generally
advisable to wrap the crypt remote around a specific bucket (`s3:bucket`).
If wrapping around the entire root of the storage (`s3:`), and use the
optional file name encryption, rclone will encrypt the bucket name.
@@ -22378,7 +25679,7 @@ the password configured for an existing crypt remote means you will no longer
able to decrypt any of the previously encrypted content. The only possibility
is to re-upload everything via a crypt remote configured with your new password.
-Depending on the size of your data, your bandwith, storage quota etc, there are
+Depending on the size of your data, your bandwidth, storage quota etc, there are
different approaches you can take:
- If you have everything in a different location, for example on your local system,
you could remove all of the prior encrypted files, change the password for your
@@ -22391,7 +25692,7 @@ effectively decrypting everything on the fly using the old password and
re-encrypting using the new password. When done, delete the original crypt
remote directory and finally the rclone crypt configuration with the old password.
All data will be streamed from the storage system and back, so you will
-get half the bandwith and be charged twice if you have upload and download quota
+get half the bandwidth and be charged twice if you have upload and download quota
on the storage system.
**Note**: A security problem related to the random password generator
@@ -22556,7 +25857,7 @@ check the checksums properly.
### Standard options
-Here are the standard options specific to crypt (Encrypt/Decrypt a remote).
+Here are the Standard options specific to crypt (Encrypt/Decrypt a remote).
#### --crypt-remote
@@ -22641,7 +25942,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to crypt (Encrypt/Decrypt a remote).
+Here are the Advanced options specific to crypt (Encrypt/Decrypt a remote).
#### --crypt-server-side-across-configs
@@ -22704,7 +26005,7 @@ How to encode the encrypted filename to text string.
This option could help with shortening the encrypted filename. The
suitable option would depend on the way your remote count the filename
-length and if it's case sensitve.
+length and if it's case sensitive.
Properties:
@@ -22721,6 +26022,12 @@ Properties:
- Encode using base32768. Suitable if your remote counts UTF-16 or
- Unicode codepoint instead of UTF-8 byte length. (Eg. Onedrive)
+### Metadata
+
+Any metadata supported by the underlying remote is read and written.
+
+See the [metadata](https://rclone.org/docs/#metadata) docs for more info.
+
## Backend commands
Here are the commands specific to the crypt backend.
@@ -22731,7 +26038,7 @@ Run them with
The help below will explain what arguments each command takes.
-See [the "rclone backend" command](https://rclone.org/commands/rclone_backend/) for more
+See the [backend](https://rclone.org/commands/rclone_backend/) command for more
info on how to pass options and arguments.
These can be run on a running backend using the rc command
@@ -22900,7 +26207,7 @@ a salt.
* [rclone cryptdecode](https://rclone.org/commands/rclone_cryptdecode/) - Show forward/reverse mapping of encrypted filenames
-# Compress (Experimental)
+# Compress
## Warning
@@ -22987,7 +26294,7 @@ size of the uncompressed file. The file names should not be changed by anything
### Standard options
-Here are the standard options specific to compress (Compress a remote).
+Here are the Standard options specific to compress (Compress a remote).
#### --compress-remote
@@ -23016,7 +26323,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to compress (Compress a remote).
+Here are the Advanced options specific to compress (Compress a remote).
#### --compress-level
@@ -23026,7 +26333,7 @@ Generally -1 (default, equivalent to 5) is recommended.
Levels 1 to 9 increase compression at the cost of speed. Going past 6
generally offers very little return.
-Level -2 uses Huffmann encoding only. Only use if you know what you
+Level -2 uses Huffman encoding only. Only use if you know what you
are doing.
Level 0 turns off compression.
@@ -23053,6 +26360,170 @@ Properties:
- Type: SizeSuffix
- Default: 20Mi
+### Metadata
+
+Any metadata supported by the underlying remote is read and written.
+
+See the [metadata](https://rclone.org/docs/#metadata) docs for more info.
+
+
+
+# Combine
+
+The `combine` backend joins remotes together into a single directory
+tree.
+
+For example you might have a remote for images on one provider:
+
+```
+$ rclone tree s3:imagesbucket
+/
+├── image1.jpg
+└── image2.jpg
+```
+
+And a remote for files on another:
+
+```
+$ rclone tree drive:important/files
+/
+├── file1.txt
+└── file2.txt
+```
+
+The `combine` backend can join these together into a synthetic
+directory structure like this:
+
+```
+$ rclone tree combined:
+/
+├── files
+│ ├── file1.txt
+│ └── file2.txt
+└── images
+ ├── image1.jpg
+ └── image2.jpg
+```
+
+You'd do this by specifying an `upstreams` parameter in the config
+like this
+
+ upstreams = images=s3:imagesbucket files=drive:important/files
+
+During the initial setup with `rclone config` you will specify the
+upstreams remotes as a space separated list. The upstream remotes can
+either be a local paths or other remotes.
+
+## Configuration
+
+Here is an example of how to make a combine called `remote` for the
+example above. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+```
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> remote
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+...
+XX / Combine several remotes into one
+ \ (combine)
+...
+Storage> combine
+Option upstreams.
+Upstreams for combining
+These should be in the form
+ dir=remote:path dir2=remote2:path
+Where before the = is specified the root directory and after is the remote to
+put there.
+Embedded spaces can be added using quotes
+ "dir=remote:path with space" "dir2=remote2:path with space"
+Enter a fs.SpaceSepList value.
+upstreams> images=s3:imagesbucket files=drive:important/files
+--------------------
+[remote]
+type = combine
+upstreams = images=s3:imagesbucket files=drive:important/files
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+```
+
+### Configuring for Google Drive Shared Drives
+
+Rclone has a convenience feature for making a combine backend for all
+the shared drives you have access to.
+
+Assuming your main (non shared drive) Google drive remote is called
+`drive:` you would run
+
+ rclone backend -o config drives drive:
+
+This would produce something like this:
+
+ [My Drive]
+ type = alias
+ remote = drive,team_drive=0ABCDEF-01234567890,root_folder_id=:
+
+ [Test Drive]
+ type = alias
+ remote = drive,team_drive=0ABCDEFabcdefghijkl,root_folder_id=:
+
+ [AllDrives]
+ type = combine
+ upstreams = "My Drive=My Drive:" "Test Drive=Test Drive:"
+
+If you then add that config to your config file (find it with `rclone
+config file`) then you can access all the shared drives in one place
+with the `AllDrives:` remote.
+
+See [the Google Drive docs](https://rclone.org/drive/#drives) for full info.
+
+
+### Standard options
+
+Here are the Standard options specific to combine (Combine several remotes into one).
+
+#### --combine-upstreams
+
+Upstreams for combining
+
+These should be in the form
+
+ dir=remote:path dir2=remote2:path
+
+Where before the = is specified the root directory and after is the remote to
+put there.
+
+Embedded spaces can be added using quotes
+
+ "dir=remote:path with space" "dir2=remote2:path with space"
+
+
+
+Properties:
+
+- Config: upstreams
+- Env Var: RCLONE_COMBINE_UPSTREAMS
+- Type: SpaceSepList
+- Default:
+
+### Metadata
+
+Any metadata supported by the underlying remote is read and written.
+
+See the [metadata](https://rclone.org/docs/#metadata) docs for more info.
+
# Dropbox
@@ -23107,6 +26578,16 @@ d) Delete this remote
y/e/d> y
```
+See the [remote setup docs](https://rclone.org/remote_setup/) for how to set it up on a
+machine with no Internet browser available.
+
+Note that rclone runs a webserver on your local machine to collect the
+token as returned from Dropbox. This only
+runs from the moment it opens your browser to the moment you get back
+the verification code. This is on `http://127.0.0.1:53682/` and it
+may require you to unblock it temporarily if you are running a host
+firewall, or use manual mode.
+
You can then use it like this,
List directories in top level of your dropbox
@@ -23234,7 +26715,7 @@ finishes up the last batch using this mode.
### Standard options
-Here are the standard options specific to dropbox (Dropbox).
+Here are the Standard options specific to dropbox (Dropbox).
#### --dropbox-client-id
@@ -23264,7 +26745,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to dropbox (Dropbox).
+Here are the Advanced options specific to dropbox (Dropbox).
#### --dropbox-token
@@ -23461,7 +26942,7 @@ Properties:
#### --dropbox-batch-commit-timeout
-Max time to wait for a batch to finish comitting
+Max time to wait for a batch to finish committing
Properties:
@@ -23546,7 +27027,7 @@ through a global file system.
## Configuration
The initial setup for the Enterprise File Fabric backend involves
-getting a token from the the Enterprise File Fabric which you need to
+getting a token from the Enterprise File Fabric which you need to
do in your browser. `rclone config` walks you through it.
Here is an example of how to make a remote called `remote`. First run:
@@ -23687,7 +27168,7 @@ The ID for "S3 Storage" would be `120673761`.
### Standard options
-Here are the standard options specific to filefabric (Enterprise File Fabric).
+Here are the Standard options specific to filefabric (Enterprise File Fabric).
#### --filefabric-url
@@ -23746,7 +27227,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to filefabric (Enterprise File Fabric).
+Here are the Advanced options specific to filefabric (Enterprise File Fabric).
#### --filefabric-token
@@ -23828,8 +27309,7 @@ To create an FTP configuration named `remote`, run
Rclone config guides you through an interactive setup process. A minimal
rclone FTP remote definition only requires host, username and password.
-For an anonymous FTP server, use `anonymous` as username and your email
-address as password.
+For an anonymous FTP server, see [below](#anonymous-ftp).
```
No remotes found, make a new one?
@@ -23844,7 +27324,7 @@ Type of storage to configure.
Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
[snip]
-XX / FTP Connection
+XX / FTP
\ "ftp"
[snip]
Storage> ftp
@@ -23906,11 +27386,33 @@ excess files in the directory.
rclone sync -i /home/local/directory remote:directory
-### Example without a config file ###
+### Anonymous FTP
+
+When connecting to a FTP server that allows anonymous login, you can use the
+special "anonymous" username. Traditionally, this user account accepts any
+string as a password, although it is common to use either the password
+"anonymous" or "guest". Some servers require the use of a valid e-mail
+address as password.
+
+Using [on-the-fly](#backend-path-to-dir) or
+[connection string](https://rclone.org/docs/#connection-strings) remotes makes it easy to access
+such servers, without requiring any configuration in advance. The following
+are examples of that:
+
+ rclone lsf :ftp: --ftp-host=speedtest.tele2.net --ftp-user=anonymous --ftp-pass=$(rclone obscure dummy)
+ rclone lsf :ftp,host=speedtest.tele2.net,user=anonymous,pass=$(rclone obscure dummy):
- rclone lsf :ftp: --ftp-host=speedtest.tele2.net --ftp-user=anonymous --ftp-pass=`rclone obscure dummy`
+The above examples work in Linux shells and in PowerShell, but not Windows
+Command Prompt. They execute the [rclone obscure](https://rclone.org/commands/rclone_obscure/)
+command to create a password string in the format required by the
+[pass](#ftp-pass) option. The following examples are exactly the same, except use
+an already obscured string representation of the same password "dummy", and
+therefore works even in Windows Command Prompt:
-### Implicit TLS ###
+ rclone lsf :ftp: --ftp-host=speedtest.tele2.net --ftp-user=anonymous --ftp-pass=IXs2wc8OJOz7SYLBk47Ji1rHTmxM
+ rclone lsf :ftp,host=speedtest.tele2.net,user=anonymous,pass=IXs2wc8OJOz7SYLBk47Ji1rHTmxM:
+
+### Implicit TLS
Rlone FTP supports implicit FTP over TLS servers (FTPS). This has to
be enabled in the FTP backend config for the remote, or with
@@ -23922,7 +27424,7 @@ can be set with [`--ftp-port`](#ftp-port).
In addition to the [default restricted characters set](https://rclone.org/overview/#restricted-characters)
the following characters are also replaced:
-File names cannot end with the following characters. Repacement is
+File names cannot end with the following characters. Replacement is
limited to the last character in a file name:
| Character | Value | Replacement |
@@ -23943,7 +27445,7 @@ Just hit a selection number when prompted.
### Standard options
-Here are the standard options specific to ftp (FTP Connection).
+Here are the Standard options specific to ftp (FTP).
#### --ftp-host
@@ -24000,7 +27502,7 @@ Use Implicit FTPS (FTP over TLS).
When using implicit FTP over TLS the client connects using TLS
right from the start which breaks compatibility with
non-TLS-aware servers. This is usually served over port 990 rather
-than port 21. Cannot be used in combination with explicit FTP.
+than port 21. Cannot be used in combination with explicit FTPS.
Properties:
@@ -24015,7 +27517,7 @@ Use Explicit FTPS (FTP over TLS).
When using explicit FTP over TLS the client explicitly requests
security from the server in order to upgrade a plain text connection
-to an encrypted one. Cannot be used in combination with implicit FTP.
+to an encrypted one. Cannot be used in combination with implicit FTPS.
Properties:
@@ -24026,12 +27528,26 @@ Properties:
### Advanced options
-Here are the advanced options specific to ftp (FTP Connection).
+Here are the Advanced options specific to ftp (FTP).
#### --ftp-concurrency
Maximum number of FTP simultaneous connections, 0 for unlimited.
+Note that setting this is very likely to cause deadlocks so it should
+be used with care.
+
+If you are doing a sync or copy then make sure concurrency is one more
+than the sum of `--transfers` and `--checkers`.
+
+If you use `--check-first` then it just needs to be one more than the
+maximum of `--checkers` and `--transfers`.
+
+So for `concurrency 3` you'd use `--checkers 2 --transfers 2
+--check-first` or `--checkers 1 --transfers 1`.
+
+
+
Properties:
- Config: concurrency
@@ -24072,6 +27588,17 @@ Properties:
- Type: bool
- Default: false
+#### --ftp-disable-utf8
+
+Disable using UTF-8 even if server advertises support.
+
+Properties:
+
+- Config: disable_utf8
+- Env Var: RCLONE_FTP_DISABLE_UTF8
+- Type: bool
+- Default: false
+
#### --ftp-writing-mdtm
Use MDTM to set modification time (VsFtpd quirk)
@@ -24083,6 +27610,17 @@ Properties:
- Type: bool
- Default: false
+#### --ftp-force-list-hidden
+
+Use LIST -a to force listing of hidden files and folders. This will disable the use of MLSD.
+
+Properties:
+
+- Config: force_list_hidden
+- Env Var: RCLONE_FTP_FORCE_LIST_HIDDEN
+- Type: bool
+- Default: false
+
#### --ftp-idle-timeout
Max time before closing idle connections.
@@ -24200,8 +27738,7 @@ this capability cannot determine free space for an rclone mount or
use policy `mfs` (most free space) as a member of an rclone union
remote.
-See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features)
-See [rclone about](https://rclone.org/commands/rclone_about/)
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
The implementation of : `--dump headers`,
`--dump bodies`, `--dump auth` for debugging isn't the same as
@@ -24349,9 +27886,10 @@ Choose a number from below, or type in your own value
\ "DURABLE_REDUCED_AVAILABILITY"
storage_class> 5
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine or Y didn't work
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -24375,8 +27913,12 @@ d) Delete this remote
y/e/d> y
```
+See the [remote setup docs](https://rclone.org/remote_setup/) for how to set it up on a
+machine with no Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the
-token as returned from Google if you use auto config mode. This only
+token as returned from Google if using web browser to automatically
+authenticate. This only
runs from the moment it opens your browser to the moment you get back
the verification code. This is on `http://127.0.0.1:53682/` and this
it may require you to unblock it temporarily if you are running a host
@@ -24506,7 +28048,7 @@ as they can't be used in JSON strings.
### Standard options
-Here are the standard options specific to google cloud storage (Google Cloud Storage (this is not Google Drive)).
+Here are the Standard options specific to google cloud storage (Google Cloud Storage (this is not Google Drive)).
#### --gcs-client-id
@@ -24781,7 +28323,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to google cloud storage (Google Cloud Storage (this is not Google Drive)).
+Here are the Advanced options specific to google cloud storage (Google Cloud Storage (this is not Google Drive)).
#### --gcs-token
@@ -24820,6 +28362,53 @@ Properties:
- Type: string
- Required: false
+#### --gcs-no-check-bucket
+
+If set, don't attempt to check the bucket exists or create it.
+
+This can be useful when trying to minimise the number of transactions
+rclone does if you know the bucket exists already.
+
+
+Properties:
+
+- Config: no_check_bucket
+- Env Var: RCLONE_GCS_NO_CHECK_BUCKET
+- Type: bool
+- Default: false
+
+#### --gcs-decompress
+
+If set this will decompress gzip encoded objects.
+
+It is possible to upload objects to GCS with "Content-Encoding: gzip"
+set. Normally rclone will download these files as compressed objects.
+
+If this flag is set then rclone will decompress these files with
+"Content-Encoding: gzip" as they are received. This means that rclone
+can't check the size and hash but the file contents will be decompressed.
+
+
+Properties:
+
+- Config: decompress
+- Env Var: RCLONE_GCS_DECOMPRESS
+- Type: bool
+- Default: false
+
+#### --gcs-endpoint
+
+Endpoint for the service.
+
+Leave blank normally.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_GCS_ENDPOINT
+- Type: string
+- Required: false
+
#### --gcs-encoding
The encoding for the backend.
@@ -24842,8 +28431,7 @@ this capability cannot determine free space for an rclone mount or
use policy `mfs` (most free space) as a member of an rclone union
remote.
-See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features)
-See [rclone about](https://rclone.org/commands/rclone_about/)
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
# Google Drive
@@ -24900,14 +28488,13 @@ Choose a number from below, or type in your own value
5 | does not allow any access to read or download file content.
\ "drive.metadata.readonly"
scope> 1
-ID of the root folder - leave blank normally. Fill in to access "Computers" folders. (see docs).
-root_folder_id>
Service Account Credentials JSON file path - needed only if you want use SA instead of interactive login.
service_account_file>
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine or Y didn't work
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -24934,8 +28521,12 @@ d) Delete this remote
y/e/d> y
```
+See the [remote setup docs](https://rclone.org/remote_setup/) for how to set it up on a
+machine with no Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the
-token as returned from Google if you use auto config mode. This only
+token as returned from Google if using web browser to automatically
+authenticate. This only
runs from the moment it opens your browser to the moment you get back
the verification code. This is on `http://127.0.0.1:53682/` and it
may require you to unblock it temporarily if you are running a host
@@ -25003,7 +28594,7 @@ directories.
### Root folder ID
-You can set the `root_folder_id` for rclone. This is the directory
+This option has been moved to the advanced section. You can set the `root_folder_id` for rclone. This is the directory
(identified by its `Folder ID`) that rclone considers to be the root
of your drive.
@@ -25351,23 +28942,28 @@ represent the currently available conversions.
| Extension | Mime Type | Description |
| --------- |-----------| ------------|
+| bmp | image/bmp | Windows Bitmap format |
| csv | text/csv | Standard CSV format for Spreadsheets |
+| doc | application/msword | Classic Word file |
| docx | application/vnd.openxmlformats-officedocument.wordprocessingml.document | Microsoft Office Document |
| epub | application/epub+zip | E-book format |
| html | text/html | An HTML Document |
| jpg | image/jpeg | A JPEG Image File |
-| json | application/vnd.google-apps.script+json | JSON Text Format |
+| json | application/vnd.google-apps.script+json | JSON Text Format for Google Apps scripts |
| odp | application/vnd.oasis.opendocument.presentation | Openoffice Presentation |
| ods | application/vnd.oasis.opendocument.spreadsheet | Openoffice Spreadsheet |
| ods | application/x-vnd.oasis.opendocument.spreadsheet | Openoffice Spreadsheet |
| odt | application/vnd.oasis.opendocument.text | Openoffice Document |
| pdf | application/pdf | Adobe PDF Format |
+| pjpeg | image/pjpeg | Progressive JPEG Image |
| png | image/png | PNG Image Format|
| pptx | application/vnd.openxmlformats-officedocument.presentationml.presentation | Microsoft Office Powerpoint |
| rtf | application/rtf | Rich Text Format |
| svg | image/svg+xml | Scalable Vector Graphics Format |
| tsv | text/tab-separated-values | Standard TSV format for spreadsheets |
| txt | text/plain | Plain Text |
+| wmf | application/x-msmetafile | Windows Meta File |
+| xls | application/vnd.ms-excel | Classic Excel file |
| xlsx | application/vnd.openxmlformats-officedocument.spreadsheetml.sheet | Microsoft Office Spreadsheet |
| zip | application/zip | A ZIP file of HTML, Images CSS |
@@ -25387,7 +28983,7 @@ Google Documents.
### Standard options
-Here are the standard options specific to drive (Google Drive).
+Here are the Standard options specific to drive (Google Drive).
#### --drive-client-id
@@ -25442,22 +29038,6 @@ Properties:
- Allows read-only access to file metadata but
- does not allow any access to read or download file content.
-#### --drive-root-folder-id
-
-ID of the root folder.
-Leave blank normally.
-
-Fill in to access "Computers" folders (see docs), or for rclone to use
-a non root folder as its starting point.
-
-
-Properties:
-
-- Config: root_folder_id
-- Env Var: RCLONE_DRIVE_ROOT_FOLDER_ID
-- Type: string
-- Required: false
-
#### --drive-service-account-file
Service Account Credentials JSON file path.
@@ -25487,7 +29067,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to drive (Google Drive).
+Here are the Advanced options specific to drive (Google Drive).
#### --drive-token
@@ -25526,6 +29106,22 @@ Properties:
- Type: string
- Required: false
+#### --drive-root-folder-id
+
+ID of the root folder.
+Leave blank normally.
+
+Fill in to access "Computers" folders (see docs), or for rclone to use
+a non root folder as its starting point.
+
+
+Properties:
+
+- Config: root_folder_id
+- Env Var: RCLONE_DRIVE_ROOT_FOLDER_ID
+- Type: string
+- Required: false
+
#### --drive-service-account-credentials
Service Account Credentials JSON blob.
@@ -26006,6 +29602,34 @@ Properties:
- Type: bool
- Default: false
+#### --drive-resource-key
+
+Resource key for accessing a link-shared file.
+
+If you need to access files shared with a link like this
+
+ https://drive.google.com/drive/folders/XXX?resourcekey=YYY&usp=sharing
+
+Then you will need to use the first part "XXX" as the "root_folder_id"
+and the second part "YYY" as the "resource_key" otherwise you will get
+404 not found errors when trying to access the directory.
+
+See: https://developers.google.com/drive/api/guides/resource-keys
+
+This resource key requirement only applies to a subset of old files.
+
+Note also that opening the folder once in the web interface (with the
+user you've authenticated rclone with) seems to be enough so that the
+resource key is no needed.
+
+
+Properties:
+
+- Config: resource_key
+- Env Var: RCLONE_DRIVE_RESOURCE_KEY
+- Type: string
+- Required: false
+
#### --drive-encoding
The encoding for the backend.
@@ -26029,7 +29653,7 @@ Run them with
The help below will explain what arguments each command takes.
-See [the "rclone backend" command](https://rclone.org/commands/rclone_backend/) for more
+See the [backend](https://rclone.org/commands/rclone_backend/) command for more
info on how to pass options and arguments.
These can be run on a running backend using the rc command
@@ -26131,7 +29755,7 @@ This will return a JSON list of objects like this
With the -o config parameter it will output the list in a format
suitable for adding to a config file to make aliases for all the
-drives found.
+drives found and a combined drive.
[My Drive]
type = alias
@@ -26141,10 +29765,15 @@ drives found.
type = alias
remote = drive,team_drive=0ABCDEFabcdefghijkl,root_folder_id=:
-Adding this to the rclone config file will cause those team drives to
-be accessible with the aliases shown. This may require manual editing
-of the names.
+ [AllDrives]
+ type = combine
+ upstreams = "My Drive=My Drive:" "Test Drive=Test Drive:"
+Adding this to the rclone config file will cause those team drives to
+be accessible with the aliases shown. Any illegal characters will be
+substituted with "_" and duplicate names will have numbers suffixed.
+It will also add a remote called AllDrives which shows all the shared
+drives combined into one directory tree.
### untrash
@@ -26201,6 +29830,18 @@ attempted if possible.
Use the -i flag to see what would be copied before copying.
+### exportformats
+
+Dump the export formats for debug purposes
+
+ rclone backend exportformats remote: [options] [+]
+
+### importformats
+
+Dump the import formats for debug purposes
+
+ rclone backend importformats remote: [options] [+]
+
## Limitations
@@ -26217,8 +29858,11 @@ and upload the files if you prefer.
### Limitations of Google Docs
-Google docs will appear as size -1 in `rclone ls` and as size 0 in
-anything which uses the VFS layer, e.g. `rclone mount`, `rclone serve`.
+Google docs will appear as size -1 in `rclone ls`, `rclone ncdu` etc,
+and as size 0 in anything which uses the VFS layer, e.g. `rclone mount`
+and `rclone serve`. When calculating directory totals, e.g. in
+`rclone size` and `rclone ncdu`, they will be counted in as empty
+files.
This is because rclone can't find out the size of the Google docs
without downloading them.
@@ -26297,8 +29941,9 @@ enter "Developer Contact Email" (your own email is OK); then click on "Save" (al
Click again on "Credentials" on the left panel to go back to the
"Credentials" screen.
-(PS: if you are a GSuite user, you could also select "Internal" instead
-of "External" above, but this has not been tested/documented so far).
+ (PS: if you are a GSuite user, you could also select "Internal" instead
+of "External" above, but this will restrict API use to Google Workspace
+users in your organisation).
6. Click on the "+ CREATE CREDENTIALS" button at the top of the screen,
then select "OAuth client ID".
@@ -26306,14 +29951,18 @@ then select "OAuth client ID".
7. Choose an application type of "Desktop app" and click "Create". (the default name is fine)
8. It will show you a client ID and client secret. Make a note of these.
+
+ (If you selected "External" at Step 5 continue to "Publish App" in the Steps 9 and 10.
+ If you chose "Internal" you don't need to publish and can skip straight to
+ Step 11.)
9. Go to "Oauth consent screen" and press "Publish App"
-10. Provide the noted client ID and client secret to rclone.
-
-11. Click "OAuth consent screen", then click "PUBLISH APP" button and
+10. Click "OAuth consent screen", then click "PUBLISH APP" button and
confirm, or add your account under "Test users".
+11. Provide the noted client ID and client secret to rclone.
+
Be aware that, due to the "enhanced security" recently introduced by
Google, you are theoretically expected to "submit your app for verification"
and then wait a few weeks(!) for their response; in practice, you can go right
@@ -26389,9 +30038,10 @@ y) Yes
n) No
y/n> n
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -26415,8 +30065,12 @@ d) Delete this remote
y/e/d> y
```
+See the [remote setup docs](https://rclone.org/remote_setup/) for how to set it up on a
+machine with no Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the
-token as returned from Google if you use auto config mode. This only
+token as returned from Google if using web browser to automatically
+authenticate. This only
runs from the moment it opens your browser to the moment you get back
the verification code. This is on `http://127.0.0.1:53682/` and this
may require you to unblock it temporarily if you are running a host
@@ -26552,7 +30206,7 @@ This is similar to the Sharing tab in the Google Photos web interface.
### Standard options
-Here are the standard options specific to google photos (Google Photos).
+Here are the Standard options specific to google photos (Google Photos).
#### --gphotos-client-id
@@ -26596,7 +30250,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to google photos (Google Photos).
+Here are the Advanced options specific to google photos (Google Photos).
#### --gphotos-token
@@ -26795,7 +30449,7 @@ Rclone cannot delete files anywhere except under `album`.
The Google Photos API does not support deleting albums - see [bug #135714733](https://issuetracker.google.com/issues/135714733).
-# Hasher (EXPERIMENTAL)
+# Hasher
Hasher is a special overlay backend to create remotes which handle
checksums for other remotes. It's main functions include:
@@ -26964,7 +30618,7 @@ or by full re-read/re-write of the files.
### Standard options
-Here are the standard options specific to hasher (Better checksums for other remotes).
+Here are the Standard options specific to hasher (Better checksums for other remotes).
#### --hasher-remote
@@ -27001,7 +30655,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to hasher (Better checksums for other remotes).
+Here are the Advanced options specific to hasher (Better checksums for other remotes).
#### --hasher-auto-size
@@ -27014,6 +30668,12 @@ Properties:
- Type: SizeSuffix
- Default: 0
+### Metadata
+
+Any metadata supported by the underlying remote is read and written.
+
+See the [metadata](https://rclone.org/docs/#metadata) docs for more info.
+
## Backend commands
Here are the commands specific to the hasher backend.
@@ -27024,7 +30684,7 @@ Run them with
The help below will explain what arguments each command takes.
-See [the "rclone backend" command](https://rclone.org/commands/rclone_backend/) for more
+See the [backend](https://rclone.org/commands/rclone_backend/) command for more
info on how to pass options and arguments.
These can be run on a running backend using the rc command
@@ -27277,7 +30937,7 @@ Invalid UTF-8 bytes will also be [replaced](https://rclone.org/overview/#invalid
### Standard options
-Here are the standard options specific to hdfs (Hadoop distributed file system).
+Here are the Standard options specific to hdfs (Hadoop distributed file system).
#### --hdfs-namenode
@@ -27308,7 +30968,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to hdfs (Hadoop distributed file system).
+Here are the Advanced options specific to hdfs (Hadoop distributed file system).
#### --hdfs-service-principal-name
@@ -27364,6 +31024,447 @@ Properties:
- No server-side `Move` or `DirMove`.
- Checksums not implemented.
+# HiDrive
+
+Paths are specified as `remote:path`
+
+Paths may be as deep as required, e.g. `remote:directory/subdirectory`.
+
+The initial setup for hidrive involves getting a token from HiDrive
+which you need to do in your browser.
+`rclone config` walks you through it.
+
+## Configuration
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+```
+No remotes found - make a new one
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> remote
+Type of storage to configure.
+Choose a number from below, or type in your own value
+[snip]
+XX / HiDrive
+ \ "hidrive"
+[snip]
+Storage> hidrive
+OAuth Client Id - Leave blank normally.
+client_id>
+OAuth Client Secret - Leave blank normally.
+client_secret>
+Access permissions that rclone should use when requesting access from HiDrive.
+Leave blank normally.
+scope_access>
+Edit advanced config?
+y/n> n
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
+y/n> y
+If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth?state=xxxxxxxxxxxxxxxxxxxxxx
+Log in and authorize rclone for access
+Waiting for code...
+Got code
+--------------------
+[remote]
+type = hidrive
+token = {"access_token":"xxxxxxxxxxxxxxxxxxxx","token_type":"Bearer","refresh_token":"xxxxxxxxxxxxxxxxxxxxxxx","expiry":"xxxxxxxxxxxxxxxxxxxxxxx"}
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+```
+
+**You should be aware that OAuth-tokens can be used to access your account
+and hence should not be shared with other persons.**
+See the [below section](#keeping-your-tokens-safe) for more information.
+
+See the [remote setup docs](https://rclone.org/remote_setup/) for how to set it up on a
+machine with no Internet browser available.
+
+Note that rclone runs a webserver on your local machine to collect the
+token as returned from HiDrive. This only runs from the moment it opens
+your browser to the moment you get back the verification code.
+The webserver runs on `http://127.0.0.1:53682/`.
+If local port `53682` is protected by a firewall you may need to temporarily
+unblock the firewall to complete authorization.
+
+Once configured you can then use `rclone` like this,
+
+List directories in top level of your HiDrive root folder
+
+ rclone lsd remote:
+
+List all the files in your HiDrive filesystem
+
+ rclone ls remote:
+
+To copy a local directory to a HiDrive directory called backup
+
+ rclone copy /home/source remote:backup
+
+### Keeping your tokens safe
+
+Any OAuth-tokens will be stored by rclone in the remote's configuration file as unencrypted text.
+Anyone can use a valid refresh-token to access your HiDrive filesystem without knowing your password.
+Therefore you should make sure no one else can access your configuration.
+
+It is possible to encrypt rclone's configuration file.
+You can find information on securing your configuration file by viewing the [configuration encryption docs](https://rclone.org/docs/#configuration-encryption).
+
+### Invalid refresh token
+
+As can be verified [here](https://developer.hidrive.com/basics-flows/),
+each `refresh_token` (for Native Applications) is valid for 60 days.
+If used to access HiDrivei, its validity will be automatically extended.
+
+This means that if you
+
+ * Don't use the HiDrive remote for 60 days
+
+then rclone will return an error which includes a text
+that implies the refresh token is *invalid* or *expired*.
+
+To fix this you will need to authorize rclone to access your HiDrive account again.
+
+Using
+
+ rclone config reconnect remote:
+
+the process is very similar to the process of initial setup exemplified before.
+
+### Modified time and hashes
+
+HiDrive allows modification times to be set on objects accurate to 1 second.
+
+HiDrive supports [its own hash type](https://static.hidrive.com/dev/0001)
+which is used to verify the integrity of file contents after successful transfers.
+
+### Restricted filename characters
+
+HiDrive cannot store files or folders that include
+`/` (0x2F) or null-bytes (0x00) in their name.
+Any other characters can be used in the names of files or folders.
+Additionally, files or folders cannot be named either of the following: `.` or `..`
+
+Therefore rclone will automatically replace these characters,
+if files or folders are stored or accessed with such names.
+
+You can read about how this filename encoding works in general
+[here](overview/#restricted-filenames).
+
+Keep in mind that HiDrive only supports file or folder names
+with a length of 255 characters or less.
+
+### Transfers
+
+HiDrive limits file sizes per single request to a maximum of 2 GiB.
+To allow storage of larger files and allow for better upload performance,
+the hidrive backend will use a chunked transfer for files larger than 96 MiB.
+Rclone will upload multiple parts/chunks of the file at the same time.
+Chunks in the process of being uploaded are buffered in memory,
+so you may want to restrict this behaviour on systems with limited resources.
+
+You can customize this behaviour using the following options:
+
+* `chunk_size`: size of file parts
+* `upload_cutoff`: files larger or equal to this in size will use a chunked transfer
+* `upload_concurrency`: number of file-parts to upload at the same time
+
+See the below section about configuration options for more details.
+
+### Root folder
+
+You can set the root folder for rclone.
+This is the directory that rclone considers to be the root of your HiDrive.
+
+Usually, you will leave this blank, and rclone will use the root of the account.
+
+However, you can set this to restrict rclone to a specific folder hierarchy.
+
+This works by prepending the contents of the `root_prefix` option
+to any paths accessed by rclone.
+For example, the following two ways to access the home directory are equivalent:
+
+ rclone lsd --hidrive-root-prefix="/users/test/" remote:path
+
+ rclone lsd remote:/users/test/path
+
+See the below section about configuration options for more details.
+
+### Directory member count
+
+By default, rclone will know the number of directory members contained in a directory.
+For example, `rclone lsd` uses this information.
+
+The acquisition of this information will result in additional time costs for HiDrive's API.
+When dealing with large directory structures, it may be desirable to circumvent this time cost,
+especially when this information is not explicitly needed.
+For this, the `disable_fetching_member_count` option can be used.
+
+See the below section about configuration options for more details.
+
+
+### Standard options
+
+Here are the Standard options specific to hidrive (HiDrive).
+
+#### --hidrive-client-id
+
+OAuth Client Id.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_HIDRIVE_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --hidrive-client-secret
+
+OAuth Client Secret.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_HIDRIVE_CLIENT_SECRET
+- Type: string
+- Required: false
+
+#### --hidrive-scope-access
+
+Access permissions that rclone should use when requesting access from HiDrive.
+
+Properties:
+
+- Config: scope_access
+- Env Var: RCLONE_HIDRIVE_SCOPE_ACCESS
+- Type: string
+- Default: "rw"
+- Examples:
+ - "rw"
+ - Read and write access to resources.
+ - "ro"
+ - Read-only access to resources.
+
+### Advanced options
+
+Here are the Advanced options specific to hidrive (HiDrive).
+
+#### --hidrive-token
+
+OAuth Access Token as a JSON blob.
+
+Properties:
+
+- Config: token
+- Env Var: RCLONE_HIDRIVE_TOKEN
+- Type: string
+- Required: false
+
+#### --hidrive-auth-url
+
+Auth server URL.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: auth_url
+- Env Var: RCLONE_HIDRIVE_AUTH_URL
+- Type: string
+- Required: false
+
+#### --hidrive-token-url
+
+Token server url.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: token_url
+- Env Var: RCLONE_HIDRIVE_TOKEN_URL
+- Type: string
+- Required: false
+
+#### --hidrive-scope-role
+
+User-level that rclone should use when requesting access from HiDrive.
+
+Properties:
+
+- Config: scope_role
+- Env Var: RCLONE_HIDRIVE_SCOPE_ROLE
+- Type: string
+- Default: "user"
+- Examples:
+ - "user"
+ - User-level access to management permissions.
+ - This will be sufficient in most cases.
+ - "admin"
+ - Extensive access to management permissions.
+ - "owner"
+ - Full access to management permissions.
+
+#### --hidrive-root-prefix
+
+The root/parent folder for all paths.
+
+Fill in to use the specified folder as the parent for all paths given to the remote.
+This way rclone can use any folder as its starting point.
+
+Properties:
+
+- Config: root_prefix
+- Env Var: RCLONE_HIDRIVE_ROOT_PREFIX
+- Type: string
+- Default: "/"
+- Examples:
+ - "/"
+ - The topmost directory accessible by rclone.
+ - This will be equivalent with "root" if rclone uses a regular HiDrive user account.
+ - "root"
+ - The topmost directory of the HiDrive user account
+ - ""
+ - This specifies that there is no root-prefix for your paths.
+ - When using this you will always need to specify paths to this remote with a valid parent e.g. "remote:/path/to/dir" or "remote:root/path/to/dir".
+
+#### --hidrive-endpoint
+
+Endpoint for the service.
+
+This is the URL that API-calls will be made to.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_HIDRIVE_ENDPOINT
+- Type: string
+- Default: "https://api.hidrive.strato.com/2.1"
+
+#### --hidrive-disable-fetching-member-count
+
+Do not fetch number of objects in directories unless it is absolutely necessary.
+
+Requests may be faster if the number of objects in subdirectories is not fetched.
+
+Properties:
+
+- Config: disable_fetching_member_count
+- Env Var: RCLONE_HIDRIVE_DISABLE_FETCHING_MEMBER_COUNT
+- Type: bool
+- Default: false
+
+#### --hidrive-chunk-size
+
+Chunksize for chunked uploads.
+
+Any files larger than the configured cutoff (or files of unknown size) will be uploaded in chunks of this size.
+
+The upper limit for this is 2147483647 bytes (about 2.000Gi).
+That is the maximum amount of bytes a single upload-operation will support.
+Setting this above the upper limit or to a negative value will cause uploads to fail.
+
+Setting this to larger values may increase the upload speed at the cost of using more memory.
+It can be set to smaller values smaller to save on memory.
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_HIDRIVE_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 48Mi
+
+#### --hidrive-upload-cutoff
+
+Cutoff/Threshold for chunked uploads.
+
+Any files larger than this will be uploaded in chunks of the configured chunksize.
+
+The upper limit for this is 2147483647 bytes (about 2.000Gi).
+That is the maximum amount of bytes a single upload-operation will support.
+Setting this above the upper limit will cause uploads to fail.
+
+Properties:
+
+- Config: upload_cutoff
+- Env Var: RCLONE_HIDRIVE_UPLOAD_CUTOFF
+- Type: SizeSuffix
+- Default: 96Mi
+
+#### --hidrive-upload-concurrency
+
+Concurrency for chunked uploads.
+
+This is the upper limit for how many transfers for the same file are running concurrently.
+Setting this above to a value smaller than 1 will cause uploads to deadlock.
+
+If you are uploading small numbers of large files over high-speed links
+and these uploads do not fully utilize your bandwidth, then increasing
+this may help to speed up the transfers.
+
+Properties:
+
+- Config: upload_concurrency
+- Env Var: RCLONE_HIDRIVE_UPLOAD_CONCURRENCY
+- Type: int
+- Default: 4
+
+#### --hidrive-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_HIDRIVE_ENCODING
+- Type: MultiEncoder
+- Default: Slash,Dot
+
+
+
+## Limitations
+
+### Symbolic links
+
+HiDrive is able to store symbolic links (*symlinks*) by design,
+for example, when unpacked from a zip archive.
+
+There exists no direct mechanism to manage native symlinks in remotes.
+As such this implementation has chosen to ignore any native symlinks present in the remote.
+rclone will not be able to access or show any symlinks stored in the hidrive-remote.
+This means symlinks cannot be individually removed, copied, or moved,
+except when removing, copying, or moving the parent folder.
+
+*This does not affect the `.rclonelink`-files
+that rclone uses to encode and store symbolic links.*
+
+### Sparse files
+
+It is possible to store sparse files in HiDrive.
+
+Note that copying a sparse file will expand the holes
+into null-byte (0x00) regions that will then consume disk space.
+Likewise, when downloading a sparse file,
+the resulting file will have null-byte regions in the place of file holes.
+
# HTTP
The HTTP remote is a read only remote for reading files of a
@@ -27413,7 +31514,7 @@ name> remote
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / http Connection
+XX / HTTP
\ "http"
[snip]
Storage> http
@@ -27487,11 +31588,11 @@ or:
### Standard options
-Here are the standard options specific to http (http Connection).
+Here are the Standard options specific to http (HTTP).
#### --http-url
-URL of http host to connect to.
+URL of HTTP host to connect to.
E.g. "https://example.com", or "https://user:pass@example.com" to use a username and password.
@@ -27504,7 +31605,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to http (http Connection).
+Here are the Advanced options specific to http (HTTP).
#### --http-headers
@@ -27581,219 +31682,255 @@ this capability cannot determine free space for an rclone mount or
use policy `mfs` (most free space) as a member of an rclone union
remote.
-See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features)
-See [rclone about](https://rclone.org/commands/rclone_about/)
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
-# Hubic
+# Internet Archive
-Paths are specified as `remote:path`
+The Internet Archive backend utilizes Items on [archive.org](https://archive.org/)
-Paths are specified as `remote:container` (or `remote:` for the `lsd`
-command.) You may put subdirectories in too, e.g. `remote:container/path/to/dir`.
+Refer to [IAS3 API documentation](https://archive.org/services/docs/api/ias3.html) for the API this backend uses.
-## Configuration
+Paths are specified as `remote:bucket` (or `remote:` for the `lsd`
+command.) You may put subdirectories in too, e.g. `remote:item/path/to/dir`.
-The initial setup for Hubic involves getting a token from Hubic which
-you need to do in your browser. `rclone config` walks you through it.
+Unlike S3, listing up all items uploaded by you isn't supported.
-Here is an example of how to make a remote called `remote`. First run:
+Once you have made a remote, you can use it like this:
- rclone config
+Make a new item
-This will guide you through an interactive setup process:
+ rclone mkdir remote:item
-```
-n) New remote
-s) Set configuration password
-n/s> n
-name> remote
-Type of storage to configure.
-Choose a number from below, or type in your own value
-[snip]
-XX / Hubic
- \ "hubic"
-[snip]
-Storage> hubic
-Hubic Client Id - leave blank normally.
-client_id>
-Hubic Client Secret - leave blank normally.
-client_secret>
-Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
-y) Yes
-n) No
-y/n> y
-If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
-Log in and authorize rclone for access
-Waiting for code...
-Got code
---------------------
-[remote]
-client_id =
-client_secret =
-token = {"access_token":"XXXXXX"}
---------------------
-y) Yes this is OK
-e) Edit this remote
-d) Delete this remote
-y/e/d> y
-```
+List the contents of a item
-See the [remote setup docs](https://rclone.org/remote_setup/) for how to set it up on a
-machine with no Internet browser available.
+ rclone ls remote:item
-Note that rclone runs a webserver on your local machine to collect the
-token as returned from Hubic. This only runs from the moment it opens
-your browser to the moment you get back the verification code. This
-is on `http://127.0.0.1:53682/` and this it may require you to unblock
-it temporarily if you are running a host firewall.
+Sync `/home/local/directory` to the remote item, deleting any excess
+files in the item.
-Once configured you can then use `rclone` like this,
+ rclone sync -i /home/local/directory remote:item
-List containers in the top level of your Hubic
+## Notes
+Because of Internet Archive's architecture, it enqueues write operations (and extra post-processings) in a per-item queue. You can check item's queue at https://catalogd.archive.org/history/item-name-here . Because of that, all uploads/deletes will not show up immediately and takes some time to be available.
+The per-item queue is enqueued to an another queue, Item Deriver Queue. [You can check the status of Item Deriver Queue here.](https://catalogd.archive.org/catalog.php?whereami=1) This queue has a limit, and it may block you from uploading, or even deleting. You should avoid uploading a lot of small files for better behavior.
- rclone lsd remote:
+You can optionally wait for the server's processing to finish, by setting non-zero value to `wait_archive` key.
+By making it wait, rclone can do normal file comparison.
+Make sure to set a large enough value (e.g. `30m0s` for smaller files) as it can take a long time depending on server's queue.
-List all the files in your Hubic
+## About metadata
+This backend supports setting, updating and reading metadata of each file.
+The metadata will appear as file metadata on Internet Archive.
+However, some fields are reserved by both Internet Archive and rclone.
- rclone ls remote:
+The following are reserved by Internet Archive:
+- `name`
+- `source`
+- `size`
+- `md5`
+- `crc32`
+- `sha1`
+- `format`
+- `old_version`
+- `viruscheck`
+- `summation`
-To copy a local directory to an Hubic directory called backup
+Trying to set values to these keys is ignored with a warning.
+Only setting `mtime` is an exception. Doing so make it the identical behavior as setting ModTime.
- rclone copy /home/source remote:backup
+rclone reserves all the keys starting with `rclone-`. Setting value for these keys will give you warnings, but values are set according to request.
-If you want the directory to be visible in the official *Hubic
-browser*, you need to copy your files to the `default` directory
+If there are multiple values for a key, only the first one is returned.
+This is a limitation of rclone, that supports one value per one key.
+It can be triggered when you did a server-side copy.
- rclone copy /home/source remote:default/backup
+Reading metadata will also provide custom (non-standard nor reserved) ones.
-### --fast-list ###
+## Filtering auto generated files
-This remote supports `--fast-list` which allows you to use fewer
-transactions in exchange for more memory. See the [rclone
-docs](https://rclone.org/docs/#fast-list) for more details.
+The Internet Archive automatically creates metadata files after
+upload. These can cause problems when doing an `rclone sync` as rclone
+will try, and fail, to delete them. These metadata files are not
+changeable, as they are created by the Internet Archive automatically.
-### Modified time ###
+These auto-created files can be excluded from the sync using [metadata
+filtering](https://rclone.org/filtering/#metadata).
-The modified time is stored as metadata on the object as
-`X-Object-Meta-Mtime` as floating point since the epoch accurate to 1
-ns.
+ rclone sync ... --metadata-exclude "source=metadata" --metadata-exclude "format=Metadata"
-This is a de facto standard (used in the official python-swiftclient
-amongst others) for storing the modification time for an object.
+Which excludes from the sync any files which have the
+`source=metadata` or `format=Metadata` flags which are added to
+Internet Archive auto-created files.
-Note that Hubic wraps the Swift backend, so most of the properties of
-are the same.
+## Configuration
+Here is an example of making an internetarchive configuration.
+Most applies to the other providers as well, any differences are described [below](#providers).
-### Standard options
+First run
-Here are the standard options specific to hubic (Hubic).
+ rclone config
-#### --hubic-client-id
+This will guide you through an interactive setup process.
-OAuth Client Id.
+```
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> remote
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+XX / InternetArchive Items
+ \ (internetarchive)
+Storage> internetarchive
+Option access_key_id.
+IAS3 Access Key.
+Leave blank for anonymous access.
+You can find one here: https://archive.org/account/s3.php
+Enter a value. Press Enter to leave empty.
+access_key_id> XXXX
+Option secret_access_key.
+IAS3 Secret Key (password).
+Leave blank for anonymous access.
+Enter a value. Press Enter to leave empty.
+secret_access_key> XXXX
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> y
+Option endpoint.
+IAS3 Endpoint.
+Leave blank for default value.
+Enter a string value. Press Enter for the default (https://s3.us.archive.org).
+endpoint>
+Option front_endpoint.
+Host of InternetArchive Frontend.
+Leave blank for default value.
+Enter a string value. Press Enter for the default (https://archive.org).
+front_endpoint>
+Option disable_checksum.
+Don't store MD5 checksum with object metadata.
+Normally rclone will calculate the MD5 checksum of the input before
+uploading it so it can ask the server to check the object against checksum.
+This is great for data integrity checking but can cause long delays for
+large files to start uploading.
+Enter a boolean value (true or false). Press Enter for the default (true).
+disable_checksum> true
+Option encoding.
+The encoding for the backend.
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+Enter a encoder.MultiEncoder value. Press Enter for the default (Slash,Question,Hash,Percent,Del,Ctl,InvalidUtf8,Dot).
+encoding>
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> n
+--------------------
+[remote]
+type = internetarchive
+access_key_id = XXXX
+secret_access_key = XXXX
+--------------------
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+```
-Leave blank normally.
-Properties:
+### Standard options
-- Config: client_id
-- Env Var: RCLONE_HUBIC_CLIENT_ID
-- Type: string
-- Required: false
+Here are the Standard options specific to internetarchive (Internet Archive).
-#### --hubic-client-secret
+#### --internetarchive-access-key-id
-OAuth Client Secret.
+IAS3 Access Key.
-Leave blank normally.
+Leave blank for anonymous access.
+You can find one here: https://archive.org/account/s3.php
Properties:
-- Config: client_secret
-- Env Var: RCLONE_HUBIC_CLIENT_SECRET
+- Config: access_key_id
+- Env Var: RCLONE_INTERNETARCHIVE_ACCESS_KEY_ID
- Type: string
- Required: false
-### Advanced options
-
-Here are the advanced options specific to hubic (Hubic).
+#### --internetarchive-secret-access-key
-#### --hubic-token
+IAS3 Secret Key (password).
-OAuth Access Token as a JSON blob.
+Leave blank for anonymous access.
Properties:
-- Config: token
-- Env Var: RCLONE_HUBIC_TOKEN
+- Config: secret_access_key
+- Env Var: RCLONE_INTERNETARCHIVE_SECRET_ACCESS_KEY
- Type: string
- Required: false
-#### --hubic-auth-url
+### Advanced options
-Auth server URL.
+Here are the Advanced options specific to internetarchive (Internet Archive).
-Leave blank to use the provider defaults.
+#### --internetarchive-endpoint
+
+IAS3 Endpoint.
+
+Leave blank for default value.
Properties:
-- Config: auth_url
-- Env Var: RCLONE_HUBIC_AUTH_URL
+- Config: endpoint
+- Env Var: RCLONE_INTERNETARCHIVE_ENDPOINT
- Type: string
-- Required: false
+- Default: "https://s3.us.archive.org"
-#### --hubic-token-url
+#### --internetarchive-front-endpoint
-Token server url.
+Host of InternetArchive Frontend.
-Leave blank to use the provider defaults.
+Leave blank for default value.
Properties:
-- Config: token_url
-- Env Var: RCLONE_HUBIC_TOKEN_URL
+- Config: front_endpoint
+- Env Var: RCLONE_INTERNETARCHIVE_FRONT_ENDPOINT
- Type: string
-- Required: false
+- Default: "https://archive.org"
-#### --hubic-chunk-size
-
-Above this size files will be chunked into a _segments container.
+#### --internetarchive-disable-checksum
-Above this size files will be chunked into a _segments container. The
-default for this is 5 GiB which is its maximum value.
+Don't ask the server to test against MD5 checksum calculated by rclone.
+Normally rclone will calculate the MD5 checksum of the input before
+uploading it so it can ask the server to check the object against checksum.
+This is great for data integrity checking but can cause long delays for
+large files to start uploading.
Properties:
-- Config: chunk_size
-- Env Var: RCLONE_HUBIC_CHUNK_SIZE
-- Type: SizeSuffix
-- Default: 5Gi
-
-#### --hubic-no-chunk
-
-Don't chunk files during streaming upload.
-
-When doing streaming uploads (e.g. using rcat or mount) setting this
-flag will cause the swift backend to not upload chunked files.
+- Config: disable_checksum
+- Env Var: RCLONE_INTERNETARCHIVE_DISABLE_CHECKSUM
+- Type: bool
+- Default: true
-This will limit the maximum upload size to 5 GiB. However non chunked
-files are easier to deal with and have an MD5SUM.
+#### --internetarchive-wait-archive
-Rclone will still chunk files bigger than chunk_size when doing normal
-copy operations.
+Timeout for waiting the server's processing tasks (specifically archive and book_op) to finish.
+Only enable if you need to be guaranteed to be reflected after write operations.
+0 to disable waiting. No errors to be thrown in case of timeout.
Properties:
-- Config: no_chunk
-- Env Var: RCLONE_HUBIC_NO_CHUNK
-- Type: bool
-- Default: false
+- Config: wait_archive
+- Env Var: RCLONE_INTERNETARCHIVE_WAIT_ARCHIVE
+- Type: Duration
+- Default: 0s
-#### --hubic-encoding
+#### --internetarchive-encoding
The encoding for the backend.
@@ -27802,21 +31939,40 @@ See the [encoding section in the overview](https://rclone.org/overview/#encoding
Properties:
- Config: encoding
-- Env Var: RCLONE_HUBIC_ENCODING
+- Env Var: RCLONE_INTERNETARCHIVE_ENCODING
- Type: MultiEncoder
-- Default: Slash,InvalidUtf8
+- Default: Slash,LtGt,CrLf,Del,Ctl,InvalidUtf8,Dot
+### Metadata
+Metadata fields provided by Internet Archive.
+If there are multiple values for a key, only the first one is returned.
+This is a limitation of Rclone, that supports one value per one key.
-## Limitations
+Owner is able to add custom keys. Metadata feature grabs all the keys including them.
+
+Here are the possible system metadata items for the internetarchive backend.
+
+| Name | Help | Type | Example | Read Only |
+|------|------|------|---------|-----------|
+| crc32 | CRC32 calculated by Internet Archive | string | 01234567 | **Y** |
+| format | Name of format identified by Internet Archive | string | Comma-Separated Values | **Y** |
+| md5 | MD5 hash calculated by Internet Archive | string | 01234567012345670123456701234567 | **Y** |
+| mtime | Time of last modification, managed by Rclone | RFC 3339 | 2006-01-02T15:04:05.999999999Z | **Y** |
+| name | Full file path, without the bucket part | filename | backend/internetarchive/internetarchive.go | **Y** |
+| old_version | Whether the file was replaced and moved by keep-old-version flag | boolean | true | **Y** |
+| rclone-ia-mtime | Time of last modification, managed by Internet Archive | RFC 3339 | 2006-01-02T15:04:05.999999999Z | N |
+| rclone-mtime | Time of last modification, managed by Rclone | RFC 3339 | 2006-01-02T15:04:05.999999999Z | N |
+| rclone-update-track | Random value used by Rclone for tracking changes inside Internet Archive | string | aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa | N |
+| sha1 | SHA1 hash calculated by Internet Archive | string | 0123456701234567012345670123456701234567 | **Y** |
+| size | File size in bytes | decimal number | 123456 | **Y** |
+| source | The source of the file | string | original | **Y** |
+| summation | Check https://forum.rclone.org/t/31922 for how it is used | string | md5 | **Y** |
+| viruscheck | The last time viruscheck process was run for the file (?) | unixtime | 1654191352 | **Y** |
+
+See the [metadata](https://rclone.org/docs/#metadata) docs for more info.
-This uses the normal OpenStack Swift mechanism to refresh the Swift
-API credentials and ignores the expires field returned by the Hubic
-API.
-The Swift API doesn't return a correct MD5SUM for segmented files
-(Dynamic or Static Large Objects) so rclone won't check or use the
-MD5SUM for these.
# Jottacloud
@@ -27833,7 +31989,7 @@ it also provides white-label solutions to different companies, such as:
* Elgiganten Sweden (cloud.elgiganten.se)
* Elgiganten Denmark (cloud.elgiganten.dk)
* Giganti Cloud (cloud.gigantti.fi)
- * ELKO Clouud (cloud.elko.is)
+ * ELKO Cloud (cloud.elko.is)
Most of the white-label versions are supported by this backend, although may require different
authentication setup - described below.
@@ -27849,10 +32005,33 @@ and you have to choose the correct one when setting up the remote.
### Standard authentication
-To configure Jottacloud you will need to generate a personal security token in the Jottacloud web interface.
-You will the option to do in your [account security settings](https://www.jottacloud.com/web/secure)
-(for whitelabel version you need to find this page in its web interface).
-Note that the web interface may refer to this token as a JottaCli token.
+The standard authentication method used by the official service (jottacloud.com), as well as
+some of the whitelabel services, requires you to generate a single-use personal login token
+from the account security settings in the service's web interface. Log in to your account,
+go to "Settings" and then "Security", or use the direct link presented to you by rclone when
+configuring the remote: . Scroll down to the section
+"Personal login token", and click the "Generate" button. Note that if you are using a
+whitelabel service you probably can't use the direct link, you need to find the same page in
+their dedicated web interface, and also it may be in a different location than described above.
+
+To access your account from multiple instances of rclone, you need to configure each of them
+with a separate personal login token. E.g. you create a Jottacloud remote with rclone in one
+location, and copy the configuration file to a second location where you also want to run
+rclone and access the same remote. Then you need to replace the token for one of them, using
+the [config reconnect](https://rclone.org/commands/rclone_config_reconnect/) command, which
+requires you to generate a new personal login token and supply as input. If you do not
+do this, the token may easily end up being invalidated, resulting in both instances failing
+with an error message something along the lines of:
+
+ oauth2: cannot fetch token: 400 Bad Request
+ Response: {"error":"invalid_grant","error_description":"Stale token"}
+
+When this happens, you need to replace the token as described above to be able to use your
+remote again.
+
+All personal login tokens you have taken into use will be listed in the web interface under
+"My logged in devices", and from the right side of that list you can click the "X" button to
+revoke individual tokens.
### Legacy authentication
@@ -27890,60 +32069,83 @@ s) Set configuration password
q) Quit config
n/s/q> n
name> remote
+Option Storage.
Type of storage to configure.
-Enter a string value. Press Enter for the default ("").
-Choose a number from below, or type in your own value
+Choose a number from below, or type in your own value.
[snip]
XX / Jottacloud
- \ "jottacloud"
+ \ (jottacloud)
[snip]
Storage> jottacloud
-** See help for jottacloud backend at: https://rclone.org/jottacloud/ **
-
-Edit advanced config? (y/n)
-y) Yes
-n) No
-y/n> n
-Remote config
-Use legacy authentication?.
-This is only required for certain whitelabel versions of Jottacloud and not recommended for normal users.
+Edit advanced config?
y) Yes
n) No (default)
y/n> n
-
-Generate a personal login token here: https://www.jottacloud.com/web/secure
+Option config_type.
+Select authentication type.
+Choose a number from below, or type in an existing string value.
+Press Enter for the default (standard).
+ / Standard authentication.
+ 1 | Use this if you're a normal Jottacloud user.
+ \ (standard)
+ / Legacy authentication.
+ 2 | This is only required for certain whitelabel versions of Jottacloud and not recommended for normal users.
+ \ (legacy)
+ / Telia Cloud authentication.
+ 3 | Use this if you are using Telia Cloud.
+ \ (telia)
+ / Tele2 Cloud authentication.
+ 4 | Use this if you are using Tele2 Cloud.
+ \ (tele2)
+config_type> 1
+Personal login token.
+Generate here: https://www.jottacloud.com/web/secure
Login Token>
-
-Do you want to use a non standard device/mountpoint e.g. for accessing files uploaded using the official Jottacloud client?
-
+Use a non-standard device/mountpoint?
+Choosing no, the default, will let you access the storage used for the archive
+section of the official Jottacloud client. If you instead want to access the
+sync or the backup section, for example, you must choose yes.
y) Yes
-n) No
+n) No (default)
y/n> y
-Please select the device to use. Normally this will be Jotta
-Choose a number from below, or type in an existing value
+Option config_device.
+The device to use. In standard setup the built-in Jotta device is used,
+which contains predefined mountpoints for archive, sync etc. All other devices
+are treated as backup devices by the official Jottacloud client. You may create
+a new by entering a unique name.
+Choose a number from below, or type in your own string value.
+Press Enter for the default (DESKTOP-3H31129).
1 > DESKTOP-3H31129
2 > Jotta
-Devices> 2
-Please select the mountpoint to user. Normally this will be Archive
-Choose a number from below, or type in an existing value
+config_device> 2
+Option config_mountpoint.
+The mountpoint to use for the built-in device Jotta.
+The standard setup is to use the Archive mountpoint. Most other mountpoints
+have very limited support in rclone and should generally be avoided.
+Choose a number from below, or type in an existing string value.
+Press Enter for the default (Archive).
1 > Archive
- 2 > Links
+ 2 > Shared
3 > Sync
-
-Mountpoints> 1
+config_mountpoint> 1
--------------------
-[jotta]
+[remote]
type = jottacloud
+configVersion = 1
+client_id = jottacli
+client_secret =
+tokenURL = https://id.jottacloud.com/auth/realms/jottacloud/protocol/openid-connect/token
token = {........}
+username = 2940e57271a93d987d6f8a21
device = Jotta
mountpoint = Archive
-configVersion = 1
--------------------
-y) Yes this is OK
+y) Yes this is OK (default)
e) Edit this remote
d) Delete this remote
y/e/d> y
```
+
Once configured you can then use `rclone` like this,
List directories in top level of your Jottacloud
@@ -27960,19 +32162,27 @@ To copy a local directory to an Jottacloud directory called backup
### Devices and Mountpoints
-The official Jottacloud client registers a device for each computer you install it on,
-and then creates a mountpoint for each folder you select for Backup.
-The web interface uses a special device called Jotta for the Archive and Sync mountpoints.
+The official Jottacloud client registers a device for each computer you install
+it on, and shows them in the backup section of the user interface. For each
+folder you select for backup it will create a mountpoint within this device.
+A built-in device called Jotta is special, and contains mountpoints Archive,
+Sync and some others, used for corresponding features in official clients.
-With rclone you'll want to use the Jotta/Archive device/mountpoint in most cases, however if you
-want to access files uploaded by any of the official clients rclone provides the option to select
-other devices and mountpoints during config. Note that uploading files is currently not supported
-to other devices than Jotta.
+With rclone you'll want to use the standard Jotta/Archive device/mountpoint in
+most cases. However, you may for example want to access files from the sync or
+backup functionality provided by the official clients, and rclone therefore
+provides the option to select other devices and mountpoints during config.
-The built-in Jotta device may also contain several other mountpoints, such as: Latest, Links, Shared and Trash.
-These are special mountpoints with a different internal representation than the "regular" mountpoints.
-Rclone will only to a very limited degree support them. Generally you should avoid these, unless you know what you
-are doing.
+You are allowed to create new devices and mountpoints. All devices except the
+built-in Jotta device are treated as backup devices by official Jottacloud
+clients, and the mountpoints on them are individual backup sets.
+
+With the built-in Jotta device, only existing, built-in, mountpoints can be
+selected. In addition to the mentioned Archive and Sync, it may contain
+several other mountpoints such as: Latest, Links, Shared and Trash. All of
+these are special mountpoints with a different internal representation than
+the "regular" mountpoints. Rclone will only to a very limited degree support
+them. Generally you should avoid these, unless you know what you are doing.
### --fast-list
@@ -28050,7 +32260,7 @@ and the current usage.
### Advanced options
-Here are the advanced options specific to jottacloud (Jottacloud).
+Here are the Advanced options specific to jottacloud (Jottacloud).
#### --jottacloud-md5-memory-limit
@@ -28249,7 +32459,7 @@ as they can't be used in XML strings.
### Standard options
-Here are the standard options specific to koofr (Koofr, Digi Storage and other Koofr-compatible storage providers).
+Here are the Standard options specific to koofr (Koofr, Digi Storage and other Koofr-compatible storage providers).
#### --koofr-provider
@@ -28336,7 +32546,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to koofr (Koofr, Digi Storage and other Koofr-compatible storage providers).
+Here are the Advanced options specific to koofr (Koofr, Digi Storage and other Koofr-compatible storage providers).
#### --koofr-mountid
@@ -28551,8 +32761,21 @@ Currently it is recommended to disable 2FA on Mail.ru accounts intended for rclo
## Configuration
-Here is an example of making a mailru configuration. First create a Mail.ru Cloud
-account and choose a tariff, then run
+Here is an example of making a mailru configuration.
+
+First create a Mail.ru Cloud account and choose a tariff.
+
+You will need to log in and create an app password for rclone. Rclone
+**will not work** with your normal username and password - it will
+give an error like `oauth2: server response missing access_token`.
+
+- Click on your user icon in the top right
+- Go to Security / "Пароль и безопасность"
+- Click password for apps / "Пароли для внешних приложений"
+- Add the password - give it a name - eg "rclone"
+- Copy the password and use this password below - your normal login password won't work.
+
+Now run
rclone config
@@ -28578,6 +32801,10 @@ User name (usually email)
Enter a string value. Press Enter for the default ("").
user> username@mail.ru
Password
+
+This must be an app password - rclone will not work with your normal
+password. See the Configuration section in the docs for how to make an
+app password.
y) Yes type in my own password
g) Generate random password
y/g> y
@@ -28683,7 +32910,7 @@ as they can't be used in JSON strings.
### Standard options
-Here are the standard options specific to mailru (Mail.ru Cloud).
+Here are the Standard options specific to mailru (Mail.ru Cloud).
#### --mailru-user
@@ -28700,6 +32927,11 @@ Properties:
Password.
+This must be an app password - rclone will not work with your normal
+password. See the Configuration section in the docs for how to make an
+app password.
+
+
**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
Properties:
@@ -28736,7 +32968,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to mailru (Mail.ru Cloud).
+Here are the Advanced options specific to mailru (Mail.ru Cloud).
#### --mailru-speedup-file-patterns
@@ -28972,6 +33204,44 @@ Use `rclone dedupe` to fix duplicated files.
### Failure to log-in
+#### Object not found
+
+If you are connecting to your Mega remote for the first time,
+to test access and synchronization, you may receive an error such as
+
+```
+Failed to create file system for "my-mega-remote:":
+couldn't login: Object (typically, node or user) not found
+```
+
+The diagnostic steps often recommended in the [rclone forum](https://forum.rclone.org/search?q=mega)
+start with the **MEGAcmd** utility. Note that this refers to
+the official C++ command from https://github.com/meganz/MEGAcmd
+and not the go language built command from t3rm1n4l/megacmd
+that is no longer maintained.
+
+Follow the instructions for installing MEGAcmd and try accessing
+your remote as they recommend. You can establish whether or not
+you can log in using MEGAcmd, and obtain diagnostic information
+to help you, and search or work with others in the forum.
+
+```
+MEGA CMD> login me@example.com
+Password:
+Fetching nodes ...
+Loading transfers from local cache
+Login complete as me@example.com
+me@example.com:/$
+```
+
+Note that some have found issues with passwords containing special
+characters. If you can not log on with rclone, but MEGAcmd logs on
+just fine, then consider changing your password temporarily to
+pure alphanumeric characters, in case that helps.
+
+
+#### Repeated commands blocks access
+
Mega remotes seem to get blocked (reject logins) under "heavy use".
We haven't worked out the exact blocking rules but it seems to be
related to fast paced, successive rclone commands.
@@ -29019,7 +33289,7 @@ have got the remote blocked for a while.
### Standard options
-Here are the standard options specific to mega (Mega).
+Here are the Standard options specific to mega (Mega).
#### --mega-user
@@ -29047,7 +33317,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to mega (Mega).
+Here are the Advanced options specific to mega (Mega).
#### --mega-debug
@@ -29164,8 +33434,7 @@ set](https://rclone.org/overview/#restricted-characters).
- Akamai NetStorage
--------------------------------------------------
+# Akamai NetStorage
Paths are specified as `remote:`
You may put subdirectories in too, e.g. `remote:/path/to/dir`.
@@ -29180,6 +33449,8 @@ See all buckets
rclone lsd remote:
The initial setup for Netstorage involves getting an account and secret. Use `rclone config` to walk you through the setup process.
+## Configuration
+
Here's an example of how to make a remote called `ns1`.
1. To begin the interactive configuration process, enter this command:
@@ -29271,28 +33542,31 @@ y/e/d> y
This remote is called `ns1` and can now be used.
-### Example operations
+## Example operations
+
Get started with rclone and NetStorage with these examples. For additional rclone commands, visit https://rclone.org/commands/.
-##### See contents of a directory in your project
+### See contents of a directory in your project
rclone lsd ns1:/974012/testing/
-##### Sync the contents local with remote
+### Sync the contents local with remote
rclone sync . ns1:/974012/testing/
-##### Upload local content to remote
+### Upload local content to remote
rclone copy notes.txt ns1:/974012/testing/
-##### Delete content on remote
+### Delete content on remote
rclone delete ns1:/974012/testing/notes.txt
-##### Move or copy content between CP codes.
+### Move or copy content between CP codes.
+
Your credentials must have access to two CP codes on the same remote. You can't perform operations between different remotes.
rclone move ns1:/974012/testing/notes.txt ns1:/974450/testing2/
+## Features
### Symlink Support
@@ -29309,11 +33583,11 @@ Individual symlink files on the remote can be used with the commands like "cat"
With NetStorage, directories can exist in one of two forms:
1. **Explicit Directory**. This is an actual, physical directory that you have created in a storage group.
-2. **Implicit Directory**. This refers to a directory within a path that has not been physically created. For example, during upload of a file, non-existent subdirectories can be specified in the target path. NetStorage creates these as "implicit." While the directories aren't physically created, they exist implicitly and the noted path is connected with the uploaded file.
+2. **Implicit Directory**. This refers to a directory within a path that has not been physically created. For example, during upload of a file, nonexistent subdirectories can be specified in the target path. NetStorage creates these as "implicit." While the directories aren't physically created, they exist implicitly and the noted path is connected with the uploaded file.
Rclone will intercept all file uploads and mkdir commands for the NetStorage remote and will explicitly issue the mkdir command for each directory in the uploading path. This will help with the interoperability with the other Akamai services such as SFTP and the Content Management Shell (CMShell). Rclone will not guarantee correctness of operations with implicit directories which might have been created as a result of using an upload API directly.
-### ListR Feature
+### `--fast-list` / ListR support
NetStorage remote supports the ListR feature by using the "list" NetStorage API action to return a lexicographical list of all objects within the specified CP code, recursing into subdirectories as they're encountered.
@@ -29325,7 +33599,7 @@ There are pros and cons of using the ListR method, refer to [rclone documentatio
**Note**: There is a known limitation that "lsf -R" will display number of files in the directory and directory size as -1 when ListR method is used. The workaround is to pass "--disable listR" flag if these numbers are important in the output.
-### Purge Feature
+### Purge
NetStorage remote supports the purge feature by using the "quick-delete" NetStorage API action. The quick-delete action is disabled by default for security reasons and can be enabled for the account through the Akamai portal. Rclone will first try to use quick-delete action for the purge command and if this functionality is disabled then will fall back to a standard delete method.
@@ -29334,7 +33608,7 @@ NetStorage remote supports the purge feature by using the "quick-delete" NetStor
### Standard options
-Here are the standard options specific to netstorage (Akamai NetStorage).
+Here are the Standard options specific to netstorage (Akamai NetStorage).
#### --netstorage-host
@@ -29377,7 +33651,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to netstorage (Akamai NetStorage).
+Here are the Advanced options specific to netstorage (Akamai NetStorage).
#### --netstorage-protocol
@@ -29408,7 +33682,7 @@ Run them with
The help below will explain what arguments each command takes.
-See [the "rclone backend" command](https://rclone.org/commands/rclone_backend/) for more
+See the [backend](https://rclone.org/commands/rclone_backend/) command for more
info on how to pass options and arguments.
These can be run on a running backend using the rc command
@@ -29512,7 +33786,13 @@ docs](https://rclone.org/docs/#fast-list) for more details.
The modified time is stored as metadata on the object with the `mtime`
key. It is stored using RFC3339 Format time with nanosecond
precision. The metadata is supplied during directory listings so
-there is no overhead to using it.
+there is no performance overhead to using it.
+
+If you wish to use the Azure standard `LastModified` time stored on
+the object as the modified time, then use the `--use-server-modtime`
+flag. Note that rclone can't set `LastModified`, so using the
+`--update` flag when syncing is recommended if using
+`--use-server-modtime`.
### Performance
@@ -29548,11 +33828,80 @@ MD5 hashes are stored with blobs. However blobs that were uploaded in
chunks only have an MD5 if the source remote was capable of MD5
hashes, e.g. the local disk.
-### Authenticating with Azure Blob Storage
+### Authentication {#authentication}
+
+There are a number of ways of supplying credentials for Azure Blob
+Storage. Rclone tries them in the order of the sections below.
+
+#### Env Auth
+
+If the `env_auth` config parameter is `true` then rclone will pull
+credentials from the environment or runtime.
+
+It tries these authentication methods in this order:
+
+1. Environment Variables
+2. Managed Service Identity Credentials
+3. Azure CLI credentials (as used by the az tool)
+
+These are described in the following sections
+
+##### Env Auth: 1. Environment Variables
+
+If `env_auth` is set and environment variables are present rclone
+authenticates a service principal with a secret or certificate, or a
+user with a password, depending on which environment variable are set.
+It reads configuration from these variables, in the following order:
+
+1. Service principal with client secret
+ - `AZURE_TENANT_ID`: ID of the service principal's tenant. Also called its "directory" ID.
+ - `AZURE_CLIENT_ID`: the service principal's client ID
+ - `AZURE_CLIENT_SECRET`: one of the service principal's client secrets
+2. Service principal with certificate
+ - `AZURE_TENANT_ID`: ID of the service principal's tenant. Also called its "directory" ID.
+ - `AZURE_CLIENT_ID`: the service principal's client ID
+ - `AZURE_CLIENT_CERTIFICATE_PATH`: path to a PEM or PKCS12 certificate file including the private key.
+ - `AZURE_CLIENT_CERTIFICATE_PASSWORD`: (optional) password for the certificate file.
+ - `AZURE_CLIENT_SEND_CERTIFICATE_CHAIN`: (optional) Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to "true" or "1", authentication requests include the x5c header.
+3. User with username and password
+ - `AZURE_TENANT_ID`: (optional) tenant to authenticate in. Defaults to "organizations".
+ - `AZURE_CLIENT_ID`: client ID of the application the user will authenticate to
+ - `AZURE_USERNAME`: a username (usually an email address)
+ - `AZURE_PASSWORD`: the user's password
+
+##### Env Auth: 2. Managed Service Identity Credentials
+
+When using Managed Service Identity if the VM(SS) on which this
+program is running has a system-assigned identity, it will be used by
+default. If the resource has no system-assigned but exactly one
+user-assigned identity, the user-assigned identity will be used by
+default.
+
+If the resource has multiple user-assigned identities you will need to
+unset `env_auth` and set `use_msi` instead. See the [`use_msi`
+section](#use_msi).
+
+##### Env Auth: 3. Azure CLI credentials (as used by the az tool)
+
+Credentials created with the `az` tool can be picked up using `env_auth`.
+
+For example if you were to login with a service principal like this:
-Rclone has 3 ways of authenticating with Azure Blob Storage:
+ az login --service-principal -u XXX -p XXX --tenant XXX
-#### Account and Key
+Then you could access rclone resources like this:
+
+ rclone lsf :azureblob,env_auth,account=ACCOUNT:CONTAINER
+
+Or
+
+ rclone lsf --azureblob-env-auth --azureblob-acccount=ACCOUNT :azureblob:CONTAINER
+
+Which is analogous to using the `az` tool:
+
+ az storage blob list --container-name CONTAINER --account-name ACCOUNT --auth-mode login
+
+#### Account and Shared Key
This is the most straight forward and least flexible way. Just fill
in the `account` and `key` lines and leave the rest blank.
@@ -29561,7 +33910,7 @@ in the `account` and `key` lines and leave the rest blank.
This can be an account level SAS URL or container level SAS URL.
-To use it leave `account`, `key` blank and fill in `sas_url`.
+To use it leave `account` and `key` blank and fill in `sas_url`.
An account level SAS URL or container level SAS URL can be obtained
from the Azure portal or the Azure Storage Explorer. To get a
@@ -29588,16 +33937,76 @@ Container level SAS URLs are useful for temporarily allowing third
parties access to a single container or putting credentials into an
untrusted environment such as a CI build server.
+#### Service principal with client secret
+
+If these variables are set, rclone will authenticate with a service principal with a client secret.
+
+- `tenant`: ID of the service principal's tenant. Also called its "directory" ID.
+- `client_id`: the service principal's client ID
+- `client_secret`: one of the service principal's client secrets
+
+The credentials can also be placed in a file using the
+`service_principal_file` configuration option.
+
+#### Service principal with certificate
+
+If these variables are set, rclone will authenticate with a service principal with certificate.
+
+- `tenant`: ID of the service principal's tenant. Also called its "directory" ID.
+- `client_id`: the service principal's client ID
+- `client_certificate_path`: path to a PEM or PKCS12 certificate file including the private key.
+- `client_certificate_password`: (optional) password for the certificate file.
+- `client_send_certificate_chain`: (optional) Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to "true" or "1", authentication requests include the x5c header.
+
+**NB** `client_certificate_password` must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+#### User with username and password
+
+If these variables are set, rclone will authenticate with username and password.
+
+- `tenant`: (optional) tenant to authenticate in. Defaults to "organizations".
+- `client_id`: client ID of the application the user will authenticate to
+- `username`: a username (usually an email address)
+- `password`: the user's password
+
+Microsoft doesn't recommend this kind of authentication, because it's
+less secure than other authentication flows. This method is not
+interactive, so it isn't compatible with any form of multi-factor
+authentication, and the application must already have user or admin
+consent. This credential can only authenticate work and school
+accounts; it can't authenticate Microsoft accounts.
+
+**NB** `password` must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+#### Managed Service Identity Credentials {#use_msi}
+
+If `use_msi` is set then managed service identity credentials are
+used. This authentication only works when running in an Azure service.
+`env_auth` needs to be unset to use this.
+
+However if you have multiple user identities to choose from these must
+be explicitly specified using exactly one of the `msi_object_id`,
+`msi_client_id`, or `msi_mi_res_id` parameters.
+
+If none of `msi_object_id`, `msi_client_id`, or `msi_mi_res_id` is
+set, this is is equivalent to using `env_auth`.
+
### Standard options
-Here are the standard options specific to azureblob (Microsoft Azure Blob Storage).
+Here are the Standard options specific to azureblob (Microsoft Azure Blob Storage).
#### --azureblob-account
-Storage Account Name.
+Azure Storage Account Name.
+
+Set this to the Azure Storage Account Name in use.
+
+Leave blank to use SAS URL or Emulator, otherwise it needs to be set.
+
+If this is blank and if env_auth is set it will be read from the
+environment variable `AZURE_STORAGE_ACCOUNT_NAME` if possible.
-Leave blank to use SAS URL or Emulator.
Properties:
@@ -29606,30 +34015,22 @@ Properties:
- Type: string
- Required: false
-#### --azureblob-service-principal-file
-
-Path to file containing credentials for use with a service principal.
-
-Leave blank normally. Needed only if you want to use a service principal instead of interactive login.
-
- $ az ad sp create-for-rbac --name "" \
- --role "Storage Blob Data Owner" \
- --scopes "/subscriptions//resourceGroups//providers/Microsoft.Storage/storageAccounts//blobServices/default/containers/" \
- > azure-principal.json
+#### --azureblob-env-auth
-See ["Create an Azure service principal"](https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli) and ["Assign an Azure role for access to blob data"](https://docs.microsoft.com/en-us/azure/storage/common/storage-auth-aad-rbac-cli) pages for more details.
+Read credentials from runtime (environment variables, CLI or MSI).
+See the [authentication docs](/azureblob#authentication) for full info.
Properties:
-- Config: service_principal_file
-- Env Var: RCLONE_AZUREBLOB_SERVICE_PRINCIPAL_FILE
-- Type: string
-- Required: false
+- Config: env_auth
+- Env Var: RCLONE_AZUREBLOB_ENV_AUTH
+- Type: bool
+- Default: false
#### --azureblob-key
-Storage Account Key.
+Storage Account Shared Key.
Leave blank to use SAS URL or Emulator.
@@ -29653,6 +34054,169 @@ Properties:
- Type: string
- Required: false
+#### --azureblob-tenant
+
+ID of the service principal's tenant. Also called its directory ID.
+
+Set this if using
+- Service principal with client secret
+- Service principal with certificate
+- User with username and password
+
+
+Properties:
+
+- Config: tenant
+- Env Var: RCLONE_AZUREBLOB_TENANT
+- Type: string
+- Required: false
+
+#### --azureblob-client-id
+
+The ID of the client in use.
+
+Set this if using
+- Service principal with client secret
+- Service principal with certificate
+- User with username and password
+
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_AZUREBLOB_CLIENT_ID
+- Type: string
+- Required: false
+
+#### --azureblob-client-secret
+
+One of the service principal's client secrets
+
+Set this if using
+- Service principal with client secret
+
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_AZUREBLOB_CLIENT_SECRET
+- Type: string
+- Required: false
+
+#### --azureblob-client-certificate-path
+
+Path to a PEM or PKCS12 certificate file including the private key.
+
+Set this if using
+- Service principal with certificate
+
+
+Properties:
+
+- Config: client_certificate_path
+- Env Var: RCLONE_AZUREBLOB_CLIENT_CERTIFICATE_PATH
+- Type: string
+- Required: false
+
+#### --azureblob-client-certificate-password
+
+Password for the certificate file (optional).
+
+Optionally set this if using
+- Service principal with certificate
+
+And the certificate has a password.
+
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: client_certificate_password
+- Env Var: RCLONE_AZUREBLOB_CLIENT_CERTIFICATE_PASSWORD
+- Type: string
+- Required: false
+
+### Advanced options
+
+Here are the Advanced options specific to azureblob (Microsoft Azure Blob Storage).
+
+#### --azureblob-client-send-certificate-chain
+
+Send the certificate chain when using certificate auth.
+
+Specifies whether an authentication request will include an x5c header
+to support subject name / issuer based authentication. When set to
+true, authentication requests include the x5c header.
+
+Optionally set this if using
+- Service principal with certificate
+
+
+Properties:
+
+- Config: client_send_certificate_chain
+- Env Var: RCLONE_AZUREBLOB_CLIENT_SEND_CERTIFICATE_CHAIN
+- Type: bool
+- Default: false
+
+#### --azureblob-username
+
+User name (usually an email address)
+
+Set this if using
+- User with username and password
+
+
+Properties:
+
+- Config: username
+- Env Var: RCLONE_AZUREBLOB_USERNAME
+- Type: string
+- Required: false
+
+#### --azureblob-password
+
+The user's password
+
+Set this if using
+- User with username and password
+
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: password
+- Env Var: RCLONE_AZUREBLOB_PASSWORD
+- Type: string
+- Required: false
+
+#### --azureblob-service-principal-file
+
+Path to file containing credentials for use with a service principal.
+
+Leave blank normally. Needed only if you want to use a service principal instead of interactive login.
+
+ $ az ad sp create-for-rbac --name "" \
+ --role "Storage Blob Data Owner" \
+ --scopes "/subscriptions//resourceGroups//providers/Microsoft.Storage/storageAccounts//blobServices/default/containers/" \
+ > azure-principal.json
+
+See ["Create an Azure service principal"](https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli) and ["Assign an Azure role for access to blob data"](https://docs.microsoft.com/en-us/azure/storage/common/storage-auth-aad-rbac-cli) pages for more details.
+
+It may be more convenient to put the credentials directly into the
+rclone config file under the `client_id`, `tenant` and `client_secret`
+keys instead of setting `service_principal_file`.
+
+
+Properties:
+
+- Config: service_principal_file
+- Env Var: RCLONE_AZUREBLOB_SERVICE_PRINCIPAL_FILE
+- Type: string
+- Required: false
+
#### --azureblob-use-msi
Use a managed service identity to authenticate (only works in Azure).
@@ -29673,23 +34237,6 @@ Properties:
- Type: bool
- Default: false
-#### --azureblob-use-emulator
-
-Uses local storage emulator if provided as 'true'.
-
-Leave blank if using real azure storage endpoint.
-
-Properties:
-
-- Config: use_emulator
-- Env Var: RCLONE_AZUREBLOB_USE_EMULATOR
-- Type: bool
-- Default: false
-
-### Advanced options
-
-Here are the advanced options specific to azureblob (Microsoft Azure Blob Storage).
-
#### --azureblob-msi-object-id
Object ID of the user-assigned MSI to use, if any.
@@ -29729,6 +34276,19 @@ Properties:
- Type: string
- Required: false
+#### --azureblob-use-emulator
+
+Uses local storage emulator if provided as 'true'.
+
+Leave blank if using real azure storage endpoint.
+
+Properties:
+
+- Config: use_emulator
+- Env Var: RCLONE_AZUREBLOB_USE_EMULATOR
+- Type: bool
+- Default: false
+
#### --azureblob-endpoint
Endpoint for the service.
@@ -29932,6 +34492,21 @@ Properties:
- "container"
- Allow full public read access for container and blob data.
+#### --azureblob-no-check-container
+
+If set, don't attempt to check the container exists or create it.
+
+This can be useful when trying to minimise the number of transactions
+rclone does if you know the container exists already.
+
+
+Properties:
+
+- Config: no_check_container
+- Env Var: RCLONE_AZUREBLOB_NO_CHECK_CONTAINER
+- Type: bool
+- Default: false
+
#### --azureblob-no-head-object
If set, do not do HEAD before GET when getting objects.
@@ -29945,6 +34520,18 @@ Properties:
+### Custom upload headers
+
+You can set custom upload headers with the `--header-upload` flag.
+
+- Cache-Control
+- Content-Disposition
+- Content-Encoding
+- Content-Language
+- Content-Type
+
+Eg `--header-upload "Content-Type: text/potato"`
+
## Limitations
MD5 sums are only uploaded with chunked files if the source has an MD5
@@ -29955,15 +34542,24 @@ this capability cannot determine free space for an rclone mount or
use policy `mfs` (most free space) as a member of an rclone union
remote.
-See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features)
-See [rclone about](https://rclone.org/commands/rclone_about/)
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
## Azure Storage Emulator Support
-You can test rclone with storage emulator locally, to do this make sure azure storage emulator
-installed locally and set up a new remote with `rclone config` follow instructions described in
-introduction, set `use_emulator` config as `true`, you do not need to provide default account name
-or key if using emulator.
+You can run rclone with the storage emulator (usually _azurite_).
+
+To do this, just set up a new remote with `rclone config` following
+the instructions in the introduction and set `use_emulator` in the
+advanced settings as `true`. You do not need to provide a default
+account name nor an account key. But you can override them in the
+`account` and `key` options. (Prior to v1.61 they were hard coded to
+_azurite_'s `devstoreaccount1`.)
+
+Also, if you want to access a storage emulator instance running on a
+different machine, you can override the `endpoint` parameter in the
+advanced settings, setting it to
+`http(s)://:/devstoreaccount1`
+(e.g. `http://10.254.2.5:10000/devstoreaccount1`).
# Microsoft OneDrive
@@ -30014,9 +34610,10 @@ y) Yes
n) No
y/n> n
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -30082,24 +34679,45 @@ To copy a local directory to an OneDrive directory called backup
### Getting your own Client ID and Key
-You can use your own Client ID if the default (`client_id` left blank)
-one doesn't work for you or you see lots of throttling. The default
-Client ID and Key is shared by all rclone users when performing
-requests.
+rclone uses a default Client ID when talking to OneDrive, unless a custom `client_id` is specified in the config.
+The default Client ID and Key are shared by all rclone users when performing requests.
-If you are having problems with them (E.g., seeing a lot of throttling), you can get your own
-Client ID and Key by following the steps below:
+You may choose to create and use your own Client ID, in case the default one does not work well for you.
+For example, you might see throttling.
+
+#### Creating Client ID for OneDrive Personal
+
+To create your own Client ID, please follow these steps:
1. Open https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade and then click `New registration`.
2. Enter a name for your app, choose account type `Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)`, select `Web` in `Redirect URI`, then type (do not copy and paste) `http://localhost:53682/` and click Register. Copy and keep the `Application (client) ID` under the app name for later use.
3. Under `manage` select `Certificates & secrets`, click `New client secret`. Enter a description (can be anything) and set `Expires` to 24 months. Copy and keep that secret _Value_ for later use (you _won't_ be able to see this value afterwards).
4. Under `manage` select `API permissions`, click `Add a permission` and select `Microsoft Graph` then select `delegated permissions`.
-5. Search and select the following permissions: `Files.Read`, `Files.ReadWrite`, `Files.Read.All`, `Files.ReadWrite.All`, `offline_access`, `User.Read`, and optionally `Sites.Read.All` (see below). Once selected click `Add permissions` at the bottom.
+5. Search and select the following permissions: `Files.Read`, `Files.ReadWrite`, `Files.Read.All`, `Files.ReadWrite.All`, `offline_access`, `User.Read` and `Sites.Read.All` (if custom access scopes are configured, select the permissions accordingly). Once selected click `Add permissions` at the bottom.
Now the application is complete. Run `rclone config` to create or edit a OneDrive remote.
Supply the app ID and password as Client ID and Secret, respectively. rclone will walk you through the remaining steps.
-The `Sites.Read.All` permission is required if you need to [search SharePoint sites when configuring the remote](https://github.com/rclone/rclone/pull/5883). However, if that permission is not assigned, you need to set `disable_site_permission` option to true in the advanced options.
+The access_scopes option allows you to configure the permissions requested by rclone.
+See [Microsoft Docs](https://docs.microsoft.com/en-us/graph/permissions-reference#files-permissions) for more information about the different scopes.
+
+The `Sites.Read.All` permission is required if you need to [search SharePoint sites when configuring the remote](https://github.com/rclone/rclone/pull/5883). However, if that permission is not assigned, you need to exclude `Sites.Read.All` from your access scopes or set `disable_site_permission` option to true in the advanced options.
+
+#### Creating Client ID for OneDrive Business
+
+The steps for OneDrive Personal may or may not work for OneDrive Business, depending on the security settings of the organization.
+A common error is that the publisher of the App is not verified.
+
+You may try to [verify you account](https://docs.microsoft.com/en-us/azure/active-directory/develop/publisher-verification-overview), or try to limit the App to your organization only, as shown below.
+
+1. Make sure to create the App with your business account.
+2. Follow the steps above to create an App. However, we need a different account type here: `Accounts in this organizational directory only (*** - Single tenant)`. Note that you can also change the account type after creating the App.
+3. Find the [tenant ID](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-how-to-find-tenant) of your organization.
+4. In the rclone config, set `auth_url` to `https://login.microsoftonline.com/YOUR_TENANT_ID/oauth2/v2.0/authorize`.
+5. In the rclone config, set `token_url` to `https://login.microsoftonline.com/YOUR_TENANT_ID/oauth2/v2.0/token`.
+
+Note: If you have a special region, you may need a different host in step 4 and 5. Here are [some hints](https://github.com/rclone/rclone/blob/bc23bf11db1c78c6ebbf8ea538fbebf7058b4176/backend/onedrive/onedrive.go#L86).
+
### Modification time and hashes
@@ -30158,7 +34776,7 @@ the OneDrive website.
### Standard options
-Here are the standard options specific to onedrive (Microsoft OneDrive).
+Here are the Standard options specific to onedrive (Microsoft OneDrive).
#### --onedrive-client-id
@@ -30204,11 +34822,11 @@ Properties:
- "de"
- Microsoft Cloud Germany
- "cn"
- - Azure and Office 365 operated by 21Vianet in China
+ - Azure and Office 365 operated by Vnet Group in China
### Advanced options
-Here are the advanced options specific to onedrive (Microsoft OneDrive).
+Here are the Advanced options specific to onedrive (Microsoft OneDrive).
#### --onedrive-token
@@ -30300,6 +34918,28 @@ Properties:
- Type: string
- Required: false
+#### --onedrive-access-scopes
+
+Set scopes to be requested by rclone.
+
+Choose or manually enter a custom space separated list with all scopes, that rclone should request.
+
+
+Properties:
+
+- Config: access_scopes
+- Env Var: RCLONE_ONEDRIVE_ACCESS_SCOPES
+- Type: SpaceSepList
+- Default: Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All Sites.Read.All offline_access
+- Examples:
+ - "Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All Sites.Read.All offline_access"
+ - Read and write access to all resources
+ - "Files.Read Files.Read.All Sites.Read.All offline_access"
+ - Read only access to all resources
+ - "Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All offline_access"
+ - Read and write access to all resources, without the ability to browse SharePoint sites.
+ - Same as if disable_site_permission was set to true
+
#### --onedrive-disable-site-permission
Disable the request for Sites.Read.All permission.
@@ -30487,7 +35127,7 @@ An official document about the limitations for different types of OneDrive can b
## Versions
Every change in a file OneDrive causes the service to create a new
-version of the the file. This counts against a users quota. For
+version of the file. This counts against a users quota. For
example changing the modification time of a file creates a second
version, so the file apparently uses twice the space.
@@ -30591,7 +35231,7 @@ are converted you will no longer need the ignore options above.
It is a [known](https://github.com/OneDrive/onedrive-api-docs/issues/1068) issue
that Sharepoint (not OneDrive or OneDrive for Business) may return "item not
found" errors when users try to replace or delete uploaded files; this seems to
-mainly affect Office files (.docx, .xlsx, etc.). As a workaround, you may use
+mainly affect Office files (.docx, .xlsx, etc.) and web files (.html, .aspx, etc.). As a workaround, you may use
the `--backup-dir ` command line argument so rclone moves the
files to be replaced/deleted into a given backup directory (instead of directly
replacing/deleting them). For example, to instruct rclone to move the files into
@@ -30611,7 +35251,7 @@ Description: Using application 'rclone' is currently not supported for your orga
This means that rclone can't use the OneDrive for Business API with your account. You can't do much about it, maybe write an email to your admins.
-However, there are other ways to interact with your OneDrive account. Have a look at the webdav backend: https://rclone.org/webdav/#sharepoint
+However, there are other ways to interact with your OneDrive account. Have a look at the WebDAV backend: https://rclone.org/webdav/#sharepoint
### invalid\_grant (AADSTS50076) ####
@@ -30632,6 +35272,31 @@ permissions as an admin, take a look at the docs:
[1](https://docs.microsoft.com/en-us/sharepoint/turn-external-sharing-on-or-off),
[2](https://support.microsoft.com/en-us/office/set-up-and-manage-access-requests-94b26e0b-2822-49d4-929a-8455698654b3).
+### Can not access `Shared` with me files
+
+Shared with me files is not supported by rclone [currently](https://github.com/rclone/rclone/issues/4062), but there is a workaround:
+
+1. Visit [https://onedrive.live.com](https://onedrive.live.com/)
+2. Right click a item in `Shared`, then click `Add shortcut to My files` in the context
+
+ Screenshot (Shared with me)
+
+ 
+
+
+3. The shortcut will appear in `My files`, you can access it with rclone, it behaves like a normal folder/file.
+
+ Screenshot (My Files)
+
+ 
+
+
+
+ Screenshot (rclone mount)
+
+ 
+
+
# OpenDrive
Paths are specified as `remote:path`
@@ -30731,7 +35396,7 @@ as they can't be used in JSON strings.
### Standard options
-Here are the standard options specific to opendrive (OpenDrive).
+Here are the Standard options specific to opendrive (OpenDrive).
#### --opendrive-username
@@ -30759,7 +35424,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to opendrive (OpenDrive).
+Here are the Advanced options specific to opendrive (OpenDrive).
#### --opendrive-encoding
@@ -30806,8 +35471,536 @@ this capability cannot determine free space for an rclone mount or
use policy `mfs` (most free space) as a member of an rclone union
remote.
-See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features)
-See [rclone about](https://rclone.org/commands/rclone_about/)
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
+
+# Oracle Object Storage
+
+[Oracle Object Storage Overview](https://docs.oracle.com/en-us/iaas/Content/Object/Concepts/objectstorageoverview.htm)
+
+[Oracle Object Storage FAQ](https://www.oracle.com/cloud/storage/object-storage/faq/)
+
+Paths are specified as `remote:bucket` (or `remote:` for the `lsd`
+command.) You may put subdirectories in too, e.g. `remote:bucket/path/to/dir`.
+
+## Configuration
+
+Here is an example of making an oracle object storage configuration. `rclone config` walks you
+through it.
+
+Here is an example of how to make a remote called `remote`. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+
+```
+n) New remote
+d) Delete remote
+r) Rename remote
+c) Copy remote
+s) Set configuration password
+q) Quit config
+e/n/d/r/c/s/q> n
+
+Enter name for new remote.
+name> remote
+
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+[snip]
+XX / Oracle Cloud Infrastructure Object Storage
+ \ (oracleobjectstorage)
+Storage> oracleobjectstorage
+
+Option provider.
+Choose your Auth Provider
+Choose a number from below, or type in your own string value.
+Press Enter for the default (env_auth).
+ 1 / automatically pickup the credentials from runtime(env), first one to provide auth wins
+ \ (env_auth)
+ / use an OCI user and an API key for authentication.
+ 2 | you’ll need to put in a config file your tenancy OCID, user OCID, region, the path, fingerprint to an API key.
+ | https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm
+ \ (user_principal_auth)
+ / use instance principals to authorize an instance to make API calls.
+ 3 | each instance has its own identity, and authenticates using the certificates that are read from instance metadata.
+ | https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm
+ \ (instance_principal_auth)
+ 4 / use resource principals to make API calls
+ \ (resource_principal_auth)
+ 5 / no credentials needed, this is typically for reading public buckets
+ \ (no_auth)
+provider> 2
+
+Option namespace.
+Object storage namespace
+Enter a value.
+namespace> idbamagbg734
+
+Option compartment.
+Object storage compartment OCID
+Enter a value.
+compartment> ocid1.compartment.oc1..aaaaaaaapufkxc7ame3sthry5i7ujrwfc7ejnthhu6bhanm5oqfjpyasjkba
+
+Option region.
+Object storage Region
+Enter a value.
+region> us-ashburn-1
+
+Option endpoint.
+Endpoint for Object storage API.
+Leave blank to use the default endpoint for the region.
+Enter a value. Press Enter to leave empty.
+endpoint>
+
+Option config_file.
+Path to OCI config file
+Choose a number from below, or type in your own string value.
+Press Enter for the default (~/.oci/config).
+ 1 / oci configuration file location
+ \ (~/.oci/config)
+config_file> /etc/oci/dev.conf
+
+Option config_profile.
+Profile name inside OCI config file
+Choose a number from below, or type in your own string value.
+Press Enter for the default (Default).
+ 1 / Use the default profile
+ \ (Default)
+config_profile> Test
+
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> n
+
+Configuration complete.
+Options:
+- type: oracleobjectstorage
+- namespace: idbamagbg734
+- compartment: ocid1.compartment.oc1..aaaaaaaapufkxc7ame3sthry5i7ujrwfc7ejnthhu6bhanm5oqfjpyasjkba
+- region: us-ashburn-1
+- provider: user_principal_auth
+- config_file: /etc/oci/dev.conf
+- config_profile: Test
+Keep this "remote" remote?
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> y
+```
+
+See all buckets
+
+ rclone lsd remote:
+
+Create a new bucket
+
+ rclone mkdir remote:bucket
+
+List the contents of a bucket
+
+ rclone ls remote:bucket
+ rclone ls remote:bucket --max-depth 1
+
+### Modified time
+
+The modified time is stored as metadata on the object as
+`opc-meta-mtime` as floating point since the epoch, accurate to 1 ns.
+
+If the modification time needs to be updated rclone will attempt to perform a server
+side copy to update the modification if the object can be copied in a single part.
+In the case the object is larger than 5Gb, the object will be uploaded rather than copied.
+
+Note that reading this from the object takes an additional `HEAD` request as the metadata
+isn't returned in object listings.
+
+### Multipart uploads
+
+rclone supports multipart uploads with OOS which means that it can
+upload files bigger than 5 GiB.
+
+Note that files uploaded *both* with multipart upload *and* through
+crypt remotes do not have MD5 sums.
+
+rclone switches from single part uploads to multipart uploads at the
+point specified by `--oos-upload-cutoff`. This can be a maximum of 5 GiB
+and a minimum of 0 (ie always upload multipart files).
+
+The chunk sizes used in the multipart upload are specified by
+`--oos-chunk-size` and the number of chunks uploaded concurrently is
+specified by `--oos-upload-concurrency`.
+
+Multipart uploads will use `--transfers` * `--oos-upload-concurrency` *
+`--oos-chunk-size` extra memory. Single part uploads to not use extra
+memory.
+
+Single part transfers can be faster than multipart transfers or slower
+depending on your latency from oos - the more latency, the more likely
+single part transfers will be faster.
+
+Increasing `--oos-upload-concurrency` will increase throughput (8 would
+be a sensible value) and increasing `--oos-chunk-size` also increases
+throughput (16M would be sensible). Increasing either of these will
+use more memory. The default values are high enough to gain most of
+the possible performance without using too much memory.
+
+
+### Standard options
+
+Here are the Standard options specific to oracleobjectstorage (Oracle Cloud Infrastructure Object Storage).
+
+#### --oos-provider
+
+Choose your Auth Provider
+
+Properties:
+
+- Config: provider
+- Env Var: RCLONE_OOS_PROVIDER
+- Type: string
+- Default: "env_auth"
+- Examples:
+ - "env_auth"
+ - automatically pickup the credentials from runtime(env), first one to provide auth wins
+ - "user_principal_auth"
+ - use an OCI user and an API key for authentication.
+ - you’ll need to put in a config file your tenancy OCID, user OCID, region, the path, fingerprint to an API key.
+ - https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm
+ - "instance_principal_auth"
+ - use instance principals to authorize an instance to make API calls.
+ - each instance has its own identity, and authenticates using the certificates that are read from instance metadata.
+ - https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm
+ - "resource_principal_auth"
+ - use resource principals to make API calls
+ - "no_auth"
+ - no credentials needed, this is typically for reading public buckets
+
+#### --oos-namespace
+
+Object storage namespace
+
+Properties:
+
+- Config: namespace
+- Env Var: RCLONE_OOS_NAMESPACE
+- Type: string
+- Required: true
+
+#### --oos-compartment
+
+Object storage compartment OCID
+
+Properties:
+
+- Config: compartment
+- Env Var: RCLONE_OOS_COMPARTMENT
+- Provider: !no_auth
+- Type: string
+- Required: true
+
+#### --oos-region
+
+Object storage Region
+
+Properties:
+
+- Config: region
+- Env Var: RCLONE_OOS_REGION
+- Type: string
+- Required: true
+
+#### --oos-endpoint
+
+Endpoint for Object storage API.
+
+Leave blank to use the default endpoint for the region.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_OOS_ENDPOINT
+- Type: string
+- Required: false
+
+#### --oos-config-file
+
+Path to OCI config file
+
+Properties:
+
+- Config: config_file
+- Env Var: RCLONE_OOS_CONFIG_FILE
+- Provider: user_principal_auth
+- Type: string
+- Default: "~/.oci/config"
+- Examples:
+ - "~/.oci/config"
+ - oci configuration file location
+
+#### --oos-config-profile
+
+Profile name inside the oci config file
+
+Properties:
+
+- Config: config_profile
+- Env Var: RCLONE_OOS_CONFIG_PROFILE
+- Provider: user_principal_auth
+- Type: string
+- Default: "Default"
+- Examples:
+ - "Default"
+ - Use the default profile
+
+### Advanced options
+
+Here are the Advanced options specific to oracleobjectstorage (Oracle Cloud Infrastructure Object Storage).
+
+#### --oos-upload-cutoff
+
+Cutoff for switching to chunked upload.
+
+Any files larger than this will be uploaded in chunks of chunk_size.
+The minimum is 0 and the maximum is 5 GiB.
+
+Properties:
+
+- Config: upload_cutoff
+- Env Var: RCLONE_OOS_UPLOAD_CUTOFF
+- Type: SizeSuffix
+- Default: 200Mi
+
+#### --oos-chunk-size
+
+Chunk size to use for uploading.
+
+When uploading files larger than upload_cutoff or files with unknown
+size (e.g. from "rclone rcat" or uploaded with "rclone mount" or google
+photos or google docs) they will be uploaded as multipart uploads
+using this chunk size.
+
+Note that "upload_concurrency" chunks of this size are buffered
+in memory per transfer.
+
+If you are transferring large files over high-speed links and you have
+enough memory, then increasing this will speed up the transfers.
+
+Rclone will automatically increase the chunk size when uploading a
+large file of known size to stay below the 10,000 chunks limit.
+
+Files of unknown size are uploaded with the configured
+chunk_size. Since the default chunk size is 5 MiB and there can be at
+most 10,000 chunks, this means that by default the maximum size of
+a file you can stream upload is 48 GiB. If you wish to stream upload
+larger files then you will need to increase chunk_size.
+
+Increasing the chunk size decreases the accuracy of the progress
+statistics displayed with "-P" flag.
+
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_OOS_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 5Mi
+
+#### --oos-upload-concurrency
+
+Concurrency for multipart uploads.
+
+This is the number of chunks of the same file that are uploaded
+concurrently.
+
+If you are uploading small numbers of large files over high-speed links
+and these uploads do not fully utilize your bandwidth, then increasing
+this may help to speed up the transfers.
+
+Properties:
+
+- Config: upload_concurrency
+- Env Var: RCLONE_OOS_UPLOAD_CONCURRENCY
+- Type: int
+- Default: 10
+
+#### --oos-copy-cutoff
+
+Cutoff for switching to multipart copy.
+
+Any files larger than this that need to be server-side copied will be
+copied in chunks of this size.
+
+The minimum is 0 and the maximum is 5 GiB.
+
+Properties:
+
+- Config: copy_cutoff
+- Env Var: RCLONE_OOS_COPY_CUTOFF
+- Type: SizeSuffix
+- Default: 4.656Gi
+
+#### --oos-copy-timeout
+
+Timeout for copy.
+
+Copy is an asynchronous operation, specify timeout to wait for copy to succeed
+
+
+Properties:
+
+- Config: copy_timeout
+- Env Var: RCLONE_OOS_COPY_TIMEOUT
+- Type: Duration
+- Default: 1m0s
+
+#### --oos-disable-checksum
+
+Don't store MD5 checksum with object metadata.
+
+Normally rclone will calculate the MD5 checksum of the input before
+uploading it so it can add it to metadata on the object. This is great
+for data integrity checking but can cause long delays for large files
+to start uploading.
+
+Properties:
+
+- Config: disable_checksum
+- Env Var: RCLONE_OOS_DISABLE_CHECKSUM
+- Type: bool
+- Default: false
+
+#### --oos-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_OOS_ENCODING
+- Type: MultiEncoder
+- Default: Slash,InvalidUtf8,Dot
+
+#### --oos-leave-parts-on-error
+
+If true avoid calling abort upload on a failure, leaving all successfully uploaded parts on S3 for manual recovery.
+
+It should be set to true for resuming uploads across different sessions.
+
+WARNING: Storing parts of an incomplete multipart upload counts towards space usage on object storage and will add
+additional costs if not cleaned up.
+
+
+Properties:
+
+- Config: leave_parts_on_error
+- Env Var: RCLONE_OOS_LEAVE_PARTS_ON_ERROR
+- Type: bool
+- Default: false
+
+#### --oos-no-check-bucket
+
+If set, don't attempt to check the bucket exists or create it.
+
+This can be useful when trying to minimise the number of transactions
+rclone does if you know the bucket exists already.
+
+It can also be needed if the user you are using does not have bucket
+creation permissions.
+
+
+Properties:
+
+- Config: no_check_bucket
+- Env Var: RCLONE_OOS_NO_CHECK_BUCKET
+- Type: bool
+- Default: false
+
+## Backend commands
+
+Here are the commands specific to the oracleobjectstorage backend.
+
+Run them with
+
+ rclone backend COMMAND remote:
+
+The help below will explain what arguments each command takes.
+
+See the [backend](https://rclone.org/commands/rclone_backend/) command for more
+info on how to pass options and arguments.
+
+These can be run on a running backend using the rc command
+[backend/command](https://rclone.org/rc/#backend-command).
+
+### rename
+
+change the name of an object
+
+ rclone backend rename remote: [options] [+]
+
+This command can be used to rename a object.
+
+Usage Examples:
+
+ rclone backend rename oos:bucket relative-object-path-under-bucket object-new-name
+
+
+### list-multipart-uploads
+
+List the unfinished multipart uploads
+
+ rclone backend list-multipart-uploads remote: [options] [+]
+
+This command lists the unfinished multipart uploads in JSON format.
+
+ rclone backend list-multipart-uploads oos:bucket/path/to/object
+
+It returns a dictionary of buckets with values as lists of unfinished
+multipart uploads.
+
+You can call it with no bucket in which case it lists all bucket, with
+a bucket or with a bucket and path.
+
+ {
+ "test-bucket": [
+ {
+ "namespace": "test-namespace",
+ "bucket": "test-bucket",
+ "object": "600m.bin",
+ "uploadId": "51dd8114-52a4-b2f2-c42f-5291f05eb3c8",
+ "timeCreated": "2022-07-29T06:21:16.595Z",
+ "storageTier": "Standard"
+ }
+ ]
+
+
+### cleanup
+
+Remove unfinished multipart uploads.
+
+ rclone backend cleanup remote: [options] [+]
+
+This command removes unfinished multipart uploads of age greater than
+max-age which defaults to 24 hours.
+
+Note that you can use -i/--dry-run with this command to see what it
+would do.
+
+ rclone backend cleanup oos:bucket/path/to/object
+ rclone backend cleanup -o max-age=7w oos:bucket/path/to/object
+
+Durations are parsed as per the rest of rclone, 2h, 7d, 7w etc.
+
+
+Options:
+
+- "max-age": Max age of upload to delete
+
+
# QingStor
@@ -30950,7 +36143,7 @@ as they can't be used in JSON strings.
### Standard options
-Here are the standard options specific to qingstor (QingCloud Object Storage).
+Here are the Standard options specific to qingstor (QingCloud Object Storage).
#### --qingstor-env-auth
@@ -31034,7 +36227,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to qingstor (QingCloud Object Storage).
+Here are the Advanced options specific to qingstor (QingCloud Object Storage).
#### --qingstor-connection-retries
@@ -31124,8 +36317,7 @@ this capability cannot determine free space for an rclone mount or
use policy `mfs` (most free space) as a member of an rclone union
remote.
-See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features)
-See [rclone about](https://rclone.org/commands/rclone_about/)
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
# Sia
@@ -31255,7 +36447,7 @@ rclone copy /home/source mySia:backup
### Standard options
-Here are the standard options specific to sia (Sia Decentralized Cloud).
+Here are the Standard options specific to sia (Sia Decentralized Cloud).
#### --sia-api-url
@@ -31288,7 +36480,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to sia (Sia Decentralized Cloud).
+Here are the Advanced options specific to sia (Sia Decentralized Cloud).
#### --sia-user-agent
@@ -31329,7 +36521,7 @@ Properties:
signs in file names. rclone will transparently [encode](https://rclone.org/overview/#encoding)
them for you, but you'd better be aware
-# Swift
+# Swift
Swift refers to [OpenStack Object Storage](https://docs.openstack.org/swift/latest/).
Commercial implementations of that being:
@@ -31337,7 +36529,7 @@ Commercial implementations of that being:
* [Rackspace Cloud Files](https://www.rackspace.com/cloud/files/)
* [Memset Memstore](https://www.memset.com/cloud/storage/)
* [OVH Object Storage](https://www.ovh.co.uk/public-cloud/storage/object-storage/)
- * [Oracle Cloud Storage](https://cloud.oracle.com/object-storage/buckets)
+ * [Oracle Cloud Storage](https://docs.oracle.com/en-us/iaas/integration/doc/configure-object-storage.html)
* [IBM Bluemix Cloud ObjectStorage Swift](https://console.bluemix.net/docs/infrastructure/objectstorage-swift/index.html)
Paths are specified as `remote:container` (or `remote:` for the `lsd`
@@ -31571,7 +36763,7 @@ as they can't be used in JSON strings.
### Standard options
-Here are the standard options specific to swift (OpenStack Swift (Rackspace Cloud Files, Memset Memstore, OVH)).
+Here are the Standard options specific to swift (OpenStack Swift (Rackspace Cloud Files, Memset Memstore, OVH)).
#### --swift-env-auth
@@ -31811,7 +37003,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to swift (OpenStack Swift (Rackspace Cloud Files, Memset Memstore, OVH)).
+Here are the Advanced options specific to swift (OpenStack Swift (Rackspace Cloud Files, Memset Memstore, OVH)).
#### --swift-leave-parts-on-error
@@ -31860,6 +37052,38 @@ Properties:
- Type: bool
- Default: false
+#### --swift-no-large-objects
+
+Disable support for static and dynamic large objects
+
+Swift cannot transparently store files bigger than 5 GiB. There are
+two schemes for doing that, static or dynamic large objects, and the
+API does not allow rclone to determine whether a file is a static or
+dynamic large object without doing a HEAD on the object. Since these
+need to be treated differently, this means rclone has to issue HEAD
+requests for objects for example when reading checksums.
+
+When `no_large_objects` is set, rclone will assume that there are no
+static or dynamic large objects stored. This means it can stop doing
+the extra HEAD calls which in turn increases performance greatly
+especially when doing a swift to swift transfer with `--checksum` set.
+
+Setting this option implies `no_chunk` and also that no files will be
+uploaded in chunks, so files bigger than 5 GiB will just fail on
+upload.
+
+If you set this option and there *are* static or dynamic large objects,
+then this will give incorrect hashes for them. Downloads will succeed,
+but other operations such as Remove and Copy will fail.
+
+
+Properties:
+
+- Config: no_large_objects
+- Env Var: RCLONE_SWIFT_NO_LARGE_OBJECTS
+- Type: bool
+- Default: false
+
#### --swift-encoding
The encoding for the backend.
@@ -31952,9 +37176,10 @@ client_id>
Pcloud App Client Secret - leave blank normally.
client_secret>
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -32025,6 +37250,13 @@ Deleted files will be moved to the trash. Your subscription level
will determine how long items stay in the trash. `rclone cleanup` can
be used to empty the trash.
+### Emptying the trash
+
+Due to an API limitation, the `rclone cleanup` command will only work if you
+set your username and password in the advanced options for this backend.
+Since we generally want to avoid storing user passwords in the rclone config
+file, we advise you to only set this up if you need the `rclone cleanup` command to work.
+
### Root folder ID
You can set the `root_folder_id` for rclone. This is the directory
@@ -32050,7 +37282,7 @@ the `root_folder_id` in the config.
### Standard options
-Here are the standard options specific to pcloud (Pcloud).
+Here are the Standard options specific to pcloud (Pcloud).
#### --pcloud-client-id
@@ -32080,7 +37312,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to pcloud (Pcloud).
+Here are the Advanced options specific to pcloud (Pcloud).
#### --pcloud-token
@@ -32164,6 +37396,34 @@ Properties:
- "eapi.pcloud.com"
- EU region
+#### --pcloud-username
+
+Your pcloud username.
+
+This is only required when you want to use the cleanup command. Due to a bug
+in the pcloud API the required API does not support OAuth authentication so
+we have to rely on user password authentication for it.
+
+Properties:
+
+- Config: username
+- Env Var: RCLONE_PCLOUD_USERNAME
+- Type: string
+- Required: false
+
+#### --pcloud-password
+
+Your pcloud password.
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: password
+- Env Var: RCLONE_PCLOUD_PASSWORD
+- Type: string
+- Required: false
+
# premiumize.me
@@ -32201,9 +37461,10 @@ Storage> premiumizeme
** See help for premiumizeme backend at: https://rclone.org/premiumizeme/ **
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -32267,7 +37528,7 @@ as they can't be used in JSON strings.
### Standard options
-Here are the standard options specific to premiumizeme (premiumize.me).
+Here are the Standard options specific to premiumizeme (premiumize.me).
#### --premiumizeme-api-key
@@ -32285,7 +37546,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to premiumizeme (premiumize.me).
+Here are the Advanced options specific to premiumizeme (premiumize.me).
#### --premiumizeme-encoding
@@ -32350,9 +37611,10 @@ Storage> putio
** See help for putio backend at: https://rclone.org/putio/ **
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -32385,8 +37647,12 @@ q) Quit config
e/n/d/r/c/s/q> q
```
+See the [remote setup docs](https://rclone.org/remote_setup/) for how to set it up on a
+machine with no Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the
-token as returned from Google if you use auto config mode. This only
+token as returned from put.io if using web browser to automatically
+authenticate. This only
runs from the moment it opens your browser to the moment you get back
the verification code. This is on `http://127.0.0.1:53682/` and this
it may require you to unblock it temporarily if you are running a host
@@ -32421,7 +37687,7 @@ as they can't be used in JSON strings.
### Advanced options
-Here are the advanced options specific to putio (Put.io).
+Here are the Advanced options specific to putio (Put.io).
#### --putio-encoding
@@ -32438,7 +37704,16 @@ Properties:
-# Seafile
+## Limitations
+
+put.io has rate limiting. When you hit a limit, rclone automatically
+retries after waiting the amount of time requested by the server.
+
+If you want to avoid ever hitting these limits, you may use the
+`--tpslimit` flag with a low number. Note that the imposed limits
+may be different for different operations, and may change over time.
+
+# Seafile
This is a backend for the [Seafile](https://www.seafile.com/) storage service:
- It works with both the free community edition or the professional edition.
@@ -32701,7 +37976,7 @@ Versions between 6.0 and 6.3 haven't been tested and might not work properly.
### Standard options
-Here are the standard options specific to seafile (seafile).
+Here are the Standard options specific to seafile (seafile).
#### --seafile-url
@@ -32793,7 +38068,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to seafile (seafile).
+Here are the Advanced options specific to seafile (seafile).
#### --seafile-create-library
@@ -32829,7 +38104,7 @@ Protocol](https://en.wikipedia.org/wiki/SSH_File_Transfer_Protocol).
The SFTP backend can be used with a number of different providers:
-- C14
+- Hetzner Storage Box
- rsync.net
@@ -32839,14 +38114,17 @@ SSH installations.
Paths are specified as `remote:path`. If the path does not begin with
a `/` it is relative to the home directory of the user. An empty path
`remote:` refers to the user's home directory. For example, `rclone lsd remote:`
-would list the home directory of the user cofigured in the rclone remote config
+would list the home directory of the user configured in the rclone remote config
(`i.e /home/sftpuser`). However, `rclone lsd remote:/` would list the root
directory for remote machine (i.e. `/`)
Note that some SFTP servers will need the leading / - Synology is a
-good example of this. rsync.net, on the other hand, requires users to
+good example of this. rsync.net and Hetzner, on the other hand, requires users to
OMIT the leading /.
+Note that by default rclone will try to execute shell commands on
+the server, see [shell access considerations](#shell-access-considerations).
+
## Configuration
Here is an example of making an SFTP configuration. First run
@@ -32865,7 +38143,7 @@ name> remote
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / SSH/SFTP Connection
+XX / SSH/SFTP
\ "sftp"
[snip]
Storage> sftp
@@ -33063,6 +38341,116 @@ And then at the end of the session
These commands can be used in scripts of course.
+### Shell access
+
+Some functionality of the SFTP backend relies on remote shell access,
+and the possibility to execute commands. This includes [checksum](#checksum),
+and in some cases also [about](#about-command). The shell commands that
+must be executed may be different on different type of shells, and also
+quoting/escaping of file path arguments containing special characters may
+be different. Rclone therefore needs to know what type of shell it is,
+and if shell access is available at all.
+
+Most servers run on some version of Unix, and then a basic Unix shell can
+be assumed, without further distinction. Windows 10, Server 2019, and later
+can also run a SSH server, which is a port of OpenSSH (see official
+[installation guide](https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse)). On a Windows server the shell handling is different: Although it can also
+be set up to use a Unix type shell, e.g. Cygwin bash, the default is to
+use Windows Command Prompt (cmd.exe), and PowerShell is a recommended
+alternative. All of these have behave differently, which rclone must handle.
+
+Rclone tries to auto-detect what type of shell is used on the server,
+first time you access the SFTP remote. If a remote shell session is
+successfully created, it will look for indications that it is CMD or
+PowerShell, with fall-back to Unix if not something else is detected.
+If unable to even create a remote shell session, then shell command
+execution will be disabled entirely. The result is stored in the SFTP
+remote configuration, in option `shell_type`, so that the auto-detection
+only have to be performed once. If you manually set a value for this
+option before first run, the auto-detection will be skipped, and if
+you set a different value later this will override any existing.
+Value `none` can be set to avoid any attempts at executing shell
+commands, e.g. if this is not allowed on the server.
+
+When the server is [rclone serve sftp](https://rclone.org/commands/rclone_serve_sftp/),
+the rclone SFTP remote will detect this as a Unix type shell - even
+if it is running on Windows. This server does not actually have a shell,
+but it accepts input commands matching the specific ones that the
+SFTP backend relies on for Unix shells, e.g. `md5sum` and `df`. Also
+it handles the string escape rules used for Unix shell. Treating it
+as a Unix type shell from a SFTP remote will therefore always be
+correct, and support all features.
+
+#### Shell access considerations
+
+The shell type auto-detection logic, described above, means that
+by default rclone will try to run a shell command the first time
+a new sftp remote is accessed. If you configure a sftp remote
+without a config file, e.g. an [on the fly](https://rclone.org/docs/#backend-path-to-dir])
+remote, rclone will have nowhere to store the result, and it
+will re-run the command on every access. To avoid this you should
+explicitly set the `shell_type` option to the correct value,
+or to `none` if you want to prevent rclone from executing any
+remote shell commands.
+
+It is also important to note that, since the shell type decides
+how quoting and escaping of file paths used as command-line arguments
+are performed, configuring the wrong shell type may leave you exposed
+to command injection exploits. Make sure to confirm the auto-detected
+shell type, or explicitly set the shell type you know is correct,
+or disable shell access until you know.
+
+### Checksum
+
+SFTP does not natively support checksums (file hash), but rclone
+is able to use checksumming if the same login has shell access,
+and can execute remote commands. If there is a command that can
+calculate compatible checksums on the remote system, Rclone can
+then be configured to execute this whenever a checksum is needed,
+and read back the results. Currently MD5 and SHA-1 are supported.
+
+Normally this requires an external utility being available on
+the server. By default rclone will try commands `md5sum`, `md5`
+and `rclone md5sum` for MD5 checksums, and the first one found usable
+will be picked. Same with `sha1sum`, `sha1` and `rclone sha1sum`
+commands for SHA-1 checksums. These utilities normally need to
+be in the remote's PATH to be found.
+
+In some cases the shell itself is capable of calculating checksums.
+PowerShell is an example of such a shell. If rclone detects that the
+remote shell is PowerShell, which means it most probably is a
+Windows OpenSSH server, rclone will use a predefined script block
+to produce the checksums when no external checksum commands are found
+(see [shell access](#shell-access)). This assumes PowerShell version
+4.0 or newer.
+
+The options `md5sum_command` and `sha1_command` can be used to customize
+the command to be executed for calculation of checksums. You can for
+example set a specific path to where md5sum and sha1sum executables
+are located, or use them to specify some other tools that print checksums
+in compatible format. The value can include command-line arguments,
+or even shell script blocks as with PowerShell. Rclone has subcommands
+[md5sum](https://rclone.org/commands/rclone_md5sum/) and [sha1sum](https://rclone.org/commands/rclone_sha1sum/)
+that use compatible format, which means if you have an rclone executable
+on the server it can be used. As mentioned above, they will be automatically
+picked up if found in PATH, but if not you can set something like
+`/path/to/rclone md5sum` as the value of option `md5sum_command` to
+make sure a specific executable is used.
+
+Remote checksumming is recommended and enabled by default. First time
+rclone is using a SFTP remote, if options `md5sum_command` or `sha1_command`
+are not set, it will check if any of the default commands for each of them,
+as described above, can be used. The result will be saved in the remote
+configuration, so next time it will use the same. Value `none`
+will be set if none of the default commands could be used for a specific
+algorithm, and this algorithm will not be supported by the remote.
+
+Disabling the checksumming may be required if you are connecting to SFTP servers
+which are not under your control, and to which the execution of remote shell
+commands is prohibited. Set the configuration option `disable_hashcheck`
+to `true` to disable checksumming entirely, or set `shell_type` to `none`
+to disable all functionality based on remote shell command execution.
+
### Modified time
Modified times are stored on the server to 1 second precision.
@@ -33074,10 +38462,26 @@ upload (for example, certain configurations of ProFTPd with mod_sftp). If you
are using one of these servers, you can set the option `set_modtime = false` in
your RClone backend configuration to disable this behaviour.
+### About command
+
+The `about` command returns the total space, free space, and used
+space on the remote for the disk of the specified path on the remote or,
+if not set, the disk of the root on the remote.
+
+SFTP usually supports the [about](https://rclone.org/commands/rclone_about/) command, but
+it depends on the server. If the server implements the vendor-specific
+VFS statistics extension, which is normally the case with OpenSSH instances,
+it will be used. If not, but the same login has access to a Unix shell,
+where the `df` command is available (e.g. in the remote's PATH), then
+this will be used instead. If the server shell is PowerShell, probably
+with a Windows OpenSSH server, rclone will use a built-in shell command
+(see [shell access](#shell-access)). If none of the above is applicable,
+`about` will fail.
+
### Standard options
-Here are the standard options specific to sftp (SSH/SFTP Connection).
+Here are the Standard options specific to sftp (SSH/SFTP).
#### --sftp-host
@@ -33203,7 +38607,7 @@ Properties:
#### --sftp-use-insecure-cipher
-Enable the use of insecure ciphers and key exchange methods.
+Enable the use of insecure ciphers and key exchange methods.
This enables the use of the following insecure ciphers and key exchange methods:
@@ -33216,6 +38620,9 @@ This enables the use of the following insecure ciphers and key exchange methods:
Those algorithms are insecure and may allow plaintext data to be recovered by an attacker.
+This must be false if you use either ciphers or key_exchange advanced options.
+
+
Properties:
- Config: use_insecure_cipher
@@ -33243,7 +38650,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to sftp (SSH/SFTP Connection).
+Here are the Advanced options specific to sftp (SSH/SFTP).
#### --sftp-known-hosts-file
@@ -33281,16 +38688,16 @@ Properties:
#### --sftp-path-override
-Override path used by SSH connection.
+Override path used by SSH shell commands.
This allows checksum calculation when SFTP and SSH paths are
different. This issue affects among others Synology NAS boxes.
-Shared folders can be found in directories representing volumes
+E.g. if shared folders can be found in directories representing volumes:
rclone sync /home/local/directory remote:/directory --sftp-path-override /volume2/directory
-Home directory can be found in a shared folder called "home"
+E.g. if home directory can be found in a shared folder called "home":
rclone sync /home/local/directory remote:/home/directory --sftp-path-override /volume1/homes/USER/directory
@@ -33312,6 +38719,28 @@ Properties:
- Type: bool
- Default: true
+#### --sftp-shell-type
+
+The type of SSH shell on remote server, if any.
+
+Leave blank for autodetect.
+
+Properties:
+
+- Config: shell_type
+- Env Var: RCLONE_SFTP_SHELL_TYPE
+- Type: string
+- Required: false
+- Examples:
+ - "none"
+ - No shell access
+ - "unix"
+ - Unix shell
+ - "powershell"
+ - PowerShell
+ - "cmd"
+ - Windows Command Prompt
+
#### --sftp-md5sum-command
The command used to read md5 hashes.
@@ -33452,29 +38881,145 @@ Properties:
- Type: Duration
- Default: 1m0s
+#### --sftp-chunk-size
+
+Upload and download chunk size.
+
+This controls the maximum size of payload in SFTP protocol packets.
+The RFC limits this to 32768 bytes (32k), which is the default. However,
+a lot of servers support larger sizes, typically limited to a maximum
+total package size of 256k, and setting it larger will increase transfer
+speed dramatically on high latency links. This includes OpenSSH, and,
+for example, using the value of 255k works well, leaving plenty of room
+for overhead while still being within a total packet size of 256k.
+
+Make sure to test thoroughly before using a value higher than 32k,
+and only use it if you always connect to the same server or after
+sufficiently broad testing. If you get errors such as
+"failed to send packet payload: EOF", lots of "connection lost",
+or "corrupted on transfer", when copying a larger file, try lowering
+the value. The server run by [rclone serve sftp](/commands/rclone_serve_sftp)
+sends packets with standard 32k maximum payload so you must not
+set a different chunk_size when downloading files, but it accepts
+packets up to the 256k total size, so for uploads the chunk_size
+can be set as for the OpenSSH example above.
+
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_SFTP_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 32Ki
+
+#### --sftp-concurrency
+
+The maximum number of outstanding requests for one file
+
+This controls the maximum number of outstanding requests for one file.
+Increasing it will increase throughput on high latency links at the
+cost of using more memory.
+
+
+Properties:
+
+- Config: concurrency
+- Env Var: RCLONE_SFTP_CONCURRENCY
+- Type: int
+- Default: 64
+
+#### --sftp-set-env
+
+Environment variables to pass to sftp and commands
+
+Set environment variables in the form:
+
+ VAR=value
+
+to be passed to the sftp client and to any commands run (eg md5sum).
+
+Pass multiple variables space separated, eg
+
+ VAR1=value VAR2=value
+
+and pass variables with spaces in in quotes, eg
+
+ "VAR3=value with space" "VAR4=value with space" VAR5=nospacehere
+
+
+
+Properties:
+
+- Config: set_env
+- Env Var: RCLONE_SFTP_SET_ENV
+- Type: SpaceSepList
+- Default:
+
+#### --sftp-ciphers
+
+Space separated list of ciphers to be used for session encryption, ordered by preference.
+
+At least one must match with server configuration. This can be checked for example using ssh -Q cipher.
+
+This must not be set if use_insecure_cipher is true.
+
+Example:
+
+ aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com aes256-gcm@openssh.com
+
+
+Properties:
+
+- Config: ciphers
+- Env Var: RCLONE_SFTP_CIPHERS
+- Type: SpaceSepList
+- Default:
+
+#### --sftp-key-exchange
+
+Space separated list of key exchange algorithms, ordered by preference.
+
+At least one must match with server configuration. This can be checked for example using ssh -Q kex.
+
+This must not be set if use_insecure_cipher is true.
+
+Example:
+
+ sntrup761x25519-sha512@openssh.com curve25519-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256
+
+
+Properties:
+
+- Config: key_exchange
+- Env Var: RCLONE_SFTP_KEY_EXCHANGE
+- Type: SpaceSepList
+- Default:
+
+#### --sftp-macs
+
+Space separated list of MACs (message authentication code) algorithms, ordered by preference.
+
+At least one must match with server configuration. This can be checked for example using ssh -Q mac.
+
+Example:
+
+ umac-64-etm@openssh.com umac-128-etm@openssh.com hmac-sha2-256-etm@openssh.com
+
+
+Properties:
+
+- Config: macs
+- Env Var: RCLONE_SFTP_MACS
+- Type: SpaceSepList
+- Default:
+
## Limitations
-SFTP supports checksums if the same login has shell access and `md5sum`
-or `sha1sum` as well as `echo` are in the remote's PATH.
-This remote checksumming (file hashing) is recommended and enabled by default.
-Disabling the checksumming may be required if you are connecting to SFTP servers
-which are not under your control, and to which the execution of remote commands
-is prohibited. Set the configuration option `disable_hashcheck` to `true` to
-disable checksumming.
-
-SFTP also supports `about` if the same login has shell
-access and `df` are in the remote's PATH. `about` will
-return the total space, free space, and used space on the remote
-for the disk of the specified path on the remote or, if not set,
-the disk of the root on the remote.
-`about` will fail if it does not have shell
-access or if `df` is not in the remote's PATH.
-
-Note that some SFTP servers (e.g. Synology) the paths are different for
-SSH and SFTP so the hashes can't be calculated properly. For them
-using `disable_hashcheck` is a good idea.
+On some SFTP servers (e.g. Synology) the paths are different
+for SSH and SFTP so the hashes can't be calculated properly.
+For them using `disable_hashcheck` is a good idea.
The only ssh agent supported under Windows is Putty's pageant.
@@ -33489,22 +39034,248 @@ SFTP isn't supported under plan9 until [this
issue](https://github.com/pkg/sftp/issues/156) is fixed.
Note that since SFTP isn't HTTP based the following flags don't work
-with it: `--dump-headers`, `--dump-bodies`, `--dump-auth`
+with it: `--dump-headers`, `--dump-bodies`, `--dump-auth`.
Note that `--timeout` and `--contimeout` are both supported.
+## rsync.net {#rsync-net}
-## C14 {#c14}
+rsync.net is supported through the SFTP backend.
-C14 is supported through the SFTP backend.
+See [rsync.net's documentation of rclone examples](https://www.rsync.net/products/rclone.html).
-See [C14's documentation](https://www.online.net/en/storage/c14-cold-storage)
+## Hetzner Storage Box {#hetzner-storage-box}
-## rsync.net {#rsync-net}
+Hetzner Storage Boxes are supported through the SFTP backend on port 23.
+
+See [Hetzner's documentation for details](https://docs.hetzner.com/robot/storage-box/access/access-ssh-rsync-borg#rclone)
+
+# SMB
+
+SMB is [a communication protocol to share files over network](https://en.wikipedia.org/wiki/Server_Message_Block).
+
+This relies on [go-smb2 library](https://github.com/hirochachacha/go-smb2/) for communication with SMB protocol.
+
+Paths are specified as `remote:sharename` (or `remote:` for the `lsd`
+command.) You may put subdirectories in too, e.g. `remote:item/path/to/dir`.
+
+## Notes
+
+The first path segment must be the name of the share, which you entered when you started to share on Windows. On smbd, it's the section title in `smb.conf` (usually in `/etc/samba/`) file.
+You can find shares by quering the root if you're unsure (e.g. `rclone lsd remote:`).
+
+You can't access to the shared printers from rclone, obviously.
+
+You can't use Anonymous access for logging in. You have to use the `guest` user with an empty password instead.
+The rclone client tries to avoid 8.3 names when uploading files by encoding trailing spaces and periods.
+Alternatively, [the local backend](https://rclone.org/local/#paths-on-windows) on Windows can access SMB servers using UNC paths, by `\\server\share`. This doesn't apply to non-Windows OSes, such as Linux and macOS.
+
+## Configuration
+
+Here is an example of making a SMB configuration.
+
+First run
+
+ rclone config
+
+This will guide you through an interactive setup process.
+
+```
+No remotes found, make a new one?
+n) New remote
+s) Set configuration password
+q) Quit config
+n/s/q> n
+name> remote
+Option Storage.
+Type of storage to configure.
+Choose a number from below, or type in your own value.
+XX / SMB / CIFS
+ \ (smb)
+Storage> smb
+
+Option host.
+Samba hostname to connect to.
+E.g. "example.com".
+Enter a value.
+host> localhost
+
+Option user.
+Samba username.
+Enter a string value. Press Enter for the default (lesmi).
+user> guest
+
+Option port.
+Samba port number.
+Enter a signed integer. Press Enter for the default (445).
+port>
+
+Option pass.
+Samba password.
+Choose an alternative below. Press Enter for the default (n).
+y) Yes, type in my own password
+g) Generate random password
+n) No, leave this optional password blank (default)
+y/g/n> g
+Password strength in bits.
+64 is just about memorable
+128 is secure
+1024 is the maximum
+Bits> 64
+Your password is: XXXX
+Use this password? Please note that an obscured version of this
+password (and not the password itself) will be stored under your
+configuration file, so keep this generated password in a safe place.
+y) Yes (default)
+n) No
+y/n> y
+
+Option domain.
+Domain name for NTLM authentication.
+Enter a string value. Press Enter for the default (WORKGROUP).
+domain>
+
+Edit advanced config?
+y) Yes
+n) No (default)
+y/n> n
+
+Configuration complete.
+Options:
+- type: samba
+- host: localhost
+- user: guest
+- pass: *** ENCRYPTED ***
+Keep this "remote" remote?
+y) Yes this is OK (default)
+e) Edit this remote
+d) Delete this remote
+y/e/d> d
+```
+
+
+### Standard options
+
+Here are the Standard options specific to smb (SMB / CIFS).
+
+#### --smb-host
+
+SMB server hostname to connect to.
+
+E.g. "example.com".
+
+Properties:
+
+- Config: host
+- Env Var: RCLONE_SMB_HOST
+- Type: string
+- Required: true
+
+#### --smb-user
+
+SMB username.
+
+Properties:
+
+- Config: user
+- Env Var: RCLONE_SMB_USER
+- Type: string
+- Default: "$USER"
+
+#### --smb-port
+
+SMB port number.
+
+Properties:
+
+- Config: port
+- Env Var: RCLONE_SMB_PORT
+- Type: int
+- Default: 445
+
+#### --smb-pass
+
+SMB password.
+
+**NB** Input to this must be obscured - see [rclone obscure](https://rclone.org/commands/rclone_obscure/).
+
+Properties:
+
+- Config: pass
+- Env Var: RCLONE_SMB_PASS
+- Type: string
+- Required: false
+
+#### --smb-domain
+
+Domain name for NTLM authentication.
+
+Properties:
+
+- Config: domain
+- Env Var: RCLONE_SMB_DOMAIN
+- Type: string
+- Default: "WORKGROUP"
+
+### Advanced options
+
+Here are the Advanced options specific to smb (SMB / CIFS).
+
+#### --smb-idle-timeout
+
+Max time before closing idle connections.
+
+If no connections have been returned to the connection pool in the time
+given, rclone will empty the connection pool.
+
+Set to 0 to keep connections indefinitely.
+
+
+Properties:
+
+- Config: idle_timeout
+- Env Var: RCLONE_SMB_IDLE_TIMEOUT
+- Type: Duration
+- Default: 1m0s
+
+#### --smb-hide-special-share
+
+Hide special shares (e.g. print$) which users aren't supposed to access.
+
+Properties:
+
+- Config: hide_special_share
+- Env Var: RCLONE_SMB_HIDE_SPECIAL_SHARE
+- Type: bool
+- Default: true
+
+#### --smb-case-insensitive
+
+Whether the server is configured to be case-insensitive.
+
+Always true on Windows shares.
+
+Properties:
+
+- Config: case_insensitive
+- Env Var: RCLONE_SMB_CASE_INSENSITIVE
+- Type: bool
+- Default: true
+
+#### --smb-encoding
+
+The encoding for the backend.
+
+See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_SMB_ENCODING
+- Type: MultiEncoder
+- Default: Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,RightSpace,RightPeriod,InvalidUtf8,Dot
-rsync.net is supported through the SFTP backend.
-See [rsync.net's documentation of rclone examples](https://www.rsync.net/products/rclone.html).
# Storj
@@ -33718,7 +39489,7 @@ y/e/d> y
### Standard options
-Here are the standard options specific to storj (Storj Decentralized Cloud Storage).
+Here are the Standard options specific to storj (Storj Decentralized Cloud Storage).
#### --storj-provider
@@ -33918,8 +39689,7 @@ this capability cannot determine free space for an rclone mount or
use policy `mfs` (most free space) as a member of an rclone union
remote.
-See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features)
-See [rclone about](https://rclone.org/commands/rclone_about/)
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
## Known issues
@@ -34047,7 +39817,7 @@ deleted straight away.
### Standard options
-Here are the standard options specific to sugarsync (Sugarsync).
+Here are the Standard options specific to sugarsync (Sugarsync).
#### --sugarsync-app-id
@@ -34102,7 +39872,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to sugarsync (Sugarsync).
+Here are the Advanced options specific to sugarsync (Sugarsync).
#### --sugarsync-refresh-token
@@ -34204,8 +39974,7 @@ this capability cannot determine free space for an rclone mount or
use policy `mfs` (most free space) as a member of an rclone union
remote.
-See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features)
-See [rclone about](https://rclone.org/commands/rclone_about/)
+See [List of backends that do not support rclone about](https://rclone.org/overview/#optional-features) and [rclone about](https://rclone.org/commands/rclone_about/)
# Tardigrade
@@ -34310,7 +40079,7 @@ as they can't be used in XML strings.
### Standard options
-Here are the standard options specific to uptobox (Uptobox).
+Here are the Standard options specific to uptobox (Uptobox).
#### --uptobox-access-token
@@ -34327,7 +40096,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to uptobox (Uptobox).
+Here are the Advanced options specific to uptobox (Uptobox).
#### --uptobox-encoding
@@ -34522,7 +40291,7 @@ The policies definition are inspired by [trapexit/mergerfs](https://github.com/t
### Standard options
-Here are the standard options specific to union (Union merges the contents of several upstream fs).
+Here are the Standard options specific to union (Union merges the contents of several upstream fs).
#### --union-upstreams
@@ -34583,6 +40352,30 @@ Properties:
- Type: int
- Default: 120
+### Advanced options
+
+Here are the Advanced options specific to union (Union merges the contents of several upstream fs).
+
+#### --union-min-free-space
+
+Minimum viable free space for lfs/eplfs policies.
+
+If a remote has less than this much free space then it won't be
+considered for use in lfs or eplfs policies.
+
+Properties:
+
+- Config: min_free_space
+- Env Var: RCLONE_UNION_MIN_FREE_SPACE
+- Type: SizeSuffix
+- Default: 1Gi
+
+### Metadata
+
+Any metadata supported by the underlying remote is read and written.
+
+See the [metadata](https://rclone.org/docs/#metadata) docs for more info.
+
# WebDAV
@@ -34613,7 +40406,7 @@ name> remote
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
-XX / Webdav
+XX / WebDAV
\ "webdav"
[snip]
Storage> webdav
@@ -34622,7 +40415,7 @@ Choose a number from below, or type in your own value
1 / Connect to example.com
\ "https://example.com"
url> https://example.com/remote.php/webdav/
-Name of the Webdav site/service/software you are using
+Name of the WebDAV site/service/software you are using
Choose a number from below, or type in your own value
1 / Nextcloud
\ "nextcloud"
@@ -34692,7 +40485,7 @@ with them.
### Standard options
-Here are the standard options specific to webdav (Webdav).
+Here are the Standard options specific to webdav (WebDAV).
#### --webdav-url
@@ -34709,7 +40502,7 @@ Properties:
#### --webdav-vendor
-Name of the Webdav site/service/software you are using.
+Name of the WebDAV site/service/software you are using.
Properties:
@@ -34768,7 +40561,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to webdav (Webdav).
+Here are the Advanced options specific to webdav (WebDAV).
#### --webdav-bearer-token-command
@@ -34995,7 +40788,7 @@ vendor = other
bearer_token_command = oidc-token XDC
```
-# Yandex Disk
+# Yandex Disk
[Yandex Disk](https://disk.yandex.com) is a cloud storage solution created by [Yandex](https://yandex.com).
@@ -35025,9 +40818,10 @@ client_id>
Yandex Client Secret - leave blank normally.
client_secret>
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -35108,7 +40902,7 @@ as they can't be used in JSON strings.
### Standard options
-Here are the standard options specific to yandex (Yandex Disk).
+Here are the Standard options specific to yandex (Yandex Disk).
#### --yandex-client-id
@@ -35138,7 +40932,7 @@ Properties:
### Advanced options
-Here are the advanced options specific to yandex (Yandex Disk).
+Here are the Advanced options specific to yandex (Yandex Disk).
#### --yandex-token
@@ -35222,7 +41016,7 @@ Token generation will work without a mail account, but Rclone won't be able to c
[403 - DiskUnsupportedUserAccountTypeError] User account type is not supported.
```
-# Zoho Workdrive
+# Zoho Workdrive
[Zoho WorkDrive](https://www.zoho.com/workdrive/) is a cloud storage solution created by [Zoho](https://zoho.com).
@@ -35263,9 +41057,10 @@ y) Yes
n) No (default)
y/n> n
Remote config
-Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+If not sure try Y. If Y failed, try N.
y) Yes (default)
n) No
y/n>
@@ -35346,7 +41141,7 @@ from filenames during upload.
### Standard options
-Here are the standard options specific to zoho (Zoho).
+Here are the Standard options specific to zoho (Zoho).
#### --zoho-client-id
@@ -35395,12 +41190,16 @@ Properties:
- Europe
- "in"
- India
+ - "jp"
+ - Japan
+ - "com.cn"
+ - China
- "com.au"
- Australia
### Advanced options
-Here are the advanced options specific to zoho (Zoho).
+Here are the Advanced options specific to zoho (Zoho).
#### --zoho-token
@@ -35454,6 +41253,18 @@ Properties:
+## Setting up your own client_id
+
+For Zoho we advise you to set up your own client_id. To do so you have to complete the following steps.
+
+1. Log in to the [Zoho API Console](https://api-console.zoho.com)
+
+2. Create a new client of type "Server-based Application". The name and website don't matter, but you must add the redirect URL `http://localhost:53682/`.
+
+3. Once the client is created, you can go to the settings tab and enable it in other regions.
+
+The client id and client secret can now be used with rclone.
+
# Local Filesystem
Local paths are specified as normal filesystem paths, e.g. `/path/to/wherever`, so
@@ -35778,7 +41589,7 @@ where it isn't supported (e.g. Windows) it will be ignored.
### Advanced options
-Here are the advanced options specific to local (Local Disk).
+Here are the Advanced options specific to local (Local Disk).
#### --local-nounc
@@ -35788,8 +41599,8 @@ Properties:
- Config: nounc
- Env Var: RCLONE_LOCAL_NOUNC
-- Type: string
-- Required: false
+- Type: bool
+- Default: false
- Examples:
- "true"
- Disables long file names.
@@ -35879,8 +41690,8 @@ Properties:
Don't check to see if the files change during upload.
Normally rclone checks the size and modification time of files as they
-are being uploaded and aborts with a message which starts "can't copy
-- source file is being updated" if the file changes during upload.
+are being uploaded and aborts with a message which starts "can't copy -
+source file is being updated" if the file changes during upload.
However on some file systems this modification time check may fail (e.g.
[Glusterfs #2206](https://github.com/rclone/rclone/issues/2206)) so this
@@ -36014,6 +41825,31 @@ Properties:
- Type: MultiEncoder
- Default: Slash,Dot
+### Metadata
+
+Depending on which OS is in use the local backend may return only some
+of the system metadata. Setting system metadata is supported on all
+OSes but setting user metadata is only supported on linux, freebsd,
+netbsd, macOS and Solaris. It is **not** supported on Windows yet
+([see pkg/attrs#47](https://github.com/pkg/xattr/issues/47)).
+
+User metadata is stored as extended attributes (which may not be
+supported by all file systems) under the "user.*" prefix.
+
+Here are the possible system metadata items for the local backend.
+
+| Name | Help | Type | Example | Read Only |
+|------|------|------|---------|-----------|
+| atime | Time of last access | RFC 3339 | 2006-01-02T15:04:05.999999999Z07:00 | N |
+| btime | Time of file birth (creation) | RFC 3339 | 2006-01-02T15:04:05.999999999Z07:00 | N |
+| gid | Group ID of owner | decimal number | 500 | N |
+| mode | File type and mode | octal, unix style | 0100664 | N |
+| mtime | Time of last modification | RFC 3339 | 2006-01-02T15:04:05.999999999Z07:00 | N |
+| rdev | Device ID (if special file) | hexadecimal | 1abc | N |
+| uid | User ID of owner | decimal number | 500 | N |
+
+See the [metadata](https://rclone.org/docs/#metadata) docs for more info.
+
## Backend commands
Here are the commands specific to the local backend.
@@ -36024,7 +41860,7 @@ Run them with
The help below will explain what arguments each command takes.
-See [the "rclone backend" command](https://rclone.org/commands/rclone_backend/) for more
+See the [backend](https://rclone.org/commands/rclone_backend/) command for more
info on how to pass options and arguments.
These can be run on a running backend using the rc command
@@ -36048,6 +41884,464 @@ Options:
# Changelog
+## v1.61.0 - 2022-12-20
+
+[See commits](https://github.com/rclone/rclone/compare/v1.60.0...v1.61.0)
+
+* New backends
+ * New S3 providers
+ * [Liara LOS](https://rclone.org/s3/#liara-cloud) (MohammadReza)
+* New Features
+ * build: Add vulnerability testing using govulncheck (albertony)
+ * cmd: Enable `SIGINFO` (Ctrl-T) handler on FreeBSD, NetBSD, OpenBSD and Dragonfly BSD (x3-apptech)
+ * config: Add [config/setpath](https://rclone.org/rc/#config-setpath) for setting config path via rc/librclone (Nick Craig-Wood)
+ * dedupe
+ * Count Checks in the stats while scanning for duplicates (Nick Craig-Wood)
+ * Make dedupe obey the filters (Nick Craig-Wood)
+ * dlna: Properly attribute code used from https://github.com/anacrolix/dms (Nick Craig-Wood)
+ * docs
+ * Add minimum versions and status badges to backend and command docs (Nick Craig-Wood, albertony)
+ * Remote names may not start or end with space (albertony)
+ * filter: Add metadata filters [--metadata-include/exclude/filter](https://rclone.org/filtering/#metadata) and friends (Nick Craig-Wood)
+ * fs
+ * Make all duration flags take `y`, `M`, `w`, `d` etc suffixes (Nick Craig-Wood)
+ * Add global flag `--color` to control terminal colors (Kevin Verstaen)
+ * fspath: Allow unicode numbers and letters in remote names (albertony)
+ * lib/file: Improve error message for creating dir on non-existent network host on windows (albertony)
+ * lib/http: Finish port of rclone servers to `lib/http` (Tom Mombourquette, Nick Craig-Wood)
+ * lib/oauthutil: Improved usability of config flows needing web browser (Ole Frost)
+ * ncdu
+ * Add support for modification time (albertony)
+ * Fallback to sort by name also for sort by average size (albertony)
+ * Rework to use tcell directly instead of the termbox wrapper (eNV25)
+ * rc: Add commands to set [GC Percent](https://rclone.org/rc/#debug-set-gc-percent) & [Memory Limit](/rc/#debug-set-soft-memory-limit) (go 1.19+) (Anagh Kumar Baranwal)
+ * rcat: Preserve metadata when Copy falls back to Rcat (Nick Craig-Wood)
+ * rcd: Refactor rclone rc server to use `lib/http` (Nick Craig-Wood)
+ * rcserver: Avoid generating default credentials with htpasswd (Kamui)
+ * restic: Refactor to use `lib/http` (Nolan Woods)
+ * serve http: Support unix sockets and multiple listeners (Tom Mombourquette)
+ * serve webdav: Refactor to use `lib/http` (Nick Craig-Wood)
+ * test: Replace defer cleanup with `t.Cleanup` (Eng Zer Jun)
+ * test memory: Read metadata if `-M` flag is specified (Nick Craig-Wood)
+ * wasm: Comply with `wasm_exec.js` licence terms (Matthew Vernon)
+* Bug Fixes
+ * build: Update `golang.org/x/net/http2` to fix GO-2022-1144 (Nick Craig-Wood)
+ * restic: Fix typo in docs 'remove' should be 'remote' (asdffdsazqqq)
+ * serve dlna: Fix panic: Logger uninitialized. (Nick Craig-Wood)
+* Mount
+ * Update cgofuse for FUSE-T support for mounting volumes on Mac (Nick Craig-Wood)
+* VFS
+ * Windows: fix slow opening of exe files by not truncating files when not necessary (Nick Craig-Wood)
+ * Fix IO Error opening a file with `O_CREATE|O_RDONLY` in `--vfs-cache-mode` not full (Nick Craig-Wood)
+* Crypt
+ * Fix compress wrapping crypt giving upload errors (Nick Craig-Wood)
+* Azure Blob
+ * Port to new SDK (Nick Craig-Wood)
+ * Revamp authentication to include all methods and docs (Nick Craig-Wood)
+ * Port old authentication methods to new SDK (Nick Craig-Wood, Brad Ackerman)
+ * Thanks to [Stonebranch](https://www.stonebranch.com/) for sponsoring this work.
+ * Add `--azureblob-no-check-container` to assume container exists (Nick Craig-Wood)
+ * Add `--use-server-modtime` support (Abdullah Saglam)
+ * Add support for custom upload headers (rkettelerij)
+ * Allow emulator account/key override (Roel Arents)
+ * Support simple "environment credentials" (Nathaniel Wesley Filardo)
+ * Ignore `AuthorizationFailure` when trying to create a create a container (Nick Craig-Wood)
+* Box
+ * Added note on Box API rate limits (Ole Frost)
+* Drive
+ * Handle shared drives with leading/trailing space in name (related to) (albertony)
+* FTP
+ * Update help text of implicit/explicit TLS options to refer to FTPS instead of FTP (ycdtosa)
+ * Improve performance to speed up `--files-from` and `NewObject` (Anthony Pessy)
+* HTTP
+ * Parse GET responses when `no_head` is set (Arnie97)
+ * Do not update object size based on `Range` requests (Arnie97)
+ * Support `Content-Range` response header (Arnie97)
+* Onedrive
+ * Document workaround for shared with me files (vanplus)
+* S3
+ * Add Liara LOS to provider list (MohammadReza)
+ * Add DigitalOcean Spaces regions `sfo3`, `fra1`, `syd1` (Jack)
+ * Avoid privileged `GetBucketLocation` to resolve s3 region (Anthony Pessy)
+ * Stop setting object and bucket ACL to `private` if it is an empty string (Philip Harvey)
+ * If bucket or object ACL is empty string then don't add `X-Amz-Acl:` header (Nick Craig-Wood)
+ * Reduce memory consumption for s3 objects (Erik Agterdenbos)
+ * Fix listing loop when using v2 listing on v1 server (Nick Craig-Wood)
+ * Fix nil pointer exception when using Versions (Nick Craig-Wood)
+ * Fix excess memory usage when using versions (Nick Craig-Wood)
+ * Ignore versionIDs from uploads unless using `--s3-versions` or `--s3-versions-at` (Nick Craig-Wood)
+* SFTP
+ * Add configuration options to set ssh Ciphers / MACs / KeyExchange (dgouju)
+ * Auto-detect shell type for fish (albertony)
+ * Fix NewObject with leading / (Nick Craig-Wood)
+* Smb
+ * Fix issue where spurious dot directory is created (albertony)
+* Storj
+ * Implement server side Copy (Kaloyan Raev)
+
+## v1.60.1 - 2022-11-17
+
+[See commits](https://github.com/rclone/rclone/compare/v1.60.0...v1.60.1)
+
+* Bug Fixes
+ * lib/cache: Fix alias backend shutting down too soon (Nick Craig-Wood)
+ * wasm: Fix walltime link error by adding up-to-date wasm_exec.js (João Henrique Franco)
+ * docs
+ * Update faq.md with bisync (Samuel Johnson)
+ * Corrected download links in windows install docs (coultonluke)
+ * Add direct download link for windows arm64 (albertony)
+ * Remove link to rclone slack as it is no longer supported (Nick Craig-Wood)
+ * Faq: how to use a proxy server that requires a username and password (asdffdsazqqq)
+ * Oracle-object-storage: doc fix (Manoj Ghosh)
+ * Fix typo `remove` in rclone_serve_restic command (Joda Stößer)
+ * Fix character that was incorrectly interpreted as markdown (Clément Notin)
+* VFS
+ * Fix deadlock caused by cache cleaner and upload finishing (Nick Craig-Wood)
+* Local
+ * Clean absolute paths (albertony)
+ * Fix -L/--copy-links with filters missing directories (Nick Craig-Wood)
+* Mailru
+ * Note that an app password is now needed (Nick Craig-Wood)
+ * Allow timestamps to be before the epoch 1970-01-01 (Nick Craig-Wood)
+* S3
+ * Add provider quirk `--s3-might-gzip` to fix corrupted on transfer: sizes differ (Nick Craig-Wood)
+ * Allow Storj to server side copy since it seems to work now (Nick Craig-Wood)
+ * Fix for unchecked err value in s3 listv2 (Aaron Gokaslan)
+ * Add additional Wasabi locations (techknowlogick)
+* Smb
+ * Fix `Failed to sync: context canceled` at the end of syncs (Nick Craig-Wood)
+* WebDAV
+ * Fix Move/Copy/DirMove when using -server-side-across-configs (Nick Craig-Wood)
+
+## v1.60.0 - 2022-10-21
+
+[See commits](https://github.com/rclone/rclone/compare/v1.59.0...v1.60.0)
+
+* New backends
+ * [Oracle object storage](https://rclone.org/oracleobjectstorage/) (Manoj Ghosh)
+ * [SMB](https://rclone.org/smb/) / CIFS (Windows file sharing) (Lesmiscore)
+ * New S3 providers
+ * [IONOS Cloud Storage](https://rclone.org/s3/#ionos) (Dmitry Deniskin)
+ * [Qiniu KODO](https://rclone.org/s3/#qiniu) (Bachue Zhou)
+* New Features
+ * build
+ * Update to go1.19 and make go1.17 the minimum required version (Nick Craig-Wood)
+ * Install.sh: fix arm-v7 download (Ole Frost)
+ * fs: Warn the user when using an existing remote name without a colon (Nick Craig-Wood)
+ * httplib: Add `--xxx-min-tls-version` option to select minimum TLS version for HTTP servers (Robert Newson)
+ * librclone: Add PHP bindings and test program (Jordi Gonzalez Muñoz)
+ * operations
+ * Add `--server-side-across-configs` global flag for any backend (Nick Craig-Wood)
+ * Optimise `--copy-dest` and `--compare-dest` (Nick Craig-Wood)
+ * rc: add `job/stopgroup` to stop group (Evan Spensley)
+ * serve dlna
+ * Add `--announce-interval` to control SSDP Announce Interval (YanceyChiew)
+ * Add `--interface` to Specify SSDP interface names line (Simon Bos)
+ * Add support for more external subtitles (YanceyChiew)
+ * Add verification of addresses (YanceyChiew)
+ * sync: Optimise `--copy-dest` and `--compare-dest` (Nick Craig-Wood)
+ * doc updates (albertony, Alexander Knorr, anonion, João Henrique Franco, Josh Soref, Lorenzo Milesi, Marco Molteni, Mark Trolley, Ole Frost, partev, Ryan Morey, Tom Mombourquette, YFdyh000)
+* Bug Fixes
+ * filter
+ * Fix incorrect filtering with `UseFilter` context flag and wrapping backends (Nick Craig-Wood)
+ * Make sure we check `--files-from` when looking for a single file (Nick Craig-Wood)
+ * rc
+ * Fix `mount/listmounts` not returning the full Fs entered in `mount/mount` (Tom Mombourquette)
+ * Handle external unmount when mounting (Isaac Aymerich)
+ * Validate Daemon option is not set when mounting a volume via RC (Isaac Aymerich)
+ * sync: Update docs and error messages to reflect fixes to overlap checks (Nick Naumann)
+* VFS
+ * Reduce memory use by embedding `sync.Cond` (Nick Craig-Wood)
+ * Reduce memory usage by re-ordering commonly used structures (Nick Craig-Wood)
+ * Fix excess CPU used by VFS cache cleaner looping (Nick Craig-Wood)
+* Local
+ * Obey file filters in listing to fix errors on excluded files (Nick Craig-Wood)
+ * Fix "Failed to read metadata: function not implemented" on old Linux kernels (Nick Craig-Wood)
+* Compress
+ * Fix crash due to nil metadata (Nick Craig-Wood)
+ * Fix error handling to not use or return nil objects (Nick Craig-Wood)
+* Drive
+ * Make `--drive-stop-on-upload-limit` obey quota exceeded error (Steve Kowalik)
+* FTP
+ * Add `--ftp-force-list-hidden` option to show hidden items (Øyvind Heddeland Instefjord)
+ * Fix hang when using ExplicitTLS to certain servers. (Nick Craig-Wood)
+* Google Cloud Storage
+ * Add `--gcs-endpoint` flag and config parameter (Nick Craig-Wood)
+* Hubic
+ * Remove backend as service has now shut down (Nick Craig-Wood)
+* Onedrive
+ * Rename Onedrive(cn) 21Vianet to Vnet Group (Yen Hu)
+ * Disable change notify in China region since it is not supported (Nick Craig-Wood)
+* S3
+ * Implement `--s3-versions` flag to show old versions of objects if enabled (Nick Craig-Wood)
+ * Implement `--s3-version-at` flag to show versions of objects at a particular time (Nick Craig-Wood)
+ * Implement `backend versioning` command to get/set bucket versioning (Nick Craig-Wood)
+ * Implement `Purge` to purge versions and `backend cleanup-hidden` (Nick Craig-Wood)
+ * Add `--s3-decompress` flag to decompress gzip-encoded files (Nick Craig-Wood)
+ * Add `--s3-sse-customer-key-base64` to supply keys with binary data (Richard Bateman)
+ * Try to keep the maximum precision in ModTime with `--user-server-modtime` (Nick Craig-Wood)
+ * Drop binary metadata with an ERROR message as it can't be stored (Nick Craig-Wood)
+ * Add `--s3-no-system-metadata` to suppress read and write of system metadata (Nick Craig-Wood)
+* SFTP
+ * Fix directory creation races (Lesmiscore)
+* Swift
+ * Add `--swift-no-large-objects` to reduce HEAD requests (Nick Craig-Wood)
+* Union
+ * Propagate SlowHash feature to fix hasher interaction (Lesmiscore)
+
+## v1.59.2 - 2022-09-15
+
+[See commits](https://github.com/rclone/rclone/compare/v1.59.1...v1.59.2)
+
+* Bug Fixes
+ * config: Move locking to fix fatal error: concurrent map read and map write (Nick Craig-Wood)
+* Local
+ * Disable xattr support if the filesystems indicates it is not supported (Nick Craig-Wood)
+* Azure Blob
+ * Fix chunksize calculations producing too many parts (Nick Craig-Wood)
+* B2
+ * Fix chunksize calculations producing too many parts (Nick Craig-Wood)
+* S3
+ * Fix chunksize calculations producing too many parts (Nick Craig-Wood)
+
+## v1.59.1 - 2022-08-08
+
+[See commits](https://github.com/rclone/rclone/compare/v1.59.0...v1.59.1)
+
+* Bug Fixes
+ * accounting: Fix panic in core/stats-reset with unknown group (Nick Craig-Wood)
+ * build: Fix android build after GitHub actions change (Nick Craig-Wood)
+ * dlna: Fix SOAP action header parsing (Joram Schrijver)
+ * docs: Fix links to mount command from install docs (albertony)
+ * dropbox: Fix ChangeNotify was unable to decrypt errors (Nick Craig-Wood)
+ * fs: Fix parsing of times and durations of the form "YYYY-MM-DD HH:MM:SS" (Nick Craig-Wood)
+ * serve sftp: Fix checksum detection (Nick Craig-Wood)
+ * sync: Add accidentally missed filter-sensitivity to --backup-dir option (Nick Naumann)
+* Combine
+ * Fix docs showing `remote=` instead of `upstreams=` (Nick Craig-Wood)
+ * Throw error if duplicate directory name is specified (Nick Craig-Wood)
+ * Fix errors with backends shutting down while in use (Nick Craig-Wood)
+* Dropbox
+ * Fix hang on quit with --dropbox-batch-mode off (Nick Craig-Wood)
+ * Fix infinite loop on uploading a corrupted file (Nick Craig-Wood)
+* Internetarchive
+ * Ignore checksums for files using the different method (Lesmiscore)
+ * Handle hash symbol in the middle of filename (Lesmiscore)
+* Jottacloud
+ * Fix working with whitelabel Elgiganten Cloud
+ * Do not store username in config when using standard auth (albertony)
+* Mega
+ * Fix nil pointer exception when bad node received (Nick Craig-Wood)
+* S3
+ * Fix --s3-no-head panic: reflect: Elem of invalid type s3.PutObjectInput (Nick Craig-Wood)
+* SFTP
+ * Fix issue with WS_FTP by working around failing RealPath (albertony)
+* Union
+ * Fix duplicated files when using directories with leading / (Nick Craig-Wood)
+ * Fix multiple files being uploaded when roots don't exist (Nick Craig-Wood)
+ * Fix panic due to misalignment of struct field in 32 bit architectures (r-ricci)
+
+## v1.59.0 - 2022-07-09
+
+[See commits](https://github.com/rclone/rclone/compare/v1.58.0...v1.59.0)
+
+* New backends
+ * [Combine](/combine) multiple remotes in one directory tree (Nick Craig-Wood)
+ * [Hidrive](https://rclone.org/hidrive/) (Ovidiu Victor Tatar)
+ * [Internet Archive](https://rclone.org/internetarchive/) (Lesmiscore (Naoya Ozaki))
+ * New S3 providers
+ * [ArvanCloud AOS](https://rclone.org/s3/#arvan-cloud) (ehsantdy)
+ * [Cloudflare R2](https://rclone.org/s3/#cloudflare-r2) (Nick Craig-Wood)
+ * [Huawei OBS](https://rclone.org/s3/#huawei-obs) (m00594701)
+ * [IDrive e2](https://rclone.org/s3/#idrive-e2) (vyloy)
+* New commands
+ * [test makefile](https://rclone.org/commands/rclone_test_makefile/): Create a single file for testing (Nick Craig-Wood)
+* New Features
+ * [Metadata framework](https://rclone.org/docs/#metadata) to read and write system and user metadata on backends (Nick Craig-Wood)
+ * Implemented initially for `local`, `s3` and `internetarchive` backends
+ * `--metadata`/`-M` flag to control whether metadata is copied
+ * `--metadata-set` flag to specify metadata for uploads
+ * Thanks to [Manz Solutions](https://manz-solutions.at/) for sponsoring this work.
+ * build
+ * Update to go1.18 and make go1.16 the minimum required version (Nick Craig-Wood)
+ * Update android go build to 1.18.x and NDK to 23.1.7779620 (Nick Craig-Wood)
+ * All windows binaries now no longer CGO (Nick Craig-Wood)
+ * Add `linux/arm/v6` to docker images (Nick Craig-Wood)
+ * A huge number of fixes found with [staticcheck](https://staticcheck.io/) (albertony)
+ * Configurable version suffix independent of version number (albertony)
+ * check: Implement `--no-traverse` and `--no-unicode-normalization` (Nick Craig-Wood)
+ * config: Readability improvements (albertony)
+ * copyurl: Add `--header-filename` to honor the HTTP header filename directive (J-P Treen)
+ * filter: Allow multiple `--exclude-if-present` flags (albertony)
+ * fshttp: Add `--disable-http-keep-alives` to disable HTTP Keep Alives (Nick Craig-Wood)
+ * install.sh
+ * Set the modes on the files and/or directories on macOS (Michael C Tiernan - MIT-Research Computing Project)
+ * Pre verify sudo authorization `-v` before calling curl. (Michael C Tiernan - MIT-Research Computing Project)
+ * lib/encoder: Add Semicolon encoding (Nick Craig-Wood)
+ * lsf: Add metadata support with `M` flag (Nick Craig-Wood)
+ * lsjson: Add `--metadata`/`-M` flag (Nick Craig-Wood)
+ * ncdu
+ * Implement multi selection (CrossR)
+ * Replace termbox with tcell's termbox wrapper (eNV25)
+ * Display correct path in delete confirmation dialog (Roberto Ricci)
+ * operations
+ * Speed up hash checking by aborting the other hash if first returns nothing (Nick Craig-Wood)
+ * Use correct src/dst in some log messages (zzr93)
+ * rcat: Check checksums by default like copy does (Nick Craig-Wood)
+ * selfupdate: Replace deprecated `x/crypto/openpgp` package with `ProtonMail/go-crypto` (albertony)
+ * serve ftp: Check `--passive-port` arguments are correct (Nick Craig-Wood)
+ * size: Warn about inaccurate results when objects with unknown size (albertony)
+ * sync: Overlap check is now filter-sensitive so `--backup-dir` can be in the root provided it is filtered (Nick)
+ * test info: Check file name lengths using 1,2,3,4 byte unicode characters (Nick Craig-Wood)
+ * test makefile(s): `--sparse`, `--zero`, `--pattern`, `--ascii`, `--chargen` flags to control file contents (Nick Craig-Wood)
+ * Make sure we call the `Shutdown` method on backends (Martin Czygan)
+* Bug Fixes
+ * accounting: Fix unknown length file transfers counting 3 transfers each (buda)
+ * ncdu: Fix issue where dir size is summed when file sizes are -1 (albertony)
+ * sync/copy/move
+ * Fix `--fast-list` `--create-empty-src-dirs` and `--exclude` (Nick Craig-Wood)
+ * Fix `--max-duration` and `--cutoff-mode soft` (Nick Craig-Wood)
+ * Fix fs cache unpin (Martin Czygan)
+ * Set proper exit code for errors that are not low-level retried (e.g. size/timestamp changing) (albertony)
+* Mount
+ * Support `windows/arm64` (may still be problems - see [#5828](https://github.com/rclone/rclone/issues/5828)) (Nick Craig-Wood)
+ * Log IO errors at ERROR level (Nick Craig-Wood)
+ * Ignore `_netdev` mount argument (Hugal31)
+* VFS
+ * Add `--vfs-fast-fingerprint` for less accurate but faster fingerprints (Nick Craig-Wood)
+ * Add `--vfs-disk-space-total-size` option to manually set the total disk space (Claudio Maradonna)
+ * vfscache: Fix fatal error: sync: unlock of unlocked mutex error (Nick Craig-Wood)
+* Local
+ * Fix parsing of `--local-nounc` flag (Nick Craig-Wood)
+ * Add Metadata support (Nick Craig-Wood)
+* Crypt
+ * Support metadata (Nick Craig-Wood)
+* Azure Blob
+ * Calculate Chunksize/blocksize to stay below maxUploadParts (Leroy van Logchem)
+ * Use chunksize lib to determine chunksize dynamically (Derek Battams)
+ * Case insensitive access tier (Rob Pickerill)
+ * Allow remote emulator (azurite) (Lorenzo Maiorfi)
+* B2
+ * Add `--b2-version-at` flag to show file versions at time specified (SwazRGB)
+ * Use chunksize lib to determine chunksize dynamically (Derek Battams)
+* Chunker
+ * Mark as not supporting metadata (Nick Craig-Wood)
+* Compress
+ * Support metadata (Nick Craig-Wood)
+* Drive
+ * Make `backend config -o config` add a combined `AllDrives:` remote (Nick Craig-Wood)
+ * Make `--drive-shared-with-me` work with shared drives (Nick Craig-Wood)
+ * Add `--drive-resource-key` for accessing link-shared files (Nick Craig-Wood)
+ * Add backend commands `exportformats` and `importformats` for debugging (Nick Craig-Wood)
+ * Fix 404 errors on copy/server side copy objects from public folder (Nick Craig-Wood)
+ * Update Internal OAuth consent screen docs (Phil Shackleton)
+ * Moved `root_folder_id` to advanced section (Abhiraj)
+* Dropbox
+ * Migrate from deprecated api (m8rge)
+ * Add logs to show when poll interval limits are exceeded (Nick Craig-Wood)
+ * Fix nil pointer exception on dropbox impersonate user not found (Nick Craig-Wood)
+* Fichier
+ * Parse api error codes and them accordingly (buengese)
+* FTP
+ * Add support for `disable_utf8` option (Jason Zheng)
+ * Revert to upstream `github.com/jlaffaye/ftp` from our fork (Nick Craig-Wood)
+* Google Cloud Storage
+ * Add `--gcs-no-check-bucket` to minimise transactions and perms (Nick Gooding)
+ * Add `--gcs-decompress` flag to decompress gzip-encoded files (Nick Craig-Wood)
+ * by default these will be downloaded compressed (which previously failed)
+* Hasher
+ * Support metadata (Nick Craig-Wood)
+* HTTP
+ * Fix missing response when using custom auth handler (albertony)
+* Jottacloud
+ * Add support for upload to custom device and mountpoint (albertony)
+ * Always store username in config and use it to avoid initial API request (albertony)
+ * Fix issue with server-side copy when destination is in trash (albertony)
+ * Fix listing output of remote with special characters (albertony)
+* Mailru
+ * Fix timeout by using int instead of time.Duration for keeping number of seconds (albertony)
+* Mega
+ * Document using MEGAcmd to help with login failures (Art M. Gallagher)
+* Onedrive
+ * Implement `--poll-interval` for onedrive (Hugo Laloge)
+ * Add access scopes option (Sven Gerber)
+* Opendrive
+ * Resolve lag and truncate bugs (Scott Grimes)
+* Pcloud
+ * Fix about with no free space left (buengese)
+ * Fix cleanup (buengese)
+* S3
+ * Use PUT Object instead of presigned URLs to upload single part objects (Nick Craig-Wood)
+ * Backend restore command to skip non-GLACIER objects (Vincent Murphy)
+ * Use chunksize lib to determine chunksize dynamically (Derek Battams)
+ * Retry RequestTimeout errors (Nick Craig-Wood)
+ * Implement reading and writing of metadata (Nick Craig-Wood)
+* SFTP
+ * Add support for about and hashsum on windows server (albertony)
+ * Use vendor-specific VFS statistics extension for about if available (albertony)
+ * Add `--sftp-chunk-size` to control packets sizes for high latency links (Nick Craig-Wood)
+ * Add `--sftp-concurrency` to improve high latency transfers (Nick Craig-Wood)
+ * Add `--sftp-set-env` option to set environment variables (Nick Craig-Wood)
+ * Add Hetzner Storage Boxes to supported sftp backends (Anthrazz)
+* Storj
+ * Fix put which lead to the file being unreadable when using mount (Erik van Velzen)
+* Union
+ * Add `min_free_space` option for `lfs`/`eplfs` policies (Nick Craig-Wood)
+ * Fix uploading files to union of all bucket based remotes (Nick Craig-Wood)
+ * Fix get free space for remotes which don't support it (Nick Craig-Wood)
+ * Fix `eplus` policy to select correct entry for existing files (Nick Craig-Wood)
+ * Support metadata (Nick Craig-Wood)
+* Uptobox
+ * Fix root path handling (buengese)
+* WebDAV
+ * Add SharePoint in other specific regions support (Noah Hsu)
+* Yandex
+ * Handle api error on server-side move (albertony)
+* Zoho
+ * Add Japan and China regions (buengese)
+
+## v1.58.1 - 2022-04-29
+
+[See commits](https://github.com/rclone/rclone/compare/v1.58.0...v1.58.1)
+
+* Bug Fixes
+ * build: Update github.com/billziss-gh to github.com/winfsp (Nick Craig-Wood)
+ * filter: Fix timezone of `--min-age`/`-max-age` from UTC to local as documented (Nick Craig-Wood)
+ * rc/js: Correct RC method names (Sơn Trần-Nguyễn)
+ * docs
+ * Fix some links to command pages (albertony)
+ * Add `--multi-thread-streams` note to `--transfers`. (Zsolt Ero)
+* Mount
+ * Fix `--devname` and fusermount: unknown option 'fsname' when mounting via rc (Nick Craig-Wood)
+* VFS
+ * Remove wording which suggests VFS is only for mounting (Nick Craig-Wood)
+* Dropbox
+ * Fix retries of multipart uploads with incorrect_offset error (Nick Craig-Wood)
+* Google Cloud Storage
+ * Use the s3 pacer to speed up transactions (Nick Craig-Wood)
+ * pacer: Default the Google pacer to a burst of 100 to fix gcs pacing (Nick Craig-Wood)
+* Jottacloud
+ * Fix scope in token request (albertony)
+* Netstorage
+ * Fix unescaped HTML in documentation (Nick Craig-Wood)
+ * Make levels of headings consistent (Nick Craig-Wood)
+ * Add support contacts to netstorage doc (Nil Alexandrov)
+* Onedrive
+ * Note that sharepoint also changes web files (.html, .aspx) (GH)
+* Putio
+ * Handle rate limit errors (Berkan Teber)
+ * Fix multithread download and other ranged requests (rafma0)
+* S3
+ * Add ChinaMobile EOS to provider list (GuoXingbin)
+ * Sync providers in config description with providers (Nick Craig-Wood)
+* SFTP
+ * Fix OpenSSH 8.8+ RSA keys incompatibility (KARBOWSKI Piotr)
+ * Note that Scaleway C14 is deprecating SFTP in favor of S3 (Adrien Rey-Jarthon)
+* Storj
+ * Fix bucket creation on Move (Nick Craig-Wood)
+* WebDAV
+ * Don't override Referer if user sets it (Nick Craig-Wood)
+
## v1.58.0 - 2022-03-18
[See commits](https://github.com/rclone/rclone/compare/v1.57.0...v1.58.0)
@@ -36079,7 +42373,7 @@ Options:
* build
* Fix ARM architecture version in .deb packages after nfpm change (Nick Craig-Wood)
* Hard fork `github.com/jlaffaye/ftp` to fix `go get github.com/rclone/rclone` (Nick Craig-Wood)
- * oauthutil: Fix crash when webrowser requests `/robots.txt` (Nick Craig-Wood)
+ * oauthutil: Fix crash when webbrowser requests `/robots.txt` (Nick Craig-Wood)
* operations: Fix goroutine leak in case of copy retry (Ankur Gupta)
* rc:
* Fix `operations/publiclink` default for `expires` parameter (Nick Craig-Wood)
@@ -36165,7 +42459,7 @@ Options:
* Add rclone to list of supported `md5sum`/`sha1sum` commands to look for (albertony)
* Refactor so we only have one way of running remote commands (Nick Craig-Wood)
* Fix timeout on hashing large files by sending keepalives (Nick Craig-Wood)
- * Fix unecessary seeking when uploading and downloading files (Nick Craig-Wood)
+ * Fix unnecessary seeking when uploading and downloading files (Nick Craig-Wood)
* Update docs on how to create `known_hosts` file (Nick Craig-Wood)
* Storj
* Rename tardigrade backend to storj backend (Nick Craig-Wood)
@@ -36766,8 +43060,8 @@ Options:
* Add sort by average size in directory (Adam Plánský)
* Add toggle option for average s3ize in directory - key 'a' (Adam Plánský)
* Add empty folder flag into ncdu browser (Adam Plánský)
- * Add `!` (errror) and `.` (unreadable) file flags to go with `e` (empty) (Nick Craig-Wood)
- * obscure: Make `rclone osbcure -` ignore newline at end of line (Nick Craig-Wood)
+ * Add `!` (error) and `.` (unreadable) file flags to go with `e` (empty) (Nick Craig-Wood)
+ * obscure: Make `rclone obscure -` ignore newline at end of line (Nick Craig-Wood)
* operations
* Add logs when need to upload files to set mod times (Nick Craig-Wood)
* Move and copy log name of the destination object in verbose (Adam Plánský)
@@ -36792,7 +43086,7 @@ Options:
* Make the error count match up in the log message (Nick Craig-Wood)
* move: Fix data loss when source and destination are the same object (Nick Craig-Wood)
* operations
- * Fix `--cutof-mode` hard not cutting off immediately (Nick Craig-Wood)
+ * Fix `--cutoff-mode` hard not cutting off immediately (Nick Craig-Wood)
* Fix `--immutable` error message (Nick Craig-Wood)
* sync
* Fix `--cutoff-mode` soft & cautious so it doesn't end the transfer early (Nick Craig-Wood)
@@ -36840,7 +43134,7 @@ Options:
* Fixed crash on an empty file name (lluuaapp)
* Box
* Fix NewObject for files that differ in case (Nick Craig-Wood)
- * Fix finding directories in a case insentive way (Nick Craig-Wood)
+ * Fix finding directories in a case insensitive way (Nick Craig-Wood)
* Chunker
* Skip long local hashing, hash in-transit (fixes) (Ivan Andreev)
* Set Features ReadMimeType to false as Object.MimeType not supported (Nick Craig-Wood)
@@ -36921,7 +43215,7 @@ Options:
* Implement `--sftp-use-fstat` for unusual SFTP servers (Nick Craig-Wood)
* Sugarsync
* Fix NewObject for files that differ in case (Nick Craig-Wood)
- * Fix finding directories in a case insentive way (Nick Craig-Wood)
+ * Fix finding directories in a case insensitive way (Nick Craig-Wood)
* Swift
* Fix deletion of parts of Static Large Object (SLO) (Nguyễn Hữu Luân)
* Ensure partially uploaded large files are uploaded unless `--swift-leave-parts-on-error` (Nguyễn Hữu Luân)
@@ -36995,7 +43289,7 @@ Options:
[See commits](https://github.com/rclone/rclone/compare/v1.53.1...v1.53.2)
* Bug Fixes
- * acounting
+ * accounting
* Fix incorrect speed and transferTime in core/stats (Nick Craig-Wood)
* Stabilize display order of transfers on Windows (Nick Craig-Wood)
* operations
@@ -37965,7 +44259,7 @@ all the docs and Edward Barker for helping re-write the front page.
* rcat: Fix slowdown on systems with multiple hashes (Nick Craig-Wood)
* rcd: Fix permissions problems on cache directory with web gui download (Nick Craig-Wood)
* Mount
- * Default `--daemon-timout` to 15 minutes on macOS and FreeBSD (Nick Craig-Wood)
+ * Default `--daemon-timeout` to 15 minutes on macOS and FreeBSD (Nick Craig-Wood)
* Update docs to show mounting from root OK for bucket-based (Nick Craig-Wood)
* Remove nonseekable flag from write files (Nick Craig-Wood)
* VFS
@@ -38273,7 +44567,7 @@ all the docs and Edward Barker for helping re-write the front page.
* Update google cloud storage endpoints (weetmuts)
* HTTP
* Add an example with username and password which is supported but wasn't documented (Nick Craig-Wood)
- * Fix backend with `--files-from` and non-existent files (Nick Craig-Wood)
+ * Fix backend with `--files-from` and nonexistent files (Nick Craig-Wood)
* Hubic
* Make error message more informative if authentication fails (Nick Craig-Wood)
* Jottacloud
@@ -38757,7 +45051,7 @@ Point release to fix hubic and azureblob backends.
* FTP
* Work around strange response from box FTP server
* More workarounds for FTP servers to fix mkParentDir error
- * Fix no error on listing non-existent directory
+ * Fix no error on listing nonexistent directory
* Google Cloud Storage
* Add service_account_credentials (Matt Holt)
* Detect bucket presence by listing it - minimises permissions needed
@@ -38830,7 +45124,7 @@ Point release to fix hubic and azureblob backends.
* Add .deb and .rpm packages as part of the build
* Make a beta release for all branches on the main repo (but not pull requests)
* Bug Fixes
- * config: fixes errors on non existing config by loading config file only on first access
+ * config: fixes errors on nonexistent config by loading config file only on first access
* config: retry saving the config after failure (Mateusz)
* sync: when using `--backup-dir` don't delete files if we can't set their modtime
* this fixes odd behaviour with Dropbox and `--backup-dir`
@@ -39365,7 +45659,7 @@ Point release to fix hubic and azureblob backends.
* Update B2 docs with Data usage, and Crypt section - thanks Tomasz Mazur
* S3
* Command line and config file support for
- * Setting/overriding ACL - thanks Radek Senfeld
+ * Setting/overriding ACL - thanks Radek Šenfeld
* Setting storage class - thanks Asko Tamm
* Drive
* Make exponential backoff work exactly as per Google specification
@@ -39951,7 +46245,7 @@ the node running rclone would need to have lots of bandwidth.
The syncs would be incremental (on a file by file basis).
-Eg
+e.g.
rclone sync -i drive:Folder s3:bucket
@@ -40002,9 +46296,8 @@ of metadata, which breaks the desired 1:1 mapping of files to objects.
### Can rclone do bi-directional sync? ###
-No, not at present. rclone only does uni-directional sync from A ->
-B. It may do in the future though since it has all the primitives - it
-just requires writing the algorithm to do it.
+Yes, since rclone v1.58.0, [bidirectional cloud sync](https://rclone.org/bisync/) is
+available.
### Can I use rclone with an HTTP proxy? ###
@@ -40029,6 +46322,14 @@ possibilities. So, on Linux, you may end up with code similar to
export HTTP_PROXY=$http_proxy
export HTTPS_PROXY=$http_proxy
+
+Note: If the proxy server requires a username and password, then use
+
+ export http_proxy=http://username:password@proxyserver:12345
+ export https_proxy=$http_proxy
+ export HTTP_PROXY=$http_proxy
+ export HTTPS_PROXY=$http_proxy
+
The `NO_PROXY` allows you to disable the proxy for specific hosts.
Hosts must be comma separated, and can contain domains or parts.
For instance "foo.com" also matches "bar.foo.com".
@@ -40038,7 +46339,7 @@ e.g.
export no_proxy=localhost,127.0.0.0/8,my.host.name
export NO_PROXY=$no_proxy
-Note that the ftp backend does not support `ftp_proxy` yet.
+Note that the FTP backend does not support `ftp_proxy` yet.
### Rclone gives x509: failed to load system roots and no roots provided error ###
@@ -40150,7 +46451,7 @@ to unwanted renames. Read more [here](https://rclone.org/overview/#restricted-fi
# License
-This is free software under the terms of MIT the license (check the
+This is free software under the terms of the MIT license (check the
COPYING file included with the source code).
```
@@ -40403,6 +46704,7 @@ put them back in again.` >}}
* Jay
* andrea rota
* nicolov
+ * Matt Joiner
* Dario Guzik
* qip
* yair@unicorn
@@ -40747,6 +47049,103 @@ put them back in again.` >}}
* Vincent Murphy
* ctrl-q <34975747+ctrl-q@users.noreply.github.com>
* Nil Alexandrov
+ * GuoXingbin <101376330+guoxingbin@users.noreply.github.com>
+ * Berkan Teber
+ * Tobias Klauser
+ * KARBOWSKI Piotr
+ * GH
+ * rafma0
+ * Adrien Rey-Jarthon
+ * Nick Gooding <73336146+nickgooding@users.noreply.github.com>
+ * Leroy van Logchem
+ * Zsolt Ero
+ * Lesmiscore
+ * ehsantdy
+ * SwazRGB <65694696+swazrgb@users.noreply.github.com>
+ * Mateusz Puczyński
+ * Michael C Tiernan - MIT-Research Computing Project
+ * Kaspian <34658474+KaspianDev@users.noreply.github.com>
+ * Werner
+ * Hugal31
+ * Christian Galo <36752715+cgalo5758@users.noreply.github.com>
+ * Erik van Velzen
+ * Derek Battams
+ * SimonLiu
+ * Hugo Laloge
+ * Mr-Kanister <68117355+Mr-Kanister@users.noreply.github.com>
+ * Rob Pickerill
+ * Andrey
+ * Eric Wolf <19wolf@gmail.com>
+ * Nick
+ * Jason Zheng
+ * Matthew Vernon
+ * Noah Hsu
+ * m00594701
+ * Art M. Gallagher
+ * Sven Gerber <49589423+svengerber@users.noreply.github.com>
+ * CrossR
+ * Maciej Radzikowski
+ * Scott Grimes
+ * Phil Shackleton <71221528+philshacks@users.noreply.github.com>
+ * eNV25
+ * Caleb
+ * J-P Treen
+ * Martin Czygan <53705+miku@users.noreply.github.com>
+ * buda
+ * mirekphd <36706320+mirekphd@users.noreply.github.com>
+ * vyloy
+ * Anthrazz <25553648+Anthrazz@users.noreply.github.com>
+ * zzr93 <34027824+zzr93@users.noreply.github.com>
+ * Paul Norman
+ * Lorenzo Maiorfi
+ * Claudio Maradonna
+ * Ovidiu Victor Tatar
+ * Evan Spensley
+ * Yen Hu <61753151+0x59656e@users.noreply.github.com>
+ * Steve Kowalik
+ * Jordi Gonzalez Muñoz
+ * Joram Schrijver
+ * Mark Trolley
+ * João Henrique Franco
+ * anonion
+ * Ryan Morey <4590343+rmorey@users.noreply.github.com>
+ * Simon Bos
+ * YFdyh000 * Josh Soref <2119212+jsoref@users.noreply.github.com>
+ * Øyvind Heddeland Instefjord
+ * Dmitry Deniskin <110819396+ddeniskin@users.noreply.github.com>
+ * Alexander Knorr <106825+opexxx@users.noreply.github.com>
+ * Richard Bateman
+ * Dimitri Papadopoulos Orfanos <3234522+DimitriPapadopoulos@users.noreply.github.com>
+ * Lorenzo Milesi
+ * Isaac Aymerich
+ * YanceyChiew <35898533+YanceyChiew@users.noreply.github.com>
+ * Manoj Ghosh
+ * Bachue Zhou
+ * Manoj Ghosh
+ * Tom Mombourquette
+ * Robert Newson
+ * Samuel Johnson
+ * coultonluke
+ * Anthony Pessy
+ * Philip Harvey
+ * dgouju
+ * Clément Notin
+ * x3-apptech <66947598+x3-apptech@users.noreply.github.com>
+ * Arnie97
+ * Roel Arents <2691308+roelarents@users.noreply.github.com>
+ * Aaron Gokaslan
+ * techknowlogick
+ * rkettelerij
+ * Kamui
+ * asdffdsazqqq <90116442+asdffdsazqqq@users.noreply.github.com>
+ * Nathaniel Wesley Filardo
+ * ycdtosa
+ * Erik Agterdenbos
+ * Kevin Verstaen <48050031+kverstae@users.noreply.github.com>
+ * MohammadReza
+ * vanplus <60313789+vanplus@users.noreply.github.com>
+ * Jack <16779171+jkpe@users.noreply.github.com>
+ * Abdullah Saglam
# Contact the rclone project #
diff --git a/MANUAL.txt b/MANUAL.txt
index 994bd6612bec6..81320892b3979 100644
--- a/MANUAL.txt
+++ b/MANUAL.txt
@@ -1,6 +1,6 @@
rclone(1) User Manual
Nick Craig-Wood
-Mar 18, 2022
+Dec 20, 2022
Rclone syncs your files to cloud storage
@@ -82,7 +82,7 @@ Features
- Move files to cloud storage deleting the local after verification
- Check hashes and for missing/extra files
- Mount your cloud storage as a network disk
-- Serve local or remote files over HTTP/WebDav/FTP/SFTP/dlna
+- Serve local or remote files over HTTP/WebDav/FTP/SFTP/DLNA
- Experimental Web based GUI
Supported providers
@@ -98,8 +98,10 @@ S3, that work out of the box.)
- Backblaze B2
- Box
- Ceph
+- China Mobile Ecloud Elastic Object Storage (EOS)
+- Arvan Cloud Object Storage (AOS)
- Citrix ShareFile
-- C14
+- Cloudflare R2
- DigitalOcean Spaces
- Digi Storage
- Dreamhost
@@ -110,11 +112,16 @@ S3, that work out of the box.)
- Google Drive
- Google Photos
- HDFS
+- Hetzner Storage Box
+- HiDrive
- HTTP
-- Hubic
+- Internet Archive
- Jottacloud
- IBM COS S3
+- IDrive e2
+- IONOS Cloud
- Koofr
+- Liara Object Storage
- Mail.ru Cloud
- Memset Memstore
- Mega
@@ -126,12 +133,14 @@ S3, that work out of the box.)
- OVH
- OpenDrive
- OpenStack Swift
-- Oracle Cloud Storage
+- Oracle Cloud Storage Swift
+- Oracle Object Storage
- ownCloud
- pCloud
- premiumize.me
- put.io
- QingStor
+- Qiniu Cloud Object Storage (Kodo)
- Rackspace Cloud Files
- rsync.net
- Scaleway
@@ -140,6 +149,7 @@ S3, that work out of the box.)
- SeaweedFS
- SFTP
- Sia
+- SMB / CIFS
- StackPath
- Storj
- SugarSync
@@ -151,6 +161,19 @@ S3, that work out of the box.)
- Zoho WorkDrive
- The local filesystem
+Virtual providers
+
+These backends adapt or modify other storage providers:
+
+- Alias: Rename existing remotes
+- Cache: Cache remotes (DEPRECATED)
+- Chunker: Split large files
+- Combine: Combine multiple remotes into a directory tree
+- Compress: Compress files
+- Crypt: Encrypt files
+- Hasher: Hash files
+- Union: Join multiple remotes to work together
+
Links
- Home page
@@ -170,7 +193,7 @@ Quickstart
- Run rclone config to setup. See rclone config docs for more details.
- Optionally configure automatic execution.
-See below for some expanded Linux / macOS instructions.
+See below for some expanded Linux / macOS / Windows instructions.
See the usage docs for how to use rclone, or run rclone -h.
@@ -181,16 +204,18 @@ Script installation
To install rclone on Linux/macOS/BSD systems, run:
- curl https://rclone.org/install.sh | sudo bash
+ sudo -v ; curl https://rclone.org/install.sh | sudo bash
For beta installation, run:
- curl https://rclone.org/install.sh | sudo bash -s beta
+ sudo -v ; curl https://rclone.org/install.sh | sudo bash -s beta
Note that this script checks the version of rclone installed first and
won't re-download if not needed.
-Linux installation from precompiled binary
+Linux installation
+
+Precompiled binary
Fetch and unpack
@@ -214,7 +239,9 @@ Run rclone config to setup. See rclone config docs for more details.
rclone config
-macOS installation with brew
+macOS installation
+
+Installation with brew
brew install rclone
@@ -222,7 +249,12 @@ NOTE: This version of rclone will not support mount any more (see
#5373). If mounting is wanted on macOS, either install a precompiled
binary or enable the relevant option when installing from source.
-macOS installation from precompiled binary, using curl
+Note that this is a third party installer not controlled by the rclone
+developers so it may be out of date. Its current version is as below.
+
+[Homebrew package]
+
+Precompiled binary, using curl
To avoid problems with macOS gatekeeper enforcing the binary to be
signed and notarized it is enough to download with curl.
@@ -251,24 +283,82 @@ Run rclone config to setup. See rclone config docs for more details.
rclone config
-macOS installation from precompiled binary, using a web browser
+Precompiled binary, using a web browser
When downloading a binary with a web browser, the browser will set the
macOS gatekeeper quarantine attribute. Starting from Catalina, when
attempting to run rclone, a pop-up will appear saying:
- “rclone” cannot be opened because the developer cannot be verified.
+ "rclone" cannot be opened because the developer cannot be verified.
macOS cannot verify that this app is free from malware.
The simplest fix is to run
xattr -d com.apple.quarantine rclone
-Install with docker
+Windows installation
+
+Precompiled binary
+
+Fetch the correct binary for your processor type by clicking on these
+links. If not sure, use the first link.
+
+- Intel/AMD - 64 Bit
+- Intel/AMD - 32 Bit
+- ARM - 64 Bit
+
+Open this file in the Explorer and extract rclone.exe. Rclone is a
+portable executable so you can place it wherever is convenient.
+
+Open a CMD window (or powershell) and run the binary. Note that rclone
+does not launch a GUI by default, it runs in the CMD Window.
+
+- Run rclone.exe config to setup. See rclone config docs for more
+ details.
+- Optionally configure automatic execution.
+
+If you are planning to use the rclone mount feature then you will need
+to install the third party utility WinFsp also.
+
+Chocolatey package manager
+
+Make sure you have Choco installed
+
+ choco search rclone
+ choco install rclone
+
+This will install rclone on your Windows machine. If you are planning to
+use rclone mount then
+
+ choco install winfsp
+
+will install that too.
+
+Note that this is a third party installer not controlled by the rclone
+developers so it may be out of date. Its current version is as below.
+
+[Chocolatey package]
+
+Package manager installation
+
+Many Linux, Windows, macOS and other OS distributions package and
+distribute rclone.
+
+The distributed versions of rclone are often quite out of date and for
+this reason we recommend one of the other installation methods if
+possible.
+
+You can get an idea of how up to date or not your OS distribution's
+package is here.
+
+[Packaging status]
+
+Docker installation
+
+The rclone developers maintain a docker image for rclone.
-The rclone maintains a docker image for rclone. These images are
-autobuilt by docker hub from the rclone source based on a minimal Alpine
-linux image.
+These images are built as part of the release process based on a minimal
+Alpine Linux.
The :latest tag will always point to the latest stable release. You can
use the :beta tag to get the latest build from master. You can also use
@@ -344,36 +434,85 @@ Here are some commands tested on an Ubuntu 18.04.3 host:
ls ~/data/mount
kill %1
-Install from source
+Source installation
-Make sure you have at least Go go1.15 installed. Download go if
-necessary. The latest release is recommended. Then
+Make sure you have git and Go installed. Go version 1.17 or newer is
+required, latest release is recommended. You can get it from your
+package manager, or download it from golang.org/dl. Then you can run the
+following:
git clone https://github.com/rclone/rclone.git
cd rclone
go build
- # If on macOS and mount is wanted, instead run: make GOTAGS=cmount
- ./rclone version
-This will leave you a checked out version of rclone you can modify and
-send pull requests with. If you use make instead of go build then the
-rclone build will have the correct version information in it.
+This will check out the rclone source in subfolder rclone, which you can
+later modify and send pull requests with. Then it will build the rclone
+executable in the same folder. As an initial check you can now run
+./rclone version (.\rclone version on Windows).
-You can also build the latest stable rclone with:
+Note that on macOS and Windows the mount command will not be available
+unless you specify an additional build tag cmount.
- go get github.com/rclone/rclone
+ go build -tags cmount
+
+This assumes you have a GCC compatible C compiler (GCC or Clang) in your
+PATH, as it uses cgo. But on Windows, the cgofuse library that the
+cmount implementation is based on, also supports building without cgo,
+i.e. by setting environment variable CGO_ENABLED to value 0 (static
+linking). This is how the official Windows release of rclone is being
+built, starting with version 1.59. It is still possible to build with
+cgo on Windows as well, by using the MinGW port of GCC, e.g. by
+installing it in a MSYS2 distribution (make sure you install it in the
+classic mingw64 subsystem, the ucrt64 version is not compatible).
+
+Additionally, on Windows, you must install the third party utility
+WinFsp, with the "Developer" feature selected. If building with cgo, you
+must also set environment variable CPATH pointing to the fuse include
+directory within the WinFsp installation (normally
+C:\Program Files (x86)\WinFsp\inc\fuse).
+
+You may also add arguments -ldflags -s (with or without -tags cmount),
+to omit symbol table and debug information, making the executable file
+smaller, and -trimpath to remove references to local file system paths.
+This is how the official rclone releases are built.
+
+ go build -trimpath -ldflags -s -tags cmount
+
+Instead of executing the go build command directly, you can run it via
+the Makefile. It changes the version number suffix from "-DEV" to
+"-beta" and appends commit details. It also copies the resulting rclone
+executable into your GOPATH bin folder ($(go env GOPATH)/bin, which
+corresponds to ~/go/bin/rclone by default).
+
+ make
+
+To include mount command on macOS and Windows with Makefile build:
-or the latest version (equivalent to the beta) with
+ make GOTAGS=cmount
- go get github.com/rclone/rclone@master
+There are other make targets that can be used for more advanced builds,
+such as cross-compiling for all supported os/architectures, embedding
+icon and version info resources into windows executable, and packaging
+results into release artifacts. See Makefile and cross-compile.go for
+details.
+
+Another alternative is to download the source, build and install rclone
+in one operation, as a regular Go package. The source will be stored it
+in the Go module cache, and the resulting executable will be in your
+GOPATH bin folder ($(go env GOPATH)/bin, which corresponds to
+~/go/bin/rclone by default).
+
+With Go version 1.17 or newer:
+
+ go install github.com/rclone/rclone@latest
-These will build the binary in $(go env GOPATH)/bin (~/go/bin/rclone by
-default) after downloading the source to the go module cache. Note - do
-not use the -u flag here. This causes go to try to update the
-dependencies that rclone uses and sometimes these don't work with the
-current version of rclone.
+With Go versions older than 1.17 (do not use the -u flag, it causes Go
+to try to update the dependencies that rclone uses and sometimes these
+don't work with the current version):
-Installation with Ansible
+ go get github.com/rclone/rclone
+
+Ansible installation
This can be done with Stefan Weichinger's ansible role.
@@ -456,7 +595,7 @@ NOTE: Remember that when rclone runs as the SYSTEM user, the user
profile that it sees will not be yours. This means that if you normally
run rclone with configuration file in the default location, to be able
to use the same configuration when running as the system user you must
-explicitely tell rclone where to find it with the --config option, or
+explicitly tell rclone where to find it with the --config option, or
else it will look in the system users profile path
(C:\Windows\System32\config\systemprofile). To test your command
manually from a Command Prompt, you can run it with the PsExec utility
@@ -497,7 +636,7 @@ configured to run at startup.
Mount command built-in service integration
-For mount commands, Rclone has a built-in Windows service integration
+For mount commands, rclone has a built-in Windows service integration
via the third-party WinFsp library it uses. Registering as a regular
Windows service easy, as you just have to execute the built-in
PowerShell command New-Service (requires administrative privileges).
@@ -521,7 +660,7 @@ Third-party service integration
To Windows service running any rclone command, the excellent third-party
utility NSSM, the "Non-Sucking Service Manager", can be used. It
-includes some advanced features such as adjusting process periority,
+includes some advanced features such as adjusting process priority,
defining process environment variables, redirect to file anything
written to stdout, and customized response to different exit codes, with
a GUI to configure everything from (although it can also be used from
@@ -586,6 +725,7 @@ See the following for detailed instructions for
- Chunker - transparently splits large files for other remotes
- Citrix ShareFile
- Compress
+- Combine
- Crypt - to encrypt other remotes
- DigitalOcean Spaces
- Digi Storage
@@ -597,8 +737,9 @@ See the following for detailed instructions for
- Google Photos
- Hasher - to handle checksums for other remotes
- HDFS
+- HiDrive
- HTTP
-- Hubic
+- Internet Archive
- Jottacloud
- Koofr
- Mail.ru Cloud
@@ -608,6 +749,7 @@ See the following for detailed instructions for
- Microsoft OneDrive
- OpenStack Swift / Rackspace Cloudfiles / Memset Memstore
- OpenDrive
+- Oracle Object Storage
- Pcloud
- premiumize.me
- put.io
@@ -615,6 +757,7 @@ See the following for detailed instructions for
- Seafile
- SFTP
- Sia
+- SMB
- Storj
- SugarSync
- Union
@@ -696,11 +839,16 @@ Synopsis
Copy the source to the destination. Does not transfer files that are
identical on source and destination, testing by size and modification
-time or MD5SUM. Doesn't delete files from the destination.
+time or MD5SUM. Doesn't delete files from the destination. If you want
+to also delete files from destination, to make it match source, use the
+sync command instead.
Note that it is always the contents of the directory that is synced, not
-the directory so when source:path is a directory, it's the contents of
-source:path that are copied, not the directory name and contents.
+the directory itself. So when source:path is a directory, it's the
+contents of source:path that are copied, not the directory name and
+contents.
+
+To copy single files, use the copyto command instead.
If dest:path doesn't exist, it is created and the source:path contents
go there.
@@ -767,7 +915,8 @@ Sync the source to the destination, changing the destination only.
Doesn't transfer files that are identical on source and destination,
testing by size and modification time or MD5SUM. Destination is updated
to match source, including deleting files if necessary (except duplicate
-objects, see below).
+objects, see below). If you don't want to delete files from destination,
+use the copy command instead.
Important: Since this can cause data loss, test first with the --dry-run
or the --interactive/-i flag.
@@ -779,13 +928,18 @@ errors at any point. Duplicate objects (files with the same name, on
those providers that support it) are also not yet handled.
It is always the contents of the directory that is synced, not the
-directory so when source:path is a directory, it's the contents of
-source:path that are copied, not the directory name and contents. See
-extended explanation in the copy command above if unsure.
+directory itself. So when source:path is a directory, it's the contents
+of source:path that are copied, not the directory name and contents. See
+extended explanation in the copy command if unsure.
If dest:path doesn't exist, it is created and the source:path contents
go there.
+It is not possible to sync overlapping remotes. However, you may exclude
+the destination from the sync with a filter rule or by putting an
+exclude-if-present file inside the destination directory and sync to a
+destination that is inside the source directory.
+
Note: Use the -P/--progress flag to view real-time transfer statistics
Note: Use the rclone dedupe command to deal with "Duplicate
@@ -815,6 +969,8 @@ Moves the contents of the source directory to the destination directory.
Rclone will error if the source and destination overlap and the remote
does not support a server-side directory move operation.
+To move single files, use the moveto command instead.
+
If no filters are in use and if possible this will server-side move
source:path into dest:path. After this source:path will no longer exist.
@@ -971,6 +1127,9 @@ Checks the files in the source and destination match. It compares sizes
and hashes (MD5 or SHA1) and logs a report of files that don't match. It
doesn't alter the source or destination.
+For the crypt remote there is a dedicated command, cryptcheck, that are
+able to check the checksums of the crypted files.
+
If you supply the --size-only flag, it will only compare the sizes not
the hashes as well. Use this for a quick check.
@@ -1065,8 +1224,8 @@ recursion.
The other list commands lsd,lsf,lsjson do not recurse by default - use
-R to make them recurse.
-Listing a non-existent directory will produce an error except for
-remotes which can't have empty directories (e.g. s3, swift, or gcs - the
+Listing a nonexistent directory will produce an error except for remotes
+which can't have empty directories (e.g. s3, swift, or gcs - the
bucket-based remotes).
rclone ls remote:path [flags]
@@ -1106,7 +1265,7 @@ Or
-1 2017-01-03 14:40:54 -1 2500files
-1 2017-07-08 14:39:28 -1 4000files
-If you just want the directory names use "rclone lsf --dirs-only".
+If you just want the directory names use rclone lsf --dirs-only.
Any of the filtering options can be applied to this command.
@@ -1127,8 +1286,8 @@ recursion.
The other list commands lsd,lsf,lsjson do not recurse by default - use
-R to make them recurse.
-Listing a non-existent directory will produce an error except for
-remotes which can't have empty directories (e.g. s3, swift, or gcs - the
+Listing a nonexistent directory will produce an error except for remotes
+which can't have empty directories (e.g. s3, swift, or gcs - the
bucket-based remotes).
rclone lsd remote:path [flags]
@@ -1181,8 +1340,8 @@ recursion.
The other list commands lsd,lsf,lsjson do not recurse by default - use
-R to make them recurse.
-Listing a non-existent directory will produce an error except for
-remotes which can't have empty directories (e.g. s3, swift, or gcs - the
+Listing a nonexistent directory will produce an error except for remotes
+which can't have empty directories (e.g. s3, swift, or gcs - the
bucket-based remotes).
rclone lsl remote:path [flags]
@@ -1211,10 +1370,14 @@ supported by the remote, no hash will be returned. With the download
flag, the file will be downloaded from the remote and hashed locally
enabling MD5 for any remote.
+For other algorithms, see the hashsum command. Running
+rclone md5sum remote:path is equivalent to running
+rclone hashsum MD5 remote:path.
+
This command can also hash data received on standard input (stdin), by
not passing a remote:path, or by passing a hyphen as remote:path when
-there is data to read (if not, the hypen will be treated literaly, as a
-relative path).
+there is data to read (if not, the hyphen will be treated literally, as
+a relative path).
rclone md5sum remote:path [flags]
@@ -1246,10 +1409,14 @@ supported by the remote, no hash will be returned. With the download
flag, the file will be downloaded from the remote and hashed locally
enabling SHA-1 for any remote.
+For other algorithms, see the hashsum command. Running
+rclone sha1sum remote:path is equivalent to running
+rclone hashsum SHA1 remote:path.
+
This command can also hash data received on standard input (stdin), by
not passing a remote:path, or by passing a hyphen as remote:path when
-there is data to read (if not, the hypen will be treated literaly, as a
-relative path).
+there is data to read (if not, the hyphen will be treated literally, as
+a relative path).
This command can also hash data received on STDIN, if not passing a
remote:path.
@@ -1274,6 +1441,23 @@ rclone size
Prints the total size and number of objects in remote:path.
+Synopsis
+
+Counts objects in the path and calculates the total size. Prints the
+result to standard output.
+
+By default the output is in human-readable format, but shows values in
+both human-readable format as well as the raw numbers (global option
+--human-readable is not considered). Use option --json to format output
+as JSON instead.
+
+Recurses by default, use --max-depth 1 to stop the recursion.
+
+Some backends do not always provide file sizes, see for example Google
+Photos and Google Drive. Rclone will then show a notice in the log
+indicating how many such files were encountered, and count them in as
+empty files in the output of the size command.
+
rclone size remote:path [flags]
Options
@@ -1638,11 +1822,11 @@ SEE ALSO
rclone bisync
-Perform bidirectonal synchronization between two paths.
+Perform bidirectional synchronization between two paths.
Synopsis
-Perform bidirectonal synchronization between two paths.
+Perform bidirectional synchronization between two paths.
Bisync provides a bidirectional cloud sync solution in rclone. It
retains the Path1 and Path2 filesystem listings from the prior run. On
@@ -1781,7 +1965,7 @@ SEE ALSO
rclone completion
-generate the autocompletion script for the specified shell
+Generate the autocompletion script for the specified shell
Synopsis
@@ -1798,15 +1982,15 @@ See the global flags page for global options not listed here.
SEE ALSO
- rclone - Show help for rclone commands, flags and backends.
-- rclone completion bash - generate the autocompletion script for bash
-- rclone completion fish - generate the autocompletion script for fish
-- rclone completion powershell - generate the autocompletion script
+- rclone completion bash - Generate the autocompletion script for bash
+- rclone completion fish - Generate the autocompletion script for fish
+- rclone completion powershell - Generate the autocompletion script
for powershell
-- rclone completion zsh - generate the autocompletion script for zsh
+- rclone completion zsh - Generate the autocompletion script for zsh
rclone completion bash
-generate the autocompletion script for bash
+Generate the autocompletion script for bash
Synopsis
@@ -1815,12 +1999,19 @@ Generate the autocompletion script for the bash shell.
This script depends on the 'bash-completion' package. If it is not
installed already, you can install it via your OS's package manager.
-To load completions in your current shell session: $ source <(rclone
-completion bash)
+To load completions in your current shell session:
+
+ source <(rclone completion bash)
+
+To load completions for every new session, execute once:
+
+Linux:
+
+ rclone completion bash > /etc/bash_completion.d/rclone
+
+macOS:
-To load completions for every new session, execute once: Linux: $ rclone
-completion bash > /etc/bash_completion.d/rclone MacOS: $ rclone
-completion bash > /usr/local/etc/bash_completion.d/rclone
+ rclone completion bash > $(brew --prefix)/etc/bash_completion.d/rclone
You will need to start a new shell for this setup to take effect.
@@ -1835,22 +2026,24 @@ See the global flags page for global options not listed here.
SEE ALSO
-- rclone completion - generate the autocompletion script for the
+- rclone completion - Generate the autocompletion script for the
specified shell
rclone completion fish
-generate the autocompletion script for fish
+Generate the autocompletion script for fish
Synopsis
Generate the autocompletion script for the fish shell.
-To load completions in your current shell session: $ rclone completion
-fish | source
+To load completions in your current shell session:
-To load completions for every new session, execute once: $ rclone
-completion fish > ~/.config/fish/completions/rclone.fish
+ rclone completion fish | source
+
+To load completions for every new session, execute once:
+
+ rclone completion fish > ~/.config/fish/completions/rclone.fish
You will need to start a new shell for this setup to take effect.
@@ -1865,19 +2058,20 @@ See the global flags page for global options not listed here.
SEE ALSO
-- rclone completion - generate the autocompletion script for the
+- rclone completion - Generate the autocompletion script for the
specified shell
rclone completion powershell
-generate the autocompletion script for powershell
+Generate the autocompletion script for powershell
Synopsis
Generate the autocompletion script for powershell.
-To load completions in your current shell session: PS C:> rclone
-completion powershell | Out-String | Invoke-Expression
+To load completions in your current shell session:
+
+ rclone completion powershell | Out-String | Invoke-Expression
To load completions for every new session, add the output of the above
command to your powershell profile.
@@ -1893,12 +2087,12 @@ See the global flags page for global options not listed here.
SEE ALSO
-- rclone completion - generate the autocompletion script for the
+- rclone completion - Generate the autocompletion script for the
specified shell
rclone completion zsh
-generate the autocompletion script for zsh
+Generate the autocompletion script for zsh
Synopsis
@@ -1907,11 +2101,21 @@ Generate the autocompletion script for the zsh shell.
If shell completion is not already enabled in your environment you will
need to enable it. You can execute the following once:
-$ echo "autoload -U compinit; compinit" >> ~/.zshrc
+ echo "autoload -U compinit; compinit" >> ~/.zshrc
+
+To load completions in your current shell session:
+
+ source <(rclone completion zsh); compdef _rclone rclone
+
+To load completions for every new session, execute once:
+
+Linux:
+
+ rclone completion zsh > "${fpath[1]}/_rclone"
-To load completions for every new session, execute once: # Linux: $
-rclone completion zsh > "${fpath[1]}/_rclone" # macOS: $ rclone
-completion zsh > /usr/local/share/zsh/site-functions/_rclone
+macOS:
+
+ rclone completion zsh > $(brew --prefix)/share/zsh/site-functions/_rclone
You will need to start a new shell for this setup to take effect.
@@ -1926,7 +2130,7 @@ See the global flags page for global options not listed here.
SEE ALSO
-- rclone completion - generate the autocompletion script for the
+- rclone completion - Generate the autocompletion script for the
specified shell
rclone config create
@@ -1967,7 +2171,7 @@ already passing obscured passwords then use --no-obscure. You can also
set obscured passwords using the rclone config password command.
The flag --non-interactive is for use by applications that wish to
-configure rclone themeselves, rather than using rclone's text based
+configure rclone themselves, rather than using rclone's text based
configuration questions. If this flag is set, and rclone needs to ask
the user a question, a JSON blob will be returned with the question in
it.
@@ -1978,7 +2182,7 @@ This will look something like (some irrelevant detail removed):
"State": "*oauth-islocal,teamdrive,,",
"Option": {
"Name": "config_is_local",
- "Help": "Use auto config?\n * Say Y if not sure\n * Say N if you are working on a remote or headless machine\n",
+ "Help": "Use web browser to automatically authenticate rclone with remote?\n * Say Y if the machine running rclone has a web browser you can use\n * Say N if running rclone on a (remote) machine without web browser access\nIf not sure try Y. If Y failed, try N.\n",
"Default": true,
"Examples": [
{
@@ -2304,7 +2508,7 @@ already passing obscured passwords then use --no-obscure. You can also
set obscured passwords using the rclone config password command.
The flag --non-interactive is for use by applications that wish to
-configure rclone themeselves, rather than using rclone's text based
+configure rclone themselves, rather than using rclone's text based
configuration questions. If this flag is set, and rclone needs to ask
the user a question, a JSON blob will be returned with the question in
it.
@@ -2315,7 +2519,7 @@ This will look something like (some irrelevant detail removed):
"State": "*oauth-islocal,teamdrive,,",
"Option": {
"Name": "config_is_local",
- "Help": "Use auto config?\n * Say Y if not sure\n * Say N if you are working on a remote or headless machine\n",
+ "Help": "Use web browser to automatically authenticate rclone with remote?\n * Say Y if the machine running rclone has a web browser you can use\n * Say N if running rclone on a (remote) machine without web browser access\nIf not sure try Y. If Y failed, try N.\n",
"Default": true,
"Examples": [
{
@@ -2468,9 +2672,12 @@ Synopsis
Download a URL's content and copy it to the destination without saving
it in temporary storage.
-Setting --auto-filename will cause the file name to be retrieved from
-the URL (after any redirections) and used in the destination path. With
---print-filename in addition, the resulting file name will be printed.
+Setting --auto-filename will attempt to automatically determine the
+filename from the URL (after any redirections) and used in the
+destination path. With --auto-filename-header in addition, if a specific
+filename is set in HTTP headers, it will be used instead of the name
+from the URL. With --print-filename in addition, the resulting file name
+will be printed.
Setting --no-clobber will prevent overwriting file on the destination if
there is one with the same name.
@@ -2482,11 +2689,12 @@ to be written to standard output.
Options
- -a, --auto-filename Get the file name from the URL and use it for destination file path
- -h, --help help for copyurl
- --no-clobber Prevent overwriting file with same name
- -p, --print-filename Print the resulting name from --auto-filename
- --stdout Write the output to stdout rather than a file
+ -a, --auto-filename Get the file name from the URL and use it for destination file path
+ --header-filename Get the file name from the Content-Disposition header
+ -h, --help help for copyurl
+ --no-clobber Prevent overwriting file with same name
+ -p, --print-filename Print the resulting name from --auto-filename
+ --stdout Write the output to stdout rather than a file
See the global flags page for global options not listed here.
@@ -2586,7 +2794,7 @@ use it like this
rclone cryptdecode --reverse encryptedremote: filename1 filename2
Another way to accomplish this is by using the rclone backend encode (or
-decode)command. See the documentation on the crypt overlay for more
+decode) command. See the documentation on the crypt overlay for more
info.
rclone cryptdecode encryptedremote: encryptedfilename [flags]
@@ -2788,10 +2996,13 @@ supported by the remote, no hash will be returned. With the download
flag, the file will be downloaded from the remote and hashed locally
enabling any hash for any remote.
+For the MD5 and SHA1 algorithms there are also dedicated commands,
+md5sum and sha1sum.
+
This command can also hash data received on standard input (stdin), by
not passing a remote:path, or by passing a hyphen as remote:path when
-there is data to read (if not, the hypen will be treated literaly, as a
-relative path).
+there is data to read (if not, the hyphen will be treated literally, as
+a relative path).
Run without a hash to see the list of all supported hashes, e.g.
@@ -2803,6 +3014,7 @@ Run without a hash to see the list of all supported hashes, e.g.
* crc32
* sha256
* dropbox
+ * hidrive
* mailru
* quickxor
@@ -2879,7 +3091,7 @@ Synopsis
rclone listremotes lists all the available remotes from the config file.
-When uses with the -l flag it lists the types too.
+When used with the --long flag it lists the types too.
rclone listremotes [flags]
@@ -2926,6 +3138,7 @@ just the path, but you can use these parameters to control the output:
m - MimeType of object if known
e - encrypted name
T - tier of storage if known, e.g. "Hot" or "Cool"
+ M - Metadata of object in JSON blob format, eg {"key":"value"}
So if you wanted the path, size and modification time, you would use
--format "pst", or maybe --format "tsp" to put the path last.
@@ -2940,10 +3153,10 @@ Eg
2016-06-25 18:55:40;37600;fubuwic
If you specify "h" in the format you will get the MD5 hash by default,
-use the "--hash" flag to change which hash you want. Note that this can
-be returned as an empty string if it isn't available on the object (and
-for directories), "ERROR" if there was an error reading it from the
-object and "UNSUPPORTED" if that object does not support that hash type.
+use the --hash flag to change which hash you want. Note that this can be
+returned as an empty string if it isn't available on the object (and for
+directories), "ERROR" if there was an error reading it from the object
+and "UNSUPPORTED" if that object does not support that hash type.
For example, to emulate the md5sum command you can use
@@ -3011,8 +3224,8 @@ recursion.
The other list commands lsd,lsf,lsjson do not recurse by default - use
-R to make them recurse.
-Listing a non-existent directory will produce an error except for
-remotes which can't have empty directories (e.g. s3, swift, or gcs - the
+Listing a nonexistent directory will produce an error except for remotes
+which can't have empty directories (e.g. s3, swift, or gcs - the
bucket-based remotes).
rclone lsf remote:path [flags]
@@ -3046,15 +3259,25 @@ List directories and objects in the path in JSON format.
The output is an array of Items, where each Item looks like this
-{ "Hashes" : { "SHA-1" : "f572d396fae9206628714fb2ce00f72e94f2258f",
-"MD5" : "b1946ac92492d2347c6235b4d2611184", "DropboxHash" :
-"ecb65bb98f9d905b70458986c39fcbad7715e5f2fcc3b1f07767d7c83e2438cc" },
-"ID": "y2djkhiujf83u33", "OrigID": "UYOJVTUW00Q1RzTDA", "IsBucket" :
-false, "IsDir" : false, "MimeType" : "application/octet-stream",
-"ModTime" : "2017-05-31T16:15:57.034468261+01:00", "Name" : "file.txt",
-"Encrypted" : "v0qpsdq8anpci8n929v3uu9338", "EncryptedPath" :
-"kja9098349023498/v0qpsdq8anpci8n929v3uu9338", "Path" :
-"full/path/goes/here/file.txt", "Size" : 6, "Tier" : "hot", }
+ {
+ "Hashes" : {
+ "SHA-1" : "f572d396fae9206628714fb2ce00f72e94f2258f",
+ "MD5" : "b1946ac92492d2347c6235b4d2611184",
+ "DropboxHash" : "ecb65bb98f9d905b70458986c39fcbad7715e5f2fcc3b1f07767d7c83e2438cc"
+ },
+ "ID": "y2djkhiujf83u33",
+ "OrigID": "UYOJVTUW00Q1RzTDA",
+ "IsBucket" : false,
+ "IsDir" : false,
+ "MimeType" : "application/octet-stream",
+ "ModTime" : "2017-05-31T16:15:57.034468261+01:00",
+ "Name" : "file.txt",
+ "Encrypted" : "v0qpsdq8anpci8n929v3uu9338",
+ "EncryptedPath" : "kja9098349023498/v0qpsdq8anpci8n929v3uu9338",
+ "Path" : "full/path/goes/here/file.txt",
+ "Size" : 6,
+ "Tier" : "hot",
+ }
If --hash is not specified the Hashes property won't be emitted. The
types of hash can be specified with the --hash-type parameter (which may
@@ -3076,6 +3299,9 @@ returned
If --files-only is not specified directories in addition to the files
will be returned.
+If --metadata is set then an additional Metadata key will be returned.
+This will have metadata in rclone standard format as a JSON object.
+
if --stat is set then a single JSON blob will be returned about the item
pointed to. This will return an error if the item isn't found. However
on bucket based backends (like s3, gcs, b2, azureblob etc) if the item
@@ -3121,8 +3347,8 @@ recursion.
The other list commands lsd,lsf,lsjson do not recurse by default - use
-R to make them recurse.
-Listing a non-existent directory will produce an error except for
-remotes which can't have empty directories (e.g. s3, swift, or gcs - the
+Listing a nonexistent directory will produce an error except for remotes
+which can't have empty directories (e.g. s3, swift, or gcs - the
bucket-based remotes).
rclone lsjson remote:path [flags]
@@ -3130,11 +3356,12 @@ bucket-based remotes).
Options
--dirs-only Show only directories in the listing
- -M, --encrypted Show the encrypted names
+ --encrypted Show the encrypted names
--files-only Show only files in the listing
--hash Include hashes in the output (may take longer)
--hash-type stringArray Show only this hash type (may be repeated)
-h, --help help for lsjson
+ -M, --metadata Add metadata to the listing
--no-mimetype Don't read the mime type (can speed things up)
--no-modtime Don't read the modification time (can speed things up)
--original Show the ID of the underlying Object
@@ -3244,10 +3471,10 @@ unexpected program errors, freezes or other issues, consider mounting as
a network drive instead.
When mounting as a fixed disk drive you can either mount to an unused
-drive letter, or to a path representing a non-existent subdirectory of
-an existing parent directory or drive. Using the special value * will
-tell rclone to automatically assign the next available drive letter,
-starting with Z: and moving backward. Examples:
+drive letter, or to a path representing a nonexistent subdirectory of an
+existing parent directory or drive. Using the special value * will tell
+rclone to automatically assign the next available drive letter, starting
+with Z: and moving backward. Examples:
rclone mount remote:path/to/files *
rclone mount remote:path/to/files X:
@@ -3277,7 +3504,7 @@ remote UNC path by net use etc, just like a normal network drive
mapping.
If you specify a full network share UNC path with --volname, this will
-implicitely set the --network-mode option, so the following two examples
+implicitly set the --network-mode option, so the following two examples
have same result:
rclone mount remote:path/to/files X: --network-mode
@@ -3287,7 +3514,7 @@ You may also specify the network share UNC path as the mountpoint
itself. Then rclone will automatically assign a drive letter, same as
with * and use that as mountpoint, and instead use the UNC path
specified as the volume name, as if it were specified with the --volname
-option. This will also implicitely set the --network-mode option. This
+option. This will also implicitly set the --network-mode option. This
means the following two examples have same result:
rclone mount remote:path/to/files \\cloud\remote
@@ -3323,7 +3550,7 @@ on each entry will be set according to options --dir-perms and
The default permissions corresponds to
--file-perms 0666 --dir-perms 0777, i.e. read and write permissions to
everyone. This means you will not be able to start any programs from the
-the mount. To be able to do that you must add execute permissions, e.g.
+mount. To be able to do that you must add execute permissions, e.g.
--file-perms 0777 --dir-perms 0777 to add it to everyone. If the program
needs to write files, chances are you will have to enable VFS File
Caching as well (see also limitations).
@@ -3393,10 +3620,9 @@ applications won't work with their files on an rclone mount without
--vfs-cache-mode writes or --vfs-cache-mode full. See the VFS File
Caching section for more info.
-The bucket-based remotes (e.g. Swift, S3, Google Compute Storage, B2,
-Hubic) do not support the concept of empty directories, so empty
-directories will have a tendency to disappear once they fall out of the
-directory cache.
+The bucket-based remotes (e.g. Swift, S3, Google Compute Storage, B2) do
+not support the concept of empty directories, so empty directories will
+have a tendency to disappear once they fall out of the directory cache.
When rclone mount is invoked on Unix with --daemon flag, the main rclone
program will wait for the background mount to become ready or until the
@@ -3553,7 +3779,7 @@ VFS Directory Cache
Using the --dir-cache-time flag, you can control how long a directory
should be considered up to date and not refreshed from the backend.
-Changes made through the mount will appear immediately or invalidate the
+Changes made through the VFS will appear immediately or invalidate the
cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
@@ -3706,6 +3932,37 @@ FAT/exFAT do not. Rclone will perform very badly if the cache directory
is on a filesystem which doesn't support sparse files and it will log an
ERROR message if one is detected.
+Fingerprinting
+
+Various parts of the VFS use fingerprinting to see if a local file copy
+has changed relative to a remote file. Fingerprints are made from:
+
+- size
+- modification time
+- hash
+
+where available on an object.
+
+On some backends some of these attributes are slow to read (they take an
+extra API call per object, or extra work per object).
+
+For example hash is slow with the local and sftp backends as they have
+to read the entire file and hash it, and modtime is slow with the s3,
+swift, ftp and qinqstor backends because they need to do an extra API
+call to fetch it.
+
+If you use the --vfs-fast-fingerprint flag then rclone will not include
+the slow operations in the fingerprint. This makes the fingerprinting
+less accurate but much faster and will improve the opening time of
+cached files.
+
+If you are running a vfs cache over local, s3 or swift backends then
+using this flag is recommended.
+
+Note that if you change the value of this flag, the fingerprints of the
+files in the cache may be invalidated and the files will need to be
+downloaded again.
+
VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This
@@ -3746,7 +4003,7 @@ of the modification time takes a transaction.
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
- --read-only Mount read-only.
+ --read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather than
seeking rclone will wait a short time for the in sequence read or write
@@ -3758,8 +4015,8 @@ cache file.
When using VFS write caching (--vfs-cache-mode with value writes or
full), the global flag --transfers can be set to adjust the number of
-parallel uploads of modified files from cache (the related global flag
---checkers have no effect on mount).
+parallel uploads of modified files from the cache (the related global
+flag --checkers has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
@@ -3777,23 +4034,22 @@ only by case.
Usually file systems on macOS are case-insensitive. It is possible to
make macOS file systems case-sensitive but that is not the default.
-The --vfs-case-insensitive mount flag controls how rclone handles these
+The --vfs-case-insensitive VFS flag controls how rclone handles these
two cases. If its value is "false", rclone passes file names to the
-mounted file system as-is. If the flag is "true" (or appears without a
-value on command line), rclone may perform a "fixup" as explained below.
+remote as-is. If the flag is "true" (or appears without a value on the
+command line), rclone may perform a "fixup" as explained below.
The user may specify a file name to open/delete/rename/etc with a case
-different than what is stored on mounted file system. If an argument
-refers to an existing file with exactly the same name, then the case of
-the existing file on the disk will be used. However, if a file name with
-exactly the same name is not found but a name differing only by case
-exists, rclone will transparently fixup the name. This fixup happens
-only when an existing file is requested. Case sensitivity of file names
-created anew by rclone is controlled by an underlying mounted file
-system.
+different than what is stored on the remote. If an argument refers to an
+existing file with exactly the same name, then the case of the existing
+file on the disk will be used. However, if a file name with exactly the
+same name is not found but a name differing only by case exists, rclone
+will transparently fixup the name. This fixup happens only when an
+existing file is requested. Case sensitivity of file names created anew
+by rclone is controlled by the underlying remote.
Note that case sensitivity of the operating system running rclone (the
-target) may differ from case sensitivity of a file system mounted by
+target) may differ from case sensitivity of a file system presented by
rclone (the source). The flag controls whether "fixup" is performed to
satisfy the target.
@@ -3802,6 +4058,14 @@ depends on the operating system where rclone runs: "true" on Windows and
macOS, "false" otherwise. If the flag is provided without a value, then
it is "true".
+VFS Disk Options
+
+This flag allows you to manually set the statistics about the filing
+system. It can be useful when those statistics cannot be read correctly
+automatically.
+
+ --vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
+
Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used.
@@ -3824,14 +4088,14 @@ Options
--allow-other Allow access to other users (not supported on Windows)
--allow-root Allow access to root user (not supported on Windows)
--async-read Use asynchronous reads (not supported on Windows) (default true)
- --attr-timeout duration Time for which file/directory attributes are cached (default 1s)
+ --attr-timeout Duration Time for which file/directory attributes are cached (default 1s)
--daemon Run mount in background and exit parent process (as background output is suppressed, use --log-file with --log-format=pid,... to monitor) (not supported on Windows)
- --daemon-timeout duration Time limit for rclone to respond to kernel (not supported on Windows)
- --daemon-wait duration Time to wait for ready mount from daemon (maximum time on Linux, constant sleep time on OSX/BSD) (not supported on Windows) (default 1m0s)
+ --daemon-timeout Duration Time limit for rclone to respond to kernel (not supported on Windows) (default 0s)
+ --daemon-wait Duration Time to wait for ready mount from daemon (maximum time on Linux, constant sleep time on OSX/BSD) (not supported on Windows) (default 1m0s)
--debug-fuse Debug the FUSE internals - needs -v
--default-permissions Makes kernel enforce access control based on the file mode (not supported on Windows)
--devname string Set the device name - default is remote:path
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--fuse-flag stringArray Flags or arguments to be passed direct to libfuse/WinFsp (repeat if required)
@@ -3845,22 +4109,24 @@ Options
--noappledouble Ignore Apple Double (._) and .DS_Store files (supported on OSX only) (default true)
--noapplexattr Ignore all "com.apple.*" extended attributes (supported on OSX only)
-o, --option stringArray Option for libfuse/WinFsp (repeat if required)
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
--volname string Set the volume name (supported on Windows and OSX only)
--write-back-cache Makes kernel buffer writes before sending them to rclone (without this, writethrough caching is used) (not supported on Windows)
@@ -3934,28 +4200,52 @@ builds an in memory representation. rclone ncdu can be used during this
scanning phase and you will see it building up the directory structure
as it goes along.
-Here are the keys - press '?' to toggle the help on and off
+You can interact with the user interface using key presses, press '?' to
+toggle the help on and off. The supported keys are:
↑,↓ or k,j to Move
→,l to enter
←,h to return
- c toggle counts
g toggle graph
+ c toggle counts
a toggle average size in directory
+ m toggle modified time
u toggle human-readable format
- n,s,C,A sort by name,size,count,average size
+ n,s,C,A,M sort by name,size,count,asize,mtime
d delete file/directory
+ v select file/directory
+ V enter visual select mode
+ D delete selected files/directories
y copy current path to clipboard
Y display current path
- ^L refresh screen
+ ^L refresh screen (fix screen corruption)
? to toggle help on and off
- q/ESC/c-C to quit
+ q/ESC/^c to quit
+
+Listed files/directories may be prefixed by a one-character flag, some
+of them combined with a description in brackets at end of line. These
+flags have the following meaning:
+
+ e means this is an empty directory, i.e. contains no files (but
+ may contain empty subdirectories)
+ ~ means this is a directory where some of the files (possibly in
+ subdirectories) have unknown size, and therefore the directory
+ size may be underestimated (and average size inaccurate, as it
+ is average of the files with known sizes).
+ . means an error occurred while reading a subdirectory, and
+ therefore the directory size may be underestimated (and average
+ size inaccurate)
+ ! means an error occurred while reading this directory
This an homage to the ncdu tool but for rclone remotes. It is missing
lots of features at the moment but is useful as it stands.
-Note that it might take some time to delete big files/folders. The UI
-won't respond in the meantime since the deletion is done synchronously.
+Note that it might take some time to delete big files/directories. The
+UI won't respond in the meantime since the deletion is done
+synchronously.
+
+For a non-interactive listing of the remote, see the tree command. To
+just get the total size of the remote you can also use the size command.
rclone ncdu remote:path [flags]
@@ -3989,7 +4279,7 @@ This command can also accept a password through STDIN instead of an
argument by passing a hyphen as an argument. This will use the first
line of STDIN as the password not including the trailing newline.
-echo "secretpassword" | rclone obscure -
+ echo "secretpassword" | rclone obscure -
If there is no data on STDIN to read, rclone obscure will default to
obfuscating the hyphen itself.
@@ -4034,9 +4324,9 @@ instead of key=value arguments. This is the only way of passing in more
complicated values.
The -o/--opt option can be used to set a key "opt" with key, value
-options in the form "-o key=value" or "-o key". It can be repeated as
-many times as required. This is useful for rc commands which take the
-"opt" parameter which by convention is a dictionary of strings.
+options in the form -o key=value or -o key. It can be repeated as many
+times as required. This is useful for rc commands which take the "opt"
+parameter which by convention is a dictionary of strings.
-o key=value -o key2
@@ -4055,13 +4345,13 @@ Will place this in the "arg" value
["value", "value2"]
-Use --loopback to connect to the rclone instance running "rclone rc".
-This is very useful for testing commands without having to run an rclone
-rc server, e.g.:
+Use --loopback to connect to the rclone instance running rclone rc. This
+is very useful for testing commands without having to run an rclone rc
+server, e.g.:
rclone rc --loopback operations/about fs=/
-Use "rclone rc" to see a list of all possible commands.
+Use rclone rc to see a list of all possible commands.
rclone rc commands parameter [flags]
@@ -4106,12 +4396,12 @@ before that. The data must fit into RAM. The cutoff needs to be small
enough to adhere the limits of your remote, please see there. Generally
speaking, setting this cutoff too high will decrease your performance.
-Use the |--size| flag to preallocate the file in advance at the remote
-end and actually stream it, even if remote backend doesn't support
+Use the --size flag to preallocate the file in advance at the remote end
+and actually stream it, even if remote backend doesn't support
streaming.
-|--size| should be the exact size of the input stream in bytes. If the
-size of the stream is different in length to the |--size| passed in then
+--size should be the exact size of the input stream in bytes. If the
+size of the stream is different in length to the --size passed in then
the transfer will likely fail.
Note that the upload can also not be retried because the data is not
@@ -4148,6 +4438,128 @@ browser when rclone is run.
See the rc documentation for more info on the rc flags.
+Server options
+
+Use --addr to specify which IP address and port the server should listen
+on, eg --addr 1.2.3.4:8000 or --addr :8080 to listen to all IPs. By
+default it only listens on localhost. You can use port :0 to let the OS
+choose an available port.
+
+If you set --addr to listen on a public or LAN accessible IP address
+then using Authentication is advised - see the next section for info.
+
+You can use a unix socket by setting the url to unix:///path/to/socket
+or just by using an absolute path name. Note that unix sockets bypass
+the authentication - this is expected to be done with file system
+permissions.
+
+--addr may be repeated to listen on multiple IPs/ports/sockets.
+
+--server-read-timeout and --server-write-timeout can be used to control
+the timeouts on the server. Note that this is the total time for a
+transfer.
+
+--max-header-bytes controls the maximum number of bytes the server will
+accept in the HTTP header.
+
+--baseurl controls the URL prefix that rclone serves from. By default
+rclone will serve from the root. If you used --baseurl "/rclone" then
+rclone would serve from a URL starting with "/rclone/". This is useful
+if you wish to proxy rclone serve. Rclone automatically inserts leading
+and trailing "/" on --baseurl, so --baseurl "rclone",
+--baseurl "/rclone" and --baseurl "/rclone/" are all treated
+identically.
+
+TLS (SSL)
+
+By default this will serve over http. If you want you can serve over
+https. You will need to supply the --cert and --key flags. If you wish
+to do client side certificate validation then you will need to supply
+--client-ca also.
+
+--cert should be a either a PEM encoded certificate or a concatenation
+of that with the CA certificate. --key should be the PEM encoded private
+key and --client-ca should be the PEM encoded client certificate
+authority certificate.
+
+--min-tls-version is minimum TLS version that is acceptable. Valid
+values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default "tls1.0").
+
+Template
+
+--template allows a user to specify a custom markup template for HTTP
+and WebDAV serve functions. The server exports the following markup to
+be used within the template to server pages:
+
+ -----------------------------------------------------------------------
+ Parameter Description
+ ----------------------------------- -----------------------------------
+ .Name The full path of a file/directory.
+
+ .Title Directory listing of .Name
+
+ .Sort The current sort used. This is
+ changeable via ?sort= parameter
+
+ Sort Options:
+ namedirfirst,name,size,time
+ (default namedirfirst)
+
+ .Order The current ordering used. This is
+ changeable via ?order= parameter
+
+ Order Options: asc,desc (default
+ asc)
+
+ .Query Currently unused.
+
+ .Breadcrumb Allows for creating a relative
+ navigation
+
+ -- .Link The relative to the root link of
+ the Text.
+
+ -- .Text The Name of the directory.
+
+ .Entries Information about a specific
+ file/directory.
+
+ -- .URL The 'url' of an entry.
+
+ -- .Leaf Currently same as 'URL' but
+ intended to be 'just' the name.
+
+ -- .IsDir Boolean for if an entry is a
+ directory or not.
+
+ -- .Size Size in Bytes of the entry.
+
+ -- .ModTime The UTC timestamp of an entry.
+ -----------------------------------------------------------------------
+
+Authentication
+
+By default this will serve files without needing a login.
+
+You can either use an htpasswd file which can take lots of users, or set
+a single username and password with the --user and --pass flags.
+
+Use --htpasswd /path/to/htpasswd to provide an htpasswd file. This is in
+standard apache format and supports MD5, SHA1 and BCrypt for basic
+authentication. Bcrypt is recommended.
+
+To create an htpasswd file:
+
+ touch htpasswd
+ htpasswd -B htpasswd user
+ htpasswd -B htpasswd anotherUser
+
+The password file can be updated while rclone is running.
+
+Use --realm to set the authentication realm.
+
+Use --salt to change the password hashing salt from the default.
+
rclone rcd * [flags]
Options
@@ -4271,8 +4683,8 @@ Serve a remote over a protocol.
Synopsis
-rclone serve is used to serve a remote over a given protocol. This
-command requires the use of a subcommand to specify the protocol, e.g.
+Serve a remote over a given protocol. Requires the use of a subcommand
+to specify the protocol, e.g.
rclone serve http remote:
@@ -4296,7 +4708,7 @@ SEE ALSO
- rclone serve http - Serve the remote over HTTP.
- rclone serve restic - Serve the remote for restic's REST API.
- rclone serve sftp - Serve the remote over SFTP.
-- rclone serve webdav - Serve remote:path over webdav.
+- rclone serve webdav - Serve remote:path over WebDAV.
rclone serve dlna
@@ -4304,11 +4716,11 @@ Serve remote:path over DLNA
Synopsis
-rclone serve dlna is a DLNA media server for media stored in an rclone
-remote. Many devices, such as the Xbox and PlayStation, can
-automatically discover this server in the LAN and play audio/video from
-it. VLC is also supported. Service discovery uses UDP multicast packets
-(SSDP) and will thus only work on LANs.
+Run a DLNA media server for media stored in an rclone remote. Many
+devices, such as the Xbox and PlayStation, can automatically discover
+this server in the LAN and play audio/video from it. VLC is also
+supported. Service discovery uses UDP multicast packets (SSDP) and will
+thus only work on LANs.
Rclone will list all files present in the remote, without filtering
based on media formats or file extensions. Additionally, there is no
@@ -4344,7 +4756,7 @@ VFS Directory Cache
Using the --dir-cache-time flag, you can control how long a directory
should be considered up to date and not refreshed from the backend.
-Changes made through the mount will appear immediately or invalidate the
+Changes made through the VFS will appear immediately or invalidate the
cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
@@ -4497,6 +4909,37 @@ FAT/exFAT do not. Rclone will perform very badly if the cache directory
is on a filesystem which doesn't support sparse files and it will log an
ERROR message if one is detected.
+Fingerprinting
+
+Various parts of the VFS use fingerprinting to see if a local file copy
+has changed relative to a remote file. Fingerprints are made from:
+
+- size
+- modification time
+- hash
+
+where available on an object.
+
+On some backends some of these attributes are slow to read (they take an
+extra API call per object, or extra work per object).
+
+For example hash is slow with the local and sftp backends as they have
+to read the entire file and hash it, and modtime is slow with the s3,
+swift, ftp and qinqstor backends because they need to do an extra API
+call to fetch it.
+
+If you use the --vfs-fast-fingerprint flag then rclone will not include
+the slow operations in the fingerprint. This makes the fingerprinting
+less accurate but much faster and will improve the opening time of
+cached files.
+
+If you are running a vfs cache over local, s3 or swift backends then
+using this flag is recommended.
+
+Note that if you change the value of this flag, the fingerprints of the
+files in the cache may be invalidated and the files will need to be
+downloaded again.
+
VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This
@@ -4537,7 +4980,7 @@ of the modification time takes a transaction.
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
- --read-only Mount read-only.
+ --read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather than
seeking rclone will wait a short time for the in sequence read or write
@@ -4549,8 +4992,8 @@ cache file.
When using VFS write caching (--vfs-cache-mode with value writes or
full), the global flag --transfers can be set to adjust the number of
-parallel uploads of modified files from cache (the related global flag
---checkers have no effect on mount).
+parallel uploads of modified files from the cache (the related global
+flag --checkers has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
@@ -4568,23 +5011,22 @@ only by case.
Usually file systems on macOS are case-insensitive. It is possible to
make macOS file systems case-sensitive but that is not the default.
-The --vfs-case-insensitive mount flag controls how rclone handles these
+The --vfs-case-insensitive VFS flag controls how rclone handles these
two cases. If its value is "false", rclone passes file names to the
-mounted file system as-is. If the flag is "true" (or appears without a
-value on command line), rclone may perform a "fixup" as explained below.
+remote as-is. If the flag is "true" (or appears without a value on the
+command line), rclone may perform a "fixup" as explained below.
The user may specify a file name to open/delete/rename/etc with a case
-different than what is stored on mounted file system. If an argument
-refers to an existing file with exactly the same name, then the case of
-the existing file on the disk will be used. However, if a file name with
-exactly the same name is not found but a name differing only by case
-exists, rclone will transparently fixup the name. This fixup happens
-only when an existing file is requested. Case sensitivity of file names
-created anew by rclone is controlled by an underlying mounted file
-system.
+different than what is stored on the remote. If an argument refers to an
+existing file with exactly the same name, then the case of the existing
+file on the disk will be used. However, if a file name with exactly the
+same name is not found but a name differing only by case exists, rclone
+will transparently fixup the name. This fixup happens only when an
+existing file is requested. Case sensitivity of file names created anew
+by rclone is controlled by the underlying remote.
Note that case sensitivity of the operating system running rclone (the
-target) may differ from case sensitivity of a file system mounted by
+target) may differ from case sensitivity of a file system presented by
rclone (the source). The flag controls whether "fixup" is performed to
satisfy the target.
@@ -4593,6 +5035,14 @@ depends on the operating system where rclone runs: "true" on Windows and
macOS, "false" otherwise. If the flag is provided without a value, then
it is "true".
+VFS Disk Options
+
+This flag allows you to manually set the statistics about the filing
+system. It can be useful when those statistics cannot be read correctly
+automatically.
+
+ --vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
+
Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used.
@@ -4612,32 +5062,36 @@ only with caching.
Options
--addr string The ip:port or :port to bind the DLNA http server to (default ":7879")
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --announce-interval Duration The interval between SSDP announcements (default 12m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
-h, --help help for dlna
+ --interface stringArray The interface to use for SSDP (repeat as necessary)
--log-trace Enable trace logging of SOAP traffic
--name string Name of DLNA server
--no-checksum Don't compare checksums on up/download
--no-modtime Don't read/write the modification time (can speed things up)
--no-seek Don't allow seeking in files
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
See the global flags page for global options not listed here.
@@ -4707,7 +5161,7 @@ VFS Directory Cache
Using the --dir-cache-time flag, you can control how long a directory
should be considered up to date and not refreshed from the backend.
-Changes made through the mount will appear immediately or invalidate the
+Changes made through the VFS will appear immediately or invalidate the
cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
@@ -4860,6 +5314,37 @@ FAT/exFAT do not. Rclone will perform very badly if the cache directory
is on a filesystem which doesn't support sparse files and it will log an
ERROR message if one is detected.
+Fingerprinting
+
+Various parts of the VFS use fingerprinting to see if a local file copy
+has changed relative to a remote file. Fingerprints are made from:
+
+- size
+- modification time
+- hash
+
+where available on an object.
+
+On some backends some of these attributes are slow to read (they take an
+extra API call per object, or extra work per object).
+
+For example hash is slow with the local and sftp backends as they have
+to read the entire file and hash it, and modtime is slow with the s3,
+swift, ftp and qinqstor backends because they need to do an extra API
+call to fetch it.
+
+If you use the --vfs-fast-fingerprint flag then rclone will not include
+the slow operations in the fingerprint. This makes the fingerprinting
+less accurate but much faster and will improve the opening time of
+cached files.
+
+If you are running a vfs cache over local, s3 or swift backends then
+using this flag is recommended.
+
+Note that if you change the value of this flag, the fingerprints of the
+files in the cache may be invalidated and the files will need to be
+downloaded again.
+
VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This
@@ -4900,7 +5385,7 @@ of the modification time takes a transaction.
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
- --read-only Mount read-only.
+ --read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather than
seeking rclone will wait a short time for the in sequence read or write
@@ -4912,8 +5397,8 @@ cache file.
When using VFS write caching (--vfs-cache-mode with value writes or
full), the global flag --transfers can be set to adjust the number of
-parallel uploads of modified files from cache (the related global flag
---checkers have no effect on mount).
+parallel uploads of modified files from the cache (the related global
+flag --checkers has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
@@ -4931,23 +5416,22 @@ only by case.
Usually file systems on macOS are case-insensitive. It is possible to
make macOS file systems case-sensitive but that is not the default.
-The --vfs-case-insensitive mount flag controls how rclone handles these
+The --vfs-case-insensitive VFS flag controls how rclone handles these
two cases. If its value is "false", rclone passes file names to the
-mounted file system as-is. If the flag is "true" (or appears without a
-value on command line), rclone may perform a "fixup" as explained below.
+remote as-is. If the flag is "true" (or appears without a value on the
+command line), rclone may perform a "fixup" as explained below.
The user may specify a file name to open/delete/rename/etc with a case
-different than what is stored on mounted file system. If an argument
-refers to an existing file with exactly the same name, then the case of
-the existing file on the disk will be used. However, if a file name with
-exactly the same name is not found but a name differing only by case
-exists, rclone will transparently fixup the name. This fixup happens
-only when an existing file is requested. Case sensitivity of file names
-created anew by rclone is controlled by an underlying mounted file
-system.
+different than what is stored on the remote. If an argument refers to an
+existing file with exactly the same name, then the case of the existing
+file on the disk will be used. However, if a file name with exactly the
+same name is not found but a name differing only by case exists, rclone
+will transparently fixup the name. This fixup happens only when an
+existing file is requested. Case sensitivity of file names created anew
+by rclone is controlled by the underlying remote.
Note that case sensitivity of the operating system running rclone (the
-target) may differ from case sensitivity of a file system mounted by
+target) may differ from case sensitivity of a file system presented by
rclone (the source). The flag controls whether "fixup" is performed to
satisfy the target.
@@ -4956,6 +5440,14 @@ depends on the operating system where rclone runs: "true" on Windows and
macOS, "false" otherwise. If the flag is provided without a value, then
it is "true".
+VFS Disk Options
+
+This flag allows you to manually set the statistics about the filing
+system. It can be useful when those statistics cannot be read correctly
+automatically.
+
+ --vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
+
Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used.
@@ -4978,15 +5470,15 @@ Options
--allow-other Allow access to other users (not supported on Windows)
--allow-root Allow access to root user (not supported on Windows)
--async-read Use asynchronous reads (not supported on Windows) (default true)
- --attr-timeout duration Time for which file/directory attributes are cached (default 1s)
+ --attr-timeout Duration Time for which file/directory attributes are cached (default 1s)
--base-dir string Base directory for volumes (default "/var/lib/docker-volumes/rclone")
--daemon Run mount in background and exit parent process (as background output is suppressed, use --log-file with --log-format=pid,... to monitor) (not supported on Windows)
- --daemon-timeout duration Time limit for rclone to respond to kernel (not supported on Windows)
- --daemon-wait duration Time to wait for ready mount from daemon (maximum time on Linux, constant sleep time on OSX/BSD) (not supported on Windows) (default 1m0s)
+ --daemon-timeout Duration Time limit for rclone to respond to kernel (not supported on Windows) (default 0s)
+ --daemon-wait Duration Time to wait for ready mount from daemon (maximum time on Linux, constant sleep time on OSX/BSD) (not supported on Windows) (default 1m0s)
--debug-fuse Debug the FUSE internals - needs -v
--default-permissions Makes kernel enforce access control based on the file mode (not supported on Windows)
--devname string Set the device name - default is remote:path
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--forget-state Skip restoring previous state
@@ -5002,24 +5494,26 @@ Options
--noappledouble Ignore Apple Double (._) and .DS_Store files (supported on OSX only) (default true)
--noapplexattr Ignore all "com.apple.*" extended attributes (supported on OSX only)
-o, --option stringArray Option for libfuse/WinFsp (repeat if required)
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
--socket-addr string Address or absolute path (default: /run/docker/plugins/rclone.sock)
--socket-gid int GID for unix socket (default: current process GID) (default 1000)
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
--volname string Set the volume name (supported on Windows and OSX only)
--write-back-cache Makes kernel buffer writes before sending them to rclone (without this, writethrough caching is used) (not supported on Windows)
@@ -5035,9 +5529,9 @@ Serve remote:path over FTP.
Synopsis
-rclone serve ftp implements a basic ftp server to serve the remote over
-FTP protocol. This can be viewed with a ftp client or you can make a
-remote of type ftp to read and write it.
+Run a basic FTP server to serve a remote over FTP protocol. This can be
+viewed with a FTP client or you can make a remote of type FTP to read
+and write it.
Server options
@@ -5074,7 +5568,7 @@ VFS Directory Cache
Using the --dir-cache-time flag, you can control how long a directory
should be considered up to date and not refreshed from the backend.
-Changes made through the mount will appear immediately or invalidate the
+Changes made through the VFS will appear immediately or invalidate the
cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
@@ -5227,6 +5721,37 @@ FAT/exFAT do not. Rclone will perform very badly if the cache directory
is on a filesystem which doesn't support sparse files and it will log an
ERROR message if one is detected.
+Fingerprinting
+
+Various parts of the VFS use fingerprinting to see if a local file copy
+has changed relative to a remote file. Fingerprints are made from:
+
+- size
+- modification time
+- hash
+
+where available on an object.
+
+On some backends some of these attributes are slow to read (they take an
+extra API call per object, or extra work per object).
+
+For example hash is slow with the local and sftp backends as they have
+to read the entire file and hash it, and modtime is slow with the s3,
+swift, ftp and qinqstor backends because they need to do an extra API
+call to fetch it.
+
+If you use the --vfs-fast-fingerprint flag then rclone will not include
+the slow operations in the fingerprint. This makes the fingerprinting
+less accurate but much faster and will improve the opening time of
+cached files.
+
+If you are running a vfs cache over local, s3 or swift backends then
+using this flag is recommended.
+
+Note that if you change the value of this flag, the fingerprints of the
+files in the cache may be invalidated and the files will need to be
+downloaded again.
+
VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This
@@ -5267,7 +5792,7 @@ of the modification time takes a transaction.
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
- --read-only Mount read-only.
+ --read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather than
seeking rclone will wait a short time for the in sequence read or write
@@ -5279,8 +5804,8 @@ cache file.
When using VFS write caching (--vfs-cache-mode with value writes or
full), the global flag --transfers can be set to adjust the number of
-parallel uploads of modified files from cache (the related global flag
---checkers have no effect on mount).
+parallel uploads of modified files from the cache (the related global
+flag --checkers has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
@@ -5298,23 +5823,22 @@ only by case.
Usually file systems on macOS are case-insensitive. It is possible to
make macOS file systems case-sensitive but that is not the default.
-The --vfs-case-insensitive mount flag controls how rclone handles these
+The --vfs-case-insensitive VFS flag controls how rclone handles these
two cases. If its value is "false", rclone passes file names to the
-mounted file system as-is. If the flag is "true" (or appears without a
-value on command line), rclone may perform a "fixup" as explained below.
+remote as-is. If the flag is "true" (or appears without a value on the
+command line), rclone may perform a "fixup" as explained below.
The user may specify a file name to open/delete/rename/etc with a case
-different than what is stored on mounted file system. If an argument
-refers to an existing file with exactly the same name, then the case of
-the existing file on the disk will be used. However, if a file name with
-exactly the same name is not found but a name differing only by case
-exists, rclone will transparently fixup the name. This fixup happens
-only when an existing file is requested. Case sensitivity of file names
-created anew by rclone is controlled by an underlying mounted file
-system.
+different than what is stored on the remote. If an argument refers to an
+existing file with exactly the same name, then the case of the existing
+file on the disk will be used. However, if a file name with exactly the
+same name is not found but a name differing only by case exists, rclone
+will transparently fixup the name. This fixup happens only when an
+existing file is requested. Case sensitivity of file names created anew
+by rclone is controlled by the underlying remote.
Note that case sensitivity of the operating system running rclone (the
-target) may differ from case sensitivity of a file system mounted by
+target) may differ from case sensitivity of a file system presented by
rclone (the source). The flag controls whether "fixup" is performed to
satisfy the target.
@@ -5323,6 +5847,14 @@ depends on the operating system where rclone runs: "true" on Windows and
macOS, "false" otherwise. If the flag is provided without a value, then
it is "true".
+VFS Disk Options
+
+This flag allows you to manually set the statistics about the filing
+system. It can be useful when those statistics cannot be read correctly
+automatically.
+
+ --vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
+
Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used.
@@ -5415,7 +5947,7 @@ Options
--addr string IPaddress:Port or :Port to bind server to (default "localhost:2121")
--auth-proxy string A program to use to create the backend from the auth
--cert string TLS PEM key (concatenation of certificate and CA certificate)
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
@@ -5426,24 +5958,26 @@ Options
--no-seek Don't allow seeking in files
--pass string Password for authentication (empty value allow every password)
--passive-port string Passive port range to use (default "30000-32000")
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
--public-ip string Public IP address to advertise for passive connections
- --read-only Mount read-only
+ --read-only Only allow read-only access
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
--user string User name for authentication (default "anonymous")
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
See the global flags page for global options not listed here.
@@ -5457,9 +5991,8 @@ Serve the remote over HTTP.
Synopsis
-rclone serve http implements a basic web server to serve the remote over
-HTTP. This can be viewed in a web browser or you can make a remote of
-type http read from it.
+Run a basic web server to serve a remote over HTTP. This can be viewed
+in a web browser or you can make a remote of type http read from it.
You can use the filter flags (e.g. --include, --exclude) to control what
is served.
@@ -5479,6 +6012,13 @@ choose an available port.
If you set --addr to listen on a public or LAN accessible IP address
then using Authentication is advised - see the next section for info.
+You can use a unix socket by setting the url to unix:///path/to/socket
+or just by using an absolute path name. Note that unix sockets bypass
+the authentication - this is expected to be done with file system
+permissions.
+
+--addr may be repeated to listen on multiple IPs/ports/sockets.
+
--server-read-timeout and --server-write-timeout can be used to control
the timeouts on the server. Note that this is the total time for a
transfer.
@@ -5490,10 +6030,11 @@ accept in the HTTP header.
rclone will serve from the root. If you used --baseurl "/rclone" then
rclone would serve from a URL starting with "/rclone/". This is useful
if you wish to proxy rclone serve. Rclone automatically inserts leading
-and trailing "/" on --baseurl, so --baseurl "rclone", --baseurl
-"/rclone" and --baseurl "/rclone/" are all treated identically.
+and trailing "/" on --baseurl, so --baseurl "rclone",
+--baseurl "/rclone" and --baseurl "/rclone/" are all treated
+identically.
-SSL/TLS
+TLS (SSL)
By default this will serve over http. If you want you can serve over
https. You will need to supply the --cert and --key flags. If you wish
@@ -5505,10 +6046,13 @@ of that with the CA certificate. --key should be the PEM encoded private
key and --client-ca should be the PEM encoded client certificate
authority certificate.
+--min-tls-version is minimum TLS version that is acceptable. Valid
+values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default "tls1.0").
+
Template
---template allows a user to specify a custom markup template for http
-and webdav serve functions. The server exports the following markup to
+--template allows a user to specify a custom markup template for HTTP
+and WebDAV serve functions. The server exports the following markup to
be used within the template to server pages:
-----------------------------------------------------------------------
@@ -5598,7 +6142,7 @@ VFS Directory Cache
Using the --dir-cache-time flag, you can control how long a directory
should be considered up to date and not refreshed from the backend.
-Changes made through the mount will appear immediately or invalidate the
+Changes made through the VFS will appear immediately or invalidate the
cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
@@ -5751,6 +6295,37 @@ FAT/exFAT do not. Rclone will perform very badly if the cache directory
is on a filesystem which doesn't support sparse files and it will log an
ERROR message if one is detected.
+Fingerprinting
+
+Various parts of the VFS use fingerprinting to see if a local file copy
+has changed relative to a remote file. Fingerprints are made from:
+
+- size
+- modification time
+- hash
+
+where available on an object.
+
+On some backends some of these attributes are slow to read (they take an
+extra API call per object, or extra work per object).
+
+For example hash is slow with the local and sftp backends as they have
+to read the entire file and hash it, and modtime is slow with the s3,
+swift, ftp and qinqstor backends because they need to do an extra API
+call to fetch it.
+
+If you use the --vfs-fast-fingerprint flag then rclone will not include
+the slow operations in the fingerprint. This makes the fingerprinting
+less accurate but much faster and will improve the opening time of
+cached files.
+
+If you are running a vfs cache over local, s3 or swift backends then
+using this flag is recommended.
+
+Note that if you change the value of this flag, the fingerprints of the
+files in the cache may be invalidated and the files will need to be
+downloaded again.
+
VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This
@@ -5791,7 +6366,7 @@ of the modification time takes a transaction.
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
- --read-only Mount read-only.
+ --read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather than
seeking rclone will wait a short time for the in sequence read or write
@@ -5803,8 +6378,8 @@ cache file.
When using VFS write caching (--vfs-cache-mode with value writes or
full), the global flag --transfers can be set to adjust the number of
-parallel uploads of modified files from cache (the related global flag
---checkers have no effect on mount).
+parallel uploads of modified files from the cache (the related global
+flag --checkers has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
@@ -5822,23 +6397,22 @@ only by case.
Usually file systems on macOS are case-insensitive. It is possible to
make macOS file systems case-sensitive but that is not the default.
-The --vfs-case-insensitive mount flag controls how rclone handles these
+The --vfs-case-insensitive VFS flag controls how rclone handles these
two cases. If its value is "false", rclone passes file names to the
-mounted file system as-is. If the flag is "true" (or appears without a
-value on command line), rclone may perform a "fixup" as explained below.
+remote as-is. If the flag is "true" (or appears without a value on the
+command line), rclone may perform a "fixup" as explained below.
The user may specify a file name to open/delete/rename/etc with a case
-different than what is stored on mounted file system. If an argument
-refers to an existing file with exactly the same name, then the case of
-the existing file on the disk will be used. However, if a file name with
-exactly the same name is not found but a name differing only by case
-exists, rclone will transparently fixup the name. This fixup happens
-only when an existing file is requested. Case sensitivity of file names
-created anew by rclone is controlled by an underlying mounted file
-system.
+different than what is stored on the remote. If an argument refers to an
+existing file with exactly the same name, then the case of the existing
+file on the disk will be used. However, if a file name with exactly the
+same name is not found but a name differing only by case exists, rclone
+will transparently fixup the name. This fixup happens only when an
+existing file is requested. Case sensitivity of file names created anew
+by rclone is controlled by the underlying remote.
Note that case sensitivity of the operating system running rclone (the
-target) may differ from case sensitivity of a file system mounted by
+target) may differ from case sensitivity of a file system presented by
rclone (the source). The flag controls whether "fixup" is performed to
satisfy the target.
@@ -5847,6 +6421,14 @@ depends on the operating system where rclone runs: "true" on Windows and
macOS, "false" otherwise. If the flag is provided without a value, then
it is "true".
+VFS Disk Options
+
+This flag allows you to manually set the statistics about the filing
+system. It can be useful when those statistics cannot be read correctly
+automatically.
+
+ --vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
+
Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used.
@@ -5865,44 +6447,47 @@ only with caching.
Options
- --addr string IPaddress:Port or :Port to bind server to (default "127.0.0.1:8080")
+ --addr stringArray IPaddress:Port or :Port to bind server to (default [127.0.0.1:8080])
--baseurl string Prefix for URLs - leave blank for root
- --cert string SSL PEM key (concatenation of certificate and CA certificate)
+ --cert string TLS PEM key (concatenation of certificate and CA certificate)
--client-ca string Client certificate authority to verify clients with
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
-h, --help help for http
--htpasswd string A htpasswd file - if not provided no authentication is done
- --key string SSL PEM Private key
+ --key string TLS PEM Private key
--max-header-bytes int Maximum size of request header (default 4096)
+ --min-tls-version string Minimum TLS version that is acceptable (default "tls1.0")
--no-checksum Don't compare checksums on up/download
--no-modtime Don't read/write the modification time (can speed things up)
--no-seek Don't allow seeking in files
--pass string Password for authentication
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
--realm string Realm for authentication
--salt string Password hashing salt (default "dlPL2MqE")
- --server-read-timeout duration Timeout for server reading data (default 1h0m0s)
- --server-write-timeout duration Timeout for server writing data (default 1h0m0s)
+ --server-read-timeout Duration Timeout for server reading data (default 1h0m0s)
+ --server-write-timeout Duration Timeout for server writing data (default 1h0m0s)
--template string User-specified template
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
--user string User name for authentication
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
See the global flags page for global options not listed here.
@@ -5916,9 +6501,9 @@ Serve the remote for restic's REST API.
Synopsis
-rclone serve restic implements restic's REST backend API over HTTP. This
-allows restic to use rclone as a data storage mechanism for cloud
-providers that restic does not support directly.
+Run a basic web server to serve a remote over restic's REST backend API
+over HTTP. This allows restic to use rclone as a data storage mechanism
+for cloud providers that restic does not support directly.
Restic is a command-line program for doing backups.
@@ -5944,7 +6529,7 @@ Where you can replace "backup" in the above by whatever path in the
remote you wish to use.
By default this will serve on "localhost:8080" you can change this with
-use of the "--addr" flag.
+use of the --addr flag.
You might wish to start this server on boot.
@@ -5992,19 +6577,26 @@ must end with /. Eg
Private repositories
-The "--private-repos" flag can be used to limit users to repositories
+The--private-repos flag can be used to limit users to repositories
starting with a path of //.
Server options
Use --addr to specify which IP address and port the server should listen
-on, e.g. --addr 1.2.3.4:8000 or --addr :8080 to listen to all IPs. By
+on, eg --addr 1.2.3.4:8000 or --addr :8080 to listen to all IPs. By
default it only listens on localhost. You can use port :0 to let the OS
choose an available port.
If you set --addr to listen on a public or LAN accessible IP address
then using Authentication is advised - see the next section for info.
+You can use a unix socket by setting the url to unix:///path/to/socket
+or just by using an absolute path name. Note that unix sockets bypass
+the authentication - this is expected to be done with file system
+permissions.
+
+--addr may be repeated to listen on multiple IPs/ports/sockets.
+
--server-read-timeout and --server-write-timeout can be used to control
the timeouts on the server. Note that this is the total time for a
transfer.
@@ -6016,58 +6608,24 @@ accept in the HTTP header.
rclone will serve from the root. If you used --baseurl "/rclone" then
rclone would serve from a URL starting with "/rclone/". This is useful
if you wish to proxy rclone serve. Rclone automatically inserts leading
-and trailing "/" on --baseurl, so --baseurl "rclone", --baseurl
-"/rclone" and --baseurl "/rclone/" are all treated identically.
-
---template allows a user to specify a custom markup template for http
-and webdav serve functions. The server exports the following markup to
-be used within the template to server pages:
-
- -----------------------------------------------------------------------
- Parameter Description
- ----------------------------------- -----------------------------------
- .Name The full path of a file/directory.
-
- .Title Directory listing of .Name
-
- .Sort The current sort used. This is
- changeable via ?sort= parameter
-
- Sort Options:
- namedirfirst,name,size,time
- (default namedirfirst)
-
- .Order The current ordering used. This is
- changeable via ?order= parameter
-
- Order Options: asc,desc (default
- asc)
+and trailing "/" on --baseurl, so --baseurl "rclone",
+--baseurl "/rclone" and --baseurl "/rclone/" are all treated
+identically.
- .Query Currently unused.
-
- .Breadcrumb Allows for creating a relative
- navigation
-
- -- .Link The relative to the root link of
- the Text.
-
- -- .Text The Name of the directory.
-
- .Entries Information about a specific
- file/directory.
-
- -- .URL The 'url' of an entry.
-
- -- .Leaf Currently same as 'URL' but
- intended to be 'just' the name.
+TLS (SSL)
- -- .IsDir Boolean for if an entry is a
- directory or not.
+By default this will serve over http. If you want you can serve over
+https. You will need to supply the --cert and --key flags. If you wish
+to do client side certificate validation then you will need to supply
+--client-ca also.
- -- .Size Size in Bytes of the entry.
+--cert should be a either a PEM encoded certificate or a concatenation
+of that with the CA certificate. --key should be the PEM encoded private
+key and --client-ca should be the PEM encoded client certificate
+authority certificate.
- -- .ModTime The UTC timestamp of an entry.
- -----------------------------------------------------------------------
+--min-tls-version is minimum TLS version that is acceptable. Valid
+values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default "tls1.0").
Authentication
@@ -6090,39 +6648,30 @@ The password file can be updated while rclone is running.
Use --realm to set the authentication realm.
-SSL/TLS
-
-By default this will serve over http. If you want you can serve over
-https. You will need to supply the --cert and --key flags. If you wish
-to do client side certificate validation then you will need to supply
---client-ca also.
-
---cert should be either a PEM encoded certificate or a concatenation of
-that with the CA certificate. --key should be the PEM encoded private
-key and --client-ca should be the PEM encoded client certificate
-authority certificate.
+Use --salt to change the password hashing salt from the default.
rclone serve restic remote:path [flags]
Options
- --addr string IPaddress:Port or :Port to bind server to (default "localhost:8080")
+ --addr stringArray IPaddress:Port or :Port to bind server to (default [127.0.0.1:8080])
--append-only Disallow deletion of repository data
--baseurl string Prefix for URLs - leave blank for root
--cache-objects Cache listed objects (default true)
- --cert string SSL PEM key (concatenation of certificate and CA certificate)
+ --cert string TLS PEM key (concatenation of certificate and CA certificate)
--client-ca string Client certificate authority to verify clients with
-h, --help help for restic
- --htpasswd string htpasswd file - if not provided no authentication is done
- --key string SSL PEM Private key
+ --htpasswd string A htpasswd file - if not provided no authentication is done
+ --key string TLS PEM Private key
--max-header-bytes int Maximum size of request header (default 4096)
+ --min-tls-version string Minimum TLS version that is acceptable (default "tls1.0")
--pass string Password for authentication
--private-repos Users can only access their private repo
- --realm string Realm for authentication (default "rclone")
- --server-read-timeout duration Timeout for server reading data (default 1h0m0s)
- --server-write-timeout duration Timeout for server writing data (default 1h0m0s)
+ --realm string Realm for authentication
+ --salt string Password hashing salt (default "dlPL2MqE")
+ --server-read-timeout Duration Timeout for server reading data (default 1h0m0s)
+ --server-write-timeout Duration Timeout for server writing data (default 1h0m0s)
--stdio Run an HTTP2 server on stdin/stdout
- --template string User-specified template
--user string User name for authentication
See the global flags page for global options not listed here.
@@ -6137,13 +6686,20 @@ Serve the remote over SFTP.
Synopsis
-rclone serve sftp implements an SFTP server to serve the remote over
-SFTP. This can be used with an SFTP client or you can make a remote of
-type sftp to use with it.
+Run an SFTP server to serve a remote over SFTP. This can be used with an
+SFTP client or you can make a remote of type sftp to use with it.
You can use the filter flags (e.g. --include, --exclude) to control what
is served.
+The server will respond to a small number of shell commands, mainly
+md5sum, sha1sum and df, which enable it to provide support for checksums
+and the about feature when accessed from an sftp remote.
+
+Note that this server uses standard 32 KiB packet payload size, which
+means you must not configure the client to expect anything else, e.g.
+with the chunk_size option on an sftp remote.
+
The server will log errors. Use -v to see access logs.
--bwlimit will be respected for file transfers. Use --stats to control
@@ -6154,20 +6710,15 @@ You must provide some means of authentication, either with
--authorized-keys - the default is the same as ssh), an --auth-proxy, or
set the --no-auth flag for no authentication when logging in.
-Note that this also implements a small number of shell commands so that
-it can provide md5sum/sha1sum/df information for the rclone sftp
-backend. This means that is can support SHA1SUMs, MD5SUMs and the about
-command when paired with the rclone sftp backend.
-
If you don't supply a host --key then rclone will generate rsa, ecdsa
and ed25519 variants, and cache them for later use in rclone's cache
-directory (see "rclone help flags cache-dir") in the "serve-sftp"
+directory (see rclone help flags cache-dir) in the "serve-sftp"
directory.
By default the server binds to localhost:2022 - if you want it to be
-reachable externally then supply "--addr :2022" for example.
+reachable externally then supply --addr :2022 for example.
-Note that the default of "--vfs-cache-mode off" is fine for the rclone
+Note that the default of --vfs-cache-mode off is fine for the rclone
sftp backend, but it may not be with other SFTP clients.
If --stdio is specified, rclone will serve SFTP over stdio, which can be
@@ -6175,7 +6726,7 @@ used with sshd via ~/.ssh/authorized_keys, for example:
restrict,command="rclone serve sftp --stdio ./photos" ssh-rsa ...
-On the client you need to set "--transfers 1" when using --stdio.
+On the client you need to set --transfers 1 when using --stdio.
Otherwise multiple instances of the rclone server are started by OpenSSH
which can lead to "corrupted on transfer" errors. This is the case
because the client chooses indiscriminately which server to send
@@ -6205,7 +6756,7 @@ VFS Directory Cache
Using the --dir-cache-time flag, you can control how long a directory
should be considered up to date and not refreshed from the backend.
-Changes made through the mount will appear immediately or invalidate the
+Changes made through the VFS will appear immediately or invalidate the
cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
@@ -6358,6 +6909,37 @@ FAT/exFAT do not. Rclone will perform very badly if the cache directory
is on a filesystem which doesn't support sparse files and it will log an
ERROR message if one is detected.
+Fingerprinting
+
+Various parts of the VFS use fingerprinting to see if a local file copy
+has changed relative to a remote file. Fingerprints are made from:
+
+- size
+- modification time
+- hash
+
+where available on an object.
+
+On some backends some of these attributes are slow to read (they take an
+extra API call per object, or extra work per object).
+
+For example hash is slow with the local and sftp backends as they have
+to read the entire file and hash it, and modtime is slow with the s3,
+swift, ftp and qinqstor backends because they need to do an extra API
+call to fetch it.
+
+If you use the --vfs-fast-fingerprint flag then rclone will not include
+the slow operations in the fingerprint. This makes the fingerprinting
+less accurate but much faster and will improve the opening time of
+cached files.
+
+If you are running a vfs cache over local, s3 or swift backends then
+using this flag is recommended.
+
+Note that if you change the value of this flag, the fingerprints of the
+files in the cache may be invalidated and the files will need to be
+downloaded again.
+
VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This
@@ -6398,7 +6980,7 @@ of the modification time takes a transaction.
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
- --read-only Mount read-only.
+ --read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather than
seeking rclone will wait a short time for the in sequence read or write
@@ -6410,8 +6992,8 @@ cache file.
When using VFS write caching (--vfs-cache-mode with value writes or
full), the global flag --transfers can be set to adjust the number of
-parallel uploads of modified files from cache (the related global flag
---checkers have no effect on mount).
+parallel uploads of modified files from the cache (the related global
+flag --checkers has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
@@ -6429,23 +7011,22 @@ only by case.
Usually file systems on macOS are case-insensitive. It is possible to
make macOS file systems case-sensitive but that is not the default.
-The --vfs-case-insensitive mount flag controls how rclone handles these
+The --vfs-case-insensitive VFS flag controls how rclone handles these
two cases. If its value is "false", rclone passes file names to the
-mounted file system as-is. If the flag is "true" (or appears without a
-value on command line), rclone may perform a "fixup" as explained below.
+remote as-is. If the flag is "true" (or appears without a value on the
+command line), rclone may perform a "fixup" as explained below.
The user may specify a file name to open/delete/rename/etc with a case
-different than what is stored on mounted file system. If an argument
-refers to an existing file with exactly the same name, then the case of
-the existing file on the disk will be used. However, if a file name with
-exactly the same name is not found but a name differing only by case
-exists, rclone will transparently fixup the name. This fixup happens
-only when an existing file is requested. Case sensitivity of file names
-created anew by rclone is controlled by an underlying mounted file
-system.
+different than what is stored on the remote. If an argument refers to an
+existing file with exactly the same name, then the case of the existing
+file on the disk will be used. However, if a file name with exactly the
+same name is not found but a name differing only by case exists, rclone
+will transparently fixup the name. This fixup happens only when an
+existing file is requested. Case sensitivity of file names created anew
+by rclone is controlled by the underlying remote.
Note that case sensitivity of the operating system running rclone (the
-target) may differ from case sensitivity of a file system mounted by
+target) may differ from case sensitivity of a file system presented by
rclone (the source). The flag controls whether "fixup" is performed to
satisfy the target.
@@ -6454,6 +7035,14 @@ depends on the operating system where rclone runs: "true" on Windows and
macOS, "false" otherwise. If the flag is provided without a value, then
it is "true".
+VFS Disk Options
+
+This flag allows you to manually set the statistics about the filing
+system. It can be useful when those statistics cannot be read correctly
+automatically.
+
+ --vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
+
Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used.
@@ -6546,7 +7135,7 @@ Options
--addr string IPaddress:Port or :Port to bind server to (default "localhost:2022")
--auth-proxy string A program to use to create the backend from the auth
--authorized-keys string Authorized keys file (default "~/.ssh/authorized_keys")
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--file-perms FileMode File permissions (default 0666)
--gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
@@ -6557,24 +7146,26 @@ Options
--no-modtime Don't read/write the modification time (can speed things up)
--no-seek Don't allow seeking in files
--pass string Password for authentication
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
- --stdio Run an sftp server on run stdin/stdout
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
+ --stdio Run an sftp server on stdin/stdout
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
--user string User name for authentication
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
See the global flags page for global options not listed here.
@@ -6584,16 +7175,15 @@ SEE ALSO
rclone serve webdav
-Serve remote:path over webdav.
+Serve remote:path over WebDAV.
Synopsis
-rclone serve webdav implements a basic webdav server to serve the remote
-over HTTP via the webdav protocol. This can be viewed with a webdav
-client, through a web browser, or you can make a remote of type webdav
-to read and write it.
+Run a basic WebDAV server to serve a remote over HTTP via the WebDAV
+protocol. This can be viewed with a WebDAV client, through a web
+browser, or you can make a remote of type WebDAV to read and write it.
-Webdav options
+WebDAV options
--etag-hash
@@ -6602,20 +7192,25 @@ on the ModTime and Size of the object.
If this flag is set to "auto" then rclone will choose the first
supported hash on the backend or you can use a named hash such as "MD5"
-or "SHA-1".
-
-Use "rclone hashsum" to see the full list.
+or "SHA-1". Use the hashsum command to see the full list.
Server options
Use --addr to specify which IP address and port the server should listen
-on, e.g. --addr 1.2.3.4:8000 or --addr :8080 to listen to all IPs. By
+on, eg --addr 1.2.3.4:8000 or --addr :8080 to listen to all IPs. By
default it only listens on localhost. You can use port :0 to let the OS
choose an available port.
If you set --addr to listen on a public or LAN accessible IP address
then using Authentication is advised - see the next section for info.
+You can use a unix socket by setting the url to unix:///path/to/socket
+or just by using an absolute path name. Note that unix sockets bypass
+the authentication - this is expected to be done with file system
+permissions.
+
+--addr may be repeated to listen on multiple IPs/ports/sockets.
+
--server-read-timeout and --server-write-timeout can be used to control
the timeouts on the server. Note that this is the total time for a
transfer.
@@ -6627,11 +7222,29 @@ accept in the HTTP header.
rclone will serve from the root. If you used --baseurl "/rclone" then
rclone would serve from a URL starting with "/rclone/". This is useful
if you wish to proxy rclone serve. Rclone automatically inserts leading
-and trailing "/" on --baseurl, so --baseurl "rclone", --baseurl
-"/rclone" and --baseurl "/rclone/" are all treated identically.
+and trailing "/" on --baseurl, so --baseurl "rclone",
+--baseurl "/rclone" and --baseurl "/rclone/" are all treated
+identically.
+
+TLS (SSL)
---template allows a user to specify a custom markup template for http
-and webdav serve functions. The server exports the following markup to
+By default this will serve over http. If you want you can serve over
+https. You will need to supply the --cert and --key flags. If you wish
+to do client side certificate validation then you will need to supply
+--client-ca also.
+
+--cert should be a either a PEM encoded certificate or a concatenation
+of that with the CA certificate. --key should be the PEM encoded private
+key and --client-ca should be the PEM encoded client certificate
+authority certificate.
+
+--min-tls-version is minimum TLS version that is acceptable. Valid
+values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default "tls1.0").
+
+Template
+
+--template allows a user to specify a custom markup template for HTTP
+and WebDAV serve functions. The server exports the following markup to
be used within the template to server pages:
-----------------------------------------------------------------------
@@ -6701,17 +7314,7 @@ The password file can be updated while rclone is running.
Use --realm to set the authentication realm.
-SSL/TLS
-
-By default this will serve over http. If you want you can serve over
-https. You will need to supply the --cert and --key flags. If you wish
-to do client side certificate validation then you will need to supply
---client-ca also.
-
---cert should be either a PEM encoded certificate or a concatenation of
-that with the CA certificate. --key should be the PEM encoded private
-key and --client-ca should be the PEM encoded client certificate
-authority certificate.
+Use --salt to change the password hashing salt from the default.
VFS - Virtual File System
@@ -6731,7 +7334,7 @@ VFS Directory Cache
Using the --dir-cache-time flag, you can control how long a directory
should be considered up to date and not refreshed from the backend.
-Changes made through the mount will appear immediately or invalidate the
+Changes made through the VFS will appear immediately or invalidate the
cache.
--dir-cache-time duration Time to cache directory entries for (default 5m0s)
@@ -6884,6 +7487,37 @@ FAT/exFAT do not. Rclone will perform very badly if the cache directory
is on a filesystem which doesn't support sparse files and it will log an
ERROR message if one is detected.
+Fingerprinting
+
+Various parts of the VFS use fingerprinting to see if a local file copy
+has changed relative to a remote file. Fingerprints are made from:
+
+- size
+- modification time
+- hash
+
+where available on an object.
+
+On some backends some of these attributes are slow to read (they take an
+extra API call per object, or extra work per object).
+
+For example hash is slow with the local and sftp backends as they have
+to read the entire file and hash it, and modtime is slow with the s3,
+swift, ftp and qinqstor backends because they need to do an extra API
+call to fetch it.
+
+If you use the --vfs-fast-fingerprint flag then rclone will not include
+the slow operations in the fingerprint. This makes the fingerprinting
+less accurate but much faster and will improve the opening time of
+cached files.
+
+If you are running a vfs cache over local, s3 or swift backends then
+using this flag is recommended.
+
+Note that if you change the value of this flag, the fingerprints of the
+files in the cache may be invalidated and the files will need to be
+downloaded again.
+
VFS Chunked Reading
When rclone reads files from a remote it reads them in chunks. This
@@ -6924,7 +7558,7 @@ of the modification time takes a transaction.
--no-checksum Don't compare checksums on up/download.
--no-modtime Don't read/write the modification time (can speed things up).
--no-seek Don't allow seeking in files.
- --read-only Mount read-only.
+ --read-only Only allow read-only access.
Sometimes rclone is delivered reads or writes out of order. Rather than
seeking rclone will wait a short time for the in sequence read or write
@@ -6936,8 +7570,8 @@ cache file.
When using VFS write caching (--vfs-cache-mode with value writes or
full), the global flag --transfers can be set to adjust the number of
-parallel uploads of modified files from cache (the related global flag
---checkers have no effect on mount).
+parallel uploads of modified files from the cache (the related global
+flag --checkers has no effect on the VFS).
--transfers int Number of file transfers to run in parallel (default 4)
@@ -6955,23 +7589,22 @@ only by case.
Usually file systems on macOS are case-insensitive. It is possible to
make macOS file systems case-sensitive but that is not the default.
-The --vfs-case-insensitive mount flag controls how rclone handles these
+The --vfs-case-insensitive VFS flag controls how rclone handles these
two cases. If its value is "false", rclone passes file names to the
-mounted file system as-is. If the flag is "true" (or appears without a
-value on command line), rclone may perform a "fixup" as explained below.
+remote as-is. If the flag is "true" (or appears without a value on the
+command line), rclone may perform a "fixup" as explained below.
The user may specify a file name to open/delete/rename/etc with a case
-different than what is stored on mounted file system. If an argument
-refers to an existing file with exactly the same name, then the case of
-the existing file on the disk will be used. However, if a file name with
-exactly the same name is not found but a name differing only by case
-exists, rclone will transparently fixup the name. This fixup happens
-only when an existing file is requested. Case sensitivity of file names
-created anew by rclone is controlled by an underlying mounted file
-system.
+different than what is stored on the remote. If an argument refers to an
+existing file with exactly the same name, then the case of the existing
+file on the disk will be used. However, if a file name with exactly the
+same name is not found but a name differing only by case exists, rclone
+will transparently fixup the name. This fixup happens only when an
+existing file is requested. Case sensitivity of file names created anew
+by rclone is controlled by the underlying remote.
Note that case sensitivity of the operating system running rclone (the
-target) may differ from case sensitivity of a file system mounted by
+target) may differ from case sensitivity of a file system presented by
rclone (the source). The flag controls whether "fixup" is performed to
satisfy the target.
@@ -6980,6 +7613,14 @@ depends on the operating system where rclone runs: "true" on Windows and
macOS, "false" otherwise. If the flag is provided without a value, then
it is "true".
+VFS Disk Options
+
+This flag allows you to manually set the statistics about the filing
+system. It can be useful when those statistics cannot be read correctly
+automatically.
+
+ --vfs-disk-space-total-size Manually set the total disk space size (example: 256G, default: -1)
+
Alternate report of used bytes
Some backends, most notably S3, do not report the amount of bytes used.
@@ -7069,46 +7710,50 @@ that rclone supports.
Options
- --addr string IPaddress:Port or :Port to bind server to (default "localhost:8080")
+ --addr stringArray IPaddress:Port or :Port to bind server to (default [127.0.0.1:8080])
--auth-proxy string A program to use to create the backend from the auth
--baseurl string Prefix for URLs - leave blank for root
- --cert string SSL PEM key (concatenation of certificate and CA certificate)
+ --cert string TLS PEM key (concatenation of certificate and CA certificate)
--client-ca string Client certificate authority to verify clients with
- --dir-cache-time duration Time to cache directory entries for (default 5m0s)
+ --dir-cache-time Duration Time to cache directory entries for (default 5m0s)
--dir-perms FileMode Directory permissions (default 0777)
--disable-dir-list Disable HTML directory list on GET request for a directory
--etag-hash string Which hash to use for the ETag, or auto or blank for off
--file-perms FileMode File permissions (default 0666)
--gid uint32 Override the gid field set by the filesystem (not supported on Windows) (default 1000)
-h, --help help for webdav
- --htpasswd string htpasswd file - if not provided no authentication is done
- --key string SSL PEM Private key
+ --htpasswd string A htpasswd file - if not provided no authentication is done
+ --key string TLS PEM Private key
--max-header-bytes int Maximum size of request header (default 4096)
+ --min-tls-version string Minimum TLS version that is acceptable (default "tls1.0")
--no-checksum Don't compare checksums on up/download
--no-modtime Don't read/write the modification time (can speed things up)
--no-seek Don't allow seeking in files
--pass string Password for authentication
- --poll-interval duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
- --read-only Mount read-only
- --realm string Realm for authentication (default "rclone")
- --server-read-timeout duration Timeout for server reading data (default 1h0m0s)
- --server-write-timeout duration Timeout for server writing data (default 1h0m0s)
+ --poll-interval Duration Time to wait between polling for changes, must be smaller than dir-cache-time and only on supported remotes (set 0 to disable) (default 1m0s)
+ --read-only Only allow read-only access
+ --realm string Realm for authentication
+ --salt string Password hashing salt (default "dlPL2MqE")
+ --server-read-timeout Duration Timeout for server reading data (default 1h0m0s)
+ --server-write-timeout Duration Timeout for server writing data (default 1h0m0s)
--template string User-specified template
--uid uint32 Override the uid field set by the filesystem (not supported on Windows) (default 1000)
--umask int Override the permission bits set by the filesystem (not supported on Windows) (default 2)
--user string User name for authentication
- --vfs-cache-max-age duration Max age of objects in the cache (default 1h0m0s)
+ --vfs-cache-max-age Duration Max age of objects in the cache (default 1h0m0s)
--vfs-cache-max-size SizeSuffix Max total size of objects in the cache (default off)
--vfs-cache-mode CacheMode Cache mode off|minimal|writes|full (default off)
- --vfs-cache-poll-interval duration Interval to poll the cache for stale objects (default 1m0s)
+ --vfs-cache-poll-interval Duration Interval to poll the cache for stale objects (default 1m0s)
--vfs-case-insensitive If a file name not found, find a case insensitive match
+ --vfs-disk-space-total-size SizeSuffix Specify the total space of disk (default off)
+ --vfs-fast-fingerprint Use fast (less accurate) fingerprints for change detection
--vfs-read-ahead SizeSuffix Extra read ahead over --buffer-size when using cache-mode full
--vfs-read-chunk-size SizeSuffix Read the source objects in chunks (default 128Mi)
--vfs-read-chunk-size-limit SizeSuffix If greater than --vfs-read-chunk-size, double the chunk size after each chunk read, until the limit is reached ('off' is unlimited) (default off)
- --vfs-read-wait duration Time to wait for in-sequence read before seeking (default 20ms)
+ --vfs-read-wait Duration Time to wait for in-sequence read before seeking (default 20ms)
--vfs-used-is-size rclone size Use the rclone size algorithm for Used size
- --vfs-write-back duration Time to writeback files after last use when using cache (default 5s)
- --vfs-write-wait duration Time to wait for in-sequence write before giving error (default 1s)
+ --vfs-write-back Duration Time to writeback files after last use when using cache (default 5s)
+ --vfs-write-wait Duration Time to wait for in-sequence write before giving error (default 1s)
See the global flags page for global options not listed here.
@@ -7188,6 +7833,8 @@ SEE ALSO
- rclone test histogram - Makes a histogram of file name characters.
- rclone test info - Discovers file name or other limitations for
paths.
+- rclone test makefile - Make files with random contents of the size
+ given
- rclone test makefiles - Make a random file hierarchy in a directory
- rclone test memory - Load all the objects at remote:path into memory
and report memory stats.
@@ -7201,7 +7848,7 @@ Log any change notify requests for the remote passed in.
Options
-h, --help help for changenotify
- --poll-interval duration Time to wait between polling for changes (default 10s)
+ --poll-interval Duration Time to wait between polling for changes (default 10s)
See the global flags page for global options not listed here.
@@ -7256,7 +7903,7 @@ Options
--check-normalization Check UTF-8 Normalization
--check-streaming Check uploads with indeterminate file size
-h, --help help for info
- --upload-wait duration Wait after writing a file
+ --upload-wait Duration Wait after writing a file (default 0s)
--write-json string Write results to file
See the global flags page for global options not listed here.
@@ -7265,6 +7912,28 @@ SEE ALSO
- rclone test - Run a test command
+rclone test makefile
+
+Make files with random contents of the size given
+
+ rclone test makefile []+ [flags]
+
+Options
+
+ --ascii Fill files with random ASCII printable bytes only
+ --chargen Fill files with a ASCII chargen pattern
+ -h, --help help for makefile
+ --pattern Fill files with a periodic pattern
+ --seed int Seed for the random number generator (0 for random) (default 1)
+ --sparse Make the files sparse (appear to be filled with ASCII 0x00)
+ --zero Fill files with ASCII 0x00
+
+See the global flags page for global options not listed here.
+
+SEE ALSO
+
+- rclone test - Run a test command
+
rclone test makefiles
Make a random file hierarchy in a directory
@@ -7273,14 +7942,20 @@ Make a random file hierarchy in a directory
Options
+ --ascii Fill files with random ASCII printable bytes only
+ --chargen Fill files with a ASCII chargen pattern
--files int Number of files to create (default 1000)
--files-per-directory int Average number of files per directory (default 10)
-h, --help help for makefiles
+ --max-depth int Maximum depth of directory hierarchy (default 10)
--max-file-size SizeSuffix Maximum size of files to create (default 100)
--max-name-length int Maximum size of file names (default 12)
--min-file-size SizeSuffix Minimum size of file to create
--min-name-length int Minimum size of file names (default 4)
+ --pattern Fill files with a periodic pattern
--seed int Seed for the random number generator (0 for random) (default 1)
+ --sparse Make the files sparse (appear to be filled with ASCII 0x00)
+ --zero Fill files with ASCII 0x00
See the global flags page for global options not listed here.
@@ -7369,18 +8044,20 @@ For example
1 directories, 5 files
You can use any of the filtering options with the tree command (e.g.
---include and --exclude). You can also use --fast-list.
+--include and --exclude. You can also use --fast-list.
The tree command has many options for controlling the listing which are
-compatible with the tree command. Note that not all of them have short
-options as they conflict with rclone's short options.
+compatible with the tree command, for example you can include file sizes
+with --size. Note that not all of them have short options as they
+conflict with rclone's short options.
+
+For a more interactive navigation of the remote see the ncdu command.
rclone tree remote:path [flags]
Options
-a, --all All files are listed (list . files too)
- -C, --color Turn colorization on always
-d, --dirs-only List directories only
--dirsfirst List directories before files (-U disables)
--full-path Print the full path prefix for each file
@@ -7600,8 +8277,17 @@ Will get their own names
Valid remote names
Remote names are case sensitive, and must adhere to the following rules:
-- May only contain 0-9, A-Z, a-z, _, -, . and space. - May not start
-with - or space.
+- May contain number, letter, _, -, . and space. - May not start with -
+or space. - May not end with space.
+
+Starting with rclone version 1.61, any Unicode numbers and letters are
+allowed, while in older versions it was limited to plain ASCII (0-9,
+A-Z, a-z). If you use the same rclone configuration from different
+shells, which may be configured with different character encoding, you
+must be cautious to use characters that are possible to write in all of
+them. This is mostly a problem on Windows, where the console
+traditionally uses a non-Unicode character set - defined by the
+so-called "code page".
Quoting and the shell
@@ -7685,6 +8371,147 @@ This can be used when scripting to make aged backups efficiently, e.g.
rclone sync -i remote:current-backup remote:previous-backup
rclone sync -i /path/to/files remote:current-backup
+Metadata support
+
+Metadata is data about a file which isn't the contents of the file.
+Normally rclone only preserves the modification time and the content
+(MIME) type where possible.
+
+Rclone supports preserving all the available metadata on files (not
+directories) when using the --metadata or -M flag.
+
+Exactly what metadata is supported and what that support means depends
+on the backend. Backends that support metadata have a metadata section
+in their docs and are listed in the features table (Eg local, s3)
+
+Rclone only supports a one-time sync of metadata. This means that
+metadata will be synced from the source object to the destination object
+only when the source object has changed and needs to be re-uploaded. If
+the metadata subsequently changes on the source object without changing
+the object itself then it won't be synced to the destination object.
+This is in line with the way rclone syncs Content-Type without the
+--metadata flag.
+
+Using --metadata when syncing from local to local will preserve file
+attributes such as file mode, owner, extended attributes (not Windows).
+
+Note that arbitrary metadata may be added to objects using the
+--metadata-set key=value flag when the object is first uploaded. This
+flag can be repeated as many times as necessary.
+
+Types of metadata
+
+Metadata is divided into two type. System metadata and User metadata.
+
+Metadata which the backend uses itself is called system metadata. For
+example on the local backend the system metadata uid will store the user
+ID of the file when used on a unix based platform.
+
+Arbitrary metadata is called user metadata and this can be set however
+is desired.
+
+When objects are copied from backend to backend, they will attempt to
+interpret system metadata if it is supplied. Metadata may change from
+being user metadata to system metadata as objects are copied between
+different backends. For example copying an object from s3 sets the
+content-type metadata. In a backend which understands this (like
+azureblob) this will become the Content-Type of the object. In a backend
+which doesn't understand this (like the local backend) this will become
+user metadata. However should the local object be copied back to s3, the
+Content-Type will be set correctly.
+
+Metadata framework
+
+Rclone implements a metadata framework which can read metadata from an
+object and write it to the object when (and only when) it is being
+uploaded.
+
+This metadata is stored as a dictionary with string keys and string
+values.
+
+There are some limits on the names of the keys (these may be clarified
+further in the future).
+
+- must be lower case
+- may be a-z 0-9 containing . - or _
+- length is backend dependent
+
+Each backend can provide system metadata that it understands. Some
+backends can also store arbitrary user metadata.
+
+Where possible the key names are standardized, so, for example, it is
+possible to copy object metadata from s3 to azureblob for example and
+metadata will be translated appropriately.
+
+Some backends have limits on the size of the metadata and rclone will
+give errors on upload if they are exceeded.
+
+Metadata preservation
+
+The goal of the implementation is to
+
+1. Preserve metadata if at all possible
+2. Interpret metadata if at all possible
+
+The consequences of 1 is that you can copy an S3 object to a local disk
+then back to S3 losslessly. Likewise you can copy a local file with file
+attributes and xattrs from local disk to s3 and back again losslessly.
+
+The consequence of 2 is that you can copy an S3 object with metadata to
+Azureblob (say) and have the metadata appear on the Azureblob object
+also.
+
+Standard system metadata
+
+Here is a table of standard system metadata which, if appropriate, a
+backend may implement.
+
+ ----------------------------------------------------------------------------------------------
+ key description example
+ ---------------------------------- --------------------- -------------------------------------
+ mode File type and mode: 0100664
+ octal, unix style
+
+ uid User ID of owner: 500
+ decimal number
+
+ gid Group ID of owner: 500
+ decimal number
+
+ rdev Device ID (if special 0
+ file) => hexadecimal
+
+ atime Time of last access: 2006-01-02T15:04:05.999999999Z07:00
+ RFC 3339
+
+ mtime Time of last 2006-01-02T15:04:05.999999999Z07:00
+ modification: RFC
+ 3339
+
+ btime Time of file creation 2006-01-02T15:04:05.999999999Z07:00
+ (birth): RFC 3339
+
+ cache-control Cache-Control header no-cache
+
+ content-disposition Content-Disposition inline
+ header
+
+ content-encoding Content-Encoding gzip
+ header
+
+ content-language Content-Language en-US
+ header
+
+ content-type Content-Type header text/plain
+ ----------------------------------------------------------------------------------------------
+
+The metadata keys mtime and content-type will take precedence if
+supplied in the metadata over reading the Content-Type or modification
+time of the source object.
+
+Hashes are not included in system metadata as there is a well defined
+way of reading those already.
+
Options
Rclone has a number of options to control its behaviour.
@@ -7697,10 +8524,34 @@ also possible to specify --boolean=false or --boolean=true. Note that
--boolean false is not valid - this is parsed as --boolean and the false
is parsed as an extra command line argument for rclone.
-Options which use TIME use the go time parser. A duration string is a
-possibly signed sequence of decimal numbers, each with optional fraction
-and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units
-are "ns", "us" (or "µs"), "ms", "s", "m", "h".
+Time or duration options
+
+TIME or DURATION options can be specified as a duration string or a time
+string.
+
+A duration string is a possibly signed sequence of decimal numbers, each
+with optional fraction and a unit suffix, such as "300ms", "-1.5h" or
+"2h45m". Default units are seconds or the following abbreviations are
+valid:
+
+- ms - Milliseconds
+- s - Seconds
+- m - Minutes
+- h - Hours
+- d - Days
+- w - Weeks
+- M - Months
+- y - Years
+
+These can also be specified as an absolute time in the following
+formats:
+
+- RFC3339 - e.g. 2006-01-02T15:04:05Z or 2006-01-02T15:04:05+07:00
+- ISO8601 Date and time, local timezone - 2006-01-02T15:04:05
+- ISO8601 Date and time, local timezone - 2006-01-02 15:04:05
+- ISO8601 Date - 2006-01-02 (YYYY-MM-DD)
+
+Size options
Options which use SIZE use KiB (multiples of 1024 bytes) by default.
However, a suffix of B for Byte, K for KiB, M for MiB, G for GiB, T for
@@ -7719,7 +8570,8 @@ added) in DIR, then it will be overwritten.
The remote in use must support server-side move or copy and you must use
the same remote as the destination of the sync. The backup directory
-must not overlap the destination directory.
+must not overlap the destination directory without it being excluded by
+a filter rule.
For example
@@ -7752,7 +8604,7 @@ is bytes per second not bits per second. To use a single limit, specify
the desired bandwidth in KiB/s, or use a suffix B|K|M|G|T|P. The default
is 0 which means to not limit bandwidth.
-The upload and download bandwidth can be specified seperately, as
+The upload and download bandwidth can be specified separately, as
--bwlimit UP:DOWN, so
--bwlimit 10M:100k
@@ -7896,12 +8748,22 @@ held in memory before the transfers start.
--checkers=N
-The number of checkers to run in parallel. Checkers do the equality
-checking of files during a sync. For some storage systems (e.g. S3,
-Swift, Dropbox) this can take a significant amount of time so they are
-run in parallel.
+Originally controlling just the number of file checkers to run in
+parallel, e.g. by rclone copy. Now a fairly universal parallelism
+control used by rclone in several places.
+
+Note: checkers do the equality checking of files during a sync. For some
+storage systems (e.g. S3, Swift, Dropbox) this can take a significant
+amount of time so they are run in parallel.
-The default is to run 8 checkers in parallel.
+The default is to run 8 checkers in parallel. However, in case of
+slow-reacting backends you may need to lower (rather than increase) this
+default by setting --checkers to 4 or less threads. This is especially
+advised if you are experiencing backend server crashes during file
+checking phase (e.g. on subsequent or top-up backups where little or no
+file copying is done and checking takes up most of the time). Increase
+this setting only with utmost care, while monitoring your server health
+and file checking throughput.
-c, --checksum
@@ -7922,6 +8784,18 @@ quicker than without the --checksum flag.
When using this flag, rclone won't update mtimes of remote files if they
are incorrect as it would normally.
+--color WHEN
+
+Specifiy when colors (and other ANSI codes) should be added to the
+output.
+
+AUTO (default) only allows ANSI codes when the output is a terminal
+
+NEVER never allow ANSI codes
+
+ALWAYS always add ANSI codes, regardless of the output format (terminal
+or file)
+
--compare-dest=DIR
When using sync, copy or move DIR is checked in addition to the
@@ -8047,8 +8921,9 @@ See --compare-dest and --backup-dir.
--dedupe-mode MODE
Mode to run dedupe command in. One of interactive, skip, first, newest,
-oldest, rename. The default is interactive. See the dedupe command for
-more information as to what these options mean.
+oldest, rename. The default is interactive.
+See the dedupe command for more information as to what these options
+mean.
--disable FEATURE,FEATURE,...
@@ -8444,6 +9319,17 @@ When the limit is reached all transfers will stop immediately.
Rclone will exit with exit code 8 if the transfer limit is reached.
+--metadata / -M
+
+Setting this flag enables rclone to copy the metadata from the source to
+the destination. For local backends this is ownership, permissions,
+xattr etc. See the #metadata for more info.
+
+--metadata-set key=value
+
+Add metadata key = value when uploading. This can be repeated as many
+times as required. See the #metadata for more info.
+
--cutoff-mode=hard|soft|cautious
This modifies the behavior of --max-transfer Defaults to
@@ -8745,6 +9631,17 @@ This sets the interval between each retry specified by --retries
The default is 0. Use 0 to disable.
+--server-side-across-configs
+
+Allow server-side operations (e.g. copy or move) to work across
+different configurations.
+
+This can be useful if you wish to do a server-side copy or move between
+two remotes which use the same backend but are configured differently.
+
+Note that this isn't enabled by default because it isn't easy for rclone
+to tell if it will work between any two configurations.
+
--size-only
Normally rclone will look at modification time and size of files to see
@@ -8932,13 +9829,21 @@ By default, rclone doesn't keep track of renamed files, so if you rename
a file locally then sync it to a remote, rclone will delete the old file
on the remote and upload a new copy.
-If you use this flag, and the remote supports server-side copy or
-server-side move, and the source and destination have a compatible hash,
-then this will track renames during sync operations and perform renaming
-server-side.
+An rclone sync with --track-renames runs like a normal sync, but keeps
+track of objects which exist in the destination but not in the source
+(which would normally be deleted), and which objects exist in the source
+but not the destination (which would normally be transferred). These
+objects are then candidates for renaming.
-Files will be matched by size and hash - if both match then a rename
-will be considered.
+After the sync, rclone matches up the source only and destination only
+objects using the --track-renames-strategy specified and either renames
+the destination object or transfers the source and deletes the
+destination object. --track-renames is stateless like all of rclone's
+syncs.
+
+To use this flag the destination must support server-side copy or
+server-side move, and to use a hash based --track-renames-strategy (the
+default) the source and the destination must have a compatible hash.
If the destination does not support server-side copy or move, rclone
will fall back to the default behaviour and log an error level message
@@ -8955,7 +9860,7 @@ will select --delete-after instead of --delete-during.
--track-renames-strategy (hash,modtime,leaf,size)
-This option changes the matching criteria for --track-renames.
+This option changes the file matching criteria for --track-renames.
The matching is controlled by a comma separated selection of these
tokens:
@@ -8966,14 +9871,14 @@ tokens:
- leaf - the name of the file not including its directory name
- size - the size of the file (this is always enabled)
-So using --track-renames-strategy modtime,leaf would match files based
-on modification time, the leaf of the file name and the size only.
+The default option is hash.
+
+Using --track-renames-strategy modtime,leaf would match files based on
+modification time, the leaf of the file name and the size only.
Using --track-renames-strategy modtime or leaf can enable
--track-renames support for encrypted destinations.
-If nothing is specified, the default option is matching by hashes.
-
Note that the hash strategy is not supported with encrypted
destinations.
@@ -9010,7 +9915,7 @@ the least amount of memory.
However, some remotes have a way of listing all files beneath a
directory in one (or a small number) of transactions. These tend to be
-the bucket-based remotes (e.g. S3, B2, GCS, Swift, Hubic).
+the bucket-based remotes (e.g. S3, B2, GCS, Swift).
If you use the --fast-list flag then rclone will use this method for
listing directories. This will have the following consequences for the
@@ -9047,6 +9952,9 @@ timeouts or bigger if you have lots of bandwidth and a fast remote.
The default is to run 4 file transfers in parallel.
+Look at --multi-thread-streams if you would like to control single file
+transfers.
+
-u, --update
This forces rclone to skip any files which exist on the destination and
@@ -9074,7 +9982,7 @@ In all other cases the file will not be updated.
Consider using the --modify-window flag to compensate for time skews
between the source and the backend, for backends that do not support mod
times, and instead use uploaded times. However, if the backend does not
-support checksums, note that sync'ing or copying within the time skew
+support checksums, note that syncing or copying within the time skew
window may still result in additional transfers for safety.
--use-mmap
@@ -9119,6 +10027,9 @@ With -vv rclone will become very verbose telling you about every file it
considers and transfers. Please send bug reports with a log with this
setting.
+When setting verbosity as an environment variable, use RCLONE_VERBOSE=1
+or RCLONE_VERBOSE=2 for -v and -vv respectively.
+
-V, --version
Prints the version number
@@ -9360,6 +10271,7 @@ For the filtering options
- --filter-from
- --exclude
- --exclude-from
+- --exclude-if-present
- --include
- --include-from
- --files-from
@@ -9369,6 +10281,12 @@ For the filtering options
- --min-age
- --max-age
- --dump filters
+- --metadata-include
+- --metadata-include-from
+- --metadata-exclude
+- --metadata-exclude-from
+- --metadata-filter
+- --metadata-filter-from
See the filtering section.
@@ -9466,6 +10384,9 @@ the environment variable setting.
Or to always use the trash in drive --drive-use-trash, set
RCLONE_DRIVE_USE_TRASH=true.
+Verbosity is slightly different, the environment variable equivalent of
+--verbose or -v is RCLONE_VERBOSE=1, or for -vv, RCLONE_VERBOSE=2.
+
The same parser is used for the options and the environment variables so
they take exactly the same form.
@@ -9578,13 +10499,14 @@ two ways of doing it, described below.
Configuring using rclone authorize
On the headless box run rclone config but answer N to the
-Use auto config? question.
+Use web browser to automatically authenticate? question.
...
Remote config
- Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+ Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+ If not sure try Y. If Y failed, try N.
y) Yes (default)
n) No
y/n> n
@@ -9647,6 +10569,30 @@ Now transfer it to the remote box (scp, cut paste, ftp, sftp, etc.) and
place it in the correct place (use rclone config file on the remote box
to find out where).
+Configuring using SSH Tunnel
+
+Linux and MacOS users can utilize SSH Tunnel to redirect the headless
+box port 53682 to local machine by using the following command:
+
+ ssh -L localhost:53682:localhost:53682 username@remote_server
+
+Then on the headless box run rclone config and answer Y to the
+Use web browser to automatically authenticate? question.
+
+ ...
+ Remote config
+ Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+ If not sure try Y. If Y failed, try N.
+ y) Yes (default)
+ n) No
+ y/n> y
+
+Then copy and paste the auth url
+http://127.0.0.1:53682/auth?state=xxxxxxxxxxxx to the browser on your
+local machine, complete the auth and it is done.
+
Filtering, includes and excludes
Filter flags determine which files rclone sync, move, ls, lsl, md5sum,
@@ -9774,7 +10720,11 @@ regular expression syntax.
The regular expressions used are as defined in the Go regular expression
reference. Regular expressions should be enclosed in {{ }}. They will
match only the last path segment if the glob doesn't start with / or the
-whole path name if it does.
+whole path name if it does. Note that rclone does not attempt to parse
+the supplied regular expression, meaning that using any regular
+expression filter will prevent rclone from using directory filter rules,
+as it will instead check every path against the supplied regular
+expression(s).
Here is how the {{regexp}} is transformed into an full regular
expression to match the entire path:
@@ -9816,7 +10766,7 @@ Filter pattern examples
Rooted /*.jpg /file.jpg /file.png
/file2.jpg /dir/file.jpg
Alternates *.{jpg,png} /file.jpg /file.gif
- /dir/file.gif /dir/file.gif
+ /dir/file.png /dir/file.gif
Path Wildcard dir/** /dir/anyfile file.png
/subdir/dir/subsubdir/anyfile /subdir/file.png
Any Char *.t?t /file.txt /file.qxt
@@ -9906,10 +10856,14 @@ remote by avoiding listing unnecessary directories. Whether optimisation
is desirable depends on the specific filter rules and source remote
content.
+If any regular expression filters are in use, then no directory
+recursion optimisation is possible, as rclone must check every path
+against the supplied regular expression(s).
+
Directory recursion optimisation occurs if either:
- A source remote does not support the rclone ListR primitive. local,
- sftp, Microsoft OneDrive and WebDav do not support ListR. Google
+ sftp, Microsoft OneDrive and WebDAV do not support ListR. Google
Drive and most bucket type storage do. Full list
- On other remotes (those that support ListR), if the rclone command
@@ -10307,6 +11261,8 @@ Default units are KiB but abbreviations K, M, G, T or P are valid.
E.g. rclone ls remote: --min-size 50k lists files on remote: of 50 KiB
size or larger.
+See the size option docs for more info.
+
--max-size - Don't transfer any file larger than this
Controls the maximum size file within the scope of an rclone command.
@@ -10315,33 +11271,19 @@ Default units are KiB but abbreviations K, M, G, T or P are valid.
E.g. rclone ls remote: --max-size 1G lists files on remote: of 1 GiB
size or smaller.
+See the size option docs for more info.
+
--max-age - Don't transfer any file older than this
Controls the maximum age of files within the scope of an rclone command.
-Default units are seconds or the following abbreviations are valid:
-
-- ms - Milliseconds
-- s - Seconds
-- m - Minutes
-- h - Hours
-- d - Days
-- w - Weeks
-- M - Months
-- y - Years
-
---max-age can also be specified as an absolute time in the following
-formats:
-
-- RFC3339 - e.g. 2006-01-02T15:04:05Z or 2006-01-02T15:04:05+07:00
-- ISO8601 Date and time, local timezone - 2006-01-02T15:04:05
-- ISO8601 Date and time, local timezone - 2006-01-02 15:04:05
-- ISO8601 Date - 2006-01-02 (YYYY-MM-DD)
--max-age applies only to files and not to directories.
E.g. rclone ls remote: --max-age 2d lists files on remote: of 2 days old
or less.
+See the time option docs for valid formats.
+
--min-age - Don't transfer any file younger than this
Controls the minimum age of files within the scope of an rclone command.
@@ -10352,6 +11294,8 @@ Controls the minimum age of files within the scope of an rclone command.
E.g. rclone ls remote: --min-age 2d lists files on remote: of 2 days old
or more.
+See the time option docs for valid formats.
+
Other flags
--delete-excluded - Delete files on dest excluded from sync
@@ -10380,7 +11324,8 @@ Exclude directory based on a file
The --exclude-if-present flag controls whether a directory is within the
scope of an rclone command based on the presence of a named file within
-it.
+it. The flag can be repeated to check for multiple file names, presence
+of any of them will exclude the directory.
This flag has a priority over other filter flags.
@@ -10394,7 +11339,43 @@ E.g. for the following directory structure:
The command rclone ls --exclude-if-present .ignore dir1 does not list
dir3, file3 or .ignore.
---exclude-if-present can only be used once in an rclone command.
+Metadata filters
+
+The metadata filters work in a very similar way to the normal file name
+filters, except they match metadata on the object.
+
+The metadata should be specified as key=value patterns. This may be
+wildcarded using the normal filter patterns or regular expressions.
+
+For example if you wished to list only local files with a mode of 100664
+you could do that with:
+
+ rclone lsf -M --files-only --metadata-include "mode=100664" .
+
+Or if you wished to show files with an atime, mtime or btime at a given
+date:
+
+ rclone lsf -M --files-only --metadata-include "[abm]time=2022-12-16*" .
+
+Like file filtering, metadata filtering only applies to files not to
+directories.
+
+The filters can be applied using these flags.
+
+- --metadata-include - Include metadatas matching pattern
+- --metadata-include-from - Read metadata include patterns from file
+ (use - to read from stdin)
+- --metadata-exclude - Exclude metadatas matching pattern
+- --metadata-exclude-from - Read metadata exclude patterns from file
+ (use - to read from stdin)
+- --metadata-filter - Add a metadata filtering rule
+- --metadata-filter-from - Read metadata filtering patterns from a
+ file (use - to read from stdin)
+
+Each flag can be repeated. See the section on how filter rules are
+applied for more details - these flags work in an identical way to the
+file name filtering flags, but instead of file name patterns have
+metadata patterns.
Common pitfalls
@@ -10518,7 +11499,7 @@ Remote controlling rclone with its API
If rclone is run with the --rc flag then it starts an HTTP server which
can be used to remote control rclone using its API.
-You can either use the rclone rc command to access the API or use HTTP
+You can either use the rc command to access the API or use HTTP
directly.
If you just want to run a remote control then see the rcd command.
@@ -10553,6 +11534,11 @@ SSL PEM Private key
Maximum size of request header (default 4096)
+--rc-min-tls-version=VALUE
+
+The minimum TLS version that is acceptable. Valid values are "tls1.0",
+"tls1.1", "tls1.2" and "tls1.3" (default "tls1.0").
+
--rc-user=VALUE
User name for authentication.
@@ -10666,6 +11652,16 @@ use these credentials in the request.
Default Off.
+--rc-baseurl
+
+Prefix for URLs.
+
+Default is root
+
+--rc-template
+
+User-specified template.
+
Accessing the remote control via the rclone rc command
Rclone itself implements the remote control protocol in its rclone rc
@@ -10886,7 +11882,7 @@ The parameters can be a string as per the rest of rclone, eg
s3:bucket/path or :sftp:/my/dir. They can also be specified as JSON
blobs.
-If specifyng a JSON blob it should be a object mapping strings to
+If specifying a JSON blob it should be a object mapping strings to
strings. These values will be used to configure the remote. There are 3
special values which may be set:
@@ -11023,7 +12019,7 @@ This takes the following parameters:
- state - state to restart with - used with continue
- result - result to restart with - used with continue
-See the config create command command for more information on the above.
+See the config create command for more information on the above.
Authentication is required for this call.
@@ -11033,7 +12029,7 @@ Parameters:
- name - name of remote to delete
-See the config delete command command for more information on the above.
+See the config delete command for more information on the above.
Authentication is required for this call.
@@ -11043,7 +12039,7 @@ Returns a JSON object: - key: value
Where keys are remote names and values are the config parameters.
-See the config dump command command for more information on the above.
+See the config dump command for more information on the above.
Authentication is required for this call.
@@ -11053,7 +12049,7 @@ Parameters:
- name - name of remote to get
-See the config dump command command for more information on the above.
+See the config dump command for more information on the above.
Authentication is required for this call.
@@ -11061,7 +12057,7 @@ config/listremotes: Lists the remotes in the config file.
Returns - remotes - array of remote names
-See the listremotes command command for more information on the above.
+See the listremotes command for more information on the above.
Authentication is required for this call.
@@ -11072,8 +12068,7 @@ This takes the following parameters:
- name - name of remote
- parameters - a map of { "key": "value" } pairs
-See the config password command command for more information on the
-above.
+See the config password command for more information on the above.
Authentication is required for this call.
@@ -11081,8 +12076,15 @@ config/providers: Shows how providers are configured in the config file.
Returns a JSON object: - providers - array of objects
-See the config providers command command for more information on the
-above.
+See the config providers command for more information on the above.
+
+Authentication is required for this call.
+
+config/setpath: Set the path of the config file
+
+Parameters:
+
+- path - path to the config file to use
Authentication is required for this call.
@@ -11102,7 +12104,7 @@ This takes the following parameters:
- state - state to restart with - used with continue
- result - result to restart with - used with continue
-See the config update command command for more information on the above.
+See the config update command for more information on the above.
Authentication is required for this call.
@@ -11186,7 +12188,7 @@ Returns:
"result": ""
}
- OR
+ OR
{
"error": true,
"result": ""
@@ -11377,6 +12379,25 @@ Parameters:
- rate - int
+debug/set-gc-percent: Call runtime/debug.SetGCPercent for setting the garbage collection target percentage.
+
+SetGCPercent sets the garbage collection target percentage: a collection
+is triggered when the ratio of freshly allocated data to live data
+remaining after the previous collection reaches this percentage.
+SetGCPercent returns the previous setting. The initial setting is the
+value of the GOGC environment variable at startup, or 100 if the
+variable is not set.
+
+This setting may be effectively reduced in order to maintain a memory
+limit. A negative percentage effectively disables garbage collection,
+unless the memory limit is reached.
+
+See https://pkg.go.dev/runtime/debug#SetMemoryLimit for more details.
+
+Parameters:
+
+- gc-percent - int
+
debug/set-mutex-profile-fraction: Set runtime.SetMutexProfileFraction for mutex profiling.
SetMutexProfileFraction controls the fraction of mutex contention events
@@ -11398,6 +12419,47 @@ Results:
- previousRate - int
+debug/set-soft-memory-limit: Call runtime/debug.SetMemoryLimit for setting a soft memory limit for the runtime.
+
+SetMemoryLimit provides the runtime with a soft memory limit.
+
+The runtime undertakes several processes to try to respect this memory
+limit, including adjustments to the frequency of garbage collections and
+returning memory to the underlying system more aggressively. This limit
+will be respected even if GOGC=off (or, if SetGCPercent(-1) is
+executed).
+
+The input limit is provided as bytes, and includes all memory mapped,
+managed, and not released by the Go runtime. Notably, it does not
+account for space used by the Go binary and memory external to Go, such
+as memory managed by the underlying system on behalf of the process, or
+memory managed by non-Go code inside the same process. Examples of
+excluded memory sources include: OS kernel memory held on behalf of the
+process, memory allocated by C code, and memory mapped by syscall.Mmap
+(because it is not managed by the Go runtime).
+
+A zero limit or a limit that's lower than the amount of memory used by
+the Go runtime may cause the garbage collector to run nearly
+continuously. However, the application may still make progress.
+
+The memory limit is always respected by the Go runtime, so to
+effectively disable this behavior, set the limit very high.
+math.MaxInt64 is the canonical value for disabling the limit, but values
+much greater than the available memory on the underlying system work
+just as well.
+
+See https://go.dev/doc/gc-guide for a detailed guide explaining the soft
+memory limit in more detail, as well as a variety of common use-cases
+and scenarios.
+
+SetMemoryLimit returns the previously set memory limit. A negative input
+does not adjust the limit, and allows for retrieval of the currently set
+memory limit.
+
+Parameters:
+
+- mem-limit - int
+
fscache/clear: Clear the Fs cache.
This clears the fs cache. This is where remotes created from backends
@@ -11452,6 +12514,12 @@ Parameters:
- jobid - id of the job (integer).
+job/stopgroup: Stop all running jobs in a group
+
+Parameters:
+
+- group - name of the group (string).
+
mount/listmounts: Show current mount points
This shows currently mounted points, which can be used for performing an
@@ -11531,10 +12599,10 @@ Example:
Authentication is required for this call.
-mount/unmountall: Show current mount points
+mount/unmountall: Unmount all active mounts
-This shows currently mounted points, which can be used for performing an
-unmount.
+rclone allows Linux, FreeBSD, macOS and Windows to mount any of Rclone's
+cloud storage systems as a file system with FUSE.
This takes no parameters and returns error if unmount does not succeed.
@@ -11552,7 +12620,7 @@ This takes the following parameters:
The result is as returned from rclone about --json
-See the about command command for more information on the above.
+See the about command for more information on the above.
Authentication is required for this call.
@@ -11562,7 +12630,7 @@ This takes the following parameters:
- fs - a remote name string e.g. "drive:"
-See the cleanup command command for more information on the above.
+See the cleanup command for more information on the above.
Authentication is required for this call.
@@ -11586,8 +12654,9 @@ This takes the following parameters:
- remote - a path within that remote e.g. "dir"
- url - string, URL to read from
- autoFilename - boolean, set to true to retrieve destination file
- name from url See the copyurl command command for more information
- on the above.
+ name from url
+
+See the copyurl command for more information on the above.
Authentication is required for this call.
@@ -11597,7 +12666,7 @@ This takes the following parameters:
- fs - a remote name string e.g. "drive:"
-See the delete command command for more information on the above.
+See the delete command for more information on the above.
Authentication is required for this call.
@@ -11608,7 +12677,7 @@ This takes the following parameters:
- fs - a remote name string e.g. "drive:"
- remote - a path within that remote e.g. "dir"
-See the deletefile command command for more information on the above.
+See the deletefile command for more information on the above.
Authentication is required for this call.
@@ -11621,46 +12690,103 @@ This takes the following parameters:
This returns info about the remote passed in;
{
- // optional features and whether they are available or not
- "Features": {
- "About": true,
- "BucketBased": false,
- "CanHaveEmptyDirectories": true,
- "CaseInsensitive": false,
- "ChangeNotify": false,
- "CleanUp": false,
- "Copy": false,
- "DirCacheFlush": false,
- "DirMove": true,
- "DuplicateFiles": false,
- "GetTier": false,
- "ListR": false,
- "MergeDirs": false,
- "Move": true,
- "OpenWriterAt": true,
- "PublicLink": false,
- "Purge": true,
- "PutStream": true,
- "PutUnchecked": false,
- "ReadMimeType": false,
- "ServerSideAcrossConfigs": false,
- "SetTier": false,
- "SetWrapper": false,
- "UnWrap": false,
- "WrapFs": false,
- "WriteMimeType": false
- },
- // Names of hashes available
- "Hashes": [
- "MD5",
- "SHA-1",
- "DropboxHash",
- "QuickXorHash"
- ],
- "Name": "local", // Name as created
- "Precision": 1, // Precision of timestamps in ns
- "Root": "/", // Path as created
- "String": "Local file system at /" // how the remote will appear in logs
+ // optional features and whether they are available or not
+ "Features": {
+ "About": true,
+ "BucketBased": false,
+ "BucketBasedRootOK": false,
+ "CanHaveEmptyDirectories": true,
+ "CaseInsensitive": false,
+ "ChangeNotify": false,
+ "CleanUp": false,
+ "Command": true,
+ "Copy": false,
+ "DirCacheFlush": false,
+ "DirMove": true,
+ "Disconnect": false,
+ "DuplicateFiles": false,
+ "GetTier": false,
+ "IsLocal": true,
+ "ListR": false,
+ "MergeDirs": false,
+ "MetadataInfo": true,
+ "Move": true,
+ "OpenWriterAt": true,
+ "PublicLink": false,
+ "Purge": true,
+ "PutStream": true,
+ "PutUnchecked": false,
+ "ReadMetadata": true,
+ "ReadMimeType": false,
+ "ServerSideAcrossConfigs": false,
+ "SetTier": false,
+ "SetWrapper": false,
+ "Shutdown": false,
+ "SlowHash": true,
+ "SlowModTime": false,
+ "UnWrap": false,
+ "UserInfo": false,
+ "UserMetadata": true,
+ "WrapFs": false,
+ "WriteMetadata": true,
+ "WriteMimeType": false
+ },
+ // Names of hashes available
+ "Hashes": [
+ "md5",
+ "sha1",
+ "whirlpool",
+ "crc32",
+ "sha256",
+ "dropbox",
+ "mailru",
+ "quickxor"
+ ],
+ "Name": "local", // Name as created
+ "Precision": 1, // Precision of timestamps in ns
+ "Root": "/", // Path as created
+ "String": "Local file system at /", // how the remote will appear in logs
+ // Information about the system metadata for this backend
+ "MetadataInfo": {
+ "System": {
+ "atime": {
+ "Help": "Time of last access",
+ "Type": "RFC 3339",
+ "Example": "2006-01-02T15:04:05.999999999Z07:00"
+ },
+ "btime": {
+ "Help": "Time of file birth (creation)",
+ "Type": "RFC 3339",
+ "Example": "2006-01-02T15:04:05.999999999Z07:00"
+ },
+ "gid": {
+ "Help": "Group ID of owner",
+ "Type": "decimal number",
+ "Example": "500"
+ },
+ "mode": {
+ "Help": "File type and mode",
+ "Type": "octal, unix style",
+ "Example": "0100664"
+ },
+ "mtime": {
+ "Help": "Time of last modification",
+ "Type": "RFC 3339",
+ "Example": "2006-01-02T15:04:05.999999999Z07:00"
+ },
+ "rdev": {
+ "Help": "Device ID (if special file)",
+ "Type": "hexadecimal",
+ "Example": "1abc"
+ },
+ "uid": {
+ "Help": "User ID of owner",
+ "Type": "decimal number",
+ "Example": "500"
+ }
+ },
+ "Help": "Textual help string\n"
+ }
}
This command does not have a command line equivalent so use this
@@ -11683,6 +12809,7 @@ This takes the following parameters:
- noMimeType - If set don't show mime types
- dirsOnly - If set only show directories
- filesOnly - If set only show files
+ - metadata - If set return metadata of objects also
- hashTypes - array of strings of hash types to show if showHash
set
@@ -11702,7 +12829,7 @@ This takes the following parameters:
- fs - a remote name string e.g. "drive:"
- remote - a path within that remote e.g. "dir"
-See the mkdir command command for more information on the above.
+See the mkdir command for more information on the above.
Authentication is required for this call.
@@ -11732,7 +12859,7 @@ Returns:
- url - URL of the resource
-See the link command command for more information on the above.
+See the link command for more information on the above.
Authentication is required for this call.
@@ -11743,7 +12870,7 @@ This takes the following parameters:
- fs - a remote name string e.g. "drive:"
- remote - a path within that remote e.g. "dir"
-See the purge command command for more information on the above.
+See the purge command for more information on the above.
Authentication is required for this call.
@@ -11754,7 +12881,7 @@ This takes the following parameters:
- fs - a remote name string e.g. "drive:"
- remote - a path within that remote e.g. "dir"
-See the rmdir command command for more information on the above.
+See the rmdir command for more information on the above.
Authentication is required for this call.
@@ -11764,8 +12891,9 @@ This takes the following parameters:
- fs - a remote name string e.g. "drive:"
- remote - a path within that remote e.g. "dir"
-- leaveRoot - boolean, set to true not to delete the root See the
- rmdirs command command for more information on the above.
+- leaveRoot - boolean, set to true not to delete the root
+
+See the rmdirs command for more information on the above.
Authentication is required for this call.
@@ -11780,7 +12908,7 @@ Returns:
- count - number of files
- bytes - number of bytes in those files
-See the size command command for more information on the above.
+See the size command for more information on the above.
Authentication is required for this call.
@@ -11811,8 +12939,9 @@ This takes the following parameters:
- fs - a remote name string e.g. "drive:"
- remote - a path within that remote e.g. "dir"
-- each part in body represents a file to be uploaded See the
- uploadfile command command for more information on the above.
+- each part in body represents a file to be uploaded
+
+See the uploadfile command for more information on the above.
Authentication is required for this call.
@@ -11998,7 +13127,7 @@ check that parameter passing is working properly.
Authentication is required for this call.
-sync/bisync: Perform bidirectonal synchronization between two paths.
+sync/bisync: Perform bidirectional synchronization between two paths.
This takes the following parameters
@@ -12035,7 +13164,7 @@ This takes the following parameters:
- createEmptySrcDirs - create empty src directories on destination if
set
-See the copy command command for more information on the above.
+See the copy command for more information on the above.
Authentication is required for this call.
@@ -12049,7 +13178,7 @@ This takes the following parameters:
set
- deleteEmptySrcDirs - delete empty src directories if set
-See the move command command for more information on the above.
+See the move command for more information on the above.
Authentication is required for this call.
@@ -12062,7 +13191,7 @@ This takes the following parameters:
- createEmptySrcDirs - create empty src directories on destination if
set
-See the sync command command for more information on the above.
+See the sync command for more information on the above.
Authentication is required for this call.
@@ -12380,47 +13509,50 @@ Features
Here is an overview of the major features of each cloud storage system.
- Name Hash ModTime Case Insensitive Duplicate Files MIME Type
- ------------------------------ ------------- --------- ------------------ ----------------- -----------
- 1Fichier Whirlpool No No Yes R
- Akamai Netstorage MD5, SHA256 Yes No No R
- Amazon Drive MD5 No Yes No R
- Amazon S3 (or S3 compatible) MD5 Yes No No R/W
- Backblaze B2 SHA1 Yes No No R/W
- Box SHA1 Yes Yes No -
- Citrix ShareFile MD5 Yes Yes No -
- Dropbox DBHASH ¹ Yes Yes No -
- Enterprise File Fabric - Yes Yes No R/W
- FTP - No No No -
- Google Cloud Storage MD5 Yes No No R/W
- Google Drive MD5 Yes No Yes R/W
- Google Photos - No No Yes R
- HDFS - Yes No No -
- HTTP - No No No R
- Hubic MD5 Yes No No R/W
- Jottacloud MD5 Yes Yes No R
- Koofr MD5 No Yes No -
- Mail.ru Cloud Mailru ⁶ Yes Yes No -
- Mega - No No Yes -
- Memory MD5 Yes No No -
- Microsoft Azure Blob Storage MD5 Yes No No R/W
- Microsoft OneDrive SHA1 ⁵ Yes Yes No R
- OpenDrive MD5 Yes Yes Partial ⁸ -
- OpenStack Swift MD5 Yes No No R/W
- pCloud MD5, SHA1 ⁷ Yes No No W
- premiumize.me - No Yes No R
- put.io CRC-32 Yes No Yes R
- QingStor MD5 No No No R/W
- Seafile - No No No -
- SFTP MD5, SHA1 ² Yes Depends No -
- Sia - No No No -
- SugarSync - No No No -
- Storj - Yes No No -
- Uptobox - No No Yes -
- WebDAV MD5, SHA1 ³ Yes ⁴ Depends No -
- Yandex Disk MD5 Yes No No R
- Zoho WorkDrive - No No No -
- The local filesystem All Yes Depends No -
+ Name Hash ModTime Case Insensitive Duplicate Files MIME Type Metadata
+ ------------------------------ ------------------ --------- ------------------ ----------------- ----------- ----------
+ 1Fichier Whirlpool - No Yes R -
+ Akamai Netstorage MD5, SHA256 R/W No No R -
+ Amazon Drive MD5 - Yes No R -
+ Amazon S3 (or S3 compatible) MD5 R/W No No R/W RWU
+ Backblaze B2 SHA1 R/W No No R/W -
+ Box SHA1 R/W Yes No - -
+ Citrix ShareFile MD5 R/W Yes No - -
+ Dropbox DBHASH ¹ R Yes No - -
+ Enterprise File Fabric - R/W Yes No R/W -
+ FTP - R/W ¹⁰ No No - -
+ Google Cloud Storage MD5 R/W No No R/W -
+ Google Drive MD5 R/W No Yes R/W -
+ Google Photos - - No Yes R -
+ HDFS - R/W No No - -
+ HiDrive HiDrive ¹² R/W No No - -
+ HTTP - R No No R -
+ Internet Archive MD5, SHA1, CRC32 R/W ¹¹ No No - RWU
+ Jottacloud MD5 R/W Yes No R -
+ Koofr MD5 - Yes No - -
+ Mail.ru Cloud Mailru ⁶ R/W Yes No - -
+ Mega - - No Yes - -
+ Memory MD5 R/W No No - -
+ Microsoft Azure Blob Storage MD5 R/W No No R/W -
+ Microsoft OneDrive SHA1 ⁵ R/W Yes No R -
+ OpenDrive MD5 R/W Yes Partial ⁸ - -
+ OpenStack Swift MD5 R/W No No R/W -
+ Oracle Object Storage MD5 R/W No No R/W -
+ pCloud MD5, SHA1 ⁷ R No No W -
+ premiumize.me - - Yes No R -
+ put.io CRC-32 R/W No Yes R -
+ QingStor MD5 - ⁹ No No R/W -
+ Seafile - - No No - -
+ SFTP MD5, SHA1 ² R/W Depends No - -
+ Sia - - No No - -
+ SMB - - Yes No - -
+ SugarSync - - No No - -
+ Storj - R No No - -
+ Uptobox - - No Yes - -
+ WebDAV MD5, SHA1 ³ R ⁴ Depends No - -
+ Yandex Disk MD5 R/W No No R -
+ Zoho WorkDrive - - No No - -
+ The local filesystem All R/W Depends No - RWU
Notes
@@ -12447,6 +13579,17 @@ platform has been determined to allow duplicate files, and it is
possible to create them with rclone. It may be that this is a mistake or
an unsupported feature.
+⁹ QingStor does not support SetModTime for objects bigger than 5 GiB.
+
+¹⁰ FTP supports modtimes for the major FTP servers, and also others if
+they advertised required protocol extensions. See this for more details.
+
+¹¹ Internet Archive requires option wait_archive to be set to a non-zero
+value for full modtime support.
+
+¹² HiDrive supports its own custom hash. It combines SHA1 sums for each
+4 KiB block hierarchically to a single top-level sum.
+
Hash
The cloud storage system supports various hash types of the objects. The
@@ -12459,13 +13602,34 @@ systems they must support a common hash type.
ModTime
-The cloud storage system supports setting modification times on objects.
-If it does then this enables a using the modification times as part of
-the sync. If not then only the size will be checked by default, though
-the MD5SUM can be checked with the --checksum flag.
-
-All cloud storage systems support some kind of date on the object and
-these will be set when transferring from the cloud storage system.
+Almost all cloud storage systems store some sort of timestamp on
+objects, but several of them not something that is appropriate to use
+for syncing. E.g. some backends will only write a timestamp that
+represent the time of the upload. To be relevant for syncing it should
+be able to store the modification time of the source object. If this is
+not the case, rclone will only check the file size by default, though
+can be configured to check the file hash (with the --checksum flag).
+Ideally it should also be possible to change the timestamp of an
+existing file without having to re-upload it.
+
+Storage systems with a - in the ModTime column, means the modification
+read on objects is not the modification time of the file when uploaded.
+It is most likely the time the file was uploaded, or possibly something
+else (like the time the picture was taken in Google Photos).
+
+Storage systems with a R (for read-only) in the ModTime column, means
+the it keeps modification times on objects, and updates them when
+uploading objects, but it does not support changing only the
+modification time (SetModTime operation) without re-uploading, possibly
+not even without deleting existing first. Some operations in rclone,
+such as copy and sync commands, will automatically check for SetModTime
+support and re-upload if necessary to keep the modification times in
+sync. Other commands will not work without SetModTime support, e.g.
+touch command on an existing file will fail, and changes to modification
+time only on a files in a mount will be silently ignored.
+
+Storage systems with R/W (for read/write) in the ModTime column, means
+they do also support modtime-only operations.
Case Insensitive
@@ -12665,35 +13829,77 @@ of all possible values by passing an invalid value to this flag, e.g.
--local-encoding "help". The command rclone help flags encoding will
show you the defaults for the backends.
- Encoding Characters
- --------------- -------------------------------------------------------------
- Asterisk *
- BackQuote `
- BackSlash \
- Colon :
- CrLf CR 0x0D, LF 0x0A
- Ctl All control characters 0x00-0x1F
- Del DEL 0x7F
- Dollar $
- Dot . or .. as entire string
- DoubleQuote "
- Hash #
- InvalidUtf8 An invalid UTF-8 character (e.g. latin1)
- LeftCrLfHtVt CR 0x0D, LF 0x0A,HT 0x09, VT 0x0B on the left of a string
- LeftPeriod . on the left of a string
- LeftSpace SPACE on the left of a string
- LeftTilde ~ on the left of a string
- LtGt <, >
- None No characters are encoded
- Percent %
- Pipe |
- Question ?
- RightCrLfHtVt CR 0x0D, LF 0x0A, HT 0x09, VT 0x0B on the right of a string
- RightPeriod . on the right of a string
- RightSpace SPACE on the right of a string
- SingleQuote '
- Slash /
- SquareBracket [, ]
+ ----------------------------------------------------------------------------------
+ Encoding Characters Encoded as
+ ---------------------- ------------------------ ----------------------------------
+ Asterisk * *
+
+ BackQuote ` `
+
+ BackSlash \ \
+
+ Colon : :
+
+ CrLf CR 0x0D, LF 0x0A ␍, ␊
+
+ Ctl All control characters ␀␁␂␃␄␅␆␇␈␉␊␋␌␍␎␏␐␑␒␓␔␕␖␗␘␙␚␛␜␝␞␟
+ 0x00-0x1F
+
+ Del DEL 0x7F ␡
+
+ Dollar $ $
+
+ Dot . or .. as entire string ., ..
+
+ DoubleQuote " "
+
+ Hash # #
+
+ InvalidUtf8 An invalid UTF-8 �
+ character (e.g. latin1)
+
+ LeftCrLfHtVt CR 0x0D, LF 0x0A, HT ␍, ␊, ␉, ␋
+ 0x09, VT 0x0B on the
+ left of a string
+
+ LeftPeriod . on the left of a .
+ string
+
+ LeftSpace SPACE on the left of a ␠
+ string
+
+ LeftTilde ~ on the left of a ~
+ string
+
+ LtGt <, > <, >
+
+ None No characters are
+ encoded
+
+ Percent % %
+
+ Pipe | |
+
+ Question ? ?
+
+ RightCrLfHtVt CR 0x0D, LF 0x0A, HT ␍, ␊, ␉, ␋
+ 0x09, VT 0x0B on the
+ right of a string
+
+ RightPeriod . on the right of a .
+ string
+
+ RightSpace SPACE on the right of a ␠
+ string
+
+ Semicolon ; ;
+
+ SingleQuote ' '
+
+ Slash / /
+
+ SquareBracket [, ] [, ]
+ ----------------------------------------------------------------------------------
Encoding example: FTP
@@ -12764,6 +13970,22 @@ which supports writing (W) then rclone will preserve the MIME types.
Otherwise they will be guessed from the extension, or the remote itself
may assign the MIME type.
+Metadata
+
+Backends may or may support reading or writing metadata. They may
+support reading and writing system metadata (metadata intrinsic to that
+backend) and/or user metadata (general purpose metadata).
+
+The levels of metadata support are
+
+ Key Explanation
+ ----- -----------------------------------------------------------------
+ R Read only System Metadata
+ RW Read and write System Metadata
+ RWU Read and write System Metadata and read and write User Metadata
+
+See the metadata docs for more info.
+
Optional Features
All rclone remotes support a base command set. Other features depend
@@ -12772,8 +13994,9 @@ upon backend-specific capabilities.
Name Purge Copy Move DirMove CleanUp ListR StreamUpload LinkSharing About EmptyDir
------------------------------ ------- ------ ------ --------- --------- ------- -------------- ------------- ------- ----------
1Fichier No Yes Yes No No No No Yes No Yes
+ Akamai Netstorage Yes No No No No Yes Yes No No Yes
Amazon Drive Yes No Yes Yes No No No No No Yes
- Amazon S3 No Yes No No Yes Yes Yes Yes No No
+ Amazon S3 (or S3 compatible) No Yes No No Yes Yes Yes Yes No No
Backblaze B2 No Yes No No Yes Yes Yes Yes No No
Box Yes Yes Yes Yes Yes ‡‡ No Yes Yes Yes Yes
Citrix ShareFile Yes Yes Yes Yes No No Yes No No Yes
@@ -12784,9 +14007,11 @@ upon backend-specific capabilities.
Google Drive Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
Google Photos No No No No No No No No No No
HDFS Yes No Yes Yes No No Yes No Yes Yes
+ HiDrive Yes Yes Yes Yes No No Yes No No Yes
HTTP No No No No No No No No No Yes
- Hubic Yes † Yes No No No Yes Yes No Yes No
+ Internet Archive No Yes No No Yes Yes No Yes Yes No
Jottacloud Yes Yes Yes Yes Yes Yes No Yes Yes Yes
+ Koofr Yes Yes Yes Yes No No Yes Yes Yes Yes
Mail.ru Cloud Yes Yes Yes Yes Yes No No Yes Yes Yes
Mega Yes No Yes Yes Yes No No Yes Yes Yes
Memory No Yes No No No Yes Yes No No No
@@ -12794,14 +14019,17 @@ upon backend-specific capabilities.
Microsoft OneDrive Yes Yes Yes Yes Yes No No Yes Yes Yes
OpenDrive Yes Yes Yes Yes No No No No No Yes
OpenStack Swift Yes † Yes No No No Yes Yes No Yes No
+ Oracle Object Storage No Yes No No Yes Yes Yes No No No
pCloud Yes Yes Yes Yes Yes No No Yes Yes Yes
premiumize.me Yes No Yes Yes No No No Yes Yes Yes
put.io Yes No Yes Yes Yes No Yes No Yes Yes
QingStor No Yes No No Yes Yes No No No No
Seafile Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
SFTP No No Yes Yes No No Yes No Yes Yes
+ Sia No No No No No No Yes No No Yes
+ SMB No No Yes Yes No No Yes No No Yes
SugarSync Yes Yes Yes Yes No No Yes Yes No Yes
- Storj Yes † No Yes No No Yes Yes No No No
+ Storj Yes † Yes Yes No No Yes Yes No No No
Uptobox No Yes Yes Yes No No No No No No
WebDAV Yes Yes Yes Yes No No Yes ‡ No Yes Yes
Yandex Disk Yes Yes Yes Yes Yes No Yes Yes Yes Yes
@@ -12813,9 +14041,9 @@ Purge
This deletes a directory quicker than just deleting all the files in the
directory.
-† Note Swift, Hubic, and Storj implement this in order to delete
-directory markers but they don't actually have a quicker way of deleting
-files other than deleting them individually.
+† Note Swift and Storj implement this in order to delete directory
+markers but they don't actually have a quicker way of deleting files
+other than deleting them individually.
‡ StreamUpload is not supported with Nextcloud
@@ -12913,9 +14141,10 @@ These flags are available for every command.
-c, --checksum Skip based on checksum (if available) & size, not mod-time & size
--client-cert string Client SSL certificate (PEM) for mutual TLS auth
--client-key string Client SSL private key (PEM) for mutual TLS auth
+ --color string When to show colors (and other ANSI codes) AUTO|NEVER|ALWAYS (default "AUTO")
--compare-dest stringArray Include additional comma separated server-side paths during comparison
--config string Config file (default "$HOME/.config/rclone/rclone.conf")
- --contimeout duration Connect timeout (default 1m0s)
+ --contimeout Duration Connect timeout (default 1m0s)
--copy-dest stringArray Implies --compare-dest but also copies files from paths into destination
--cpuprofile string Write cpu profile to file
--cutoff-mode string Mode to stop transfers when reaching the max transfer limit HARD|SOFT|CAUTIOUS (default "HARD")
@@ -12924,6 +14153,7 @@ These flags are available for every command.
--delete-during When synchronizing, delete files during transfer
--delete-excluded Delete files on dest excluded from sync
--disable string Disable a comma separated list of features (use --disable help to see a list)
+ --disable-http-keep-alives Disable HTTP keep-alives and use each connection once.
--disable-http2 Disable HTTP/2 in the global transport
-n, --dry-run Do a trial run with no permanent changes
--dscp string Set DSCP value to connections, value or name, e.g. CS1, LE, DF, AF21
@@ -12932,16 +14162,16 @@ These flags are available for every command.
--dump-headers Dump HTTP headers - may contain sensitive info
--error-on-no-transfer Sets exit code 9 if no files are transferred, useful in scripts
--exclude stringArray Exclude files matching pattern
- --exclude-from stringArray Read exclude patterns from file (use - to read from stdin)
- --exclude-if-present string Exclude directories if filename is present
- --expect-continue-timeout duration Timeout when using expect / 100-continue in HTTP (default 1s)
+ --exclude-from stringArray Read file exclude patterns from file (use - to read from stdin)
+ --exclude-if-present stringArray Exclude directories if filename is present
+ --expect-continue-timeout Duration Timeout when using expect / 100-continue in HTTP (default 1s)
--fast-list Use recursive list if available; uses more memory but fewer transactions
--files-from stringArray Read list of source-file names from file (use - to read from stdin)
--files-from-raw stringArray Read list of source-file names from file without any processing of lines (use - to read from stdin)
- -f, --filter stringArray Add a file-filtering rule
- --filter-from stringArray Read filtering patterns from a file (use - to read from stdin)
- --fs-cache-expire-duration duration Cache remotes for this long (0 to disable caching) (default 5m0s)
- --fs-cache-expire-interval duration Interval to check for expired remotes (default 1m0s)
+ -f, --filter stringArray Add a file filtering rule
+ --filter-from stringArray Read file filtering patterns from a file (use - to read from stdin)
+ --fs-cache-expire-duration Duration Cache remotes for this long (0 to disable caching) (default 5m0s)
+ --fs-cache-expire-interval Duration Interval to check for expired remotes (default 1m0s)
--header stringArray Set HTTP header for all transactions
--header-download stringArray Set HTTP header for download transactions
--header-upload stringArray Set HTTP header for upload transactions
@@ -12955,9 +14185,9 @@ These flags are available for every command.
-I, --ignore-times Don't skip files that match size and time - transfer all files
--immutable Do not modify files, fail if existing files have been modified
--include stringArray Include files matching pattern
- --include-from stringArray Read include patterns from file (use - to read from stdin)
+ --include-from stringArray Read file include patterns from file (use - to read from stdin)
-i, --interactive Enable interactive mode
- --kv-lock-time duration Maximum time to keep key-value database locked by process (default 1s)
+ --kv-lock-time Duration Maximum time to keep key-value database locked by process (default 1s)
--log-file string Log everything to this file
--log-format string Comma separated list of log format options (default "date,time")
--log-level string Log level DEBUG|INFO|NOTICE|ERROR (default "NOTICE")
@@ -12967,14 +14197,22 @@ These flags are available for every command.
--max-backlog int Maximum number of objects in sync or check backlog (default 10000)
--max-delete int When synchronizing, limit the number of deletes (default -1)
--max-depth int If set limits the recursion depth to this (default -1)
- --max-duration duration Maximum duration rclone will transfer data for
+ --max-duration Duration Maximum duration rclone will transfer data for (default 0s)
--max-size SizeSuffix Only transfer files smaller than this in KiB or suffix B|K|M|G|T|P (default off)
--max-stats-groups int Maximum number of stats groups to keep in memory, on max oldest is discarded (default 1000)
--max-transfer SizeSuffix Maximum size of data to transfer (default off)
--memprofile string Write memory profile to file
+ -M, --metadata If set, preserve metadata when copying objects
+ --metadata-exclude stringArray Exclude metadatas matching pattern
+ --metadata-exclude-from stringArray Read metadata exclude patterns from file (use - to read from stdin)
+ --metadata-filter stringArray Add a metadata filtering rule
+ --metadata-filter-from stringArray Read metadata filtering patterns from a file (use - to read from stdin)
+ --metadata-include stringArray Include metadatas matching pattern
+ --metadata-include-from stringArray Read metadata include patterns from file (use - to read from stdin)
+ --metadata-set stringArray Add metadata key=value when uploading
--min-age Duration Only transfer files older than this in s or suffix ms|s|m|h|d|w|M|y (default off)
--min-size SizeSuffix Only transfer files bigger than this in KiB or suffix B|K|M|G|T|P (default off)
- --modify-window duration Max time diff to be considered the same (default 1ns)
+ --modify-window Duration Max time diff to be considered the same (default 1ns)
--multi-thread-cutoff SizeSuffix Use multi-thread downloads for files above this size (default 250Mi)
--multi-thread-streams int Max number of streams to use for multi-thread downloads (default 4)
--no-check-certificate Do not verify the server SSL certificate (insecure)
@@ -12990,24 +14228,26 @@ These flags are available for every command.
--progress-terminal-title Show progress on the terminal title (requires -P/--progress)
-q, --quiet Print as little stuff as possible
--rc Enable the remote control server
- --rc-addr string IPaddress:Port or :Port to bind server to (default "localhost:5572")
+ --rc-addr stringArray IPaddress:Port or :Port to bind server to (default [localhost:5572])
--rc-allow-origin string Set the allowed origin for CORS
--rc-baseurl string Prefix for URLs - leave blank for root
- --rc-cert string SSL PEM key (concatenation of certificate and CA certificate)
+ --rc-cert string TLS PEM key (concatenation of certificate and CA certificate)
--rc-client-ca string Client certificate authority to verify clients with
--rc-enable-metrics Enable prometheus metrics on /metrics
--rc-files string Path to local files to serve on the HTTP server
- --rc-htpasswd string htpasswd file - if not provided no authentication is done
- --rc-job-expire-duration duration Expire finished async jobs older than this value (default 1m0s)
- --rc-job-expire-interval duration Interval to check for expired async jobs (default 10s)
- --rc-key string SSL PEM Private key
+ --rc-htpasswd string A htpasswd file - if not provided no authentication is done
+ --rc-job-expire-duration Duration Expire finished async jobs older than this value (default 1m0s)
+ --rc-job-expire-interval Duration Interval to check for expired async jobs (default 10s)
+ --rc-key string TLS PEM Private key
--rc-max-header-bytes int Maximum size of request header (default 4096)
+ --rc-min-tls-version string Minimum TLS version that is acceptable (default "tls1.0")
--rc-no-auth Don't require auth for certain methods
--rc-pass string Password for authentication
- --rc-realm string Realm for authentication (default "rclone")
+ --rc-realm string Realm for authentication
+ --rc-salt string Password hashing salt (default "dlPL2MqE")
--rc-serve Enable the serving of remote objects
- --rc-server-read-timeout duration Timeout for server reading data (default 1h0m0s)
- --rc-server-write-timeout duration Timeout for server writing data (default 1h0m0s)
+ --rc-server-read-timeout Duration Timeout for server reading data (default 1h0m0s)
+ --rc-server-write-timeout Duration Timeout for server writing data (default 1h0m0s)
--rc-template string User-specified template
--rc-user string User name for authentication
--rc-web-fetch-url string URL to fetch the releases for webgui (default "https://api.github.com/repos/rclone/rclone-webui-react/releases/latest")
@@ -13017,9 +14257,10 @@ These flags are available for every command.
--rc-web-gui-update Check and update to latest version of web gui
--refresh-times Refresh the modtime of remote files
--retries int Retry operations this many times if they fail (default 3)
- --retries-sleep duration Interval between retrying operations if they fail, e.g. 500ms, 60s, 5m (0 to disable)
+ --retries-sleep Duration Interval between retrying operations if they fail, e.g. 500ms, 60s, 5m (0 to disable) (default 0s)
+ --server-side-across-configs Allow server-side operations (e.g. copy) to work across different configs
--size-only Skip based on size only, not mod-time or checksum
- --stats duration Interval between printing stats, e.g. 500ms, 60s, 5m (0 to disable) (default 1m0s)
+ --stats Duration Interval between printing stats, e.g. 500ms, 60s, 5m (0 to disable) (default 1m0s)
--stats-file-name-length int Max file name length in stats (0 for no limit) (default 45)
--stats-log-level string Log level to show --stats output DEBUG|INFO|NOTICE|ERROR (default "INFO")
--stats-one-line Make the stats fit on one line
@@ -13032,7 +14273,7 @@ These flags are available for every command.
--syslog Use Syslog for logging
--syslog-facility string Facility for syslog, e.g. KERN,USER,... (default "DAEMON")
--temp-dir string Directory rclone will use for temporary files (default "/tmp")
- --timeout duration IO idle timeout (default 5m0s)
+ --timeout Duration IO idle timeout (default 5m0s)
--tpslimit float Limit HTTP transactions per second to this
--tpslimit-burst int Max burst of transactions for --tpslimit (default 1)
--track-renames When synchronizing, track file renames and do a server-side move if possible
@@ -13043,7 +14284,7 @@ These flags are available for every command.
--use-json-log Use json log format
--use-mmap Use mmap allocator (see docs)
--use-server-modtime Use server modified time instead of object metadata
- --user-agent string Set the user-agent to a specified string (default "rclone/v1.58.0")
+ --user-agent string Set the user-agent to a specified string (default "rclone/v1.61.0")
-v, --verbose count Print lots more stuff (repeat for more)
Backend Flags
@@ -13051,469 +14292,543 @@ Backend Flags
These flags are available for every command. They control the backends
and may be set in the config file.
- --acd-auth-url string Auth server URL
- --acd-client-id string OAuth Client Id
- --acd-client-secret string OAuth Client Secret
- --acd-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
- --acd-templink-threshold SizeSuffix Files >= this size will be downloaded via their tempLink (default 9Gi)
- --acd-token string OAuth Access Token as a JSON blob
- --acd-token-url string Token server url
- --acd-upload-wait-per-gb Duration Additional time per GiB to wait after a failed complete upload to see if it appears (default 3m0s)
- --alias-remote string Remote or path to alias
- --azureblob-access-tier string Access tier of blob: hot, cool or archive
- --azureblob-account string Storage Account Name
- --azureblob-archive-tier-delete Delete archive tier blobs before overwriting
- --azureblob-chunk-size SizeSuffix Upload chunk size (default 4Mi)
- --azureblob-disable-checksum Don't store MD5 checksum with object metadata
- --azureblob-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,RightPeriod,InvalidUtf8)
- --azureblob-endpoint string Endpoint for the service
- --azureblob-key string Storage Account Key
- --azureblob-list-chunk int Size of blob list (default 5000)
- --azureblob-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
- --azureblob-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
- --azureblob-msi-client-id string Object ID of the user-assigned MSI to use, if any
- --azureblob-msi-mi-res-id string Azure resource ID of the user-assigned MSI to use, if any
- --azureblob-msi-object-id string Object ID of the user-assigned MSI to use, if any
- --azureblob-no-head-object If set, do not do HEAD before GET when getting objects
- --azureblob-public-access string Public access level of a container: blob or container
- --azureblob-sas-url string SAS URL for container level access only
- --azureblob-service-principal-file string Path to file containing credentials for use with a service principal
- --azureblob-upload-concurrency int Concurrency for multipart uploads (default 16)
- --azureblob-upload-cutoff string Cutoff for switching to chunked upload (<= 256 MiB) (deprecated)
- --azureblob-use-emulator Uses local storage emulator if provided as 'true'
- --azureblob-use-msi Use a managed service identity to authenticate (only works in Azure)
- --b2-account string Account ID or Application Key ID
- --b2-chunk-size SizeSuffix Upload chunk size (default 96Mi)
- --b2-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4Gi)
- --b2-disable-checksum Disable checksums for large (> upload cutoff) files
- --b2-download-auth-duration Duration Time before the authorization token will expire in s or suffix ms|s|m|h|d (default 1w)
- --b2-download-url string Custom endpoint for downloads
- --b2-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --b2-endpoint string Endpoint for the service
- --b2-hard-delete Permanently delete files on remote removal, otherwise hide files
- --b2-key string Application Key
- --b2-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
- --b2-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
- --b2-test-mode string A flag string for X-Bz-Test-Mode header for debugging
- --b2-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
- --b2-versions Include old versions in directory listings
- --box-access-token string Box App Primary Access Token
- --box-auth-url string Auth server URL
- --box-box-config-file string Box App config.json location
- --box-box-sub-type string (default "user")
- --box-client-id string OAuth Client Id
- --box-client-secret string OAuth Client Secret
- --box-commit-retries int Max number of times to try committing a multipart file (default 100)
- --box-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,RightSpace,InvalidUtf8,Dot)
- --box-list-chunk int Size of listing chunk 1-1000 (default 1000)
- --box-owned-by string Only show items owned by the login (email address) passed in
- --box-root-folder-id string Fill in for rclone to use a non root folder as its starting point
- --box-token string OAuth Access Token as a JSON blob
- --box-token-url string Token server url
- --box-upload-cutoff SizeSuffix Cutoff for switching to multipart upload (>= 50 MiB) (default 50Mi)
- --cache-chunk-clean-interval Duration How often should the cache perform cleanups of the chunk storage (default 1m0s)
- --cache-chunk-no-memory Disable the in-memory cache for storing chunks during streaming
- --cache-chunk-path string Directory to cache chunk files (default "$HOME/.cache/rclone/cache-backend")
- --cache-chunk-size SizeSuffix The size of a chunk (partial file data) (default 5Mi)
- --cache-chunk-total-size SizeSuffix The total size that the chunks can take up on the local disk (default 10Gi)
- --cache-db-path string Directory to store file structure metadata DB (default "$HOME/.cache/rclone/cache-backend")
- --cache-db-purge Clear all the cached data for this remote on start
- --cache-db-wait-time Duration How long to wait for the DB to be available - 0 is unlimited (default 1s)
- --cache-info-age Duration How long to cache file structure information (directory listings, file size, times, etc.) (default 6h0m0s)
- --cache-plex-insecure string Skip all certificate verification when connecting to the Plex server
- --cache-plex-password string The password of the Plex user (obscured)
- --cache-plex-url string The URL of the Plex server
- --cache-plex-username string The username of the Plex user
- --cache-read-retries int How many times to retry a read from a cache storage (default 10)
- --cache-remote string Remote to cache
- --cache-rps int Limits the number of requests per second to the source FS (-1 to disable) (default -1)
- --cache-tmp-upload-path string Directory to keep temporary files until they are uploaded
- --cache-tmp-wait-time Duration How long should files be stored in local cache before being uploaded (default 15s)
- --cache-workers int How many workers should run in parallel to download chunks (default 4)
- --cache-writes Cache file data on writes through the FS
- --chunker-chunk-size SizeSuffix Files larger than chunk size will be split in chunks (default 2Gi)
- --chunker-fail-hard Choose how chunker should handle files with missing or invalid chunks
- --chunker-hash-type string Choose how chunker handles hash sums (default "md5")
- --chunker-remote string Remote to chunk/unchunk
- --compress-level int GZIP compression level (-2 to 9) (default -1)
- --compress-mode string Compression mode (default "gzip")
- --compress-ram-cache-limit SizeSuffix Some remotes don't allow the upload of files with unknown size (default 20Mi)
- --compress-remote string Remote to compress
- -L, --copy-links Follow symlinks and copy the pointed to item
- --crypt-directory-name-encryption Option to either encrypt directory names or leave them intact (default true)
- --crypt-filename-encoding string How to encode the encrypted filename to text string (default "base32")
- --crypt-filename-encryption string How to encrypt the filenames (default "standard")
- --crypt-no-data-encryption Option to either encrypt file data or leave it unencrypted
- --crypt-password string Password or pass phrase for encryption (obscured)
- --crypt-password2 string Password or pass phrase for salt (obscured)
- --crypt-remote string Remote to encrypt/decrypt
- --crypt-server-side-across-configs Allow server-side operations (e.g. copy) to work across different crypt configs
- --crypt-show-mapping For all files listed show how the names encrypt
- --drive-acknowledge-abuse Set to allow files which return cannotDownloadAbusiveFile to be downloaded
- --drive-allow-import-name-change Allow the filetype to change when uploading Google docs
- --drive-auth-owner-only Only consider files owned by the authenticated user
- --drive-auth-url string Auth server URL
- --drive-chunk-size SizeSuffix Upload chunk size (default 8Mi)
- --drive-client-id string Google Application Client Id
- --drive-client-secret string OAuth Client Secret
- --drive-copy-shortcut-content Server side copy contents of shortcuts instead of the shortcut
- --drive-disable-http2 Disable drive using http2 (default true)
- --drive-encoding MultiEncoder The encoding for the backend (default InvalidUtf8)
- --drive-export-formats string Comma separated list of preferred formats for downloading Google docs (default "docx,xlsx,pptx,svg")
- --drive-formats string Deprecated: See export_formats
- --drive-impersonate string Impersonate this user when using a service account
- --drive-import-formats string Comma separated list of preferred formats for uploading Google docs
- --drive-keep-revision-forever Keep new head revision of each file forever
- --drive-list-chunk int Size of listing chunk 100-1000, 0 to disable (default 1000)
- --drive-pacer-burst int Number of API calls to allow without sleeping (default 100)
- --drive-pacer-min-sleep Duration Minimum time to sleep between API calls (default 100ms)
- --drive-root-folder-id string ID of the root folder
- --drive-scope string Scope that rclone should use when requesting access from drive
- --drive-server-side-across-configs Allow server-side operations (e.g. copy) to work across different drive configs
- --drive-service-account-credentials string Service Account Credentials JSON blob
- --drive-service-account-file string Service Account Credentials JSON file path
- --drive-shared-with-me Only show files that are shared with me
- --drive-size-as-quota Show sizes as storage quota usage, not actual size
- --drive-skip-checksum-gphotos Skip MD5 checksum on Google photos and videos only
- --drive-skip-dangling-shortcuts If set skip dangling shortcut files
- --drive-skip-gdocs Skip google documents in all listings
- --drive-skip-shortcuts If set skip shortcut files
- --drive-starred-only Only show files that are starred
- --drive-stop-on-download-limit Make download limit errors be fatal
- --drive-stop-on-upload-limit Make upload limit errors be fatal
- --drive-team-drive string ID of the Shared Drive (Team Drive)
- --drive-token string OAuth Access Token as a JSON blob
- --drive-token-url string Token server url
- --drive-trashed-only Only show files that are in the trash
- --drive-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 8Mi)
- --drive-use-created-date Use file created date instead of modified date
- --drive-use-shared-date Use date file was shared instead of modified date
- --drive-use-trash Send files to the trash instead of deleting permanently (default true)
- --drive-v2-download-min-size SizeSuffix If Object's are greater, use drive v2 API to download (default off)
- --dropbox-auth-url string Auth server URL
- --dropbox-batch-commit-timeout Duration Max time to wait for a batch to finish comitting (default 10m0s)
- --dropbox-batch-mode string Upload file batching sync|async|off (default "sync")
- --dropbox-batch-size int Max number of files in upload batch
- --dropbox-batch-timeout Duration Max time to allow an idle upload batch before uploading (default 0s)
- --dropbox-chunk-size SizeSuffix Upload chunk size (< 150Mi) (default 48Mi)
- --dropbox-client-id string OAuth Client Id
- --dropbox-client-secret string OAuth Client Secret
- --dropbox-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,RightSpace,InvalidUtf8,Dot)
- --dropbox-impersonate string Impersonate this user when using a business account
- --dropbox-shared-files Instructs rclone to work on individual shared files
- --dropbox-shared-folders Instructs rclone to work on shared folders
- --dropbox-token string OAuth Access Token as a JSON blob
- --dropbox-token-url string Token server url
- --fichier-api-key string Your API Key, get it from https://1fichier.com/console/params.pl
- --fichier-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,SingleQuote,BackQuote,Dollar,BackSlash,Del,Ctl,LeftSpace,RightSpace,InvalidUtf8,Dot)
- --fichier-file-password string If you want to download a shared file that is password protected, add this parameter (obscured)
- --fichier-folder-password string If you want to list the files in a shared folder that is password protected, add this parameter (obscured)
- --fichier-shared-folder string If you want to download a shared folder, add this parameter
- --filefabric-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,InvalidUtf8,Dot)
- --filefabric-permanent-token string Permanent Authentication Token
- --filefabric-root-folder-id string ID of the root folder
- --filefabric-token string Session Token
- --filefabric-token-expiry string Token expiry time
- --filefabric-url string URL of the Enterprise File Fabric to connect to
- --filefabric-version string Version read from the file fabric
- --ftp-ask-password Allow asking for FTP password when needed
- --ftp-close-timeout Duration Maximum time to wait for a response to close (default 1m0s)
- --ftp-concurrency int Maximum number of FTP simultaneous connections, 0 for unlimited
- --ftp-disable-epsv Disable using EPSV even if server advertises support
- --ftp-disable-mlsd Disable using MLSD even if server advertises support
- --ftp-disable-tls13 Disable TLS 1.3 (workaround for FTP servers with buggy TLS)
- --ftp-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,RightSpace,Dot)
- --ftp-explicit-tls Use Explicit FTPS (FTP over TLS)
- --ftp-host string FTP host to connect to
- --ftp-idle-timeout Duration Max time before closing idle connections (default 1m0s)
- --ftp-no-check-certificate Do not verify the TLS certificate of the server
- --ftp-pass string FTP password (obscured)
- --ftp-port int FTP port number (default 21)
- --ftp-shut-timeout Duration Maximum time to wait for data connection closing status (default 1m0s)
- --ftp-tls Use Implicit FTPS (FTP over TLS)
- --ftp-tls-cache-size int Size of TLS session cache for all control and data connections (default 32)
- --ftp-user string FTP username (default "$USER")
- --ftp-writing-mdtm Use MDTM to set modification time (VsFtpd quirk)
- --gcs-anonymous Access public buckets and objects without credentials
- --gcs-auth-url string Auth server URL
- --gcs-bucket-acl string Access Control List for new buckets
- --gcs-bucket-policy-only Access checks should use bucket-level IAM policies
- --gcs-client-id string OAuth Client Id
- --gcs-client-secret string OAuth Client Secret
- --gcs-encoding MultiEncoder The encoding for the backend (default Slash,CrLf,InvalidUtf8,Dot)
- --gcs-location string Location for the newly created buckets
- --gcs-object-acl string Access Control List for new objects
- --gcs-project-number string Project number
- --gcs-service-account-file string Service Account Credentials JSON file path
- --gcs-storage-class string The storage class to use when storing objects in Google Cloud Storage
- --gcs-token string OAuth Access Token as a JSON blob
- --gcs-token-url string Token server url
- --gphotos-auth-url string Auth server URL
- --gphotos-client-id string OAuth Client Id
- --gphotos-client-secret string OAuth Client Secret
- --gphotos-encoding MultiEncoder The encoding for the backend (default Slash,CrLf,InvalidUtf8,Dot)
- --gphotos-include-archived Also view and download archived media
- --gphotos-read-only Set to make the Google Photos backend read only
- --gphotos-read-size Set to read the size of media items
- --gphotos-start-year int Year limits the photos to be downloaded to those which are uploaded after the given year (default 2000)
- --gphotos-token string OAuth Access Token as a JSON blob
- --gphotos-token-url string Token server url
- --hasher-auto-size SizeSuffix Auto-update checksum for files smaller than this size (disabled by default)
- --hasher-hashes CommaSepList Comma separated list of supported checksum types (default md5,sha1)
- --hasher-max-age Duration Maximum time to keep checksums in cache (0 = no cache, off = cache forever) (default off)
- --hasher-remote string Remote to cache checksums for (e.g. myRemote:path)
- --hdfs-data-transfer-protection string Kerberos data transfer protection: authentication|integrity|privacy
- --hdfs-encoding MultiEncoder The encoding for the backend (default Slash,Colon,Del,Ctl,InvalidUtf8,Dot)
- --hdfs-namenode string Hadoop name node and port
- --hdfs-service-principal-name string Kerberos service principal name for the namenode
- --hdfs-username string Hadoop user name
- --http-headers CommaSepList Set HTTP headers for all transactions
- --http-no-head Don't use HEAD requests
- --http-no-slash Set this if the site doesn't end directories with /
- --http-url string URL of http host to connect to
- --hubic-auth-url string Auth server URL
- --hubic-chunk-size SizeSuffix Above this size files will be chunked into a _segments container (default 5Gi)
- --hubic-client-id string OAuth Client Id
- --hubic-client-secret string OAuth Client Secret
- --hubic-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8)
- --hubic-no-chunk Don't chunk files during streaming upload
- --hubic-token string OAuth Access Token as a JSON blob
- --hubic-token-url string Token server url
- --jottacloud-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,Del,Ctl,InvalidUtf8,Dot)
- --jottacloud-hard-delete Delete files permanently rather than putting them into the trash
- --jottacloud-md5-memory-limit SizeSuffix Files bigger than this will be cached on disk to calculate the MD5 if required (default 10Mi)
- --jottacloud-no-versions Avoid server side versioning by deleting files and recreating files instead of overwriting them
- --jottacloud-trashed-only Only show files that are in the trash
- --jottacloud-upload-resume-limit SizeSuffix Files bigger than this can be resumed if the upload fail's (default 10Mi)
- --koofr-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --koofr-endpoint string The Koofr API endpoint to use
- --koofr-mountid string Mount ID of the mount to use
- --koofr-password string Your password for rclone (generate one at https://app.koofr.net/app/admin/preferences/password) (obscured)
- --koofr-provider string Choose your storage provider
- --koofr-setmtime Does the backend support setting modification time (default true)
- --koofr-user string Your user name
- -l, --links Translate symlinks to/from regular files with a '.rclonelink' extension
- --local-case-insensitive Force the filesystem to report itself as case insensitive
- --local-case-sensitive Force the filesystem to report itself as case sensitive
- --local-encoding MultiEncoder The encoding for the backend (default Slash,Dot)
- --local-no-check-updated Don't check to see if the files change during upload
- --local-no-preallocate Disable preallocation of disk space for transferred files
- --local-no-set-modtime Disable setting modtime
- --local-no-sparse Disable sparse files for multi-thread downloads
- --local-nounc string Disable UNC (long path names) conversion on Windows
- --local-unicode-normalization Apply unicode NFC normalization to paths and filenames
- --local-zero-size-links Assume the Stat size of links is zero (and read them instead) (deprecated)
- --mailru-check-hash What should copy do if file checksum is mismatched or invalid (default true)
- --mailru-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --mailru-pass string Password (obscured)
- --mailru-speedup-enable Skip full upload if there is another file with same data hash (default true)
- --mailru-speedup-file-patterns string Comma separated list of file name patterns eligible for speedup (put by hash) (default "*.mkv,*.avi,*.mp4,*.mp3,*.zip,*.gz,*.rar,*.pdf")
- --mailru-speedup-max-disk SizeSuffix This option allows you to disable speedup (put by hash) for large files (default 3Gi)
- --mailru-speedup-max-memory SizeSuffix Files larger than the size given below will always be hashed on disk (default 32Mi)
- --mailru-user string User name (usually email)
- --mega-debug Output more debug from Mega
- --mega-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
- --mega-hard-delete Delete files permanently rather than putting them into the trash
- --mega-pass string Password (obscured)
- --mega-user string User name
- --netstorage-account string Set the NetStorage account name
- --netstorage-host string Domain+path of NetStorage host to connect to
- --netstorage-protocol string Select between HTTP or HTTPS protocol (default "https")
- --netstorage-secret string Set the NetStorage account secret/G2O key for authentication (obscured)
- -x, --one-file-system Don't cross filesystem boundaries (unix/macOS only)
- --onedrive-auth-url string Auth server URL
- --onedrive-chunk-size SizeSuffix Chunk size to upload files with - must be multiple of 320k (327,680 bytes) (default 10Mi)
- --onedrive-client-id string OAuth Client Id
- --onedrive-client-secret string OAuth Client Secret
- --onedrive-disable-site-permission Disable the request for Sites.Read.All permission
- --onedrive-drive-id string The ID of the drive to use
- --onedrive-drive-type string The type of the drive (personal | business | documentLibrary)
- --onedrive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,LeftSpace,LeftTilde,RightSpace,RightPeriod,InvalidUtf8,Dot)
- --onedrive-expose-onenote-files Set to make OneNote files show up in directory listings
- --onedrive-link-password string Set the password for links created by the link command
- --onedrive-link-scope string Set the scope of the links created by the link command (default "anonymous")
- --onedrive-link-type string Set the type of the links created by the link command (default "view")
- --onedrive-list-chunk int Size of listing chunk (default 1000)
- --onedrive-no-versions Remove all versions on modifying operations
- --onedrive-region string Choose national cloud region for OneDrive (default "global")
- --onedrive-root-folder-id string ID of the root folder
- --onedrive-server-side-across-configs Allow server-side operations (e.g. copy) to work across different onedrive configs
- --onedrive-token string OAuth Access Token as a JSON blob
- --onedrive-token-url string Token server url
- --opendrive-chunk-size SizeSuffix Files will be uploaded in chunks this size (default 10Mi)
- --opendrive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,LeftSpace,LeftCrLfHtVt,RightSpace,RightCrLfHtVt,InvalidUtf8,Dot)
- --opendrive-password string Password (obscured)
- --opendrive-username string Username
- --pcloud-auth-url string Auth server URL
- --pcloud-client-id string OAuth Client Id
- --pcloud-client-secret string OAuth Client Secret
- --pcloud-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --pcloud-hostname string Hostname to connect to (default "api.pcloud.com")
- --pcloud-root-folder-id string Fill in for rclone to use a non root folder as its starting point (default "d0")
- --pcloud-token string OAuth Access Token as a JSON blob
- --pcloud-token-url string Token server url
- --premiumizeme-encoding MultiEncoder The encoding for the backend (default Slash,DoubleQuote,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --putio-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
- --qingstor-access-key-id string QingStor Access Key ID
- --qingstor-chunk-size SizeSuffix Chunk size to use for uploading (default 4Mi)
- --qingstor-connection-retries int Number of connection retries (default 3)
- --qingstor-encoding MultiEncoder The encoding for the backend (default Slash,Ctl,InvalidUtf8)
- --qingstor-endpoint string Enter an endpoint URL to connection QingStor API
- --qingstor-env-auth Get QingStor credentials from runtime
- --qingstor-secret-access-key string QingStor Secret Access Key (password)
- --qingstor-upload-concurrency int Concurrency for multipart uploads (default 1)
- --qingstor-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
- --qingstor-zone string Zone to connect to
- --s3-access-key-id string AWS Access Key ID
- --s3-acl string Canned ACL used when creating buckets and storing or copying objects
- --s3-bucket-acl string Canned ACL used when creating buckets
- --s3-chunk-size SizeSuffix Chunk size to use for uploading (default 5Mi)
- --s3-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4.656Gi)
- --s3-disable-checksum Don't store MD5 checksum with object metadata
- --s3-disable-http2 Disable usage of http2 for S3 backends
- --s3-download-url string Custom endpoint for downloads
- --s3-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
- --s3-endpoint string Endpoint for S3 API
- --s3-env-auth Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars)
- --s3-force-path-style If true use path style access if false use virtual hosted style (default true)
- --s3-leave-parts-on-error If true avoid calling abort upload on a failure, leaving all successfully uploaded parts on S3 for manual recovery
- --s3-list-chunk int Size of listing chunk (response list for each ListObject S3 request) (default 1000)
- --s3-list-url-encode Tristate Whether to url encode listings: true/false/unset (default unset)
- --s3-list-version int Version of ListObjects to use: 1,2 or 0 for auto
- --s3-location-constraint string Location constraint - must be set to match the Region
- --s3-max-upload-parts int Maximum number of parts in a multipart upload (default 10000)
- --s3-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
- --s3-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
- --s3-no-check-bucket If set, don't attempt to check the bucket exists or create it
- --s3-no-head If set, don't HEAD uploaded objects to check integrity
- --s3-no-head-object If set, do not do HEAD before GET when getting objects
- --s3-profile string Profile to use in the shared credentials file
- --s3-provider string Choose your S3 provider
- --s3-region string Region to connect to
- --s3-requester-pays Enables requester pays option when interacting with S3 bucket
- --s3-secret-access-key string AWS Secret Access Key (password)
- --s3-server-side-encryption string The server-side encryption algorithm used when storing this object in S3
- --s3-session-token string An AWS session token
- --s3-shared-credentials-file string Path to the shared credentials file
- --s3-sse-customer-algorithm string If using SSE-C, the server-side encryption algorithm used when storing this object in S3
- --s3-sse-customer-key string If using SSE-C you must provide the secret encryption key used to encrypt/decrypt your data
- --s3-sse-customer-key-md5 string If using SSE-C you may provide the secret encryption key MD5 checksum (optional)
- --s3-sse-kms-key-id string If using KMS ID you must provide the ARN of Key
- --s3-storage-class string The storage class to use when storing new objects in S3
- --s3-upload-concurrency int Concurrency for multipart uploads (default 4)
- --s3-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
- --s3-use-accelerate-endpoint If true use the AWS S3 accelerated endpoint
- --s3-use-multipart-etag Tristate Whether to use ETag in multipart uploads for verification (default unset)
- --s3-v2-auth If true use v2 authentication
- --seafile-2fa Two-factor authentication ('true' if the account has 2FA enabled)
- --seafile-create-library Should rclone create a library if it doesn't exist
- --seafile-encoding MultiEncoder The encoding for the backend (default Slash,DoubleQuote,BackSlash,Ctl,InvalidUtf8)
- --seafile-library string Name of the library
- --seafile-library-key string Library password (for encrypted libraries only) (obscured)
- --seafile-pass string Password (obscured)
- --seafile-url string URL of seafile host to connect to
- --seafile-user string User name (usually email address)
- --sftp-ask-password Allow asking for SFTP password when needed
- --sftp-disable-concurrent-reads If set don't use concurrent reads
- --sftp-disable-concurrent-writes If set don't use concurrent writes
- --sftp-disable-hashcheck Disable the execution of SSH commands to determine if remote file hashing is available
- --sftp-host string SSH host to connect to
- --sftp-idle-timeout Duration Max time before closing idle connections (default 1m0s)
- --sftp-key-file string Path to PEM-encoded private key file
- --sftp-key-file-pass string The passphrase to decrypt the PEM-encoded private key file (obscured)
- --sftp-key-pem string Raw PEM-encoded private key
- --sftp-key-use-agent When set forces the usage of the ssh-agent
- --sftp-known-hosts-file string Optional path to known_hosts file
- --sftp-md5sum-command string The command used to read md5 hashes
- --sftp-pass string SSH password, leave blank to use ssh-agent (obscured)
- --sftp-path-override string Override path used by SSH connection
- --sftp-port int SSH port number (default 22)
- --sftp-pubkey-file string Optional path to public key file
- --sftp-server-command string Specifies the path or command to run a sftp server on the remote host
- --sftp-set-modtime Set the modified time on the remote if set (default true)
- --sftp-sha1sum-command string The command used to read sha1 hashes
- --sftp-skip-links Set to skip any symlinks and any other non regular files
- --sftp-subsystem string Specifies the SSH2 subsystem on the remote host (default "sftp")
- --sftp-use-fstat If set use fstat instead of stat
- --sftp-use-insecure-cipher Enable the use of insecure ciphers and key exchange methods
- --sftp-user string SSH username (default "$USER")
- --sharefile-chunk-size SizeSuffix Upload chunk size (default 64Mi)
- --sharefile-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,LeftSpace,LeftPeriod,RightSpace,RightPeriod,InvalidUtf8,Dot)
- --sharefile-endpoint string Endpoint for API calls
- --sharefile-root-folder-id string ID of the root folder
- --sharefile-upload-cutoff SizeSuffix Cutoff for switching to multipart upload (default 128Mi)
- --sia-api-password string Sia Daemon API Password (obscured)
- --sia-api-url string Sia daemon API URL, like http://sia.daemon.host:9980 (default "http://127.0.0.1:9980")
- --sia-encoding MultiEncoder The encoding for the backend (default Slash,Question,Hash,Percent,Del,Ctl,InvalidUtf8,Dot)
- --sia-user-agent string Siad User Agent (default "Sia-Agent")
- --skip-links Don't warn about skipped symlinks
- --storj-access-grant string Access grant
- --storj-api-key string API key
- --storj-passphrase string Encryption passphrase
- --storj-provider string Choose an authentication method (default "existing")
- --storj-satellite-address string Satellite address (default "us-central-1.storj.io")
- --sugarsync-access-key-id string Sugarsync Access Key ID
- --sugarsync-app-id string Sugarsync App ID
- --sugarsync-authorization string Sugarsync authorization
- --sugarsync-authorization-expiry string Sugarsync authorization expiry
- --sugarsync-deleted-id string Sugarsync deleted folder id
- --sugarsync-encoding MultiEncoder The encoding for the backend (default Slash,Ctl,InvalidUtf8,Dot)
- --sugarsync-hard-delete Permanently delete files if true
- --sugarsync-private-access-key string Sugarsync Private Access Key
- --sugarsync-refresh-token string Sugarsync refresh token
- --sugarsync-root-id string Sugarsync root id
- --sugarsync-user string Sugarsync user
- --swift-application-credential-id string Application Credential ID (OS_APPLICATION_CREDENTIAL_ID)
- --swift-application-credential-name string Application Credential Name (OS_APPLICATION_CREDENTIAL_NAME)
- --swift-application-credential-secret string Application Credential Secret (OS_APPLICATION_CREDENTIAL_SECRET)
- --swift-auth string Authentication URL for server (OS_AUTH_URL)
- --swift-auth-token string Auth Token from alternate authentication - optional (OS_AUTH_TOKEN)
- --swift-auth-version int AuthVersion - optional - set to (1,2,3) if your auth URL has no version (ST_AUTH_VERSION)
- --swift-chunk-size SizeSuffix Above this size files will be chunked into a _segments container (default 5Gi)
- --swift-domain string User domain - optional (v3 auth) (OS_USER_DOMAIN_NAME)
- --swift-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8)
- --swift-endpoint-type string Endpoint type to choose from the service catalogue (OS_ENDPOINT_TYPE) (default "public")
- --swift-env-auth Get swift credentials from environment variables in standard OpenStack form
- --swift-key string API key or password (OS_PASSWORD)
- --swift-leave-parts-on-error If true avoid calling abort upload on a failure
- --swift-no-chunk Don't chunk files during streaming upload
- --swift-region string Region name - optional (OS_REGION_NAME)
- --swift-storage-policy string The storage policy to use when creating a new container
- --swift-storage-url string Storage URL - optional (OS_STORAGE_URL)
- --swift-tenant string Tenant name - optional for v1 auth, this or tenant_id required otherwise (OS_TENANT_NAME or OS_PROJECT_NAME)
- --swift-tenant-domain string Tenant domain - optional (v3 auth) (OS_PROJECT_DOMAIN_NAME)
- --swift-tenant-id string Tenant ID - optional for v1 auth, this or tenant required otherwise (OS_TENANT_ID)
- --swift-user string User name to log in (OS_USERNAME)
- --swift-user-id string User ID to log in - optional - most swift systems use user and leave this blank (v3 auth) (OS_USER_ID)
- --union-action-policy string Policy to choose upstream on ACTION category (default "epall")
- --union-cache-time int Cache time of usage and free space (in seconds) (default 120)
- --union-create-policy string Policy to choose upstream on CREATE category (default "epmfs")
- --union-search-policy string Policy to choose upstream on SEARCH category (default "ff")
- --union-upstreams string List of space separated upstreams
- --uptobox-access-token string Your access token
- --uptobox-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,BackQuote,Del,Ctl,LeftSpace,InvalidUtf8,Dot)
- --webdav-bearer-token string Bearer token instead of user/pass (e.g. a Macaroon)
- --webdav-bearer-token-command string Command to run to get a bearer token
- --webdav-encoding string The encoding for the backend
- --webdav-headers CommaSepList Set HTTP headers for all transactions
- --webdav-pass string Password (obscured)
- --webdav-url string URL of http host to connect to
- --webdav-user string User name
- --webdav-vendor string Name of the Webdav site/service/software you are using
- --yandex-auth-url string Auth server URL
- --yandex-client-id string OAuth Client Id
- --yandex-client-secret string OAuth Client Secret
- --yandex-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,InvalidUtf8,Dot)
- --yandex-hard-delete Delete files permanently rather than putting them into the trash
- --yandex-token string OAuth Access Token as a JSON blob
- --yandex-token-url string Token server url
- --zoho-auth-url string Auth server URL
- --zoho-client-id string OAuth Client Id
- --zoho-client-secret string OAuth Client Secret
- --zoho-encoding MultiEncoder The encoding for the backend (default Del,Ctl,InvalidUtf8)
- --zoho-region string Zoho region to connect to
- --zoho-token string OAuth Access Token as a JSON blob
- --zoho-token-url string Token server url
+ --acd-auth-url string Auth server URL
+ --acd-client-id string OAuth Client Id
+ --acd-client-secret string OAuth Client Secret
+ --acd-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
+ --acd-templink-threshold SizeSuffix Files >= this size will be downloaded via their tempLink (default 9Gi)
+ --acd-token string OAuth Access Token as a JSON blob
+ --acd-token-url string Token server url
+ --acd-upload-wait-per-gb Duration Additional time per GiB to wait after a failed complete upload to see if it appears (default 3m0s)
+ --alias-remote string Remote or path to alias
+ --azureblob-access-tier string Access tier of blob: hot, cool or archive
+ --azureblob-account string Azure Storage Account Name
+ --azureblob-archive-tier-delete Delete archive tier blobs before overwriting
+ --azureblob-chunk-size SizeSuffix Upload chunk size (default 4Mi)
+ --azureblob-client-certificate-password string Password for the certificate file (optional) (obscured)
+ --azureblob-client-certificate-path string Path to a PEM or PKCS12 certificate file including the private key
+ --azureblob-client-id string The ID of the client in use
+ --azureblob-client-secret string One of the service principal's client secrets
+ --azureblob-client-send-certificate-chain Send the certificate chain when using certificate auth
+ --azureblob-disable-checksum Don't store MD5 checksum with object metadata
+ --azureblob-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,RightPeriod,InvalidUtf8)
+ --azureblob-endpoint string Endpoint for the service
+ --azureblob-env-auth Read credentials from runtime (environment variables, CLI or MSI)
+ --azureblob-key string Storage Account Shared Key
+ --azureblob-list-chunk int Size of blob list (default 5000)
+ --azureblob-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
+ --azureblob-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
+ --azureblob-msi-client-id string Object ID of the user-assigned MSI to use, if any
+ --azureblob-msi-mi-res-id string Azure resource ID of the user-assigned MSI to use, if any
+ --azureblob-msi-object-id string Object ID of the user-assigned MSI to use, if any
+ --azureblob-no-check-container If set, don't attempt to check the container exists or create it
+ --azureblob-no-head-object If set, do not do HEAD before GET when getting objects
+ --azureblob-password string The user's password (obscured)
+ --azureblob-public-access string Public access level of a container: blob or container
+ --azureblob-sas-url string SAS URL for container level access only
+ --azureblob-service-principal-file string Path to file containing credentials for use with a service principal
+ --azureblob-tenant string ID of the service principal's tenant. Also called its directory ID
+ --azureblob-upload-concurrency int Concurrency for multipart uploads (default 16)
+ --azureblob-upload-cutoff string Cutoff for switching to chunked upload (<= 256 MiB) (deprecated)
+ --azureblob-use-emulator Uses local storage emulator if provided as 'true'
+ --azureblob-use-msi Use a managed service identity to authenticate (only works in Azure)
+ --azureblob-username string User name (usually an email address)
+ --b2-account string Account ID or Application Key ID
+ --b2-chunk-size SizeSuffix Upload chunk size (default 96Mi)
+ --b2-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4Gi)
+ --b2-disable-checksum Disable checksums for large (> upload cutoff) files
+ --b2-download-auth-duration Duration Time before the authorization token will expire in s or suffix ms|s|m|h|d (default 1w)
+ --b2-download-url string Custom endpoint for downloads
+ --b2-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --b2-endpoint string Endpoint for the service
+ --b2-hard-delete Permanently delete files on remote removal, otherwise hide files
+ --b2-key string Application Key
+ --b2-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
+ --b2-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
+ --b2-test-mode string A flag string for X-Bz-Test-Mode header for debugging
+ --b2-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
+ --b2-version-at Time Show file versions as they were at the specified time (default off)
+ --b2-versions Include old versions in directory listings
+ --box-access-token string Box App Primary Access Token
+ --box-auth-url string Auth server URL
+ --box-box-config-file string Box App config.json location
+ --box-box-sub-type string (default "user")
+ --box-client-id string OAuth Client Id
+ --box-client-secret string OAuth Client Secret
+ --box-commit-retries int Max number of times to try committing a multipart file (default 100)
+ --box-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,RightSpace,InvalidUtf8,Dot)
+ --box-list-chunk int Size of listing chunk 1-1000 (default 1000)
+ --box-owned-by string Only show items owned by the login (email address) passed in
+ --box-root-folder-id string Fill in for rclone to use a non root folder as its starting point
+ --box-token string OAuth Access Token as a JSON blob
+ --box-token-url string Token server url
+ --box-upload-cutoff SizeSuffix Cutoff for switching to multipart upload (>= 50 MiB) (default 50Mi)
+ --cache-chunk-clean-interval Duration How often should the cache perform cleanups of the chunk storage (default 1m0s)
+ --cache-chunk-no-memory Disable the in-memory cache for storing chunks during streaming
+ --cache-chunk-path string Directory to cache chunk files (default "$HOME/.cache/rclone/cache-backend")
+ --cache-chunk-size SizeSuffix The size of a chunk (partial file data) (default 5Mi)
+ --cache-chunk-total-size SizeSuffix The total size that the chunks can take up on the local disk (default 10Gi)
+ --cache-db-path string Directory to store file structure metadata DB (default "$HOME/.cache/rclone/cache-backend")
+ --cache-db-purge Clear all the cached data for this remote on start
+ --cache-db-wait-time Duration How long to wait for the DB to be available - 0 is unlimited (default 1s)
+ --cache-info-age Duration How long to cache file structure information (directory listings, file size, times, etc.) (default 6h0m0s)
+ --cache-plex-insecure string Skip all certificate verification when connecting to the Plex server
+ --cache-plex-password string The password of the Plex user (obscured)
+ --cache-plex-url string The URL of the Plex server
+ --cache-plex-username string The username of the Plex user
+ --cache-read-retries int How many times to retry a read from a cache storage (default 10)
+ --cache-remote string Remote to cache
+ --cache-rps int Limits the number of requests per second to the source FS (-1 to disable) (default -1)
+ --cache-tmp-upload-path string Directory to keep temporary files until they are uploaded
+ --cache-tmp-wait-time Duration How long should files be stored in local cache before being uploaded (default 15s)
+ --cache-workers int How many workers should run in parallel to download chunks (default 4)
+ --cache-writes Cache file data on writes through the FS
+ --chunker-chunk-size SizeSuffix Files larger than chunk size will be split in chunks (default 2Gi)
+ --chunker-fail-hard Choose how chunker should handle files with missing or invalid chunks
+ --chunker-hash-type string Choose how chunker handles hash sums (default "md5")
+ --chunker-remote string Remote to chunk/unchunk
+ --combine-upstreams SpaceSepList Upstreams for combining
+ --compress-level int GZIP compression level (-2 to 9) (default -1)
+ --compress-mode string Compression mode (default "gzip")
+ --compress-ram-cache-limit SizeSuffix Some remotes don't allow the upload of files with unknown size (default 20Mi)
+ --compress-remote string Remote to compress
+ -L, --copy-links Follow symlinks and copy the pointed to item
+ --crypt-directory-name-encryption Option to either encrypt directory names or leave them intact (default true)
+ --crypt-filename-encoding string How to encode the encrypted filename to text string (default "base32")
+ --crypt-filename-encryption string How to encrypt the filenames (default "standard")
+ --crypt-no-data-encryption Option to either encrypt file data or leave it unencrypted
+ --crypt-password string Password or pass phrase for encryption (obscured)
+ --crypt-password2 string Password or pass phrase for salt (obscured)
+ --crypt-remote string Remote to encrypt/decrypt
+ --crypt-server-side-across-configs Allow server-side operations (e.g. copy) to work across different crypt configs
+ --crypt-show-mapping For all files listed show how the names encrypt
+ --drive-acknowledge-abuse Set to allow files which return cannotDownloadAbusiveFile to be downloaded
+ --drive-allow-import-name-change Allow the filetype to change when uploading Google docs
+ --drive-auth-owner-only Only consider files owned by the authenticated user
+ --drive-auth-url string Auth server URL
+ --drive-chunk-size SizeSuffix Upload chunk size (default 8Mi)
+ --drive-client-id string Google Application Client Id
+ --drive-client-secret string OAuth Client Secret
+ --drive-copy-shortcut-content Server side copy contents of shortcuts instead of the shortcut
+ --drive-disable-http2 Disable drive using http2 (default true)
+ --drive-encoding MultiEncoder The encoding for the backend (default InvalidUtf8)
+ --drive-export-formats string Comma separated list of preferred formats for downloading Google docs (default "docx,xlsx,pptx,svg")
+ --drive-formats string Deprecated: See export_formats
+ --drive-impersonate string Impersonate this user when using a service account
+ --drive-import-formats string Comma separated list of preferred formats for uploading Google docs
+ --drive-keep-revision-forever Keep new head revision of each file forever
+ --drive-list-chunk int Size of listing chunk 100-1000, 0 to disable (default 1000)
+ --drive-pacer-burst int Number of API calls to allow without sleeping (default 100)
+ --drive-pacer-min-sleep Duration Minimum time to sleep between API calls (default 100ms)
+ --drive-resource-key string Resource key for accessing a link-shared file
+ --drive-root-folder-id string ID of the root folder
+ --drive-scope string Scope that rclone should use when requesting access from drive
+ --drive-server-side-across-configs Allow server-side operations (e.g. copy) to work across different drive configs
+ --drive-service-account-credentials string Service Account Credentials JSON blob
+ --drive-service-account-file string Service Account Credentials JSON file path
+ --drive-shared-with-me Only show files that are shared with me
+ --drive-size-as-quota Show sizes as storage quota usage, not actual size
+ --drive-skip-checksum-gphotos Skip MD5 checksum on Google photos and videos only
+ --drive-skip-dangling-shortcuts If set skip dangling shortcut files
+ --drive-skip-gdocs Skip google documents in all listings
+ --drive-skip-shortcuts If set skip shortcut files
+ --drive-starred-only Only show files that are starred
+ --drive-stop-on-download-limit Make download limit errors be fatal
+ --drive-stop-on-upload-limit Make upload limit errors be fatal
+ --drive-team-drive string ID of the Shared Drive (Team Drive)
+ --drive-token string OAuth Access Token as a JSON blob
+ --drive-token-url string Token server url
+ --drive-trashed-only Only show files that are in the trash
+ --drive-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 8Mi)
+ --drive-use-created-date Use file created date instead of modified date
+ --drive-use-shared-date Use date file was shared instead of modified date
+ --drive-use-trash Send files to the trash instead of deleting permanently (default true)
+ --drive-v2-download-min-size SizeSuffix If Object's are greater, use drive v2 API to download (default off)
+ --dropbox-auth-url string Auth server URL
+ --dropbox-batch-commit-timeout Duration Max time to wait for a batch to finish committing (default 10m0s)
+ --dropbox-batch-mode string Upload file batching sync|async|off (default "sync")
+ --dropbox-batch-size int Max number of files in upload batch
+ --dropbox-batch-timeout Duration Max time to allow an idle upload batch before uploading (default 0s)
+ --dropbox-chunk-size SizeSuffix Upload chunk size (< 150Mi) (default 48Mi)
+ --dropbox-client-id string OAuth Client Id
+ --dropbox-client-secret string OAuth Client Secret
+ --dropbox-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,RightSpace,InvalidUtf8,Dot)
+ --dropbox-impersonate string Impersonate this user when using a business account
+ --dropbox-shared-files Instructs rclone to work on individual shared files
+ --dropbox-shared-folders Instructs rclone to work on shared folders
+ --dropbox-token string OAuth Access Token as a JSON blob
+ --dropbox-token-url string Token server url
+ --fichier-api-key string Your API Key, get it from https://1fichier.com/console/params.pl
+ --fichier-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,SingleQuote,BackQuote,Dollar,BackSlash,Del,Ctl,LeftSpace,RightSpace,InvalidUtf8,Dot)
+ --fichier-file-password string If you want to download a shared file that is password protected, add this parameter (obscured)
+ --fichier-folder-password string If you want to list the files in a shared folder that is password protected, add this parameter (obscured)
+ --fichier-shared-folder string If you want to download a shared folder, add this parameter
+ --filefabric-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,InvalidUtf8,Dot)
+ --filefabric-permanent-token string Permanent Authentication Token
+ --filefabric-root-folder-id string ID of the root folder
+ --filefabric-token string Session Token
+ --filefabric-token-expiry string Token expiry time
+ --filefabric-url string URL of the Enterprise File Fabric to connect to
+ --filefabric-version string Version read from the file fabric
+ --ftp-ask-password Allow asking for FTP password when needed
+ --ftp-close-timeout Duration Maximum time to wait for a response to close (default 1m0s)
+ --ftp-concurrency int Maximum number of FTP simultaneous connections, 0 for unlimited
+ --ftp-disable-epsv Disable using EPSV even if server advertises support
+ --ftp-disable-mlsd Disable using MLSD even if server advertises support
+ --ftp-disable-tls13 Disable TLS 1.3 (workaround for FTP servers with buggy TLS)
+ --ftp-disable-utf8 Disable using UTF-8 even if server advertises support
+ --ftp-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,RightSpace,Dot)
+ --ftp-explicit-tls Use Explicit FTPS (FTP over TLS)
+ --ftp-force-list-hidden Use LIST -a to force listing of hidden files and folders. This will disable the use of MLSD
+ --ftp-host string FTP host to connect to
+ --ftp-idle-timeout Duration Max time before closing idle connections (default 1m0s)
+ --ftp-no-check-certificate Do not verify the TLS certificate of the server
+ --ftp-pass string FTP password (obscured)
+ --ftp-port int FTP port number (default 21)
+ --ftp-shut-timeout Duration Maximum time to wait for data connection closing status (default 1m0s)
+ --ftp-tls Use Implicit FTPS (FTP over TLS)
+ --ftp-tls-cache-size int Size of TLS session cache for all control and data connections (default 32)
+ --ftp-user string FTP username (default "$USER")
+ --ftp-writing-mdtm Use MDTM to set modification time (VsFtpd quirk)
+ --gcs-anonymous Access public buckets and objects without credentials
+ --gcs-auth-url string Auth server URL
+ --gcs-bucket-acl string Access Control List for new buckets
+ --gcs-bucket-policy-only Access checks should use bucket-level IAM policies
+ --gcs-client-id string OAuth Client Id
+ --gcs-client-secret string OAuth Client Secret
+ --gcs-decompress If set this will decompress gzip encoded objects
+ --gcs-encoding MultiEncoder The encoding for the backend (default Slash,CrLf,InvalidUtf8,Dot)
+ --gcs-endpoint string Endpoint for the service
+ --gcs-location string Location for the newly created buckets
+ --gcs-no-check-bucket If set, don't attempt to check the bucket exists or create it
+ --gcs-object-acl string Access Control List for new objects
+ --gcs-project-number string Project number
+ --gcs-service-account-file string Service Account Credentials JSON file path
+ --gcs-storage-class string The storage class to use when storing objects in Google Cloud Storage
+ --gcs-token string OAuth Access Token as a JSON blob
+ --gcs-token-url string Token server url
+ --gphotos-auth-url string Auth server URL
+ --gphotos-client-id string OAuth Client Id
+ --gphotos-client-secret string OAuth Client Secret
+ --gphotos-encoding MultiEncoder The encoding for the backend (default Slash,CrLf,InvalidUtf8,Dot)
+ --gphotos-include-archived Also view and download archived media
+ --gphotos-read-only Set to make the Google Photos backend read only
+ --gphotos-read-size Set to read the size of media items
+ --gphotos-start-year int Year limits the photos to be downloaded to those which are uploaded after the given year (default 2000)
+ --gphotos-token string OAuth Access Token as a JSON blob
+ --gphotos-token-url string Token server url
+ --hasher-auto-size SizeSuffix Auto-update checksum for files smaller than this size (disabled by default)
+ --hasher-hashes CommaSepList Comma separated list of supported checksum types (default md5,sha1)
+ --hasher-max-age Duration Maximum time to keep checksums in cache (0 = no cache, off = cache forever) (default off)
+ --hasher-remote string Remote to cache checksums for (e.g. myRemote:path)
+ --hdfs-data-transfer-protection string Kerberos data transfer protection: authentication|integrity|privacy
+ --hdfs-encoding MultiEncoder The encoding for the backend (default Slash,Colon,Del,Ctl,InvalidUtf8,Dot)
+ --hdfs-namenode string Hadoop name node and port
+ --hdfs-service-principal-name string Kerberos service principal name for the namenode
+ --hdfs-username string Hadoop user name
+ --hidrive-auth-url string Auth server URL
+ --hidrive-chunk-size SizeSuffix Chunksize for chunked uploads (default 48Mi)
+ --hidrive-client-id string OAuth Client Id
+ --hidrive-client-secret string OAuth Client Secret
+ --hidrive-disable-fetching-member-count Do not fetch number of objects in directories unless it is absolutely necessary
+ --hidrive-encoding MultiEncoder The encoding for the backend (default Slash,Dot)
+ --hidrive-endpoint string Endpoint for the service (default "https://api.hidrive.strato.com/2.1")
+ --hidrive-root-prefix string The root/parent folder for all paths (default "/")
+ --hidrive-scope-access string Access permissions that rclone should use when requesting access from HiDrive (default "rw")
+ --hidrive-scope-role string User-level that rclone should use when requesting access from HiDrive (default "user")
+ --hidrive-token string OAuth Access Token as a JSON blob
+ --hidrive-token-url string Token server url
+ --hidrive-upload-concurrency int Concurrency for chunked uploads (default 4)
+ --hidrive-upload-cutoff SizeSuffix Cutoff/Threshold for chunked uploads (default 96Mi)
+ --http-headers CommaSepList Set HTTP headers for all transactions
+ --http-no-head Don't use HEAD requests
+ --http-no-slash Set this if the site doesn't end directories with /
+ --http-url string URL of HTTP host to connect to
+ --internetarchive-access-key-id string IAS3 Access Key
+ --internetarchive-disable-checksum Don't ask the server to test against MD5 checksum calculated by rclone (default true)
+ --internetarchive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,CrLf,Del,Ctl,InvalidUtf8,Dot)
+ --internetarchive-endpoint string IAS3 Endpoint (default "https://s3.us.archive.org")
+ --internetarchive-front-endpoint string Host of InternetArchive Frontend (default "https://archive.org")
+ --internetarchive-secret-access-key string IAS3 Secret Key (password)
+ --internetarchive-wait-archive Duration Timeout for waiting the server's processing tasks (specifically archive and book_op) to finish (default 0s)
+ --jottacloud-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,Del,Ctl,InvalidUtf8,Dot)
+ --jottacloud-hard-delete Delete files permanently rather than putting them into the trash
+ --jottacloud-md5-memory-limit SizeSuffix Files bigger than this will be cached on disk to calculate the MD5 if required (default 10Mi)
+ --jottacloud-no-versions Avoid server side versioning by deleting files and recreating files instead of overwriting them
+ --jottacloud-trashed-only Only show files that are in the trash
+ --jottacloud-upload-resume-limit SizeSuffix Files bigger than this can be resumed if the upload fail's (default 10Mi)
+ --koofr-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --koofr-endpoint string The Koofr API endpoint to use
+ --koofr-mountid string Mount ID of the mount to use
+ --koofr-password string Your password for rclone (generate one at https://app.koofr.net/app/admin/preferences/password) (obscured)
+ --koofr-provider string Choose your storage provider
+ --koofr-setmtime Does the backend support setting modification time (default true)
+ --koofr-user string Your user name
+ -l, --links Translate symlinks to/from regular files with a '.rclonelink' extension
+ --local-case-insensitive Force the filesystem to report itself as case insensitive
+ --local-case-sensitive Force the filesystem to report itself as case sensitive
+ --local-encoding MultiEncoder The encoding for the backend (default Slash,Dot)
+ --local-no-check-updated Don't check to see if the files change during upload
+ --local-no-preallocate Disable preallocation of disk space for transferred files
+ --local-no-set-modtime Disable setting modtime
+ --local-no-sparse Disable sparse files for multi-thread downloads
+ --local-nounc Disable UNC (long path names) conversion on Windows
+ --local-unicode-normalization Apply unicode NFC normalization to paths and filenames
+ --local-zero-size-links Assume the Stat size of links is zero (and read them instead) (deprecated)
+ --mailru-check-hash What should copy do if file checksum is mismatched or invalid (default true)
+ --mailru-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --mailru-pass string Password (obscured)
+ --mailru-speedup-enable Skip full upload if there is another file with same data hash (default true)
+ --mailru-speedup-file-patterns string Comma separated list of file name patterns eligible for speedup (put by hash) (default "*.mkv,*.avi,*.mp4,*.mp3,*.zip,*.gz,*.rar,*.pdf")
+ --mailru-speedup-max-disk SizeSuffix This option allows you to disable speedup (put by hash) for large files (default 3Gi)
+ --mailru-speedup-max-memory SizeSuffix Files larger than the size given below will always be hashed on disk (default 32Mi)
+ --mailru-user string User name (usually email)
+ --mega-debug Output more debug from Mega
+ --mega-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
+ --mega-hard-delete Delete files permanently rather than putting them into the trash
+ --mega-pass string Password (obscured)
+ --mega-user string User name
+ --netstorage-account string Set the NetStorage account name
+ --netstorage-host string Domain+path of NetStorage host to connect to
+ --netstorage-protocol string Select between HTTP or HTTPS protocol (default "https")
+ --netstorage-secret string Set the NetStorage account secret/G2O key for authentication (obscured)
+ -x, --one-file-system Don't cross filesystem boundaries (unix/macOS only)
+ --onedrive-access-scopes SpaceSepList Set scopes to be requested by rclone (default Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All Sites.Read.All offline_access)
+ --onedrive-auth-url string Auth server URL
+ --onedrive-chunk-size SizeSuffix Chunk size to upload files with - must be multiple of 320k (327,680 bytes) (default 10Mi)
+ --onedrive-client-id string OAuth Client Id
+ --onedrive-client-secret string OAuth Client Secret
+ --onedrive-drive-id string The ID of the drive to use
+ --onedrive-drive-type string The type of the drive (personal | business | documentLibrary)
+ --onedrive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Del,Ctl,LeftSpace,LeftTilde,RightSpace,RightPeriod,InvalidUtf8,Dot)
+ --onedrive-expose-onenote-files Set to make OneNote files show up in directory listings
+ --onedrive-link-password string Set the password for links created by the link command
+ --onedrive-link-scope string Set the scope of the links created by the link command (default "anonymous")
+ --onedrive-link-type string Set the type of the links created by the link command (default "view")
+ --onedrive-list-chunk int Size of listing chunk (default 1000)
+ --onedrive-no-versions Remove all versions on modifying operations
+ --onedrive-region string Choose national cloud region for OneDrive (default "global")
+ --onedrive-root-folder-id string ID of the root folder
+ --onedrive-server-side-across-configs Allow server-side operations (e.g. copy) to work across different onedrive configs
+ --onedrive-token string OAuth Access Token as a JSON blob
+ --onedrive-token-url string Token server url
+ --oos-chunk-size SizeSuffix Chunk size to use for uploading (default 5Mi)
+ --oos-compartment string Object storage compartment OCID
+ --oos-config-file string Path to OCI config file (default "~/.oci/config")
+ --oos-config-profile string Profile name inside the oci config file (default "Default")
+ --oos-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4.656Gi)
+ --oos-copy-timeout Duration Timeout for copy (default 1m0s)
+ --oos-disable-checksum Don't store MD5 checksum with object metadata
+ --oos-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
+ --oos-endpoint string Endpoint for Object storage API
+ --oos-leave-parts-on-error If true avoid calling abort upload on a failure, leaving all successfully uploaded parts on S3 for manual recovery
+ --oos-namespace string Object storage namespace
+ --oos-no-check-bucket If set, don't attempt to check the bucket exists or create it
+ --oos-provider string Choose your Auth Provider (default "env_auth")
+ --oos-region string Object storage Region
+ --oos-upload-concurrency int Concurrency for multipart uploads (default 10)
+ --oos-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
+ --opendrive-chunk-size SizeSuffix Files will be uploaded in chunks this size (default 10Mi)
+ --opendrive-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,LeftSpace,LeftCrLfHtVt,RightSpace,RightCrLfHtVt,InvalidUtf8,Dot)
+ --opendrive-password string Password (obscured)
+ --opendrive-username string Username
+ --pcloud-auth-url string Auth server URL
+ --pcloud-client-id string OAuth Client Id
+ --pcloud-client-secret string OAuth Client Secret
+ --pcloud-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --pcloud-hostname string Hostname to connect to (default "api.pcloud.com")
+ --pcloud-password string Your pcloud password (obscured)
+ --pcloud-root-folder-id string Fill in for rclone to use a non root folder as its starting point (default "d0")
+ --pcloud-token string OAuth Access Token as a JSON blob
+ --pcloud-token-url string Token server url
+ --pcloud-username string Your pcloud username
+ --premiumizeme-encoding MultiEncoder The encoding for the backend (default Slash,DoubleQuote,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --putio-encoding MultiEncoder The encoding for the backend (default Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot)
+ --qingstor-access-key-id string QingStor Access Key ID
+ --qingstor-chunk-size SizeSuffix Chunk size to use for uploading (default 4Mi)
+ --qingstor-connection-retries int Number of connection retries (default 3)
+ --qingstor-encoding MultiEncoder The encoding for the backend (default Slash,Ctl,InvalidUtf8)
+ --qingstor-endpoint string Enter an endpoint URL to connection QingStor API
+ --qingstor-env-auth Get QingStor credentials from runtime
+ --qingstor-secret-access-key string QingStor Secret Access Key (password)
+ --qingstor-upload-concurrency int Concurrency for multipart uploads (default 1)
+ --qingstor-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
+ --qingstor-zone string Zone to connect to
+ --s3-access-key-id string AWS Access Key ID
+ --s3-acl string Canned ACL used when creating buckets and storing or copying objects
+ --s3-bucket-acl string Canned ACL used when creating buckets
+ --s3-chunk-size SizeSuffix Chunk size to use for uploading (default 5Mi)
+ --s3-copy-cutoff SizeSuffix Cutoff for switching to multipart copy (default 4.656Gi)
+ --s3-decompress If set this will decompress gzip encoded objects
+ --s3-disable-checksum Don't store MD5 checksum with object metadata
+ --s3-disable-http2 Disable usage of http2 for S3 backends
+ --s3-download-url string Custom endpoint for downloads
+ --s3-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8,Dot)
+ --s3-endpoint string Endpoint for S3 API
+ --s3-env-auth Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars)
+ --s3-force-path-style If true use path style access if false use virtual hosted style (default true)
+ --s3-leave-parts-on-error If true avoid calling abort upload on a failure, leaving all successfully uploaded parts on S3 for manual recovery
+ --s3-list-chunk int Size of listing chunk (response list for each ListObject S3 request) (default 1000)
+ --s3-list-url-encode Tristate Whether to url encode listings: true/false/unset (default unset)
+ --s3-list-version int Version of ListObjects to use: 1,2 or 0 for auto
+ --s3-location-constraint string Location constraint - must be set to match the Region
+ --s3-max-upload-parts int Maximum number of parts in a multipart upload (default 10000)
+ --s3-memory-pool-flush-time Duration How often internal memory buffer pools will be flushed (default 1m0s)
+ --s3-memory-pool-use-mmap Whether to use mmap buffers in internal memory pool
+ --s3-might-gzip Tristate Set this if the backend might gzip objects (default unset)
+ --s3-no-check-bucket If set, don't attempt to check the bucket exists or create it
+ --s3-no-head If set, don't HEAD uploaded objects to check integrity
+ --s3-no-head-object If set, do not do HEAD before GET when getting objects
+ --s3-no-system-metadata Suppress setting and reading of system metadata
+ --s3-profile string Profile to use in the shared credentials file
+ --s3-provider string Choose your S3 provider
+ --s3-region string Region to connect to
+ --s3-requester-pays Enables requester pays option when interacting with S3 bucket
+ --s3-secret-access-key string AWS Secret Access Key (password)
+ --s3-server-side-encryption string The server-side encryption algorithm used when storing this object in S3
+ --s3-session-token string An AWS session token
+ --s3-shared-credentials-file string Path to the shared credentials file
+ --s3-sse-customer-algorithm string If using SSE-C, the server-side encryption algorithm used when storing this object in S3
+ --s3-sse-customer-key string To use SSE-C you may provide the secret encryption key used to encrypt/decrypt your data
+ --s3-sse-customer-key-base64 string If using SSE-C you must provide the secret encryption key encoded in base64 format to encrypt/decrypt your data
+ --s3-sse-customer-key-md5 string If using SSE-C you may provide the secret encryption key MD5 checksum (optional)
+ --s3-sse-kms-key-id string If using KMS ID you must provide the ARN of Key
+ --s3-storage-class string The storage class to use when storing new objects in S3
+ --s3-upload-concurrency int Concurrency for multipart uploads (default 4)
+ --s3-upload-cutoff SizeSuffix Cutoff for switching to chunked upload (default 200Mi)
+ --s3-use-accelerate-endpoint If true use the AWS S3 accelerated endpoint
+ --s3-use-multipart-etag Tristate Whether to use ETag in multipart uploads for verification (default unset)
+ --s3-use-presigned-request Whether to use a presigned request or PutObject for single part uploads
+ --s3-v2-auth If true use v2 authentication
+ --s3-version-at Time Show file versions as they were at the specified time (default off)
+ --s3-versions Include old versions in directory listings
+ --seafile-2fa Two-factor authentication ('true' if the account has 2FA enabled)
+ --seafile-create-library Should rclone create a library if it doesn't exist
+ --seafile-encoding MultiEncoder The encoding for the backend (default Slash,DoubleQuote,BackSlash,Ctl,InvalidUtf8)
+ --seafile-library string Name of the library
+ --seafile-library-key string Library password (for encrypted libraries only) (obscured)
+ --seafile-pass string Password (obscured)
+ --seafile-url string URL of seafile host to connect to
+ --seafile-user string User name (usually email address)
+ --sftp-ask-password Allow asking for SFTP password when needed
+ --sftp-chunk-size SizeSuffix Upload and download chunk size (default 32Ki)
+ --sftp-ciphers SpaceSepList Space separated list of ciphers to be used for session encryption, ordered by preference
+ --sftp-concurrency int The maximum number of outstanding requests for one file (default 64)
+ --sftp-disable-concurrent-reads If set don't use concurrent reads
+ --sftp-disable-concurrent-writes If set don't use concurrent writes
+ --sftp-disable-hashcheck Disable the execution of SSH commands to determine if remote file hashing is available
+ --sftp-host string SSH host to connect to
+ --sftp-idle-timeout Duration Max time before closing idle connections (default 1m0s)
+ --sftp-key-exchange SpaceSepList Space separated list of key exchange algorithms, ordered by preference
+ --sftp-key-file string Path to PEM-encoded private key file
+ --sftp-key-file-pass string The passphrase to decrypt the PEM-encoded private key file (obscured)
+ --sftp-key-pem string Raw PEM-encoded private key
+ --sftp-key-use-agent When set forces the usage of the ssh-agent
+ --sftp-known-hosts-file string Optional path to known_hosts file
+ --sftp-macs SpaceSepList Space separated list of MACs (message authentication code) algorithms, ordered by preference
+ --sftp-md5sum-command string The command used to read md5 hashes
+ --sftp-pass string SSH password, leave blank to use ssh-agent (obscured)
+ --sftp-path-override string Override path used by SSH shell commands
+ --sftp-port int SSH port number (default 22)
+ --sftp-pubkey-file string Optional path to public key file
+ --sftp-server-command string Specifies the path or command to run a sftp server on the remote host
+ --sftp-set-env SpaceSepList Environment variables to pass to sftp and commands
+ --sftp-set-modtime Set the modified time on the remote if set (default true)
+ --sftp-sha1sum-command string The command used to read sha1 hashes
+ --sftp-shell-type string The type of SSH shell on remote server, if any
+ --sftp-skip-links Set to skip any symlinks and any other non regular files
+ --sftp-subsystem string Specifies the SSH2 subsystem on the remote host (default "sftp")
+ --sftp-use-fstat If set use fstat instead of stat
+ --sftp-use-insecure-cipher Enable the use of insecure ciphers and key exchange methods
+ --sftp-user string SSH username (default "$USER")
+ --sharefile-chunk-size SizeSuffix Upload chunk size (default 64Mi)
+ --sharefile-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,LeftSpace,LeftPeriod,RightSpace,RightPeriod,InvalidUtf8,Dot)
+ --sharefile-endpoint string Endpoint for API calls
+ --sharefile-root-folder-id string ID of the root folder
+ --sharefile-upload-cutoff SizeSuffix Cutoff for switching to multipart upload (default 128Mi)
+ --sia-api-password string Sia Daemon API Password (obscured)
+ --sia-api-url string Sia daemon API URL, like http://sia.daemon.host:9980 (default "http://127.0.0.1:9980")
+ --sia-encoding MultiEncoder The encoding for the backend (default Slash,Question,Hash,Percent,Del,Ctl,InvalidUtf8,Dot)
+ --sia-user-agent string Siad User Agent (default "Sia-Agent")
+ --skip-links Don't warn about skipped symlinks
+ --smb-case-insensitive Whether the server is configured to be case-insensitive (default true)
+ --smb-domain string Domain name for NTLM authentication (default "WORKGROUP")
+ --smb-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,RightSpace,RightPeriod,InvalidUtf8,Dot)
+ --smb-hide-special-share Hide special shares (e.g. print$) which users aren't supposed to access (default true)
+ --smb-host string SMB server hostname to connect to
+ --smb-idle-timeout Duration Max time before closing idle connections (default 1m0s)
+ --smb-pass string SMB password (obscured)
+ --smb-port int SMB port number (default 445)
+ --smb-user string SMB username (default "$USER")
+ --storj-access-grant string Access grant
+ --storj-api-key string API key
+ --storj-passphrase string Encryption passphrase
+ --storj-provider string Choose an authentication method (default "existing")
+ --storj-satellite-address string Satellite address (default "us-central-1.storj.io")
+ --sugarsync-access-key-id string Sugarsync Access Key ID
+ --sugarsync-app-id string Sugarsync App ID
+ --sugarsync-authorization string Sugarsync authorization
+ --sugarsync-authorization-expiry string Sugarsync authorization expiry
+ --sugarsync-deleted-id string Sugarsync deleted folder id
+ --sugarsync-encoding MultiEncoder The encoding for the backend (default Slash,Ctl,InvalidUtf8,Dot)
+ --sugarsync-hard-delete Permanently delete files if true
+ --sugarsync-private-access-key string Sugarsync Private Access Key
+ --sugarsync-refresh-token string Sugarsync refresh token
+ --sugarsync-root-id string Sugarsync root id
+ --sugarsync-user string Sugarsync user
+ --swift-application-credential-id string Application Credential ID (OS_APPLICATION_CREDENTIAL_ID)
+ --swift-application-credential-name string Application Credential Name (OS_APPLICATION_CREDENTIAL_NAME)
+ --swift-application-credential-secret string Application Credential Secret (OS_APPLICATION_CREDENTIAL_SECRET)
+ --swift-auth string Authentication URL for server (OS_AUTH_URL)
+ --swift-auth-token string Auth Token from alternate authentication - optional (OS_AUTH_TOKEN)
+ --swift-auth-version int AuthVersion - optional - set to (1,2,3) if your auth URL has no version (ST_AUTH_VERSION)
+ --swift-chunk-size SizeSuffix Above this size files will be chunked into a _segments container (default 5Gi)
+ --swift-domain string User domain - optional (v3 auth) (OS_USER_DOMAIN_NAME)
+ --swift-encoding MultiEncoder The encoding for the backend (default Slash,InvalidUtf8)
+ --swift-endpoint-type string Endpoint type to choose from the service catalogue (OS_ENDPOINT_TYPE) (default "public")
+ --swift-env-auth Get swift credentials from environment variables in standard OpenStack form
+ --swift-key string API key or password (OS_PASSWORD)
+ --swift-leave-parts-on-error If true avoid calling abort upload on a failure
+ --swift-no-chunk Don't chunk files during streaming upload
+ --swift-no-large-objects Disable support for static and dynamic large objects
+ --swift-region string Region name - optional (OS_REGION_NAME)
+ --swift-storage-policy string The storage policy to use when creating a new container
+ --swift-storage-url string Storage URL - optional (OS_STORAGE_URL)
+ --swift-tenant string Tenant name - optional for v1 auth, this or tenant_id required otherwise (OS_TENANT_NAME or OS_PROJECT_NAME)
+ --swift-tenant-domain string Tenant domain - optional (v3 auth) (OS_PROJECT_DOMAIN_NAME)
+ --swift-tenant-id string Tenant ID - optional for v1 auth, this or tenant required otherwise (OS_TENANT_ID)
+ --swift-user string User name to log in (OS_USERNAME)
+ --swift-user-id string User ID to log in - optional - most swift systems use user and leave this blank (v3 auth) (OS_USER_ID)
+ --union-action-policy string Policy to choose upstream on ACTION category (default "epall")
+ --union-cache-time int Cache time of usage and free space (in seconds) (default 120)
+ --union-create-policy string Policy to choose upstream on CREATE category (default "epmfs")
+ --union-min-free-space SizeSuffix Minimum viable free space for lfs/eplfs policies (default 1Gi)
+ --union-search-policy string Policy to choose upstream on SEARCH category (default "ff")
+ --union-upstreams string List of space separated upstreams
+ --uptobox-access-token string Your access token
+ --uptobox-encoding MultiEncoder The encoding for the backend (default Slash,LtGt,DoubleQuote,BackQuote,Del,Ctl,LeftSpace,InvalidUtf8,Dot)
+ --webdav-bearer-token string Bearer token instead of user/pass (e.g. a Macaroon)
+ --webdav-bearer-token-command string Command to run to get a bearer token
+ --webdav-encoding string The encoding for the backend
+ --webdav-headers CommaSepList Set HTTP headers for all transactions
+ --webdav-pass string Password (obscured)
+ --webdav-url string URL of http host to connect to
+ --webdav-user string User name
+ --webdav-vendor string Name of the WebDAV site/service/software you are using
+ --yandex-auth-url string Auth server URL
+ --yandex-client-id string OAuth Client Id
+ --yandex-client-secret string OAuth Client Secret
+ --yandex-encoding MultiEncoder The encoding for the backend (default Slash,Del,Ctl,InvalidUtf8,Dot)
+ --yandex-hard-delete Delete files permanently rather than putting them into the trash
+ --yandex-token string OAuth Access Token as a JSON blob
+ --yandex-token-url string Token server url
+ --zoho-auth-url string Auth server URL
+ --zoho-client-id string OAuth Client Id
+ --zoho-client-secret string OAuth Client Secret
+ --zoho-encoding MultiEncoder The encoding for the backend (default Del,Ctl,InvalidUtf8)
+ --zoho-region string Zoho region to connect to
+ --zoho-token string OAuth Access Token as a JSON blob
+ --zoho-token-url string Token server url
Docker Volume Plugin
@@ -14116,7 +15431,7 @@ Command line syntax
Arbitrary rclone flags may be specified on the bisync command line, for
example
-rclone bsync ./testdir/path1/ gdrive:testdir/path2/ --drive-skip-gdocs -v -v --timeout 10s
+rclone bisync ./testdir/path1/ gdrive:testdir/path2/ --drive-skip-gdocs -v -v --timeout 10s
Note that interactions of various rclone flags with bisync process flow
has not been fully tested yet.
@@ -14372,7 +15687,7 @@ Most of these events come up due to a error status from an internal
call. On such a critical error the {...}.path1.lst and {...}.path2.lst
listing files are renamed to extension .lst-err, which blocks any future
bisync runs (since the normal .lst files are not found). Bisync keeps
-them under bisync subdirectory of the rclone cache direcory, typically
+them under bisync subdirectory of the rclone cache directory, typically
at ${HOME}/.cache/rclone/bisync/ on Linux.
Some errors are considered temporary and re-running the bisync is not
@@ -14406,7 +15721,7 @@ Supported backends
Bisync is considered BETA and has been tested with the following
backends: - Local filesystem - Google Drive - Dropbox - OneDrive - S3 -
-SFTP
+SFTP - Yandex Disk
It has not been fully tested with other services yet. If it works, or
sorta works, please let us know and we'll update the list. Run the test
@@ -14462,7 +15777,7 @@ have spelling case differences (Smile.jpg vs. smile.jpg).
Windows support
Bisync has been tested on Windows 8.1, Windows 10 Pro 64-bit and on
-Windows Github runners.
+Windows GitHub runners.
Drive letters are allowed, including drive letters mapped to network
drives (rclone bisync J:\localsync GDrive:). If a drive letter is
@@ -14741,7 +16056,7 @@ Google Doc files
Google docs exist as virtual files on Google Drive and cannot be
transferred to other filesystems natively. While it is possible to
export a Google doc to a normal file (with .xlsx extension, for
-example), it's not possible to import a normal file back into a Google
+example), it is not possible to import a normal file back into a Google
document.
Bisync's handling of Google Doc files is to flag them in the run log
@@ -14959,7 +16274,7 @@ Notes about testing
check file mismatches in the test tree.
- Some Dropbox tests can fail, notably printing the following message:
src and dst identical but can't set mod time without deleting and re-uploading
- This is expected and happens due a way Dropbox handles modificaion
+ This is expected and happens due a way Dropbox handles modification
times. You should use the -refresh-times test flag to make up for
this.
- If Dropbox tests hit request limit for you and print error message
@@ -14970,7 +16285,7 @@ Updating golden results
Sometimes even a slight change in the bisync source can cause little
changes spread around many log files. Updating them manually would be a
-nighmare.
+nightmare.
The -golden flag will store the test.log and *.lst listings from each
test case into respective golden directories. Golden results will
@@ -15232,7 +16547,7 @@ strings.
Standard options
-Here are the standard options specific to fichier (1Fichier).
+Here are the Standard options specific to fichier (1Fichier).
--fichier-api-key
@@ -15247,7 +16562,7 @@ Properties:
Advanced options
-Here are the advanced options specific to fichier (1Fichier).
+Here are the Advanced options specific to fichier (1Fichier).
--fichier-shared-folder
@@ -15308,7 +16623,7 @@ rclone about is not supported by the 1Fichier backend. Backends without
this capability cannot determine free space for an rclone mount or use
policy mfs (most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about See rclone about
+See List of backends that do not support rclone about and rclone about
Alias
@@ -15330,6 +16645,11 @@ Invoking rclone mkdir backup:../desktop is exactly the same as invoking
rclone mkdir mydrive:private/backup/../desktop. The empty path is not
allowed as a remote. To alias the current directory use . instead.
+The target remote can also be a connection string. This can be used to
+modify the config of a remote for different uses, e.g. the alias
+myDriveTrash with the target remote myDrive,trashed_only: can be used to
+only show the trashed files in myDrive.
+
Configuration
Here is an example of how to make an alias called remote for local
@@ -15395,7 +16715,7 @@ Copy another local directory to the alias directory called source
Standard options
-Here are the standard options specific to alias (Alias for an existing
+Here are the Standard options specific to alias (Alias for an existing
remote).
--alias-remote
@@ -15482,9 +16802,10 @@ This will guide you through an interactive setup process:
token_url> Optional token URL
Remote config
Make sure your Redirect URL is set to "http://127.0.0.1:53682/" in your custom config.
- Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+ Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+ If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -15562,7 +16883,7 @@ amazon.co.uk email and password should work here just fine.
Standard options
-Here are the standard options specific to amazon cloud drive (Amazon
+Here are the Standard options specific to amazon cloud drive (Amazon
Drive).
--acd-client-id
@@ -15593,7 +16914,7 @@ Properties:
Advanced options
-Here are the advanced options specific to amazon cloud drive (Amazon
+Here are the Advanced options specific to amazon cloud drive (Amazon
Drive).
--acd-token
@@ -15737,7 +17058,7 @@ without this capability cannot determine free space for an rclone mount
or use policy mfs (most free space) as a member of an rclone union
remote.
-See List of backends that do not support rclone about See rclone about
+See List of backends that do not support rclone about and rclone about
Amazon S3 Storage Providers
@@ -15746,10 +17067,18 @@ The S3 backend can be used with a number of different providers:
- AWS S3
- Alibaba Cloud (Aliyun) Object Storage System (OSS)
- Ceph
+- China Mobile Ecloud Elastic Object Storage (EOS)
+- Cloudflare R2
+- Arvan Cloud Object Storage (AOS)
- DigitalOcean Spaces
- Dreamhost
+- Huawei OBS
- IBM COS S3
+- IDrive e2
+- IONOS Cloud
+- Liara Object Storage
- Minio
+- Qiniu Cloud Object Storage (Kodo)
- RackCorp Object Storage
- Scaleway
- Seagate Lyve Cloud
@@ -15803,7 +17132,7 @@ This will guide you through an interactive setup process.
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
- XX / Amazon S3 Compliant Storage Providers including AWS, Ceph, Dreamhost, IBM COS, Minio, and Tencent COS
+ XX / Amazon S3 Compliant Storage Providers including AWS, Ceph, ChinaMobile, ArvanCloud, Dreamhost, IBM COS, Liara, Minio, and Tencent COS
\ "s3"
[snip]
Storage> s3
@@ -15813,7 +17142,7 @@ This will guide you through an interactive setup process.
\ "AWS"
2 / Ceph Object Storage
\ "Ceph"
- 3 / Digital Ocean Spaces
+ 3 / DigitalOcean Spaces
\ "DigitalOcean"
4 / Dreamhost DreamObjects
\ "Dreamhost"
@@ -16060,9 +17389,9 @@ Avoiding GET requests to read directory listings
Rclone's default directory traversal is to process each directory
individually. This takes one API call per directory. Using the
---fast-list flag will read all info about the the objects into memory
-first using a smaller number of API calls (one per 1000 objects). See
-the rclone docs for more details.
+--fast-list flag will read all info about the objects into memory first
+using a smaller number of API calls (one per 1000 objects). See the
+rclone docs for more details.
rclone sync --fast-list --checksum /path/to/source s3:bucket
@@ -16111,6 +17440,64 @@ will mean that these objects do not have an MD5 checksum.
Note that reading this from the object takes an additional HEAD request
as the metadata isn't returned in object listings.
+Versions
+
+When bucket versioning is enabled (this can be done with rclone with the
+rclone backend versioning command) when rclone uploads a new version of
+a file it creates a new version of it Likewise when you delete a file,
+the old version will be marked hidden and still be available.
+
+Old versions of files, where available, are visible using the
+--s3-versions flag.
+
+It is also possible to view a bucket as it was at a certain point in
+time, using the --s3-version-at flag. This will show the file versions
+as they were at that time, showing files that have been deleted
+afterwards, and hiding files that were created since.
+
+If you wish to remove all the old versions then you can use the
+rclone backend cleanup-hidden remote:bucket command which will delete
+all the old hidden versions of files, leaving the current ones intact.
+You can also supply a path and only old versions under that path will be
+deleted, e.g. rclone backend cleanup-hidden remote:bucket/path/to/stuff.
+
+When you purge a bucket, the current and the old versions will be
+deleted then the bucket will be deleted.
+
+However delete will cause the current versions of the files to become
+hidden old versions.
+
+Here is a session showing the listing and retrieval of an old version
+followed by a cleanup of the old versions.
+
+Show current version and all the versions with --s3-versions flag.
+
+ $ rclone -q ls s3:cleanup-test
+ 9 one.txt
+
+ $ rclone -q --s3-versions ls s3:cleanup-test
+ 9 one.txt
+ 8 one-v2016-07-04-141032-000.txt
+ 16 one-v2016-07-04-141003-000.txt
+ 15 one-v2016-07-02-155621-000.txt
+
+Retrieve an old version
+
+ $ rclone -q --s3-versions copy s3:cleanup-test/one-v2016-07-04-141003-000.txt /tmp
+
+ $ ls -l /tmp/one-v2016-07-04-141003-000.txt
+ -rw-rw-r-- 1 ncw ncw 16 Jul 2 17:46 /tmp/one-v2016-07-04-141003-000.txt
+
+Clean up all the old versions and show that they've gone.
+
+ $ rclone -q backend cleanup-hidden s3:cleanup-test
+
+ $ rclone -q ls s3:cleanup-test
+ 9 one.txt
+
+ $ rclone -q --s3-versions ls s3:cleanup-test
+ 9 one.txt
+
Cleanup
If you run rclone cleanup s3:bucket then it will remove all pending
@@ -16303,10 +17690,11 @@ be uploaded as multipart.
Standard options
-Here are the standard options specific to s3 (Amazon S3 Compliant
-Storage Providers including AWS, Alibaba, Ceph, Digital Ocean,
-Dreamhost, IBM COS, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent
-COS).
+Here are the Standard options specific to s3 (Amazon S3 Compliant
+Storage Providers including AWS, Alibaba, Ceph, China Mobile,
+Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS,
+IDrive e2, IONOS Cloud, Liara, Lyve Cloud, Minio, Netease, RackCorp,
+Scaleway, SeaweedFS, StackPath, Storj, Tencent COS, Qiniu and Wasabi).
--s3-provider
@@ -16325,14 +17713,28 @@ Properties:
- Alibaba Cloud Object Storage System (OSS) formerly Aliyun
- "Ceph"
- Ceph Object Storage
+ - "ChinaMobile"
+ - China Mobile Ecloud Elastic Object Storage (EOS)
+ - "Cloudflare"
+ - Cloudflare R2 Storage
+ - "ArvanCloud"
+ - Arvan Cloud Object Storage (AOS)
- "DigitalOcean"
- - Digital Ocean Spaces
+ - DigitalOcean Spaces
- "Dreamhost"
- Dreamhost DreamObjects
+ - "HuaweiOBS"
+ - Huawei Object Storage Service
- "IBMCOS"
- IBM COS S3
+ - "IDrive"
+ - IDrive e2
+ - "IONOS"
+ - IONOS Cloud
- "LyveCloud"
- Seagate Lyve Cloud
+ - "Liara"
+ - Liara Object Storage
- "Minio"
- Minio Object Storage
- "Netease"
@@ -16351,6 +17753,8 @@ Properties:
- Tencent Cloud Object Storage (COS)
- "Wasabi"
- Wasabi Object Storage
+ - "Qiniu"
+ - Qiniu Object Storage (Kodo)
- "Other"
- Any other S3 compatible provider
@@ -16556,6 +17960,122 @@ Properties:
- Amsterdam, The Netherlands
- "fr-par"
- Paris, France
+ - "pl-waw"
+ - Warsaw, Poland
+
+--s3-region
+
+Region to connect to. - the location where your bucket will be created
+and your data stored. Need bo be same with your endpoint.
+
+Properties:
+
+- Config: region
+- Env Var: RCLONE_S3_REGION
+- Provider: HuaweiOBS
+- Type: string
+- Required: false
+- Examples:
+ - "af-south-1"
+ - AF-Johannesburg
+ - "ap-southeast-2"
+ - AP-Bangkok
+ - "ap-southeast-3"
+ - AP-Singapore
+ - "cn-east-3"
+ - CN East-Shanghai1
+ - "cn-east-2"
+ - CN East-Shanghai2
+ - "cn-north-1"
+ - CN North-Beijing1
+ - "cn-north-4"
+ - CN North-Beijing4
+ - "cn-south-1"
+ - CN South-Guangzhou
+ - "ap-southeast-1"
+ - CN-Hong Kong
+ - "sa-argentina-1"
+ - LA-Buenos Aires1
+ - "sa-peru-1"
+ - LA-Lima1
+ - "na-mexico-1"
+ - LA-Mexico City1
+ - "sa-chile-1"
+ - LA-Santiago2
+ - "sa-brazil-1"
+ - LA-Sao Paulo1
+ - "ru-northwest-2"
+ - RU-Moscow2
+
+--s3-region
+
+Region to connect to.
+
+Properties:
+
+- Config: region
+- Env Var: RCLONE_S3_REGION
+- Provider: Cloudflare
+- Type: string
+- Required: false
+- Examples:
+ - "auto"
+ - R2 buckets are automatically distributed across Cloudflare's
+ data centers for low latency.
+
+--s3-region
+
+Region to connect to.
+
+Properties:
+
+- Config: region
+- Env Var: RCLONE_S3_REGION
+- Provider: Qiniu
+- Type: string
+- Required: false
+- Examples:
+ - "cn-east-1"
+ - The default endpoint - a good choice if you are unsure.
+ - East China Region 1.
+ - Needs location constraint cn-east-1.
+ - "cn-east-2"
+ - East China Region 2.
+ - Needs location constraint cn-east-2.
+ - "cn-north-1"
+ - North China Region 1.
+ - Needs location constraint cn-north-1.
+ - "cn-south-1"
+ - South China Region 1.
+ - Needs location constraint cn-south-1.
+ - "us-north-1"
+ - North America Region.
+ - Needs location constraint us-north-1.
+ - "ap-southeast-1"
+ - Southeast Asia Region 1.
+ - Needs location constraint ap-southeast-1.
+ - "ap-northeast-1"
+ - Northeast Asia Region 1.
+ - Needs location constraint ap-northeast-1.
+
+--s3-region
+
+Region where your bucket will be created and your data stored.
+
+Properties:
+
+- Config: region
+- Env Var: RCLONE_S3_REGION
+- Provider: IONOS
+- Type: string
+- Required: false
+- Examples:
+ - "de"
+ - Frankfurt, Germany
+ - "eu-central-2"
+ - Berlin, Germany
+ - "eu-south-2"
+ - Logrono, Spain
--s3-region
@@ -16567,7 +18087,8 @@ Properties:
- Config: region
- Env Var: RCLONE_S3_REGION
-- Provider: !AWS,Alibaba,RackCorp,Scaleway,Storj,TencentCOS
+- Provider:
+ !AWS,Alibaba,ChinaMobile,Cloudflare,IONOS,ArvanCloud,Liara,Qiniu,RackCorp,Scaleway,Storj,TencentCOS,HuaweiOBS,IDrive
- Type: string
- Required: false
- Examples:
@@ -16594,6 +18115,98 @@ Properties:
--s3-endpoint
+Endpoint for China Mobile Ecloud Elastic Object Storage (EOS) API.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_S3_ENDPOINT
+- Provider: ChinaMobile
+- Type: string
+- Required: false
+- Examples:
+ - "eos-wuxi-1.cmecloud.cn"
+ - The default endpoint - a good choice if you are unsure.
+ - East China (Suzhou)
+ - "eos-jinan-1.cmecloud.cn"
+ - East China (Jinan)
+ - "eos-ningbo-1.cmecloud.cn"
+ - East China (Hangzhou)
+ - "eos-shanghai-1.cmecloud.cn"
+ - East China (Shanghai-1)
+ - "eos-zhengzhou-1.cmecloud.cn"
+ - Central China (Zhengzhou)
+ - "eos-hunan-1.cmecloud.cn"
+ - Central China (Changsha-1)
+ - "eos-zhuzhou-1.cmecloud.cn"
+ - Central China (Changsha-2)
+ - "eos-guangzhou-1.cmecloud.cn"
+ - South China (Guangzhou-2)
+ - "eos-dongguan-1.cmecloud.cn"
+ - South China (Guangzhou-3)
+ - "eos-beijing-1.cmecloud.cn"
+ - North China (Beijing-1)
+ - "eos-beijing-2.cmecloud.cn"
+ - North China (Beijing-2)
+ - "eos-beijing-4.cmecloud.cn"
+ - North China (Beijing-3)
+ - "eos-huhehaote-1.cmecloud.cn"
+ - North China (Huhehaote)
+ - "eos-chengdu-1.cmecloud.cn"
+ - Southwest China (Chengdu)
+ - "eos-chongqing-1.cmecloud.cn"
+ - Southwest China (Chongqing)
+ - "eos-guiyang-1.cmecloud.cn"
+ - Southwest China (Guiyang)
+ - "eos-xian-1.cmecloud.cn"
+ - Nouthwest China (Xian)
+ - "eos-yunnan.cmecloud.cn"
+ - Yunnan China (Kunming)
+ - "eos-yunnan-2.cmecloud.cn"
+ - Yunnan China (Kunming-2)
+ - "eos-tianjin-1.cmecloud.cn"
+ - Tianjin China (Tianjin)
+ - "eos-jilin-1.cmecloud.cn"
+ - Jilin China (Changchun)
+ - "eos-hubei-1.cmecloud.cn"
+ - Hubei China (Xiangyan)
+ - "eos-jiangxi-1.cmecloud.cn"
+ - Jiangxi China (Nanchang)
+ - "eos-gansu-1.cmecloud.cn"
+ - Gansu China (Lanzhou)
+ - "eos-shanxi-1.cmecloud.cn"
+ - Shanxi China (Taiyuan)
+ - "eos-liaoning-1.cmecloud.cn"
+ - Liaoning China (Shenyang)
+ - "eos-hebei-1.cmecloud.cn"
+ - Hebei China (Shijiazhuang)
+ - "eos-fujian-1.cmecloud.cn"
+ - Fujian China (Xiamen)
+ - "eos-guangxi-1.cmecloud.cn"
+ - Guangxi China (Nanning)
+ - "eos-anhui-1.cmecloud.cn"
+ - Anhui China (Huainan)
+
+--s3-endpoint
+
+Endpoint for Arvan Cloud Object Storage (AOS) API.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_S3_ENDPOINT
+- Provider: ArvanCloud
+- Type: string
+- Required: false
+- Examples:
+ - "s3.ir-thr-at1.arvanstorage.com"
+ - The default endpoint - a good choice if you are unsure.
+ - Tehran Iran (Asiatech)
+ - "s3.ir-tbz-sh1.arvanstorage.com"
+ - Tabriz Iran (Shahriar)
+
+--s3-endpoint
+
Endpoint for IBM COS S3 API.
Specify if using an IBM COS On Premise.
@@ -16733,6 +18346,43 @@ Properties:
--s3-endpoint
+Endpoint for IONOS S3 Object Storage.
+
+Specify the endpoint from the same region.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_S3_ENDPOINT
+- Provider: IONOS
+- Type: string
+- Required: false
+- Examples:
+ - "s3-eu-central-1.ionoscloud.com"
+ - Frankfurt, Germany
+ - "s3-eu-central-2.ionoscloud.com"
+ - Berlin, Germany
+ - "s3-eu-south-2.ionoscloud.com"
+ - Logrono, Spain
+
+--s3-endpoint
+
+Endpoint for Liara Object Storage API.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_S3_ENDPOINT
+- Provider: Liara
+- Type: string
+- Required: false
+- Examples:
+ - "storage.iran.liara.space"
+ - The default endpoint
+ - Iran
+
+--s3-endpoint
+
Endpoint for OSS API.
Properties:
@@ -16796,6 +18446,49 @@ Properties:
--s3-endpoint
+Endpoint for OBS API.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_S3_ENDPOINT
+- Provider: HuaweiOBS
+- Type: string
+- Required: false
+- Examples:
+ - "obs.af-south-1.myhuaweicloud.com"
+ - AF-Johannesburg
+ - "obs.ap-southeast-2.myhuaweicloud.com"
+ - AP-Bangkok
+ - "obs.ap-southeast-3.myhuaweicloud.com"
+ - AP-Singapore
+ - "obs.cn-east-3.myhuaweicloud.com"
+ - CN East-Shanghai1
+ - "obs.cn-east-2.myhuaweicloud.com"
+ - CN East-Shanghai2
+ - "obs.cn-north-1.myhuaweicloud.com"
+ - CN North-Beijing1
+ - "obs.cn-north-4.myhuaweicloud.com"
+ - CN North-Beijing4
+ - "obs.cn-south-1.myhuaweicloud.com"
+ - CN South-Guangzhou
+ - "obs.ap-southeast-1.myhuaweicloud.com"
+ - CN-Hong Kong
+ - "obs.sa-argentina-1.myhuaweicloud.com"
+ - LA-Buenos Aires1
+ - "obs.sa-peru-1.myhuaweicloud.com"
+ - LA-Lima1
+ - "obs.na-mexico-1.myhuaweicloud.com"
+ - LA-Mexico City1
+ - "obs.sa-chile-1.myhuaweicloud.com"
+ - LA-Santiago2
+ - "obs.sa-brazil-1.myhuaweicloud.com"
+ - LA-Sao Paulo1
+ - "obs.ru-northwest-2.myhuaweicloud.com"
+ - RU-Moscow2
+
+--s3-endpoint
+
Endpoint for Scaleway Object Storage.
Properties:
@@ -16810,6 +18503,8 @@ Properties:
- Amsterdam Endpoint
- "s3.fr-par.scw.cloud"
- Paris Endpoint
+ - "s3.pl-waw.scw.cloud"
+ - Warsaw Endpoint
--s3-endpoint
@@ -16953,6 +18648,33 @@ Properties:
--s3-endpoint
+Endpoint for Qiniu Object Storage.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_S3_ENDPOINT
+- Provider: Qiniu
+- Type: string
+- Required: false
+- Examples:
+ - "s3-cn-east-1.qiniucs.com"
+ - East China Endpoint 1
+ - "s3-cn-east-2.qiniucs.com"
+ - East China Endpoint 2
+ - "s3-cn-north-1.qiniucs.com"
+ - North China Endpoint 1
+ - "s3-cn-south-1.qiniucs.com"
+ - South China Endpoint 1
+ - "s3-us-north-1.qiniucs.com"
+ - North America Endpoint 1
+ - "s3-ap-southeast-1.qiniucs.com"
+ - Southeast Asia Endpoint 1
+ - "s3-ap-northeast-1.qiniucs.com"
+ - Northeast Asia Endpoint 1
+
+--s3-endpoint
+
Endpoint for S3 API.
Required when using an S3 clone.
@@ -16962,18 +18684,24 @@ Properties:
- Config: endpoint
- Env Var: RCLONE_S3_ENDPOINT
- Provider:
- !AWS,IBMCOS,TencentCOS,Alibaba,Scaleway,StackPath,Storj,RackCorp
+ !AWS,IBMCOS,IDrive,IONOS,TencentCOS,HuaweiOBS,Alibaba,ChinaMobile,Liara,ArvanCloud,Scaleway,StackPath,Storj,RackCorp,Qiniu
- Type: string
- Required: false
- Examples:
- "objects-us-east-1.dream.io"
- Dream Objects endpoint
+ - "syd1.digitaloceanspaces.com"
+ - DigitalOcean Spaces Sydney 1
+ - "sfo3.digitaloceanspaces.com"
+ - DigitalOcean Spaces San Francisco 3
+ - "fra1.digitaloceanspaces.com"
+ - DigitalOcean Spaces Frankfurt 1
- "nyc3.digitaloceanspaces.com"
- - Digital Ocean Spaces New York 3
+ - DigitalOcean Spaces New York 3
- "ams3.digitaloceanspaces.com"
- - Digital Ocean Spaces Amsterdam 3
+ - DigitalOcean Spaces Amsterdam 3
- "sgp1.digitaloceanspaces.com"
- - Digital Ocean Spaces Singapore 1
+ - DigitalOcean Spaces Singapore 1
- "localhost:8333"
- SeaweedFS S3 localhost
- "s3.us-east-1.lyvecloud.seagate.com"
@@ -16983,15 +18711,35 @@ Properties:
- "s3.ap-southeast-1.lyvecloud.seagate.com"
- Seagate Lyve Cloud AP Southeast 1 (Singapore)
- "s3.wasabisys.com"
- - Wasabi US East endpoint
+ - Wasabi US East 1 (N. Virginia)
+ - "s3.us-east-2.wasabisys.com"
+ - Wasabi US East 2 (N. Virginia)
+ - "s3.us-central-1.wasabisys.com"
+ - Wasabi US Central 1 (Texas)
- "s3.us-west-1.wasabisys.com"
- - Wasabi US West endpoint
+ - Wasabi US West 1 (Oregon)
+ - "s3.ca-central-1.wasabisys.com"
+ - Wasabi CA Central 1 (Toronto)
- "s3.eu-central-1.wasabisys.com"
- - Wasabi EU Central endpoint
+ - Wasabi EU Central 1 (Amsterdam)
+ - "s3.eu-central-2.wasabisys.com"
+ - Wasabi EU Central 2 (Frankfurt)
+ - "s3.eu-west-1.wasabisys.com"
+ - Wasabi EU West 1 (London)
+ - "s3.eu-west-2.wasabisys.com"
+ - Wasabi EU West 2 (Paris)
- "s3.ap-northeast-1.wasabisys.com"
- Wasabi AP Northeast 1 (Tokyo) endpoint
- "s3.ap-northeast-2.wasabisys.com"
- Wasabi AP Northeast 2 (Osaka) endpoint
+ - "s3.ap-southeast-1.wasabisys.com"
+ - Wasabi AP Southeast 1 (Singapore)
+ - "s3.ap-southeast-2.wasabisys.com"
+ - Wasabi AP Southeast 2 (Sydney)
+ - "storage.iran.liara.space"
+ - Liara Iran endpoint
+ - "s3.ir-thr-at1.arvanstorage.com"
+ - ArvanCloud Tehran Iran (Asiatech) endpoint
--s3-location-constraint
@@ -17060,6 +18808,100 @@ Properties:
--s3-location-constraint
+Location constraint - must match endpoint.
+
+Used when creating buckets only.
+
+Properties:
+
+- Config: location_constraint
+- Env Var: RCLONE_S3_LOCATION_CONSTRAINT
+- Provider: ChinaMobile
+- Type: string
+- Required: false
+- Examples:
+ - "wuxi1"
+ - East China (Suzhou)
+ - "jinan1"
+ - East China (Jinan)
+ - "ningbo1"
+ - East China (Hangzhou)
+ - "shanghai1"
+ - East China (Shanghai-1)
+ - "zhengzhou1"
+ - Central China (Zhengzhou)
+ - "hunan1"
+ - Central China (Changsha-1)
+ - "zhuzhou1"
+ - Central China (Changsha-2)
+ - "guangzhou1"
+ - South China (Guangzhou-2)
+ - "dongguan1"
+ - South China (Guangzhou-3)
+ - "beijing1"
+ - North China (Beijing-1)
+ - "beijing2"
+ - North China (Beijing-2)
+ - "beijing4"
+ - North China (Beijing-3)
+ - "huhehaote1"
+ - North China (Huhehaote)
+ - "chengdu1"
+ - Southwest China (Chengdu)
+ - "chongqing1"
+ - Southwest China (Chongqing)
+ - "guiyang1"
+ - Southwest China (Guiyang)
+ - "xian1"
+ - Nouthwest China (Xian)
+ - "yunnan"
+ - Yunnan China (Kunming)
+ - "yunnan2"
+ - Yunnan China (Kunming-2)
+ - "tianjin1"
+ - Tianjin China (Tianjin)
+ - "jilin1"
+ - Jilin China (Changchun)
+ - "hubei1"
+ - Hubei China (Xiangyan)
+ - "jiangxi1"
+ - Jiangxi China (Nanchang)
+ - "gansu1"
+ - Gansu China (Lanzhou)
+ - "shanxi1"
+ - Shanxi China (Taiyuan)
+ - "liaoning1"
+ - Liaoning China (Shenyang)
+ - "hebei1"
+ - Hebei China (Shijiazhuang)
+ - "fujian1"
+ - Fujian China (Xiamen)
+ - "guangxi1"
+ - Guangxi China (Nanning)
+ - "anhui1"
+ - Anhui China (Huainan)
+
+--s3-location-constraint
+
+Location constraint - must match endpoint.
+
+Used when creating buckets only.
+
+Properties:
+
+- Config: location_constraint
+- Env Var: RCLONE_S3_LOCATION_CONSTRAINT
+- Provider: ArvanCloud
+- Type: string
+- Required: false
+- Examples:
+ - "ir-thr-at1"
+ - Tehran Iran (Asiatech)
+ - "ir-tbz-sh1"
+ - Tabriz Iran (Shahriar)
+
+--s3-location-constraint
+
Location constraint - must match endpoint when using IBM Cloud Public.
For on-prem COS, do not make a selection from this list, hit enter.
@@ -17193,6 +19035,35 @@ Properties:
Location constraint - must be set to match the Region.
+Used when creating buckets only.
+
+Properties:
+
+- Config: location_constraint
+- Env Var: RCLONE_S3_LOCATION_CONSTRAINT
+- Provider: Qiniu
+- Type: string
+- Required: false
+- Examples:
+ - "cn-east-1"
+ - East China Region 1
+ - "cn-east-2"
+ - East China Region 2
+ - "cn-north-1"
+ - North China Region 1
+ - "cn-south-1"
+ - South China Region 1
+ - "us-north-1"
+ - North America Region 1
+ - "ap-southeast-1"
+ - Southeast Asia Region 1
+ - "ap-northeast-1"
+ - Northeast Asia Region 1
+
+--s3-location-constraint
+
+Location constraint - must be set to match the Region.
+
Leave blank if not sure. Used when creating buckets only.
Properties:
@@ -17200,7 +19071,7 @@ Properties:
- Config: location_constraint
- Env Var: RCLONE_S3_LOCATION_CONSTRAINT
- Provider:
- !AWS,IBMCOS,Alibaba,RackCorp,Scaleway,StackPath,Storj,TencentCOS
+ !AWS,Alibaba,HuaweiOBS,ChinaMobile,Cloudflare,IBMCOS,IDrive,IONOS,Liara,ArvanCloud,Qiniu,RackCorp,Scaleway,StackPath,Storj,TencentCOS
- Type: string
- Required: false
@@ -17217,11 +19088,14 @@ https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
Note that this ACL is applied when server-side copying objects as S3
doesn't copy the ACL from the source but rather writes a fresh one.
+If the acl is an empty string then no X-Amz-Acl: header is added and the
+default (private) will be used.
+
Properties:
- Config: acl
- Env Var: RCLONE_S3_ACL
-- Provider: !Storj
+- Provider: !Storj,Cloudflare
- Type: string
- Required: false
- Examples:
@@ -17282,7 +19156,7 @@ Properties:
- Config: server_side_encryption
- Env Var: RCLONE_S3_SERVER_SIDE_ENCRYPTION
-- Provider: AWS,Ceph,Minio
+- Provider: AWS,Ceph,ChinaMobile,Minio
- Type: string
- Required: false
- Examples:
@@ -17364,6 +19238,57 @@ Properties:
--s3-storage-class
+The storage class to use when storing new objects in ChinaMobile.
+
+Properties:
+
+- Config: storage_class
+- Env Var: RCLONE_S3_STORAGE_CLASS
+- Provider: ChinaMobile
+- Type: string
+- Required: false
+- Examples:
+ - ""
+ - Default
+ - "STANDARD"
+ - Standard storage class
+ - "GLACIER"
+ - Archive storage mode
+ - "STANDARD_IA"
+ - Infrequent access storage mode
+
+--s3-storage-class
+
+The storage class to use when storing new objects in Liara
+
+Properties:
+
+- Config: storage_class
+- Env Var: RCLONE_S3_STORAGE_CLASS
+- Provider: Liara
+- Type: string
+- Required: false
+- Examples:
+ - "STANDARD"
+ - Standard storage class
+
+--s3-storage-class
+
+The storage class to use when storing new objects in ArvanCloud.
+
+Properties:
+
+- Config: storage_class
+- Env Var: RCLONE_S3_STORAGE_CLASS
+- Provider: ArvanCloud
+- Type: string
+- Required: false
+- Examples:
+ - "STANDARD"
+ - Standard storage class
+
+--s3-storage-class
+
The storage class to use when storing new objects in Tencent COS.
Properties:
@@ -17405,12 +19330,34 @@ Properties:
- Prices are lower, but it needs to be restored first to be
accessed.
+--s3-storage-class
+
+The storage class to use when storing new objects in Qiniu.
+
+Properties:
+
+- Config: storage_class
+- Env Var: RCLONE_S3_STORAGE_CLASS
+- Provider: Qiniu
+- Type: string
+- Required: false
+- Examples:
+ - "STANDARD"
+ - Standard storage class
+ - "LINE"
+ - Infrequent access storage mode
+ - "GLACIER"
+ - Archive storage mode
+ - "DEEP_ARCHIVE"
+ - Deep archive storage mode
+
Advanced options
-Here are the advanced options specific to s3 (Amazon S3 Compliant
-Storage Providers including AWS, Alibaba, Ceph, Digital Ocean,
-Dreamhost, IBM COS, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent
-COS).
+Here are the Advanced options specific to s3 (Amazon S3 Compliant
+Storage Providers including AWS, Alibaba, Ceph, China Mobile,
+Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS,
+IDrive e2, IONOS Cloud, Liara, Lyve Cloud, Minio, Netease, RackCorp,
+Scaleway, SeaweedFS, StackPath, Storj, Tencent COS, Qiniu and Wasabi).
--s3-bucket-acl
@@ -17422,6 +19369,9 @@ https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
Note that this ACL is applied when only when creating buckets. If it
isn't set then "acl" is used instead.
+If the "acl" and "bucket_acl" are empty strings then no X-Amz-Acl:
+header is added and the default (private) will be used.
+
Properties:
- Config: bucket_acl
@@ -17464,7 +19414,7 @@ Properties:
- Config: sse_customer_algorithm
- Env Var: RCLONE_S3_SSE_CUSTOMER_ALGORITHM
-- Provider: AWS,Ceph,Minio
+- Provider: AWS,Ceph,ChinaMobile,Minio
- Type: string
- Required: false
- Examples:
@@ -17475,14 +19425,34 @@ Properties:
--s3-sse-customer-key
-If using SSE-C you must provide the secret encryption key used to
+To use SSE-C you may provide the secret encryption key used to
encrypt/decrypt your data.
+Alternatively you can provide --sse-customer-key-base64.
+
Properties:
- Config: sse_customer_key
- Env Var: RCLONE_S3_SSE_CUSTOMER_KEY
-- Provider: AWS,Ceph,Minio
+- Provider: AWS,Ceph,ChinaMobile,Minio
+- Type: string
+- Required: false
+- Examples:
+ - ""
+ - None
+
+--s3-sse-customer-key-base64
+
+If using SSE-C you must provide the secret encryption key encoded in
+base64 format to encrypt/decrypt your data.
+
+Alternatively you can provide --sse-customer-key.
+
+Properties:
+
+- Config: sse_customer_key_base64
+- Env Var: RCLONE_S3_SSE_CUSTOMER_KEY_BASE64
+- Provider: AWS,Ceph,ChinaMobile,Minio
- Type: string
- Required: false
- Examples:
@@ -17501,7 +19471,7 @@ Properties:
- Config: sse_customer_key_md5
- Env Var: RCLONE_S3_SSE_CUSTOMER_KEY_MD5
-- Provider: AWS,Ceph,Minio
+- Provider: AWS,Ceph,ChinaMobile,Minio
- Type: string
- Required: false
- Examples:
@@ -17546,6 +19516,12 @@ this means that by default the maximum size of a file you can stream
upload is 48 GiB. If you wish to stream upload larger files then you
will need to increase chunk_size.
+Increasing the chunk size decreases the accuracy of the progress
+statistics displayed with "-P" flag. Rclone treats chunk as sent when
+it's buffered by the AWS SDK, when in fact it may still be uploading. A
+bigger chunk size means a bigger AWS SDK buffer and progress reporting
+more deviating from the truth.
+
Properties:
- Config: chunk_size
@@ -17946,6 +19922,151 @@ Properties:
- Type: Tristate
- Default: unset
+--s3-use-presigned-request
+
+Whether to use a presigned request or PutObject for single part uploads
+
+If this is false rclone will use PutObject from the AWS SDK to upload an
+object.
+
+Versions of rclone < 1.59 use presigned requests to upload a single part
+object and setting this flag to true will re-enable that functionality.
+This shouldn't be necessary except in exceptional circumstances or for
+testing.
+
+Properties:
+
+- Config: use_presigned_request
+- Env Var: RCLONE_S3_USE_PRESIGNED_REQUEST
+- Type: bool
+- Default: false
+
+--s3-versions
+
+Include old versions in directory listings.
+
+Properties:
+
+- Config: versions
+- Env Var: RCLONE_S3_VERSIONS
+- Type: bool
+- Default: false
+
+--s3-version-at
+
+Show file versions as they were at the specified time.
+
+The parameter should be a date, "2006-01-02", datetime "2006-01-02
+15:04:05" or a duration for that long ago, eg "100d" or "1h".
+
+Note that when using this no file write operations are permitted, so you
+can't upload files or delete them.
+
+See the time option docs for valid formats.
+
+Properties:
+
+- Config: version_at
+- Env Var: RCLONE_S3_VERSION_AT
+- Type: Time
+- Default: off
+
+--s3-decompress
+
+If set this will decompress gzip encoded objects.
+
+It is possible to upload objects to S3 with "Content-Encoding: gzip"
+set. Normally rclone will download these files as compressed objects.
+
+If this flag is set then rclone will decompress these files with
+"Content-Encoding: gzip" as they are received. This means that rclone
+can't check the size and hash but the file contents will be
+decompressed.
+
+Properties:
+
+- Config: decompress
+- Env Var: RCLONE_S3_DECOMPRESS
+- Type: bool
+- Default: false
+
+--s3-might-gzip
+
+Set this if the backend might gzip objects.
+
+Normally providers will not alter objects when they are downloaded. If
+an object was not uploaded with Content-Encoding: gzip then it won't be
+set on download.
+
+However some providers may gzip objects even if they weren't uploaded
+with Content-Encoding: gzip (eg Cloudflare).
+
+A symptom of this would be receiving errors like
+
+ ERROR corrupted on transfer: sizes differ NNN vs MMM
+
+If you set this flag and rclone downloads an object with
+Content-Encoding: gzip set and chunked transfer encoding, then rclone
+will decompress the object on the fly.
+
+If this is set to unset (the default) then rclone will choose according
+to the provider setting what to apply, but you can override rclone's
+choice here.
+
+Properties:
+
+- Config: might_gzip
+- Env Var: RCLONE_S3_MIGHT_GZIP
+- Type: Tristate
+- Default: unset
+
+--s3-no-system-metadata
+
+Suppress setting and reading of system metadata
+
+Properties:
+
+- Config: no_system_metadata
+- Env Var: RCLONE_S3_NO_SYSTEM_METADATA
+- Type: bool
+- Default: false
+
+Metadata
+
+User metadata is stored as x-amz-meta- keys. S3 metadata keys are case
+insensitive and are always returned in lower case.
+
+Here are the possible system metadata items for the s3 backend.
+
+ ------------------------------------------------------------------------------------------------------------------
+ Name Help Type Example Read Only
+ --------------------- --------------------- ----------- ------------------------------------- --------------------
+ btime Time of file birth RFC 3339 2006-01-02T15:04:05.999999999Z07:00 Y
+ (creation) read from
+ Last-Modified header
+
+ cache-control Cache-Control header string no-cache N
+
+ content-disposition Content-Disposition string inline N
+ header
+
+ content-encoding Content-Encoding string gzip N
+ header
+
+ content-language Content-Language string en-US N
+ header
+
+ content-type Content-Type header string text/plain N
+
+ mtime Time of last RFC 3339 2006-01-02T15:04:05.999999999Z07:00 N
+ modification, read
+ from rclone metadata
+
+ tier Tier of the object string GLACIER Y
+ ------------------------------------------------------------------------------------------------------------------
+
+See the metadata docs for more info.
+
Backend commands
Here are the commands specific to the s3 backend.
@@ -17956,8 +20077,8 @@ Run them with
The help below will explain what arguments each command takes.
-See the "rclone backend" command for more info on how to pass options
-and arguments.
+See the backend command for more info on how to pass options and
+arguments.
These can be run on a running backend using the rc command
backend/command.
@@ -18064,6 +20185,37 @@ Options:
- "max-age": Max age of upload to delete
+cleanup-hidden
+
+Remove old versions of files.
+
+ rclone backend cleanup-hidden remote: [options] [+]
+
+This command removes any old hidden versions of files on a versions
+enabled bucket.
+
+Note that you can use -i/--dry-run with this command to see what it
+would do.
+
+ rclone backend cleanup-hidden s3:bucket/path/to/dir
+
+versioning
+
+Set/get versioning support for a bucket.
+
+ rclone backend versioning remote: [options] [+]
+
+This command sets versioning support if a parameter is passed and then
+returns the current versioning status for the bucket supplied.
+
+ rclone backend versioning s3:bucket # read status only
+ rclone backend versioning s3:bucket Enabled
+ rclone backend versioning s3:bucket Suspended
+
+It may return "Enabled", "Suspended" or "Unversioned". Note that once
+versioning has been enabled the status can't be set back to
+"Unversioned".
+
Anonymous access to public buckets
If you want to use rclone to access a public bucket, configure with a
@@ -18102,9 +20254,14 @@ AWS Snowball is a hardware appliance used for transferring bulk data
back to AWS. Its main software interface is S3 object storage.
To use rclone with AWS Snowball Edge devices, configure as standard for
-an 'S3 Compatible Service' be sure to set upload_cutoff = 0 otherwise
-you will run into authentication header issues as the snowball device
-does not support query parameter based authentication.
+an 'S3 Compatible Service'.
+
+If using rclone pre v1.59 be sure to set upload_cutoff = 0 otherwise you
+will run into authentication header issues as the snowball device does
+not support query parameter based authentication.
+
+With rclone v1.59 or later setting upload_cutoff should not be
+necessary.
eg.
@@ -18139,10 +20296,10 @@ config:
server_side_encryption =
storage_class =
-If you are using an older version of CEPH, e.g. 10.2.x Jewel, then you
-may need to supply the parameter --s3-upload-cutoff 0 or put this in the
-config file as upload_cutoff 0 to work around a bug which causes
-uploading of small files to fail.
+If you are using an older version of CEPH (e.g. 10.2.x Jewel) and a
+version of rclone before v1.59 then you may need to supply the parameter
+--s3-upload-cutoff 0 or put this in the config file as upload_cutoff 0
+to work around a bug which causes uploading of small files to fail.
Note also that Ceph sometimes puts / in the passwords it gives users. If
you read the secret access key using the command line tools you will get
@@ -18167,6 +20324,101 @@ removed).
Because this is a json dump, it is encoding the / as \/, so if you use
the secret key as xxxxxx/xxxx it will work fine.
+Cloudflare R2
+
+Cloudflare R2 Storage allows developers to store large amounts of
+unstructured data without the costly egress bandwidth fees associated
+with typical cloud storage services.
+
+Here is an example of making a Cloudflare R2 configuration. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process.
+
+Note that all buckets are private, and all are stored in the same "auto"
+region. It is necessary to use Cloudflare workers to share the content
+of a bucket publicly.
+
+ No remotes found, make a new one?
+ n) New remote
+ s) Set configuration password
+ q) Quit config
+ n/s/q> n
+ name> r2
+ Option Storage.
+ Type of storage to configure.
+ Choose a number from below, or type in your own value.
+ ...
+ XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS and Wasabi
+ \ (s3)
+ ...
+ Storage> s3
+ Option provider.
+ Choose your S3 provider.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ ...
+ XX / Cloudflare R2 Storage
+ \ (Cloudflare)
+ ...
+ provider> Cloudflare
+ Option env_auth.
+ Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+ Only applies if access_key_id and secret_access_key is blank.
+ Choose a number from below, or type in your own boolean value (true or false).
+ Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+ env_auth> 1
+ Option access_key_id.
+ AWS Access Key ID.
+ Leave blank for anonymous access or runtime credentials.
+ Enter a value. Press Enter to leave empty.
+ access_key_id> ACCESS_KEY
+ Option secret_access_key.
+ AWS Secret Access Key (password).
+ Leave blank for anonymous access or runtime credentials.
+ Enter a value. Press Enter to leave empty.
+ secret_access_key> SECRET_ACCESS_KEY
+ Option region.
+ Region to connect to.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ 1 / R2 buckets are automatically distributed across Cloudflare's data centers for low latency.
+ \ (auto)
+ region> 1
+ Option endpoint.
+ Endpoint for S3 API.
+ Required when using an S3 clone.
+ Enter a value. Press Enter to leave empty.
+ endpoint> https://ACCOUNT_ID.r2.cloudflarestorage.com
+ Edit advanced config?
+ y) Yes
+ n) No (default)
+ y/n> n
+ --------------------
+ y) Yes this is OK (default)
+ e) Edit this remote
+ d) Delete this remote
+ y/e/d> y
+
+This will leave your config looking something like:
+
+ [r2]
+ type = s3
+ provider = Cloudflare
+ access_key_id = ACCESS_KEY
+ secret_access_key = SECRET_ACCESS_KEY
+ region = auto
+ endpoint = https://ACCOUNT_ID.r2.cloudflarestorage.com
+ acl = private
+
+Now run rclone lsf r2: to see your buckets and rclone lsf r2:bucket to
+look within a bucket.
+
Dreamhost
Dreamhost DreamObjects is an object storage system based on CEPH.
@@ -18237,6 +20489,135 @@ example:
rclone mkdir spaces:my-new-space
rclone copy /path/to/files spaces:my-new-space
+Huawei OBS
+
+Object Storage Service (OBS) provides stable, secure, efficient, and
+easy-to-use cloud storage that lets you store virtually any volume of
+unstructured data in any format and access it from anywhere.
+
+OBS provides an S3 interface, you can copy and modify the following
+configuration and add it to your rclone configuration file.
+
+ [obs]
+ type = s3
+ provider = HuaweiOBS
+ access_key_id = your-access-key-id
+ secret_access_key = your-secret-access-key
+ region = af-south-1
+ endpoint = obs.af-south-1.myhuaweicloud.com
+ acl = private
+
+Or you can also configure via the interactive command line:
+
+ No remotes found, make a new one?
+ n) New remote
+ s) Set configuration password
+ q) Quit config
+ n/s/q> n
+ name> obs
+ Option Storage.
+ Type of storage to configure.
+ Choose a number from below, or type in your own value.
+ [snip]
+ 5 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS and Wasabi
+ \ (s3)
+ [snip]
+ Storage> 5
+ Option provider.
+ Choose your S3 provider.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ [snip]
+ 9 / Huawei Object Storage Service
+ \ (HuaweiOBS)
+ [snip]
+ provider> 9
+ Option env_auth.
+ Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+ Only applies if access_key_id and secret_access_key is blank.
+ Choose a number from below, or type in your own boolean value (true or false).
+ Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+ env_auth> 1
+ Option access_key_id.
+ AWS Access Key ID.
+ Leave blank for anonymous access or runtime credentials.
+ Enter a value. Press Enter to leave empty.
+ access_key_id> your-access-key-id
+ Option secret_access_key.
+ AWS Secret Access Key (password).
+ Leave blank for anonymous access or runtime credentials.
+ Enter a value. Press Enter to leave empty.
+ secret_access_key> your-secret-access-key
+ Option region.
+ Region to connect to.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ 1 / AF-Johannesburg
+ \ (af-south-1)
+ 2 / AP-Bangkok
+ \ (ap-southeast-2)
+ [snip]
+ region> 1
+ Option endpoint.
+ Endpoint for OBS API.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ 1 / AF-Johannesburg
+ \ (obs.af-south-1.myhuaweicloud.com)
+ 2 / AP-Bangkok
+ \ (obs.ap-southeast-2.myhuaweicloud.com)
+ [snip]
+ endpoint> 1
+ Option acl.
+ Canned ACL used when creating buckets and storing or copying objects.
+ This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+ For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+ Note that this ACL is applied when server-side copying objects as S3
+ doesn't copy the ACL from the source but rather writes a fresh one.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ [snip]
+ acl> 1
+ Edit advanced config?
+ y) Yes
+ n) No (default)
+ y/n>
+ --------------------
+ [obs]
+ type = s3
+ provider = HuaweiOBS
+ access_key_id = your-access-key-id
+ secret_access_key = your-secret-access-key
+ region = af-south-1
+ endpoint = obs.af-south-1.myhuaweicloud.com
+ acl = private
+ --------------------
+ y) Yes this is OK (default)
+ e) Edit this remote
+ d) Delete this remote
+ y/e/d> y
+ Current remotes:
+
+ Name Type
+ ==== ====
+ obs s3
+
+ e) Edit existing remote
+ n) New remote
+ d) Delete remote
+ r) Rename remote
+ c) Copy remote
+ s) Set configuration password
+ q) Quit config
+ e/n/d/r/c/s/q> q
+
IBM COS (S3)
Information stored with IBM Cloud Object Storage is encrypted and
@@ -18268,12 +20649,12 @@ To configure access to IBM COS S3, follow the steps below:
\ "alias"
2 / Amazon Drive
\ "amazon cloud drive"
- 3 / Amazon S3 Complaint Storage Providers (Dreamhost, Ceph, Minio, IBM COS)
+ 3 / Amazon S3 Complaint Storage Providers (Dreamhost, Ceph, ChinaMobile, Liara, ArvanCloud, Minio, IBM COS)
\ "s3"
4 / Backblaze B2
\ "b2"
[snip]
- 23 / http Connection
+ 23 / HTTP
\ "http"
Storage> 3
@@ -18408,6 +20789,273 @@ To configure access to IBM COS S3, follow the steps below:
6) Delete a file on remote.
rclone delete IBM-COS-XREGION:newbucket/file.txt
+IDrive e2
+
+Here is an example of making an IDrive e2 configuration. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process.
+
+ No remotes found, make a new one?
+ n) New remote
+ s) Set configuration password
+ q) Quit config
+ n/s/q> n
+
+ Enter name for new remote.
+ name> e2
+
+ Option Storage.
+ Type of storage to configure.
+ Choose a number from below, or type in your own value.
+ [snip]
+ XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS and Wasabi
+ \ (s3)
+ [snip]
+ Storage> s3
+
+ Option provider.
+ Choose your S3 provider.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ [snip]
+ XX / IDrive e2
+ \ (IDrive)
+ [snip]
+ provider> IDrive
+
+ Option env_auth.
+ Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+ Only applies if access_key_id and secret_access_key is blank.
+ Choose a number from below, or type in your own boolean value (true or false).
+ Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+ env_auth>
+
+ Option access_key_id.
+ AWS Access Key ID.
+ Leave blank for anonymous access or runtime credentials.
+ Enter a value. Press Enter to leave empty.
+ access_key_id> YOUR_ACCESS_KEY
+
+ Option secret_access_key.
+ AWS Secret Access Key (password).
+ Leave blank for anonymous access or runtime credentials.
+ Enter a value. Press Enter to leave empty.
+ secret_access_key> YOUR_SECRET_KEY
+
+ Option acl.
+ Canned ACL used when creating buckets and storing or copying objects.
+ This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+ For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+ Note that this ACL is applied when server-side copying objects as S3
+ doesn't copy the ACL from the source but rather writes a fresh one.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+ 2 | The AllUsers group gets READ access.
+ \ (public-read)
+ / Owner gets FULL_CONTROL.
+ 3 | The AllUsers group gets READ and WRITE access.
+ | Granting this on a bucket is generally not recommended.
+ \ (public-read-write)
+ / Owner gets FULL_CONTROL.
+ 4 | The AuthenticatedUsers group gets READ access.
+ \ (authenticated-read)
+ / Object owner gets FULL_CONTROL.
+ 5 | Bucket owner gets READ access.
+ | If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
+ \ (bucket-owner-read)
+ / Both the object owner and the bucket owner get FULL_CONTROL over the object.
+ 6 | If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
+ \ (bucket-owner-full-control)
+ acl>
+
+ Edit advanced config?
+ y) Yes
+ n) No (default)
+ y/n>
+
+ Configuration complete.
+ Options:
+ - type: s3
+ - provider: IDrive
+ - access_key_id: YOUR_ACCESS_KEY
+ - secret_access_key: YOUR_SECRET_KEY
+ - endpoint: q9d9.la12.idrivee2-5.com
+ Keep this "e2" remote?
+ y) Yes this is OK (default)
+ e) Edit this remote
+ d) Delete this remote
+ y/e/d> y
+
+IONOS Cloud
+
+IONOS S3 Object Storage is a service offered by IONOS for storing and
+accessing unstructured data. To connect to the service, you will need an
+access key and a secret key. These can be found in the Data Center
+Designer, by selecting Manager resources > Object Storage Key Manager.
+
+Here is an example of a configuration. First, run rclone config. This
+will walk you through an interactive setup process. Type n to add the
+new remote, and then enter a name:
+
+ Enter name for new remote.
+ name> ionos-fra
+
+Type s3 to choose the connection type:
+
+ Option Storage.
+ Type of storage to configure.
+ Choose a number from below, or type in your own value.
+ [snip]
+ XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, IONOS Cloud, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS and Wasabi
+ \ (s3)
+ [snip]
+ Storage> s3
+
+Type IONOS:
+
+ Option provider.
+ Choose your S3 provider.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ [snip]
+ XX / IONOS Cloud
+ \ (IONOS)
+ [snip]
+ provider> IONOS
+
+Press Enter to choose the default option
+Enter AWS credentials in the next step:
+
+ Option env_auth.
+ Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+ Only applies if access_key_id and secret_access_key is blank.
+ Choose a number from below, or type in your own boolean value (true or false).
+ Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+ env_auth>
+
+Enter your Access Key and Secret key. These can be retrieved in the Data
+Center Designer, click on the menu “Manager resources” / "Object Storage
+Key Manager".
+
+ Option access_key_id.
+ AWS Access Key ID.
+ Leave blank for anonymous access or runtime credentials.
+ Enter a value. Press Enter to leave empty.
+ access_key_id> YOUR_ACCESS_KEY
+
+ Option secret_access_key.
+ AWS Secret Access Key (password).
+ Leave blank for anonymous access or runtime credentials.
+ Enter a value. Press Enter to leave empty.
+ secret_access_key> YOUR_SECRET_KEY
+
+Choose the region where your bucket is located:
+
+ Option region.
+ Region where your bucket will be created and your data stored.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ 1 / Frankfurt, Germany
+ \ (de)
+ 2 / Berlin, Germany
+ \ (eu-central-2)
+ 3 / Logrono, Spain
+ \ (eu-south-2)
+ region> 2
+
+Choose the endpoint from the same region:
+
+ Option endpoint.
+ Endpoint for IONOS S3 Object Storage.
+ Specify the endpoint from the same region.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ 1 / Frankfurt, Germany
+ \ (s3-eu-central-1.ionoscloud.com)
+ 2 / Berlin, Germany
+ \ (s3-eu-central-2.ionoscloud.com)
+ 3 / Logrono, Spain
+ \ (s3-eu-south-2.ionoscloud.com)
+ endpoint> 1
+
+Press Enter to choose the default option or choose the desired ACL
+setting:
+
+ Option acl.
+ Canned ACL used when creating buckets and storing or copying objects.
+ This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+ For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+ Note that this ACL is applied when server-side copying objects as S3
+ doesn't copy the ACL from the source but rather writes a fresh one.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+ [snip]
+ acl>
+
+Press Enter to skip the advanced config:
+
+ Edit advanced config?
+ y) Yes
+ n) No (default)
+ y/n>
+
+Press Enter to save the configuration, and then q to quit the
+configuration process:
+
+ Configuration complete.
+ Options:
+ - type: s3
+ - provider: IONOS
+ - access_key_id: YOUR_ACCESS_KEY
+ - secret_access_key: YOUR_SECRET_KEY
+ - endpoint: s3-eu-central-1.ionoscloud.com
+ Keep this "ionos-fra" remote?
+ y) Yes this is OK (default)
+ e) Edit this remote
+ d) Delete this remote
+ y/e/d> y
+
+Done! Now you can try some commands (for macOS, use ./rclone instead of
+rclone).
+
+1) Create a bucket (the name must be unique within the whole IONOS S3)
+
+ rclone mkdir ionos-fra:my-bucket
+
+2) List available buckets
+
+ rclone lsd ionos-fra:
+
+4) Copy a file from local to remote
+
+ rclone copy /Users/file.txt ionos-fra:my-bucket
+
+3) List contents of a bucket
+
+ rclone ls ionos-fra:my-bucket
+
+5) Copy a file from remote to local
+
+ rclone copy ionos-fra:my-bucket/file.txt
+
Minio
Minio is an object storage server built for cloud application developers
@@ -18469,6 +21117,198 @@ So once set up, for example, to copy files into a bucket
rclone copy /path/to/files minio:bucket
+Qiniu Cloud Object Storage (Kodo)
+
+Qiniu Cloud Object Storage (Kodo), a completely independent-researched
+core technology which is proven by repeated customer experience has
+occupied absolute leading market leader position. Kodo can be widely
+applied to mass data management.
+
+To configure access to Qiniu Kodo, follow the steps below:
+
+1. Run rclone config and select n for a new remote.
+
+ rclone config
+ No remotes found, make a new one?
+ n) New remote
+ s) Set configuration password
+ q) Quit config
+ n/s/q> n
+
+2. Give the name of the configuration. For example, name it 'qiniu'.
+
+ name> qiniu
+
+3. Select s3 storage.
+
+ Choose a number from below, or type in your own value
+ 1 / 1Fichier
+ \ (fichier)
+ 2 / Akamai NetStorage
+ \ (netstorage)
+ 3 / Alias for an existing remote
+ \ (alias)
+ 4 / Amazon Drive
+ \ (amazon cloud drive)
+ 5 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, China Mobile, Cloudflare, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, IDrive e2, Liara, Lyve Cloud, Minio, Netease, RackCorp, Scaleway, SeaweedFS, StackPath, Storj, Tencent COS, Qiniu and Wasabi
+ \ (s3)
+ [snip]
+ Storage> s3
+
+4. Select Qiniu provider.
+
+ Choose a number from below, or type in your own value
+ 1 / Amazon Web Services (AWS) S3
+ \ "AWS"
+ [snip]
+ 22 / Qiniu Object Storage (Kodo)
+ \ (Qiniu)
+ [snip]
+ provider> Qiniu
+
+5. Enter your SecretId and SecretKey of Qiniu Kodo.
+
+ Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+ Only applies if access_key_id and secret_access_key is blank.
+ Enter a boolean value (true or false). Press Enter for the default ("false").
+ Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+ env_auth> 1
+ AWS Access Key ID.
+ Leave blank for anonymous access or runtime credentials.
+ Enter a string value. Press Enter for the default ("").
+ access_key_id> AKIDxxxxxxxxxx
+ AWS Secret Access Key (password)
+ Leave blank for anonymous access or runtime credentials.
+ Enter a string value. Press Enter for the default ("").
+ secret_access_key> xxxxxxxxxxx
+
+6. Select endpoint for Qiniu Kodo. This is the standard endpoint for
+ different region.
+
+ / The default endpoint - a good choice if you are unsure.
+ 1 | East China Region 1.
+ | Needs location constraint cn-east-1.
+ \ (cn-east-1)
+ / East China Region 2.
+ 2 | Needs location constraint cn-east-2.
+ \ (cn-east-2)
+ / North China Region 1.
+ 3 | Needs location constraint cn-north-1.
+ \ (cn-north-1)
+ / South China Region 1.
+ 4 | Needs location constraint cn-south-1.
+ \ (cn-south-1)
+ / North America Region.
+ 5 | Needs location constraint us-north-1.
+ \ (us-north-1)
+ / Southeast Asia Region 1.
+ 6 | Needs location constraint ap-southeast-1.
+ \ (ap-southeast-1)
+ / Northeast Asia Region 1.
+ 7 | Needs location constraint ap-northeast-1.
+ \ (ap-northeast-1)
+ [snip]
+ endpoint> 1
+
+ Option endpoint.
+ Endpoint for Qiniu Object Storage.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ 1 / East China Endpoint 1
+ \ (s3-cn-east-1.qiniucs.com)
+ 2 / East China Endpoint 2
+ \ (s3-cn-east-2.qiniucs.com)
+ 3 / North China Endpoint 1
+ \ (s3-cn-north-1.qiniucs.com)
+ 4 / South China Endpoint 1
+ \ (s3-cn-south-1.qiniucs.com)
+ 5 / North America Endpoint 1
+ \ (s3-us-north-1.qiniucs.com)
+ 6 / Southeast Asia Endpoint 1
+ \ (s3-ap-southeast-1.qiniucs.com)
+ 7 / Northeast Asia Endpoint 1
+ \ (s3-ap-northeast-1.qiniucs.com)
+ endpoint> 1
+
+ Option location_constraint.
+ Location constraint - must be set to match the Region.
+ Used when creating buckets only.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ 1 / East China Region 1
+ \ (cn-east-1)
+ 2 / East China Region 2
+ \ (cn-east-2)
+ 3 / North China Region 1
+ \ (cn-north-1)
+ 4 / South China Region 1
+ \ (cn-south-1)
+ 5 / North America Region 1
+ \ (us-north-1)
+ 6 / Southeast Asia Region 1
+ \ (ap-southeast-1)
+ 7 / Northeast Asia Region 1
+ \ (ap-northeast-1)
+ location_constraint> 1
+
+7. Choose acl and storage class.
+
+ Note that this ACL is applied when server-side copying objects as S3
+ doesn't copy the ACL from the source but rather writes a fresh one.
+ Enter a string value. Press Enter for the default ("").
+ Choose a number from below, or type in your own value
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+ 2 | The AllUsers group gets READ access.
+ \ (public-read)
+ [snip]
+ acl> 2
+ The storage class to use when storing new objects in Tencent COS.
+ Enter a string value. Press Enter for the default ("").
+ Choose a number from below, or type in your own value
+ 1 / Standard storage class
+ \ (STANDARD)
+ 2 / Infrequent access storage mode
+ \ (LINE)
+ 3 / Archive storage mode
+ \ (GLACIER)
+ 4 / Deep archive storage mode
+ \ (DEEP_ARCHIVE)
+ [snip]
+ storage_class> 1
+ Edit advanced config? (y/n)
+ y) Yes
+ n) No (default)
+ y/n> n
+ Remote config
+ --------------------
+ [qiniu]
+ - type: s3
+ - provider: Qiniu
+ - access_key_id: xxx
+ - secret_access_key: xxx
+ - region: cn-east-1
+ - endpoint: s3-cn-east-1.qiniucs.com
+ - location_constraint: cn-east-1
+ - acl: public-read
+ - storage_class: STANDARD
+ --------------------
+ y) Yes this is OK (default)
+ e) Edit this remote
+ d) Delete this remote
+ y/e/d> y
+ Current remotes:
+
+ Name Type
+ ==== ====
+ qiniu s3
+
RackCorp
RackCorp Object Storage is an S3 compatible object storage platform from
@@ -18517,6 +21357,14 @@ rclone like this:
server_side_encryption =
storage_class =
+C14 Cold Storage is the low-cost S3 Glacier alternative from Scaleway
+and it works the same way as on S3 by accepting the "GLACIER"
+storage_class. So you can configure your remote with the
+storage_class = GLACIER option to upload directly to C14. Don't forget
+that in this state you can't read files back after, you will need to
+restore them to "STANDARD" storage_class first before being able to read
+them (see "restore" section above)
+
Seagate Lyve Cloud
Seagate Lyve Cloud is an S3 compatible object storage platform from
@@ -18539,7 +21387,7 @@ Choose s3 backend
Type of storage to configure.
Choose a number from below, or type in your own value.
[snip]
- XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, Digital Ocean, Dreamhost, IBM COS, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent COS
+ XX / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Liara, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent COS
\ (s3)
[snip]
Storage> s3
@@ -18703,7 +21551,7 @@ rclone like this.
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
- XX / Amazon S3 (also Dreamhost, Ceph, Minio)
+ XX / Amazon S3 (also Dreamhost, Ceph, ChinaMobile, ArvanCloud, Minio, Liara)
\ "s3"
[snip]
Storage> s3
@@ -18756,19 +21604,578 @@ rclone like this.
\ ""
2 / Standard storage class
\ "STANDARD"
- 3 / Reduced redundancy storage class
- \ "REDUCED_REDUNDANCY"
- 4 / Standard Infrequent Access storage class
- \ "STANDARD_IA"
+ 3 / Reduced redundancy storage class
+ \ "REDUCED_REDUNDANCY"
+ 4 / Standard Infrequent Access storage class
+ \ "STANDARD_IA"
+ storage_class>
+ Remote config
+ --------------------
+ [wasabi]
+ env_auth = false
+ access_key_id = YOURACCESSKEY
+ secret_access_key = YOURSECRETACCESSKEY
+ region = us-east-1
+ endpoint = s3.wasabisys.com
+ location_constraint =
+ acl =
+ server_side_encryption =
+ storage_class =
+ --------------------
+ y) Yes this is OK
+ e) Edit this remote
+ d) Delete this remote
+ y/e/d> y
+
+This will leave the config file looking like this.
+
+ [wasabi]
+ type = s3
+ provider = Wasabi
+ env_auth = false
+ access_key_id = YOURACCESSKEY
+ secret_access_key = YOURSECRETACCESSKEY
+ region =
+ endpoint = s3.wasabisys.com
+ location_constraint =
+ acl =
+ server_side_encryption =
+ storage_class =
+
+Alibaba OSS
+
+Here is an example of making an Alibaba Cloud (Aliyun) OSS
+configuration. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process.
+
+ No remotes found, make a new one?
+ n) New remote
+ s) Set configuration password
+ q) Quit config
+ n/s/q> n
+ name> oss
+ Type of storage to configure.
+ Enter a string value. Press Enter for the default ("").
+ Choose a number from below, or type in your own value
+ [snip]
+ 4 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Liara, Minio, and Tencent COS
+ \ "s3"
+ [snip]
+ Storage> s3
+ Choose your S3 provider.
+ Enter a string value. Press Enter for the default ("").
+ Choose a number from below, or type in your own value
+ 1 / Amazon Web Services (AWS) S3
+ \ "AWS"
+ 2 / Alibaba Cloud Object Storage System (OSS) formerly Aliyun
+ \ "Alibaba"
+ 3 / Ceph Object Storage
+ \ "Ceph"
+ [snip]
+ provider> Alibaba
+ Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+ Only applies if access_key_id and secret_access_key is blank.
+ Enter a boolean value (true or false). Press Enter for the default ("false").
+ Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+ env_auth> 1
+ AWS Access Key ID.
+ Leave blank for anonymous access or runtime credentials.
+ Enter a string value. Press Enter for the default ("").
+ access_key_id> accesskeyid
+ AWS Secret Access Key (password)
+ Leave blank for anonymous access or runtime credentials.
+ Enter a string value. Press Enter for the default ("").
+ secret_access_key> secretaccesskey
+ Endpoint for OSS API.
+ Enter a string value. Press Enter for the default ("").
+ Choose a number from below, or type in your own value
+ 1 / East China 1 (Hangzhou)
+ \ "oss-cn-hangzhou.aliyuncs.com"
+ 2 / East China 2 (Shanghai)
+ \ "oss-cn-shanghai.aliyuncs.com"
+ 3 / North China 1 (Qingdao)
+ \ "oss-cn-qingdao.aliyuncs.com"
+ [snip]
+ endpoint> 1
+ Canned ACL used when creating buckets and storing or copying objects.
+
+ Note that this ACL is applied when server-side copying objects as S3
+ doesn't copy the ACL from the source but rather writes a fresh one.
+ Enter a string value. Press Enter for the default ("").
+ Choose a number from below, or type in your own value
+ 1 / Owner gets FULL_CONTROL. No one else has access rights (default).
+ \ "private"
+ 2 / Owner gets FULL_CONTROL. The AllUsers group gets READ access.
+ \ "public-read"
+ / Owner gets FULL_CONTROL. The AllUsers group gets READ and WRITE access.
+ [snip]
+ acl> 1
+ The storage class to use when storing new objects in OSS.
+ Enter a string value. Press Enter for the default ("").
+ Choose a number from below, or type in your own value
+ 1 / Default
+ \ ""
+ 2 / Standard storage class
+ \ "STANDARD"
+ 3 / Archive storage mode.
+ \ "GLACIER"
+ 4 / Infrequent access storage mode.
+ \ "STANDARD_IA"
+ storage_class> 1
+ Edit advanced config? (y/n)
+ y) Yes
+ n) No
+ y/n> n
+ Remote config
+ --------------------
+ [oss]
+ type = s3
+ provider = Alibaba
+ env_auth = false
+ access_key_id = accesskeyid
+ secret_access_key = secretaccesskey
+ endpoint = oss-cn-hangzhou.aliyuncs.com
+ acl = private
+ storage_class = Standard
+ --------------------
+ y) Yes this is OK
+ e) Edit this remote
+ d) Delete this remote
+ y/e/d> y
+
+China Mobile Ecloud Elastic Object Storage (EOS)
+
+Here is an example of making an China Mobile Ecloud Elastic Object
+Storage (EOS) configuration. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process.
+
+ No remotes found, make a new one?
+ n) New remote
+ s) Set configuration password
+ q) Quit config
+ n/s/q> n
+ name> ChinaMobile
+ Option Storage.
+ Type of storage to configure.
+ Choose a number from below, or type in your own value.
+ ...
+ 5 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Lyve Cloud, Minio, RackCorp, SeaweedFS, and Tencent COS
+ \ (s3)
+ ...
+ Storage> s3
+ Option provider.
+ Choose your S3 provider.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ ...
+ 4 / China Mobile Ecloud Elastic Object Storage (EOS)
+ \ (ChinaMobile)
+ ...
+ provider> ChinaMobile
+ Option env_auth.
+ Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
+ Only applies if access_key_id and secret_access_key is blank.
+ Choose a number from below, or type in your own boolean value (true or false).
+ Press Enter for the default (false).
+ 1 / Enter AWS credentials in the next step.
+ \ (false)
+ 2 / Get AWS credentials from the environment (env vars or IAM).
+ \ (true)
+ env_auth>
+ Option access_key_id.
+ AWS Access Key ID.
+ Leave blank for anonymous access or runtime credentials.
+ Enter a value. Press Enter to leave empty.
+ access_key_id> accesskeyid
+ Option secret_access_key.
+ AWS Secret Access Key (password).
+ Leave blank for anonymous access or runtime credentials.
+ Enter a value. Press Enter to leave empty.
+ secret_access_key> secretaccesskey
+ Option endpoint.
+ Endpoint for China Mobile Ecloud Elastic Object Storage (EOS) API.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ / The default endpoint - a good choice if you are unsure.
+ 1 | East China (Suzhou)
+ \ (eos-wuxi-1.cmecloud.cn)
+ 2 / East China (Jinan)
+ \ (eos-jinan-1.cmecloud.cn)
+ 3 / East China (Hangzhou)
+ \ (eos-ningbo-1.cmecloud.cn)
+ 4 / East China (Shanghai-1)
+ \ (eos-shanghai-1.cmecloud.cn)
+ 5 / Central China (Zhengzhou)
+ \ (eos-zhengzhou-1.cmecloud.cn)
+ 6 / Central China (Changsha-1)
+ \ (eos-hunan-1.cmecloud.cn)
+ 7 / Central China (Changsha-2)
+ \ (eos-zhuzhou-1.cmecloud.cn)
+ 8 / South China (Guangzhou-2)
+ \ (eos-guangzhou-1.cmecloud.cn)
+ 9 / South China (Guangzhou-3)
+ \ (eos-dongguan-1.cmecloud.cn)
+ 10 / North China (Beijing-1)
+ \ (eos-beijing-1.cmecloud.cn)
+ 11 / North China (Beijing-2)
+ \ (eos-beijing-2.cmecloud.cn)
+ 12 / North China (Beijing-3)
+ \ (eos-beijing-4.cmecloud.cn)
+ 13 / North China (Huhehaote)
+ \ (eos-huhehaote-1.cmecloud.cn)
+ 14 / Southwest China (Chengdu)
+ \ (eos-chengdu-1.cmecloud.cn)
+ 15 / Southwest China (Chongqing)
+ \ (eos-chongqing-1.cmecloud.cn)
+ 16 / Southwest China (Guiyang)
+ \ (eos-guiyang-1.cmecloud.cn)
+ 17 / Nouthwest China (Xian)
+ \ (eos-xian-1.cmecloud.cn)
+ 18 / Yunnan China (Kunming)
+ \ (eos-yunnan.cmecloud.cn)
+ 19 / Yunnan China (Kunming-2)
+ \ (eos-yunnan-2.cmecloud.cn)
+ 20 / Tianjin China (Tianjin)
+ \ (eos-tianjin-1.cmecloud.cn)
+ 21 / Jilin China (Changchun)
+ \ (eos-jilin-1.cmecloud.cn)
+ 22 / Hubei China (Xiangyan)
+ \ (eos-hubei-1.cmecloud.cn)
+ 23 / Jiangxi China (Nanchang)
+ \ (eos-jiangxi-1.cmecloud.cn)
+ 24 / Gansu China (Lanzhou)
+ \ (eos-gansu-1.cmecloud.cn)
+ 25 / Shanxi China (Taiyuan)
+ \ (eos-shanxi-1.cmecloud.cn)
+ 26 / Liaoning China (Shenyang)
+ \ (eos-liaoning-1.cmecloud.cn)
+ 27 / Hebei China (Shijiazhuang)
+ \ (eos-hebei-1.cmecloud.cn)
+ 28 / Fujian China (Xiamen)
+ \ (eos-fujian-1.cmecloud.cn)
+ 29 / Guangxi China (Nanning)
+ \ (eos-guangxi-1.cmecloud.cn)
+ 30 / Anhui China (Huainan)
+ \ (eos-anhui-1.cmecloud.cn)
+ endpoint> 1
+ Option location_constraint.
+ Location constraint - must match endpoint.
+ Used when creating buckets only.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ 1 / East China (Suzhou)
+ \ (wuxi1)
+ 2 / East China (Jinan)
+ \ (jinan1)
+ 3 / East China (Hangzhou)
+ \ (ningbo1)
+ 4 / East China (Shanghai-1)
+ \ (shanghai1)
+ 5 / Central China (Zhengzhou)
+ \ (zhengzhou1)
+ 6 / Central China (Changsha-1)
+ \ (hunan1)
+ 7 / Central China (Changsha-2)
+ \ (zhuzhou1)
+ 8 / South China (Guangzhou-2)
+ \ (guangzhou1)
+ 9 / South China (Guangzhou-3)
+ \ (dongguan1)
+ 10 / North China (Beijing-1)
+ \ (beijing1)
+ 11 / North China (Beijing-2)
+ \ (beijing2)
+ 12 / North China (Beijing-3)
+ \ (beijing4)
+ 13 / North China (Huhehaote)
+ \ (huhehaote1)
+ 14 / Southwest China (Chengdu)
+ \ (chengdu1)
+ 15 / Southwest China (Chongqing)
+ \ (chongqing1)
+ 16 / Southwest China (Guiyang)
+ \ (guiyang1)
+ 17 / Nouthwest China (Xian)
+ \ (xian1)
+ 18 / Yunnan China (Kunming)
+ \ (yunnan)
+ 19 / Yunnan China (Kunming-2)
+ \ (yunnan2)
+ 20 / Tianjin China (Tianjin)
+ \ (tianjin1)
+ 21 / Jilin China (Changchun)
+ \ (jilin1)
+ 22 / Hubei China (Xiangyan)
+ \ (hubei1)
+ 23 / Jiangxi China (Nanchang)
+ \ (jiangxi1)
+ 24 / Gansu China (Lanzhou)
+ \ (gansu1)
+ 25 / Shanxi China (Taiyuan)
+ \ (shanxi1)
+ 26 / Liaoning China (Shenyang)
+ \ (liaoning1)
+ 27 / Hebei China (Shijiazhuang)
+ \ (hebei1)
+ 28 / Fujian China (Xiamen)
+ \ (fujian1)
+ 29 / Guangxi China (Nanning)
+ \ (guangxi1)
+ 30 / Anhui China (Huainan)
+ \ (anhui1)
+ location_constraint> 1
+ Option acl.
+ Canned ACL used when creating buckets and storing or copying objects.
+ This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too.
+ For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+ Note that this ACL is applied when server-side copying objects as S3
+ doesn't copy the ACL from the source but rather writes a fresh one.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ / Owner gets FULL_CONTROL.
+ 1 | No one else has access rights (default).
+ \ (private)
+ / Owner gets FULL_CONTROL.
+ 2 | The AllUsers group gets READ access.
+ \ (public-read)
+ / Owner gets FULL_CONTROL.
+ 3 | The AllUsers group gets READ and WRITE access.
+ | Granting this on a bucket is generally not recommended.
+ \ (public-read-write)
+ / Owner gets FULL_CONTROL.
+ 4 | The AuthenticatedUsers group gets READ access.
+ \ (authenticated-read)
+ / Object owner gets FULL_CONTROL.
+ acl> private
+ Option server_side_encryption.
+ The server-side encryption algorithm used when storing this object in S3.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ 1 / None
+ \ ()
+ 2 / AES256
+ \ (AES256)
+ server_side_encryption>
+ Option storage_class.
+ The storage class to use when storing new objects in ChinaMobile.
+ Choose a number from below, or type in your own value.
+ Press Enter to leave empty.
+ 1 / Default
+ \ ()
+ 2 / Standard storage class
+ \ (STANDARD)
+ 3 / Archive storage mode
+ \ (GLACIER)
+ 4 / Infrequent access storage mode
+ \ (STANDARD_IA)
+ storage_class>
+ Edit advanced config?
+ y) Yes
+ n) No (default)
+ y/n> n
+ --------------------
+ [ChinaMobile]
+ type = s3
+ provider = ChinaMobile
+ access_key_id = accesskeyid
+ secret_access_key = secretaccesskey
+ endpoint = eos-wuxi-1.cmecloud.cn
+ location_constraint = wuxi1
+ acl = private
+ --------------------
+ y) Yes this is OK (default)
+ e) Edit this remote
+ d) Delete this remote
+ y/e/d> y
+
+Liara
+
+Here is an example of making a Liara Object Storage configuration. First
+run:
+
+ rclone config
+
+This will guide you through an interactive setup process.
+
+ No remotes found, make a new one?
+ n) New remote
+ s) Set configuration password
+ n/s> n
+ name> Liara
+ Type of storage to configure.
+ Choose a number from below, or type in your own value
+ [snip]
+ XX / Amazon S3 (also Dreamhost, Ceph, ChinaMobile, ArvanCloud, Liara, Minio)
+ \ "s3"
+ [snip]
+ Storage> s3
+ Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars). Only applies if access_key_id and secret_access_key is blank.
+ Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+ env_auth> 1
+ AWS Access Key ID - leave blank for anonymous access or runtime credentials.
+ access_key_id> YOURACCESSKEY
+ AWS Secret Access Key (password) - leave blank for anonymous access or runtime credentials.
+ secret_access_key> YOURSECRETACCESSKEY
+ Region to connect to.
+ Choose a number from below, or type in your own value
+ / The default endpoint
+ 1 | US Region, Northern Virginia, or Pacific Northwest.
+ | Leave location constraint empty.
+ \ "us-east-1"
+ [snip]
+ region>
+ Endpoint for S3 API.
+ Leave blank if using Liara to use the default endpoint for the region.
+ Specify if using an S3 clone such as Ceph.
+ endpoint> storage.iran.liara.space
+ Canned ACL used when creating buckets and/or storing objects in S3.
+ For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+ Choose a number from below, or type in your own value
+ 1 / Owner gets FULL_CONTROL. No one else has access rights (default).
+ \ "private"
+ [snip]
+ acl>
+ The server-side encryption algorithm used when storing this object in S3.
+ Choose a number from below, or type in your own value
+ 1 / None
+ \ ""
+ 2 / AES256
+ \ "AES256"
+ server_side_encryption>
+ The storage class to use when storing objects in S3.
+ Choose a number from below, or type in your own value
+ 1 / Default
+ \ ""
+ 2 / Standard storage class
+ \ "STANDARD"
+ storage_class>
+ Remote config
+ --------------------
+ [Liara]
+ env_auth = false
+ access_key_id = YOURACCESSKEY
+ secret_access_key = YOURSECRETACCESSKEY
+ endpoint = storage.iran.liara.space
+ location_constraint =
+ acl =
+ server_side_encryption =
+ storage_class =
+ --------------------
+ y) Yes this is OK
+ e) Edit this remote
+ d) Delete this remote
+ y/e/d> y
+
+This will leave the config file looking like this.
+
+ [Liara]
+ type = s3
+ provider = Liara
+ env_auth = false
+ access_key_id = YOURACCESSKEY
+ secret_access_key = YOURSECRETACCESSKEY
+ region =
+ endpoint = storage.iran.liara.space
+ location_constraint =
+ acl =
+ server_side_encryption =
+ storage_class =
+
+ArvanCloud
+
+ArvanCloud ArvanCloud Object Storage goes beyond the limited traditional
+file storage. It gives you access to backup and archived files and
+allows sharing. Files like profile image in the app, images sent by
+users or scanned documents can be stored securely and easily in our
+Object Storage service.
+
+ArvanCloud provides an S3 interface which can be configured for use with
+rclone like this.
+
+ No remotes found, make a new one?
+ n) New remote
+ s) Set configuration password
+ n/s> n
+ name> ArvanCloud
+ Type of storage to configure.
+ Choose a number from below, or type in your own value
+ [snip]
+ XX / Amazon S3 (also Dreamhost, Ceph, ChinaMobile, ArvanCloud, Liara, Minio)
+ \ "s3"
+ [snip]
+ Storage> s3
+ Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars). Only applies if access_key_id and secret_access_key is blank.
+ Choose a number from below, or type in your own value
+ 1 / Enter AWS credentials in the next step
+ \ "false"
+ 2 / Get AWS credentials from the environment (env vars or IAM)
+ \ "true"
+ env_auth> 1
+ AWS Access Key ID - leave blank for anonymous access or runtime credentials.
+ access_key_id> YOURACCESSKEY
+ AWS Secret Access Key (password) - leave blank for anonymous access or runtime credentials.
+ secret_access_key> YOURSECRETACCESSKEY
+ Region to connect to.
+ Choose a number from below, or type in your own value
+ / The default endpoint - a good choice if you are unsure.
+ 1 | US Region, Northern Virginia, or Pacific Northwest.
+ | Leave location constraint empty.
+ \ "us-east-1"
+ [snip]
+ region>
+ Endpoint for S3 API.
+ Leave blank if using ArvanCloud to use the default endpoint for the region.
+ Specify if using an S3 clone such as Ceph.
+ endpoint> s3.arvanstorage.com
+ Location constraint - must be set to match the Region. Used when creating buckets only.
+ Choose a number from below, or type in your own value
+ 1 / Empty for Iran-Tehran Region.
+ \ ""
+ [snip]
+ location_constraint>
+ Canned ACL used when creating buckets and/or storing objects in S3.
+ For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl
+ Choose a number from below, or type in your own value
+ 1 / Owner gets FULL_CONTROL. No one else has access rights (default).
+ \ "private"
+ [snip]
+ acl>
+ The server-side encryption algorithm used when storing this object in S3.
+ Choose a number from below, or type in your own value
+ 1 / None
+ \ ""
+ 2 / AES256
+ \ "AES256"
+ server_side_encryption>
+ The storage class to use when storing objects in S3.
+ Choose a number from below, or type in your own value
+ 1 / Default
+ \ ""
+ 2 / Standard storage class
+ \ "STANDARD"
storage_class>
Remote config
--------------------
- [wasabi]
+ [ArvanCloud]
env_auth = false
access_key_id = YOURACCESSKEY
secret_access_key = YOURSECRETACCESSKEY
- region = us-east-1
- endpoint = s3.wasabisys.com
+ region = ir-thr-at1
+ endpoint = s3.arvanstorage.com
location_constraint =
acl =
server_side_encryption =
@@ -18781,127 +22188,19 @@ rclone like this.
This will leave the config file looking like this.
- [wasabi]
+ [ArvanCloud]
type = s3
- provider = Wasabi
+ provider = ArvanCloud
env_auth = false
access_key_id = YOURACCESSKEY
secret_access_key = YOURSECRETACCESSKEY
region =
- endpoint = s3.wasabisys.com
+ endpoint = s3.arvanstorage.com
location_constraint =
acl =
server_side_encryption =
storage_class =
-Alibaba OSS
-
-Here is an example of making an Alibaba Cloud (Aliyun) OSS
-configuration. First run:
-
- rclone config
-
-This will guide you through an interactive setup process.
-
- No remotes found, make a new one?
- n) New remote
- s) Set configuration password
- q) Quit config
- n/s/q> n
- name> oss
- Type of storage to configure.
- Enter a string value. Press Enter for the default ("").
- Choose a number from below, or type in your own value
- [snip]
- 4 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, Digital Ocean, Dreamhost, IBM COS, Minio, and Tencent COS
- \ "s3"
- [snip]
- Storage> s3
- Choose your S3 provider.
- Enter a string value. Press Enter for the default ("").
- Choose a number from below, or type in your own value
- 1 / Amazon Web Services (AWS) S3
- \ "AWS"
- 2 / Alibaba Cloud Object Storage System (OSS) formerly Aliyun
- \ "Alibaba"
- 3 / Ceph Object Storage
- \ "Ceph"
- [snip]
- provider> Alibaba
- Get AWS credentials from runtime (environment variables or EC2/ECS meta data if no env vars).
- Only applies if access_key_id and secret_access_key is blank.
- Enter a boolean value (true or false). Press Enter for the default ("false").
- Choose a number from below, or type in your own value
- 1 / Enter AWS credentials in the next step
- \ "false"
- 2 / Get AWS credentials from the environment (env vars or IAM)
- \ "true"
- env_auth> 1
- AWS Access Key ID.
- Leave blank for anonymous access or runtime credentials.
- Enter a string value. Press Enter for the default ("").
- access_key_id> accesskeyid
- AWS Secret Access Key (password)
- Leave blank for anonymous access or runtime credentials.
- Enter a string value. Press Enter for the default ("").
- secret_access_key> secretaccesskey
- Endpoint for OSS API.
- Enter a string value. Press Enter for the default ("").
- Choose a number from below, or type in your own value
- 1 / East China 1 (Hangzhou)
- \ "oss-cn-hangzhou.aliyuncs.com"
- 2 / East China 2 (Shanghai)
- \ "oss-cn-shanghai.aliyuncs.com"
- 3 / North China 1 (Qingdao)
- \ "oss-cn-qingdao.aliyuncs.com"
- [snip]
- endpoint> 1
- Canned ACL used when creating buckets and storing or copying objects.
-
- Note that this ACL is applied when server-side copying objects as S3
- doesn't copy the ACL from the source but rather writes a fresh one.
- Enter a string value. Press Enter for the default ("").
- Choose a number from below, or type in your own value
- 1 / Owner gets FULL_CONTROL. No one else has access rights (default).
- \ "private"
- 2 / Owner gets FULL_CONTROL. The AllUsers group gets READ access.
- \ "public-read"
- / Owner gets FULL_CONTROL. The AllUsers group gets READ and WRITE access.
- [snip]
- acl> 1
- The storage class to use when storing new objects in OSS.
- Enter a string value. Press Enter for the default ("").
- Choose a number from below, or type in your own value
- 1 / Default
- \ ""
- 2 / Standard storage class
- \ "STANDARD"
- 3 / Archive storage mode.
- \ "GLACIER"
- 4 / Infrequent access storage mode.
- \ "STANDARD_IA"
- storage_class> 1
- Edit advanced config? (y/n)
- y) Yes
- n) No
- y/n> n
- Remote config
- --------------------
- [oss]
- type = s3
- provider = Alibaba
- env_auth = false
- access_key_id = accesskeyid
- secret_access_key = secretaccesskey
- endpoint = oss-cn-hangzhou.aliyuncs.com
- acl = private
- storage_class = Standard
- --------------------
- y) Yes this is OK
- e) Edit this remote
- d) Delete this remote
- y/e/d> y
-
Tencent COS
Tencent Cloud Object Storage (COS) is a distributed storage service
@@ -18932,7 +22231,7 @@ To configure access to Tencent COS, follow the steps below:
\ "alias"
3 / Amazon Drive
\ "amazon cloud drive"
- 4 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, Digital Ocean, Dreamhost, IBM COS, Minio, and Tencent COS
+ 4 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, ChinaMobile, ArvanCloud, DigitalOcean, Dreamhost, Huawei OBS, IBM COS, Liara, Minio, and Tencent COS
\ "s3"
[snip]
Storage> s3
@@ -19136,7 +22435,7 @@ rclone about is not supported by the S3 backend. Backends without this
capability cannot determine free space for an rclone mount or use policy
mfs (most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about See rclone about
+See List of backends that do not support rclone about and rclone about
Backblaze B2
@@ -19303,6 +22602,11 @@ remove the file instead of hiding it.
Old versions of files, where available, are visible using the
--b2-versions flag.
+It is also possible to view a bucket as it was at a certain point in
+time, using the --b2-version-at flag. This will show the file versions
+as they were at that time, showing files that have been deleted
+afterwards, and hiding files that were created since.
+
If you wish to remove all the old versions then you can use the
rclone cleanup remote:bucket command which will delete all the old
versions of files, leaving the current ones intact. You can also supply
@@ -19428,7 +22732,7 @@ you can then use the authorization token (the part of the url from the
Standard options
-Here are the standard options specific to b2 (Backblaze B2).
+Here are the Standard options specific to b2 (Backblaze B2).
--b2-account
@@ -19465,7 +22769,7 @@ Properties:
Advanced options
-Here are the advanced options specific to b2 (Backblaze B2).
+Here are the Advanced options specific to b2 (Backblaze B2).
--b2-endpoint
@@ -19515,6 +22819,20 @@ Properties:
- Type: bool
- Default: false
+--b2-version-at
+
+Show file versions as they were at the specified time.
+
+Note that when using this no file write operations are permitted, so you
+can't upload files or delete them.
+
+Properties:
+
+- Config: version_at
+- Env Var: RCLONE_B2_VERSION_AT
+- Type: Time
+- Default: off
+
--b2-upload-cutoff
Cutoff for switching to chunked upload.
@@ -19664,7 +22982,7 @@ rclone about is not supported by the B2 backend. Backends without this
capability cannot determine free space for an rclone mount or use policy
mfs (most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about See rclone about
+See List of backends that do not support rclone about and rclone about
Box
@@ -19718,9 +23036,10 @@ This will guide you through an interactive setup process:
\ "enterprise"
box_sub_type>
Remote config
- Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+ Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+ If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -19835,9 +23154,10 @@ Here is how to do it.
y) Yes
n) No
y/n> y
- Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+ Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+ If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -19920,7 +23240,7 @@ https://app.box.com/folder/11xxxxxxxxx8 in the browser, then you use
Standard options
-Here are the standard options specific to box (Box).
+Here are the Standard options specific to box (Box).
--box-client-id
@@ -19993,7 +23313,7 @@ Properties:
Advanced options
-Here are the advanced options specific to box (Box).
+Here are the Advanced options specific to box (Box).
--box-token
@@ -20111,13 +23431,15 @@ Reverse Solidus).
Box only supports filenames up to 255 characters in length.
+Box has API rate limits that sometimes reduce the speed of rclone.
+
rclone about is not supported by the Box backend. Backends without this
capability cannot determine free space for an rclone mount or use policy
mfs (most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about See rclone about
+See List of backends that do not support rclone about and rclone about
-Cache (DEPRECATED)
+Cache
The cache remote wraps another existing remote and stores file structure
and its data for long running tasks like rclone mount.
@@ -20434,7 +23756,7 @@ delete cached data (chunks) as well (optional, false by default)
Standard options
-Here are the standard options specific to cache (Cache a remote).
+Here are the Standard options specific to cache (Cache a remote).
--cache-remote
@@ -20551,7 +23873,7 @@ Properties:
Advanced options
-Here are the advanced options specific to cache (Cache a remote).
+Here are the Advanced options specific to cache (Cache a remote).
--cache-plex-token
@@ -20800,8 +24122,8 @@ Run them with
The help below will explain what arguments each command takes.
-See the "rclone backend" command for more info on how to pass options
-and arguments.
+See the backend command for more info on how to pass options and
+arguments.
These can be run on a running backend using the rc command
backend/command.
@@ -20812,7 +24134,7 @@ Print stats on the cache backend in JSON format.
rclone backend stats remote: [options] [+]
-Chunker (BETA)
+Chunker
The chunker overlay transparently splits large files into smaller chunks
during upload to wrapped remote and transparently assembles them back
@@ -21115,7 +24437,7 @@ Changing transactions is dangerous and requires explicit migration.
Standard options
-Here are the standard options specific to chunker (Transparently
+Here are the Standard options specific to chunker (Transparently
chunk/split large files).
--chunker-remote
@@ -21176,7 +24498,7 @@ Properties:
Advanced options
-Here are the advanced options specific to chunker (Transparently
+Here are the Advanced options specific to chunker (Transparently
chunk/split large files).
--chunker-name-format
@@ -21334,9 +24656,10 @@ This will guide you through an interactive setup process:
n) No
y/n> n
Remote config
- Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+ Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+ If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -21425,7 +24748,7 @@ strings.
Standard options
-Here are the standard options specific to sharefile (Citrix Sharefile).
+Here are the Standard options specific to sharefile (Citrix Sharefile).
--sharefile-root-folder-id
@@ -21455,7 +24778,7 @@ Properties:
Advanced options
-Here are the advanced options specific to sharefile (Citrix Sharefile).
+Here are the Advanced options specific to sharefile (Citrix Sharefile).
--sharefile-upload-cutoff
@@ -21526,7 +24849,7 @@ without this capability cannot determine free space for an rclone mount
or use policy mfs (most free space) as a member of an rclone union
remote.
-See List of backends that do not support rclone about See rclone about
+See List of backends that do not support rclone about and rclone about
Crypt
@@ -21743,11 +25066,10 @@ If you intend to use the wrapped remote both directly for keeping
unencrypted content, as well as through a crypt remote for encrypted
content, it is recommended to point the crypt remote to a separate
directory within the wrapped remote. If you use a bucket-based storage
-system (e.g. Swift, S3, Google Compute Storage, B2, Hubic) it is
-generally advisable to wrap the crypt remote around a specific bucket
-(s3:bucket). If wrapping around the entire root of the storage (s3:),
-and use the optional file name encryption, rclone will encrypt the
-bucket name.
+system (e.g. Swift, S3, Google Compute Storage, B2) it is generally
+advisable to wrap the crypt remote around a specific bucket (s3:bucket).
+If wrapping around the entire root of the storage (s3:), and use the
+optional file name encryption, rclone will encrypt the bucket name.
Changing password
@@ -21761,7 +25083,7 @@ crypt remote means you will no longer able to decrypt any of the
previously encrypted content. The only possibility is to re-upload
everything via a crypt remote configured with your new password.
-Depending on the size of your data, your bandwith, storage quota etc,
+Depending on the size of your data, your bandwidth, storage quota etc,
there are different approaches you can take: - If you have everything in
a different location, for example on your local system, you could remove
all of the prior encrypted files, change the password for your
@@ -21774,7 +25096,7 @@ remote to the new, effectively decrypting everything on the fly using
the old password and re-encrypting using the new password. When done,
delete the original crypt remote directory and finally the rclone crypt
configuration with the old password. All data will be streamed from the
-storage system and back, so you will get half the bandwith and be
+storage system and back, so you will get half the bandwidth and be
charged twice if you have upload and download quota on the storage
system.
@@ -21923,7 +25245,7 @@ remote instead of rclone check which can't check the checksums properly.
Standard options
-Here are the standard options specific to crypt (Encrypt/Decrypt a
+Here are the Standard options specific to crypt (Encrypt/Decrypt a
remote).
--crypt-remote
@@ -22008,7 +25330,7 @@ Properties:
Advanced options
-Here are the advanced options specific to crypt (Encrypt/Decrypt a
+Here are the Advanced options specific to crypt (Encrypt/Decrypt a
remote).
--crypt-server-side-across-configs
@@ -22072,7 +25394,7 @@ How to encode the encrypted filename to text string.
This option could help with shortening the encrypted filename. The
suitable option would depend on the way your remote count the filename
-length and if it's case sensitve.
+length and if it's case sensitive.
Properties:
@@ -22091,6 +25413,12 @@ Properties:
- Unicode codepoint instead of UTF-8 byte length. (Eg.
Onedrive)
+Metadata
+
+Any metadata supported by the underlying remote is read and written.
+
+See the metadata docs for more info.
+
Backend commands
Here are the commands specific to the crypt backend.
@@ -22101,8 +25429,8 @@ Run them with
The help below will explain what arguments each command takes.
-See the "rclone backend" command for more info on how to pass options
-and arguments.
+See the backend command for more info on how to pass options and
+arguments.
These can be run on a running backend using the rc command
backend/command.
@@ -22266,7 +25594,7 @@ SEE ALSO
- rclone cryptdecode - Show forward/reverse mapping of encrypted
filenames
-Compress (Experimental)
+Compress
Warning
@@ -22358,7 +25686,7 @@ compression backend.
Standard options
-Here are the standard options specific to compress (Compress a remote).
+Here are the Standard options specific to compress (Compress a remote).
--compress-remote
@@ -22387,7 +25715,7 @@ Properties:
Advanced options
-Here are the advanced options specific to compress (Compress a remote).
+Here are the Advanced options specific to compress (Compress a remote).
--compress-level
@@ -22397,7 +25725,7 @@ Generally -1 (default, equivalent to 5) is recommended. Levels 1 to 9
increase compression at the cost of speed. Going past 6 generally offers
very little return.
-Level -2 uses Huffmann encoding only. Only use if you know what you are
+Level -2 uses Huffman encoding only. Only use if you know what you are
doing. Level 0 turns off compression.
Properties:
@@ -22422,6 +25750,157 @@ Properties:
- Type: SizeSuffix
- Default: 20Mi
+Metadata
+
+Any metadata supported by the underlying remote is read and written.
+
+See the metadata docs for more info.
+
+Combine
+
+The combine backend joins remotes together into a single directory tree.
+
+For example you might have a remote for images on one provider:
+
+ $ rclone tree s3:imagesbucket
+ /
+ ├── image1.jpg
+ └── image2.jpg
+
+And a remote for files on another:
+
+ $ rclone tree drive:important/files
+ /
+ ├── file1.txt
+ └── file2.txt
+
+The combine backend can join these together into a synthetic directory
+structure like this:
+
+ $ rclone tree combined:
+ /
+ ├── files
+ │ ├── file1.txt
+ │ └── file2.txt
+ └── images
+ ├── image1.jpg
+ └── image2.jpg
+
+You'd do this by specifying an upstreams parameter in the config like
+this
+
+ upstreams = images=s3:imagesbucket files=drive:important/files
+
+During the initial setup with rclone config you will specify the
+upstreams remotes as a space separated list. The upstream remotes can
+either be a local paths or other remotes.
+
+Configuration
+
+Here is an example of how to make a combine called remote for the
+example above. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+ No remotes found, make a new one?
+ n) New remote
+ s) Set configuration password
+ q) Quit config
+ n/s/q> n
+ name> remote
+ Option Storage.
+ Type of storage to configure.
+ Choose a number from below, or type in your own value.
+ ...
+ XX / Combine several remotes into one
+ \ (combine)
+ ...
+ Storage> combine
+ Option upstreams.
+ Upstreams for combining
+ These should be in the form
+ dir=remote:path dir2=remote2:path
+ Where before the = is specified the root directory and after is the remote to
+ put there.
+ Embedded spaces can be added using quotes
+ "dir=remote:path with space" "dir2=remote2:path with space"
+ Enter a fs.SpaceSepList value.
+ upstreams> images=s3:imagesbucket files=drive:important/files
+ --------------------
+ [remote]
+ type = combine
+ upstreams = images=s3:imagesbucket files=drive:important/files
+ --------------------
+ y) Yes this is OK (default)
+ e) Edit this remote
+ d) Delete this remote
+ y/e/d> y
+
+Configuring for Google Drive Shared Drives
+
+Rclone has a convenience feature for making a combine backend for all
+the shared drives you have access to.
+
+Assuming your main (non shared drive) Google drive remote is called
+drive: you would run
+
+ rclone backend -o config drives drive:
+
+This would produce something like this:
+
+ [My Drive]
+ type = alias
+ remote = drive,team_drive=0ABCDEF-01234567890,root_folder_id=:
+
+ [Test Drive]
+ type = alias
+ remote = drive,team_drive=0ABCDEFabcdefghijkl,root_folder_id=:
+
+ [AllDrives]
+ type = combine
+ upstreams = "My Drive=My Drive:" "Test Drive=Test Drive:"
+
+If you then add that config to your config file (find it with
+rclone config file) then you can access all the shared drives in one
+place with the AllDrives: remote.
+
+See the Google Drive docs for full info.
+
+Standard options
+
+Here are the Standard options specific to combine (Combine several
+remotes into one).
+
+--combine-upstreams
+
+Upstreams for combining
+
+These should be in the form
+
+ dir=remote:path dir2=remote2:path
+
+Where before the = is specified the root directory and after is the
+remote to put there.
+
+Embedded spaces can be added using quotes
+
+ "dir=remote:path with space" "dir2=remote2:path with space"
+
+Properties:
+
+- Config: upstreams
+- Env Var: RCLONE_COMBINE_UPSTREAMS
+- Type: SpaceSepList
+- Default:
+
+Metadata
+
+Any metadata supported by the underlying remote is read and written.
+
+See the metadata docs for more info.
+
Dropbox
Paths are specified as remote:path
@@ -22472,6 +25951,15 @@ This will guide you through an interactive setup process:
d) Delete this remote
y/e/d> y
+See the remote setup docs for how to set it up on a machine with no
+Internet browser available.
+
+Note that rclone runs a webserver on your local machine to collect the
+token as returned from Dropbox. This only runs from the moment it opens
+your browser to the moment you get back the verification code. This is
+on http://127.0.0.1:53682/ and it may require you to unblock it
+temporarily if you are running a host firewall, or use manual mode.
+
You can then use it like this,
List directories in top level of your dropbox
@@ -22592,7 +26080,7 @@ finishes up the last batch using this mode.
Standard options
-Here are the standard options specific to dropbox (Dropbox).
+Here are the Standard options specific to dropbox (Dropbox).
--dropbox-client-id
@@ -22622,7 +26110,7 @@ Properties:
Advanced options
-Here are the advanced options specific to dropbox (Dropbox).
+Here are the Advanced options specific to dropbox (Dropbox).
--dropbox-token
@@ -22816,7 +26304,7 @@ Properties:
--dropbox-batch-commit-timeout
-Max time to wait for a batch to finish comitting
+Max time to wait for a batch to finish committing
Properties:
@@ -22908,8 +26396,8 @@ Storage accessible through a global file system.
Configuration
The initial setup for the Enterprise File Fabric backend involves
-getting a token from the the Enterprise File Fabric which you need to do
-in your browser. rclone config walks you through it.
+getting a token from the Enterprise File Fabric which you need to do in
+your browser. rclone config walks you through it.
Here is an example of how to make a remote called remote. First run:
@@ -23045,7 +26533,7 @@ The ID for "S3 Storage" would be 120673761.
Standard options
-Here are the standard options specific to filefabric (Enterprise File
+Here are the Standard options specific to filefabric (Enterprise File
Fabric).
--filefabric-url
@@ -23104,7 +26592,7 @@ Properties:
Advanced options
-Here are the advanced options specific to filefabric (Enterprise File
+Here are the Advanced options specific to filefabric (Enterprise File
Fabric).
--filefabric-token
@@ -23181,8 +26669,7 @@ To create an FTP configuration named remote, run
Rclone config guides you through an interactive setup process. A minimal
rclone FTP remote definition only requires host, username and password.
-For an anonymous FTP server, use anonymous as username and your email
-address as password.
+For an anonymous FTP server, see below.
No remotes found, make a new one?
n) New remote
@@ -23196,7 +26683,7 @@ address as password.
Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
[snip]
- XX / FTP Connection
+ XX / FTP
\ "ftp"
[snip]
Storage> ftp
@@ -23257,9 +26744,30 @@ files in the directory.
rclone sync -i /home/local/directory remote:directory
-Example without a config file
+Anonymous FTP
+
+When connecting to a FTP server that allows anonymous login, you can use
+the special "anonymous" username. Traditionally, this user account
+accepts any string as a password, although it is common to use either
+the password "anonymous" or "guest". Some servers require the use of a
+valid e-mail address as password.
- rclone lsf :ftp: --ftp-host=speedtest.tele2.net --ftp-user=anonymous --ftp-pass=`rclone obscure dummy`
+Using on-the-fly or connection string remotes makes it easy to access
+such servers, without requiring any configuration in advance. The
+following are examples of that:
+
+ rclone lsf :ftp: --ftp-host=speedtest.tele2.net --ftp-user=anonymous --ftp-pass=$(rclone obscure dummy)
+ rclone lsf :ftp,host=speedtest.tele2.net,user=anonymous,pass=$(rclone obscure dummy):
+
+The above examples work in Linux shells and in PowerShell, but not
+Windows Command Prompt. They execute the rclone obscure command to
+create a password string in the format required by the pass option. The
+following examples are exactly the same, except use an already obscured
+string representation of the same password "dummy", and therefore works
+even in Windows Command Prompt:
+
+ rclone lsf :ftp: --ftp-host=speedtest.tele2.net --ftp-user=anonymous --ftp-pass=IXs2wc8OJOz7SYLBk47Ji1rHTmxM
+ rclone lsf :ftp,host=speedtest.tele2.net,user=anonymous,pass=IXs2wc8OJOz7SYLBk47Ji1rHTmxM:
Implicit TLS
@@ -23272,7 +26780,7 @@ Restricted filename characters
In addition to the default restricted characters set the following
characters are also replaced:
-File names cannot end with the following characters. Repacement is
+File names cannot end with the following characters. Replacement is
limited to the last character in a file name:
Character Value Replacement
@@ -23292,7 +26800,7 @@ VsFTPd. Just hit a selection number when prompted.
Standard options
-Here are the standard options specific to ftp (FTP Connection).
+Here are the Standard options specific to ftp (FTP).
--ftp-host
@@ -23349,7 +26857,7 @@ Use Implicit FTPS (FTP over TLS).
When using implicit FTP over TLS the client connects using TLS right
from the start which breaks compatibility with non-TLS-aware servers.
This is usually served over port 990 rather than port 21. Cannot be used
-in combination with explicit FTP.
+in combination with explicit FTPS.
Properties:
@@ -23364,7 +26872,7 @@ Use Explicit FTPS (FTP over TLS).
When using explicit FTP over TLS the client explicitly requests security
from the server in order to upgrade a plain text connection to an
-encrypted one. Cannot be used in combination with implicit FTP.
+encrypted one. Cannot be used in combination with implicit FTPS.
Properties:
@@ -23375,12 +26883,24 @@ Properties:
Advanced options
-Here are the advanced options specific to ftp (FTP Connection).
+Here are the Advanced options specific to ftp (FTP).
--ftp-concurrency
Maximum number of FTP simultaneous connections, 0 for unlimited.
+Note that setting this is very likely to cause deadlocks so it should be
+used with care.
+
+If you are doing a sync or copy then make sure concurrency is one more
+than the sum of --transfers and --checkers.
+
+If you use --check-first then it just needs to be one more than the
+maximum of --checkers and --transfers.
+
+So for concurrency 3 you'd use --checkers 2 --transfers 2 --check-first
+or --checkers 1 --transfers 1.
+
Properties:
- Config: concurrency
@@ -23421,6 +26941,17 @@ Properties:
- Type: bool
- Default: false
+--ftp-disable-utf8
+
+Disable using UTF-8 even if server advertises support.
+
+Properties:
+
+- Config: disable_utf8
+- Env Var: RCLONE_FTP_DISABLE_UTF8
+- Type: bool
+- Default: false
+
--ftp-writing-mdtm
Use MDTM to set modification time (VsFtpd quirk)
@@ -23432,6 +26963,18 @@ Properties:
- Type: bool
- Default: false
+--ftp-force-list-hidden
+
+Use LIST -a to force listing of hidden files and folders. This will
+disable the use of MLSD.
+
+Properties:
+
+- Config: force_list_hidden
+- Env Var: RCLONE_FTP_FORCE_LIST_HIDDEN
+- Type: bool
+- Default: false
+
--ftp-idle-timeout
Max time before closing idle connections.
@@ -23545,7 +27088,7 @@ rclone about is not supported by the FTP backend. Backends without this
capability cannot determine free space for an rclone mount or use policy
mfs (most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about See rclone about
+See List of backends that do not support rclone about and rclone about
The implementation of : --dump headers, --dump bodies, --dump auth for
debugging isn't the same as for rclone HTTP based backends - it has less
@@ -23695,9 +27238,10 @@ This will guide you through an interactive setup process:
\ "DURABLE_REDUCED_AVAILABILITY"
storage_class> 5
Remote config
- Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine or Y didn't work
+ Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+ If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -23720,12 +27264,15 @@ This will guide you through an interactive setup process:
d) Delete this remote
y/e/d> y
+See the remote setup docs for how to set it up on a machine with no
+Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the
-token as returned from Google if you use auto config mode. This only
-runs from the moment it opens your browser to the moment you get back
-the verification code. This is on http://127.0.0.1:53682/ and this it
-may require you to unblock it temporarily if you are running a host
-firewall, or use manual mode.
+token as returned from Google if using web browser to automatically
+authenticate. This only runs from the moment it opens your browser to
+the moment you get back the verification code. This is on
+http://127.0.0.1:53682/ and this it may require you to unblock it
+temporarily if you are running a host firewall, or use manual mode.
This remote is called remote and can now be used like this
@@ -23845,7 +27392,7 @@ strings.
Standard options
-Here are the standard options specific to google cloud storage (Google
+Here are the Standard options specific to google cloud storage (Google
Cloud Storage (this is not Google Drive)).
--gcs-client-id
@@ -24123,7 +27670,7 @@ Properties:
Advanced options
-Here are the advanced options specific to google cloud storage (Google
+Here are the Advanced options specific to google cloud storage (Google
Cloud Storage (this is not Google Drive)).
--gcs-token
@@ -24163,6 +27710,52 @@ Properties:
- Type: string
- Required: false
+--gcs-no-check-bucket
+
+If set, don't attempt to check the bucket exists or create it.
+
+This can be useful when trying to minimise the number of transactions
+rclone does if you know the bucket exists already.
+
+Properties:
+
+- Config: no_check_bucket
+- Env Var: RCLONE_GCS_NO_CHECK_BUCKET
+- Type: bool
+- Default: false
+
+--gcs-decompress
+
+If set this will decompress gzip encoded objects.
+
+It is possible to upload objects to GCS with "Content-Encoding: gzip"
+set. Normally rclone will download these files as compressed objects.
+
+If this flag is set then rclone will decompress these files with
+"Content-Encoding: gzip" as they are received. This means that rclone
+can't check the size and hash but the file contents will be
+decompressed.
+
+Properties:
+
+- Config: decompress
+- Env Var: RCLONE_GCS_DECOMPRESS
+- Type: bool
+- Default: false
+
+--gcs-endpoint
+
+Endpoint for the service.
+
+Leave blank normally.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_GCS_ENDPOINT
+- Type: string
+- Required: false
+
--gcs-encoding
The encoding for the backend.
@@ -24183,7 +27776,7 @@ Backends without this capability cannot determine free space for an
rclone mount or use policy mfs (most free space) as a member of an
rclone union remote.
-See List of backends that do not support rclone about See rclone about
+See List of backends that do not support rclone about and rclone about
Google Drive
@@ -24240,14 +27833,13 @@ This will guide you through an interactive setup process:
5 | does not allow any access to read or download file content.
\ "drive.metadata.readonly"
scope> 1
- ID of the root folder - leave blank normally. Fill in to access "Computers" folders. (see docs).
- root_folder_id>
Service Account Credentials JSON file path - needed only if you want use SA instead of interactive login.
service_account_file>
Remote config
- Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine or Y didn't work
+ Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+ If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -24273,12 +27865,15 @@ This will guide you through an interactive setup process:
d) Delete this remote
y/e/d> y
+See the remote setup docs for how to set it up on a machine with no
+Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the
-token as returned from Google if you use auto config mode. This only
-runs from the moment it opens your browser to the moment you get back
-the verification code. This is on http://127.0.0.1:53682/ and it may
-require you to unblock it temporarily if you are running a host
-firewall, or use manual mode.
+token as returned from Google if using web browser to automatically
+authenticate. This only runs from the moment it opens your browser to
+the moment you get back the verification code. This is on
+http://127.0.0.1:53682/ and it may require you to unblock it temporarily
+if you are running a host firewall, or use manual mode.
You can then use it like this,
@@ -24341,9 +27936,9 @@ directories.
Root folder ID
-You can set the root_folder_id for rclone. This is the directory
-(identified by its Folder ID) that rclone considers to be the root of
-your drive.
+This option has been moved to the advanced section. You can set the
+root_folder_id for rclone. This is the directory (identified by its
+Folder ID) that rclone considers to be the root of your drive.
Normally you will leave this blank and rclone will determine the correct
root to use itself.
@@ -24697,9 +28292,13 @@ represent the currently available conversions.
--------------------------------------------------------------------------------------------------------------------------
Extension Mime Type Description
------------------- --------------------------------------------------------------------------- --------------------------
+ bmp image/bmp Windows Bitmap format
+
csv text/csv Standard CSV format for
Spreadsheets
+ doc application/msword Classic Word file
+
docx application/vnd.openxmlformats-officedocument.wordprocessingml.document Microsoft Office Document
epub application/epub+zip E-book format
@@ -24708,7 +28307,8 @@ represent the currently available conversions.
jpg image/jpeg A JPEG Image File
- json application/vnd.google-apps.script+json JSON Text Format
+ json application/vnd.google-apps.script+json JSON Text Format for
+ Google Apps scripts
odp application/vnd.oasis.opendocument.presentation Openoffice Presentation
@@ -24720,6 +28320,8 @@ represent the currently available conversions.
pdf application/pdf Adobe PDF Format
+ pjpeg image/pjpeg Progressive JPEG Image
+
png image/png PNG Image Format
pptx application/vnd.openxmlformats-officedocument.presentationml.presentation Microsoft Office
@@ -24735,6 +28337,10 @@ represent the currently available conversions.
txt text/plain Plain Text
+ wmf application/x-msmetafile Windows Meta File
+
+ xls application/vnd.ms-excel Classic Excel file
+
xlsx application/vnd.openxmlformats-officedocument.spreadsheetml.sheet Microsoft Office
Spreadsheet
@@ -24757,7 +28363,7 @@ Documents.
Standard options
-Here are the standard options specific to drive (Google Drive).
+Here are the Standard options specific to drive (Google Drive).
--drive-client-id
@@ -24813,20 +28419,6 @@ Properties:
- Allows read-only access to file metadata but
- does not allow any access to read or download file content.
---drive-root-folder-id
-
-ID of the root folder. Leave blank normally.
-
-Fill in to access "Computers" folders (see docs), or for rclone to use a
-non root folder as its starting point.
-
-Properties:
-
-- Config: root_folder_id
-- Env Var: RCLONE_DRIVE_ROOT_FOLDER_ID
-- Type: string
-- Required: false
-
--drive-service-account-file
Service Account Credentials JSON file path.
@@ -24857,7 +28449,7 @@ Properties:
Advanced options
-Here are the advanced options specific to drive (Google Drive).
+Here are the Advanced options specific to drive (Google Drive).
--drive-token
@@ -24896,6 +28488,20 @@ Properties:
- Type: string
- Required: false
+--drive-root-folder-id
+
+ID of the root folder. Leave blank normally.
+
+Fill in to access "Computers" folders (see docs), or for rclone to use a
+non root folder as its starting point.
+
+Properties:
+
+- Config: root_folder_id
+- Env Var: RCLONE_DRIVE_ROOT_FOLDER_ID
+- Type: string
+- Required: false
+
--drive-service-account-credentials
Service Account Credentials JSON blob.
@@ -25372,6 +28978,33 @@ Properties:
- Type: bool
- Default: false
+--drive-resource-key
+
+Resource key for accessing a link-shared file.
+
+If you need to access files shared with a link like this
+
+ https://drive.google.com/drive/folders/XXX?resourcekey=YYY&usp=sharing
+
+Then you will need to use the first part "XXX" as the "root_folder_id"
+and the second part "YYY" as the "resource_key" otherwise you will get
+404 not found errors when trying to access the directory.
+
+See: https://developers.google.com/drive/api/guides/resource-keys
+
+This resource key requirement only applies to a subset of old files.
+
+Note also that opening the folder once in the web interface (with the
+user you've authenticated rclone with) seems to be enough so that the
+resource key is no needed.
+
+Properties:
+
+- Config: resource_key
+- Env Var: RCLONE_DRIVE_RESOURCE_KEY
+- Type: string
+- Required: false
+
--drive-encoding
The encoding for the backend.
@@ -25395,8 +29028,8 @@ Run them with
The help below will explain what arguments each command takes.
-See the "rclone backend" command for more info on how to pass options
-and arguments.
+See the backend command for more info on how to pass options and
+arguments.
These can be run on a running backend using the rc command
backend/command.
@@ -25496,7 +29129,7 @@ This will return a JSON list of objects like this
With the -o config parameter it will output the list in a format
suitable for adding to a config file to make aliases for all the drives
-found.
+found and a combined drive.
[My Drive]
type = alias
@@ -25506,9 +29139,15 @@ found.
type = alias
remote = drive,team_drive=0ABCDEFabcdefghijkl,root_folder_id=:
+ [AllDrives]
+ type = combine
+ upstreams = "My Drive=My Drive:" "Test Drive=Test Drive:"
+
Adding this to the rclone config file will cause those team drives to be
-accessible with the aliases shown. This may require manual editing of
-the names.
+accessible with the aliases shown. Any illegal characters will be
+substituted with "_" and duplicate names will have numbers suffixed. It
+will also add a remote called AllDrives which shows all the shared
+drives combined into one directory tree.
untrash
@@ -25562,6 +29201,18 @@ attempted if possible.
Use the -i flag to see what would be copied before copying.
+exportformats
+
+Dump the export formats for debug purposes
+
+ rclone backend exportformats remote: [options] [+]
+
+importformats
+
+Dump the import formats for debug purposes
+
+ rclone backend importformats remote: [options] [+]
+
Limitations
Drive has quite a lot of rate limiting. This causes rclone to be limited
@@ -25576,8 +29227,10 @@ upload the files if you prefer.
Limitations of Google Docs
-Google docs will appear as size -1 in rclone ls and as size 0 in
-anything which uses the VFS layer, e.g. rclone mount, rclone serve.
+Google docs will appear as size -1 in rclone ls, rclone ncdu etc, and as
+size 0 in anything which uses the VFS layer, e.g. rclone mount and
+rclone serve. When calculating directory totals, e.g. in rclone size and
+rclone ncdu, they will be counted in as empty files.
This is because rclone can't find out the size of the Google docs
without downloading them.
@@ -25661,8 +29314,9 @@ Here is how to create your own Google Drive client ID for rclone:
Click again on "Credentials" on the left panel to go back to the
"Credentials" screen.
-(PS: if you are a GSuite user, you could also select "Internal" instead
-of "External" above, but this has not been tested/documented so far).
+ (PS: if you are a GSuite user, you could also select "Internal"
+ instead of "External" above, but this will restrict API use to
+ Google Workspace users in your organisation).
6. Click on the "+ CREATE CREDENTIALS" button at the top of the screen,
then select "OAuth client ID".
@@ -25673,13 +29327,17 @@ of "External" above, but this has not been tested/documented so far).
8. It will show you a client ID and client secret. Make a note of
these.
-9. Go to "Oauth consent screen" and press "Publish App"
+ (If you selected "External" at Step 5 continue to "Publish App" in
+ the Steps 9 and 10. If you chose "Internal" you don't need to
+ publish and can skip straight to Step 11.)
-10. Provide the noted client ID and client secret to rclone.
+9. Go to "Oauth consent screen" and press "Publish App"
-11. Click "OAuth consent screen", then click "PUBLISH APP" button and
+10. Click "OAuth consent screen", then click "PUBLISH APP" button and
confirm, or add your account under "Test users".
+11. Provide the noted client ID and client secret to rclone.
+
Be aware that, due to the "enhanced security" recently introduced by
Google, you are theoretically expected to "submit your app for
verification" and then wait a few weeks(!) for their response; in
@@ -25755,9 +29413,10 @@ This will guide you through an interactive setup process:
n) No
y/n> n
Remote config
- Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+ Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+ If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -25780,12 +29439,15 @@ This will guide you through an interactive setup process:
d) Delete this remote
y/e/d> y
+See the remote setup docs for how to set it up on a machine with no
+Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the
-token as returned from Google if you use auto config mode. This only
-runs from the moment it opens your browser to the moment you get back
-the verification code. This is on http://127.0.0.1:53682/ and this may
-require you to unblock it temporarily if you are running a host
-firewall, or use manual mode.
+token as returned from Google if using web browser to automatically
+authenticate. This only runs from the moment it opens your browser to
+the moment you get back the verification code. This is on
+http://127.0.0.1:53682/ and this may require you to unblock it
+temporarily if you are running a host firewall, or use manual mode.
This remote is called remote and can now be used like this
@@ -25911,7 +29573,7 @@ is similar to the Sharing tab in the Google Photos web interface.
Standard options
-Here are the standard options specific to google photos (Google Photos).
+Here are the Standard options specific to google photos (Google Photos).
--gphotos-client-id
@@ -25955,7 +29617,7 @@ Properties:
Advanced options
-Here are the advanced options specific to google photos (Google Photos).
+Here are the Advanced options specific to google photos (Google Photos).
--gphotos-token
@@ -26157,7 +29819,7 @@ Deleting albums
The Google Photos API does not support deleting albums - see bug
#135714733.
-Hasher (EXPERIMENTAL)
+Hasher
Hasher is a special overlay backend to create remotes which handle
checksums for other remotes. It's main functions include: - Emulate hash
@@ -26311,7 +29973,7 @@ Configuration reference
Standard options
-Here are the standard options specific to hasher (Better checksums for
+Here are the Standard options specific to hasher (Better checksums for
other remotes).
--hasher-remote
@@ -26350,7 +30012,7 @@ Properties:
Advanced options
-Here are the advanced options specific to hasher (Better checksums for
+Here are the Advanced options specific to hasher (Better checksums for
other remotes).
--hasher-auto-size
@@ -26365,6 +30027,12 @@ Properties:
- Type: SizeSuffix
- Default: 0
+Metadata
+
+Any metadata supported by the underlying remote is read and written.
+
+See the metadata docs for more info.
+
Backend commands
Here are the commands specific to the hasher backend.
@@ -26375,8 +30043,8 @@ Run them with
The help below will explain what arguments each command takes.
-See the "rclone backend" command for more info on how to pass options
-and arguments.
+See the backend command for more info on how to pass options and
+arguments.
These can be run on a running backend using the rc command
backend/command.
@@ -26617,7 +30285,7 @@ Invalid UTF-8 bytes will also be replaced.
Standard options
-Here are the standard options specific to hdfs (Hadoop distributed file
+Here are the Standard options specific to hdfs (Hadoop distributed file
system).
--hdfs-namenode
@@ -26649,7 +30317,7 @@ Properties:
Advanced options
-Here are the advanced options specific to hdfs (Hadoop distributed file
+Here are the Advanced options specific to hdfs (Hadoop distributed file
system).
--hdfs-service-principal-name
@@ -26704,6 +30372,463 @@ Limitations
- No server-side Move or DirMove.
- Checksums not implemented.
+HiDrive
+
+Paths are specified as remote:path
+
+Paths may be as deep as required, e.g. remote:directory/subdirectory.
+
+The initial setup for hidrive involves getting a token from HiDrive
+which you need to do in your browser. rclone config walks you through
+it.
+
+Configuration
+
+Here is an example of how to make a remote called remote. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+ No remotes found - make a new one
+ n) New remote
+ s) Set configuration password
+ q) Quit config
+ n/s/q> n
+ name> remote
+ Type of storage to configure.
+ Choose a number from below, or type in your own value
+ [snip]
+ XX / HiDrive
+ \ "hidrive"
+ [snip]
+ Storage> hidrive
+ OAuth Client Id - Leave blank normally.
+ client_id>
+ OAuth Client Secret - Leave blank normally.
+ client_secret>
+ Access permissions that rclone should use when requesting access from HiDrive.
+ Leave blank normally.
+ scope_access>
+ Edit advanced config?
+ y/n> n
+ Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+ If not sure try Y. If Y failed, try N.
+ y/n> y
+ If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth?state=xxxxxxxxxxxxxxxxxxxxxx
+ Log in and authorize rclone for access
+ Waiting for code...
+ Got code
+ --------------------
+ [remote]
+ type = hidrive
+ token = {"access_token":"xxxxxxxxxxxxxxxxxxxx","token_type":"Bearer","refresh_token":"xxxxxxxxxxxxxxxxxxxxxxx","expiry":"xxxxxxxxxxxxxxxxxxxxxxx"}
+ --------------------
+ y) Yes this is OK (default)
+ e) Edit this remote
+ d) Delete this remote
+ y/e/d> y
+
+You should be aware that OAuth-tokens can be used to access your account
+and hence should not be shared with other persons. See the below section
+for more information.
+
+See the remote setup docs for how to set it up on a machine with no
+Internet browser available.
+
+Note that rclone runs a webserver on your local machine to collect the
+token as returned from HiDrive. This only runs from the moment it opens
+your browser to the moment you get back the verification code. The
+webserver runs on http://127.0.0.1:53682/. If local port 53682 is
+protected by a firewall you may need to temporarily unblock the firewall
+to complete authorization.
+
+Once configured you can then use rclone like this,
+
+List directories in top level of your HiDrive root folder
+
+ rclone lsd remote:
+
+List all the files in your HiDrive filesystem
+
+ rclone ls remote:
+
+To copy a local directory to a HiDrive directory called backup
+
+ rclone copy /home/source remote:backup
+
+Keeping your tokens safe
+
+Any OAuth-tokens will be stored by rclone in the remote's configuration
+file as unencrypted text. Anyone can use a valid refresh-token to access
+your HiDrive filesystem without knowing your password. Therefore you
+should make sure no one else can access your configuration.
+
+It is possible to encrypt rclone's configuration file. You can find
+information on securing your configuration file by viewing the
+configuration encryption docs.
+
+Invalid refresh token
+
+As can be verified here, each refresh_token (for Native Applications) is
+valid for 60 days. If used to access HiDrivei, its validity will be
+automatically extended.
+
+This means that if you
+
+- Don't use the HiDrive remote for 60 days
+
+then rclone will return an error which includes a text that implies the
+refresh token is invalid or expired.
+
+To fix this you will need to authorize rclone to access your HiDrive
+account again.
+
+Using
+
+ rclone config reconnect remote:
+
+the process is very similar to the process of initial setup exemplified
+before.
+
+Modified time and hashes
+
+HiDrive allows modification times to be set on objects accurate to 1
+second.
+
+HiDrive supports its own hash type which is used to verify the integrity
+of file contents after successful transfers.
+
+Restricted filename characters
+
+HiDrive cannot store files or folders that include / (0x2F) or
+null-bytes (0x00) in their name. Any other characters can be used in the
+names of files or folders. Additionally, files or folders cannot be
+named either of the following: . or ..
+
+Therefore rclone will automatically replace these characters, if files
+or folders are stored or accessed with such names.
+
+You can read about how this filename encoding works in general here.
+
+Keep in mind that HiDrive only supports file or folder names with a
+length of 255 characters or less.
+
+Transfers
+
+HiDrive limits file sizes per single request to a maximum of 2 GiB. To
+allow storage of larger files and allow for better upload performance,
+the hidrive backend will use a chunked transfer for files larger than 96
+MiB. Rclone will upload multiple parts/chunks of the file at the same
+time. Chunks in the process of being uploaded are buffered in memory, so
+you may want to restrict this behaviour on systems with limited
+resources.
+
+You can customize this behaviour using the following options:
+
+- chunk_size: size of file parts
+- upload_cutoff: files larger or equal to this in size will use a
+ chunked transfer
+- upload_concurrency: number of file-parts to upload at the same time
+
+See the below section about configuration options for more details.
+
+Root folder
+
+You can set the root folder for rclone. This is the directory that
+rclone considers to be the root of your HiDrive.
+
+Usually, you will leave this blank, and rclone will use the root of the
+account.
+
+However, you can set this to restrict rclone to a specific folder
+hierarchy.
+
+This works by prepending the contents of the root_prefix option to any
+paths accessed by rclone. For example, the following two ways to access
+the home directory are equivalent:
+
+ rclone lsd --hidrive-root-prefix="/users/test/" remote:path
+
+ rclone lsd remote:/users/test/path
+
+See the below section about configuration options for more details.
+
+Directory member count
+
+By default, rclone will know the number of directory members contained
+in a directory. For example, rclone lsd uses this information.
+
+The acquisition of this information will result in additional time costs
+for HiDrive's API. When dealing with large directory structures, it may
+be desirable to circumvent this time cost, especially when this
+information is not explicitly needed. For this, the
+disable_fetching_member_count option can be used.
+
+See the below section about configuration options for more details.
+
+Standard options
+
+Here are the Standard options specific to hidrive (HiDrive).
+
+--hidrive-client-id
+
+OAuth Client Id.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_HIDRIVE_CLIENT_ID
+- Type: string
+- Required: false
+
+--hidrive-client-secret
+
+OAuth Client Secret.
+
+Leave blank normally.
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_HIDRIVE_CLIENT_SECRET
+- Type: string
+- Required: false
+
+--hidrive-scope-access
+
+Access permissions that rclone should use when requesting access from
+HiDrive.
+
+Properties:
+
+- Config: scope_access
+- Env Var: RCLONE_HIDRIVE_SCOPE_ACCESS
+- Type: string
+- Default: "rw"
+- Examples:
+ - "rw"
+ - Read and write access to resources.
+ - "ro"
+ - Read-only access to resources.
+
+Advanced options
+
+Here are the Advanced options specific to hidrive (HiDrive).
+
+--hidrive-token
+
+OAuth Access Token as a JSON blob.
+
+Properties:
+
+- Config: token
+- Env Var: RCLONE_HIDRIVE_TOKEN
+- Type: string
+- Required: false
+
+--hidrive-auth-url
+
+Auth server URL.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: auth_url
+- Env Var: RCLONE_HIDRIVE_AUTH_URL
+- Type: string
+- Required: false
+
+--hidrive-token-url
+
+Token server url.
+
+Leave blank to use the provider defaults.
+
+Properties:
+
+- Config: token_url
+- Env Var: RCLONE_HIDRIVE_TOKEN_URL
+- Type: string
+- Required: false
+
+--hidrive-scope-role
+
+User-level that rclone should use when requesting access from HiDrive.
+
+Properties:
+
+- Config: scope_role
+- Env Var: RCLONE_HIDRIVE_SCOPE_ROLE
+- Type: string
+- Default: "user"
+- Examples:
+ - "user"
+ - User-level access to management permissions.
+ - This will be sufficient in most cases.
+ - "admin"
+ - Extensive access to management permissions.
+ - "owner"
+ - Full access to management permissions.
+
+--hidrive-root-prefix
+
+The root/parent folder for all paths.
+
+Fill in to use the specified folder as the parent for all paths given to
+the remote. This way rclone can use any folder as its starting point.
+
+Properties:
+
+- Config: root_prefix
+- Env Var: RCLONE_HIDRIVE_ROOT_PREFIX
+- Type: string
+- Default: "/"
+- Examples:
+ - "/"
+ - The topmost directory accessible by rclone.
+ - This will be equivalent with "root" if rclone uses a regular
+ HiDrive user account.
+ - "root"
+ - The topmost directory of the HiDrive user account
+ - ""
+ - This specifies that there is no root-prefix for your paths.
+ - When using this you will always need to specify paths to
+ this remote with a valid parent e.g. "remote:/path/to/dir"
+ or "remote:root/path/to/dir".
+
+--hidrive-endpoint
+
+Endpoint for the service.
+
+This is the URL that API-calls will be made to.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_HIDRIVE_ENDPOINT
+- Type: string
+- Default: "https://api.hidrive.strato.com/2.1"
+
+--hidrive-disable-fetching-member-count
+
+Do not fetch number of objects in directories unless it is absolutely
+necessary.
+
+Requests may be faster if the number of objects in subdirectories is not
+fetched.
+
+Properties:
+
+- Config: disable_fetching_member_count
+- Env Var: RCLONE_HIDRIVE_DISABLE_FETCHING_MEMBER_COUNT
+- Type: bool
+- Default: false
+
+--hidrive-chunk-size
+
+Chunksize for chunked uploads.
+
+Any files larger than the configured cutoff (or files of unknown size)
+will be uploaded in chunks of this size.
+
+The upper limit for this is 2147483647 bytes (about 2.000Gi). That is
+the maximum amount of bytes a single upload-operation will support.
+Setting this above the upper limit or to a negative value will cause
+uploads to fail.
+
+Setting this to larger values may increase the upload speed at the cost
+of using more memory. It can be set to smaller values smaller to save on
+memory.
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_HIDRIVE_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 48Mi
+
+--hidrive-upload-cutoff
+
+Cutoff/Threshold for chunked uploads.
+
+Any files larger than this will be uploaded in chunks of the configured
+chunksize.
+
+The upper limit for this is 2147483647 bytes (about 2.000Gi). That is
+the maximum amount of bytes a single upload-operation will support.
+Setting this above the upper limit will cause uploads to fail.
+
+Properties:
+
+- Config: upload_cutoff
+- Env Var: RCLONE_HIDRIVE_UPLOAD_CUTOFF
+- Type: SizeSuffix
+- Default: 96Mi
+
+--hidrive-upload-concurrency
+
+Concurrency for chunked uploads.
+
+This is the upper limit for how many transfers for the same file are
+running concurrently. Setting this above to a value smaller than 1 will
+cause uploads to deadlock.
+
+If you are uploading small numbers of large files over high-speed links
+and these uploads do not fully utilize your bandwidth, then increasing
+this may help to speed up the transfers.
+
+Properties:
+
+- Config: upload_concurrency
+- Env Var: RCLONE_HIDRIVE_UPLOAD_CONCURRENCY
+- Type: int
+- Default: 4
+
+--hidrive-encoding
+
+The encoding for the backend.
+
+See the encoding section in the overview for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_HIDRIVE_ENCODING
+- Type: MultiEncoder
+- Default: Slash,Dot
+
+Limitations
+
+Symbolic links
+
+HiDrive is able to store symbolic links (symlinks) by design, for
+example, when unpacked from a zip archive.
+
+There exists no direct mechanism to manage native symlinks in remotes.
+As such this implementation has chosen to ignore any native symlinks
+present in the remote. rclone will not be able to access or show any
+symlinks stored in the hidrive-remote. This means symlinks cannot be
+individually removed, copied, or moved, except when removing, copying,
+or moving the parent folder.
+
+This does not affect the .rclonelink-files that rclone uses to encode
+and store symbolic links.
+
+Sparse files
+
+It is possible to store sparse files in HiDrive.
+
+Note that copying a sparse file will expand the holes into null-byte
+(0x00) regions that will then consume disk space. Likewise, when
+downloading a sparse file, the resulting file will have null-byte
+regions in the place of file holes.
+
HTTP
The HTTP remote is a read only remote for reading files of a webserver.
@@ -26750,7 +30875,7 @@ This will guide you through an interactive setup process:
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
- XX / http Connection
+ XX / HTTP
\ "http"
[snip]
Storage> http
@@ -26823,11 +30948,11 @@ or:
Standard options
-Here are the standard options specific to http (http Connection).
+Here are the Standard options specific to http (HTTP).
--http-url
-URL of http host to connect to.
+URL of HTTP host to connect to.
E.g. "https://example.com", or "https://user:pass@example.com" to use a
username and password.
@@ -26841,7 +30966,7 @@ Properties:
Advanced options
-Here are the advanced options specific to http (http Connection).
+Here are the Advanced options specific to http (HTTP).
--http-headers
@@ -26918,235 +31043,334 @@ rclone about is not supported by the HTTP backend. Backends without this
capability cannot determine free space for an rclone mount or use policy
mfs (most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about See rclone about
+See List of backends that do not support rclone about and rclone about
-Hubic
+Internet Archive
-Paths are specified as remote:path
+The Internet Archive backend utilizes Items on archive.org
-Paths are specified as remote:container (or remote: for the lsd
-command.) You may put subdirectories in too, e.g.
-remote:container/path/to/dir.
+Refer to IAS3 API documentation for the API this backend uses.
-Configuration
+Paths are specified as remote:bucket (or remote: for the lsd command.)
+You may put subdirectories in too, e.g. remote:item/path/to/dir.
-The initial setup for Hubic involves getting a token from Hubic which
-you need to do in your browser. rclone config walks you through it.
+Unlike S3, listing up all items uploaded by you isn't supported.
-Here is an example of how to make a remote called remote. First run:
+Once you have made a remote, you can use it like this:
- rclone config
+Make a new item
-This will guide you through an interactive setup process:
+ rclone mkdir remote:item
- n) New remote
- s) Set configuration password
- n/s> n
- name> remote
- Type of storage to configure.
- Choose a number from below, or type in your own value
- [snip]
- XX / Hubic
- \ "hubic"
- [snip]
- Storage> hubic
- Hubic Client Id - leave blank normally.
- client_id>
- Hubic Client Secret - leave blank normally.
- client_secret>
- Remote config
- Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
- y) Yes
- n) No
- y/n> y
- If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
- Log in and authorize rclone for access
- Waiting for code...
- Got code
- --------------------
- [remote]
- client_id =
- client_secret =
- token = {"access_token":"XXXXXX"}
- --------------------
- y) Yes this is OK
- e) Edit this remote
- d) Delete this remote
- y/e/d> y
+List the contents of a item
-See the remote setup docs for how to set it up on a machine with no
-Internet browser available.
+ rclone ls remote:item
-Note that rclone runs a webserver on your local machine to collect the
-token as returned from Hubic. This only runs from the moment it opens
-your browser to the moment you get back the verification code. This is
-on http://127.0.0.1:53682/ and this it may require you to unblock it
-temporarily if you are running a host firewall.
+Sync /home/local/directory to the remote item, deleting any excess files
+in the item.
-Once configured you can then use rclone like this,
+ rclone sync -i /home/local/directory remote:item
-List containers in the top level of your Hubic
+Notes
- rclone lsd remote:
+Because of Internet Archive's architecture, it enqueues write operations
+(and extra post-processings) in a per-item queue. You can check item's
+queue at https://catalogd.archive.org/history/item-name-here . Because
+of that, all uploads/deletes will not show up immediately and takes some
+time to be available. The per-item queue is enqueued to an another
+queue, Item Deriver Queue. You can check the status of Item Deriver
+Queue here. This queue has a limit, and it may block you from uploading,
+or even deleting. You should avoid uploading a lot of small files for
+better behavior.
-List all the files in your Hubic
+You can optionally wait for the server's processing to finish, by
+setting non-zero value to wait_archive key. By making it wait, rclone
+can do normal file comparison. Make sure to set a large enough value
+(e.g. 30m0s for smaller files) as it can take a long time depending on
+server's queue.
- rclone ls remote:
+About metadata
-To copy a local directory to an Hubic directory called backup
+This backend supports setting, updating and reading metadata of each
+file. The metadata will appear as file metadata on Internet Archive.
+However, some fields are reserved by both Internet Archive and rclone.
- rclone copy /home/source remote:backup
+The following are reserved by Internet Archive: - name - source - size -
+md5 - crc32 - sha1 - format - old_version - viruscheck - summation
-If you want the directory to be visible in the official Hubic browser,
-you need to copy your files to the default directory
+Trying to set values to these keys is ignored with a warning. Only
+setting mtime is an exception. Doing so make it the identical behavior
+as setting ModTime.
- rclone copy /home/source remote:default/backup
+rclone reserves all the keys starting with rclone-. Setting value for
+these keys will give you warnings, but values are set according to
+request.
---fast-list
+If there are multiple values for a key, only the first one is returned.
+This is a limitation of rclone, that supports one value per one key. It
+can be triggered when you did a server-side copy.
-This remote supports --fast-list which allows you to use fewer
-transactions in exchange for more memory. See the rclone docs for more
-details.
+Reading metadata will also provide custom (non-standard nor reserved)
+ones.
-Modified time
+Filtering auto generated files
-The modified time is stored as metadata on the object as
-X-Object-Meta-Mtime as floating point since the epoch accurate to 1 ns.
+The Internet Archive automatically creates metadata files after upload.
+These can cause problems when doing an rclone sync as rclone will try,
+and fail, to delete them. These metadata files are not changeable, as
+they are created by the Internet Archive automatically.
-This is a de facto standard (used in the official python-swiftclient
-amongst others) for storing the modification time for an object.
+These auto-created files can be excluded from the sync using metadata
+filtering.
+
+ rclone sync ... --metadata-exclude "source=metadata" --metadata-exclude "format=Metadata"
+
+Which excludes from the sync any files which have the source=metadata or
+format=Metadata flags which are added to Internet Archive auto-created
+files.
+
+Configuration
+
+Here is an example of making an internetarchive configuration. Most
+applies to the other providers as well, any differences are described
+below.
+
+First run
+
+ rclone config
-Note that Hubic wraps the Swift backend, so most of the properties of
-are the same.
+This will guide you through an interactive setup process.
+
+ No remotes found, make a new one?
+ n) New remote
+ s) Set configuration password
+ q) Quit config
+ n/s/q> n
+ name> remote
+ Option Storage.
+ Type of storage to configure.
+ Choose a number from below, or type in your own value.
+ XX / InternetArchive Items
+ \ (internetarchive)
+ Storage> internetarchive
+ Option access_key_id.
+ IAS3 Access Key.
+ Leave blank for anonymous access.
+ You can find one here: https://archive.org/account/s3.php
+ Enter a value. Press Enter to leave empty.
+ access_key_id> XXXX
+ Option secret_access_key.
+ IAS3 Secret Key (password).
+ Leave blank for anonymous access.
+ Enter a value. Press Enter to leave empty.
+ secret_access_key> XXXX
+ Edit advanced config?
+ y) Yes
+ n) No (default)
+ y/n> y
+ Option endpoint.
+ IAS3 Endpoint.
+ Leave blank for default value.
+ Enter a string value. Press Enter for the default (https://s3.us.archive.org).
+ endpoint>
+ Option front_endpoint.
+ Host of InternetArchive Frontend.
+ Leave blank for default value.
+ Enter a string value. Press Enter for the default (https://archive.org).
+ front_endpoint>
+ Option disable_checksum.
+ Don't store MD5 checksum with object metadata.
+ Normally rclone will calculate the MD5 checksum of the input before
+ uploading it so it can ask the server to check the object against checksum.
+ This is great for data integrity checking but can cause long delays for
+ large files to start uploading.
+ Enter a boolean value (true or false). Press Enter for the default (true).
+ disable_checksum> true
+ Option encoding.
+ The encoding for the backend.
+ See the [encoding section in the overview](https://rclone.org/overview/#encoding) for more info.
+ Enter a encoder.MultiEncoder value. Press Enter for the default (Slash,Question,Hash,Percent,Del,Ctl,InvalidUtf8,Dot).
+ encoding>
+ Edit advanced config?
+ y) Yes
+ n) No (default)
+ y/n> n
+ --------------------
+ [remote]
+ type = internetarchive
+ access_key_id = XXXX
+ secret_access_key = XXXX
+ --------------------
+ y) Yes this is OK (default)
+ e) Edit this remote
+ d) Delete this remote
+ y/e/d> y
Standard options
-Here are the standard options specific to hubic (Hubic).
+Here are the Standard options specific to internetarchive (Internet
+Archive).
---hubic-client-id
+--internetarchive-access-key-id
-OAuth Client Id.
+IAS3 Access Key.
-Leave blank normally.
+Leave blank for anonymous access. You can find one here:
+https://archive.org/account/s3.php
Properties:
-- Config: client_id
-- Env Var: RCLONE_HUBIC_CLIENT_ID
+- Config: access_key_id
+- Env Var: RCLONE_INTERNETARCHIVE_ACCESS_KEY_ID
- Type: string
- Required: false
---hubic-client-secret
+--internetarchive-secret-access-key
-OAuth Client Secret.
+IAS3 Secret Key (password).
-Leave blank normally.
+Leave blank for anonymous access.
Properties:
-- Config: client_secret
-- Env Var: RCLONE_HUBIC_CLIENT_SECRET
+- Config: secret_access_key
+- Env Var: RCLONE_INTERNETARCHIVE_SECRET_ACCESS_KEY
- Type: string
- Required: false
Advanced options
-Here are the advanced options specific to hubic (Hubic).
+Here are the Advanced options specific to internetarchive (Internet
+Archive).
---hubic-token
+--internetarchive-endpoint
-OAuth Access Token as a JSON blob.
+IAS3 Endpoint.
+
+Leave blank for default value.
Properties:
-- Config: token
-- Env Var: RCLONE_HUBIC_TOKEN
+- Config: endpoint
+- Env Var: RCLONE_INTERNETARCHIVE_ENDPOINT
- Type: string
-- Required: false
+- Default: "https://s3.us.archive.org"
---hubic-auth-url
+--internetarchive-front-endpoint
-Auth server URL.
+Host of InternetArchive Frontend.
-Leave blank to use the provider defaults.
+Leave blank for default value.
Properties:
-- Config: auth_url
-- Env Var: RCLONE_HUBIC_AUTH_URL
+- Config: front_endpoint
+- Env Var: RCLONE_INTERNETARCHIVE_FRONT_ENDPOINT
- Type: string
-- Required: false
+- Default: "https://archive.org"
---hubic-token-url
+--internetarchive-disable-checksum
-Token server url.
+Don't ask the server to test against MD5 checksum calculated by rclone.
+Normally rclone will calculate the MD5 checksum of the input before
+uploading it so it can ask the server to check the object against
+checksum. This is great for data integrity checking but can cause long
+delays for large files to start uploading.
-Leave blank to use the provider defaults.
+Properties:
+
+- Config: disable_checksum
+- Env Var: RCLONE_INTERNETARCHIVE_DISABLE_CHECKSUM
+- Type: bool
+- Default: true
+
+--internetarchive-wait-archive
+
+Timeout for waiting the server's processing tasks (specifically archive
+and book_op) to finish. Only enable if you need to be guaranteed to be
+reflected after write operations. 0 to disable waiting. No errors to be
+thrown in case of timeout.
Properties:
-- Config: token_url
-- Env Var: RCLONE_HUBIC_TOKEN_URL
-- Type: string
-- Required: false
+- Config: wait_archive
+- Env Var: RCLONE_INTERNETARCHIVE_WAIT_ARCHIVE
+- Type: Duration
+- Default: 0s
---hubic-chunk-size
+--internetarchive-encoding
-Above this size files will be chunked into a _segments container.
+The encoding for the backend.
-Above this size files will be chunked into a _segments container. The
-default for this is 5 GiB which is its maximum value.
+See the encoding section in the overview for more info.
Properties:
-- Config: chunk_size
-- Env Var: RCLONE_HUBIC_CHUNK_SIZE
-- Type: SizeSuffix
-- Default: 5Gi
+- Config: encoding
+- Env Var: RCLONE_INTERNETARCHIVE_ENCODING
+- Type: MultiEncoder
+- Default: Slash,LtGt,CrLf,Del,Ctl,InvalidUtf8,Dot
---hubic-no-chunk
+Metadata
-Don't chunk files during streaming upload.
+Metadata fields provided by Internet Archive. If there are multiple
+values for a key, only the first one is returned. This is a limitation
+of Rclone, that supports one value per one key.
-When doing streaming uploads (e.g. using rcat or mount) setting this
-flag will cause the swift backend to not upload chunked files.
+Owner is able to add custom keys. Metadata feature grabs all the keys
+including them.
-This will limit the maximum upload size to 5 GiB. However non chunked
-files are easier to deal with and have an MD5SUM.
+Here are the possible system metadata items for the internetarchive
+backend.
-Rclone will still chunk files bigger than chunk_size when doing normal
-copy operations.
+ --------------------------------------------------------------------------------------------------------------------------------------
+ Name Help Type Example Read Only
+ --------------------- ---------------------------------- ----------- -------------------------------------------- --------------------
+ crc32 CRC32 calculated by Internet string 01234567 Y
+ Archive
-Properties:
+ format Name of format identified by string Comma-Separated Values Y
+ Internet Archive
-- Config: no_chunk
-- Env Var: RCLONE_HUBIC_NO_CHUNK
-- Type: bool
-- Default: false
+ md5 MD5 hash calculated by Internet string 01234567012345670123456701234567 Y
+ Archive
---hubic-encoding
+ mtime Time of last modification, managed RFC 3339 2006-01-02T15:04:05.999999999Z Y
+ by Rclone
-The encoding for the backend.
+ name Full file path, without the bucket filename backend/internetarchive/internetarchive.go Y
+ part
-See the encoding section in the overview for more info.
+ old_version Whether the file was replaced and boolean true Y
+ moved by keep-old-version flag
-Properties:
+ rclone-ia-mtime Time of last modification, managed RFC 3339 2006-01-02T15:04:05.999999999Z N
+ by Internet Archive
-- Config: encoding
-- Env Var: RCLONE_HUBIC_ENCODING
-- Type: MultiEncoder
-- Default: Slash,InvalidUtf8
+ rclone-mtime Time of last modification, managed RFC 3339 2006-01-02T15:04:05.999999999Z N
+ by Rclone
-Limitations
+ rclone-update-track Random value used by Rclone for string aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa N
+ tracking changes inside Internet
+ Archive
-This uses the normal OpenStack Swift mechanism to refresh the Swift API
-credentials and ignores the expires field returned by the Hubic API.
+ sha1 SHA1 hash calculated by Internet string 0123456701234567012345670123456701234567 Y
+ Archive
-The Swift API doesn't return a correct MD5SUM for segmented files
-(Dynamic or Static Large Objects) so rclone won't check or use the
-MD5SUM for these.
+ size File size in bytes decimal 123456 Y
+ number
+
+ source The source of the file string original Y
+
+ summation Check string md5 Y
+ https://forum.rclone.org/t/31922
+ for how it is used
+
+ viruscheck The last time viruscheck process unixtime 1654191352 Y
+ was run for the file (?)
+ --------------------------------------------------------------------------------------------------------------------------------------
+
+See the metadata docs for more info.
Jottacloud
@@ -27157,7 +31381,7 @@ companies, such as: * Telia * Telia Cloud (cloud.telia.se) * Telia Sky
(sky.telia.no) * Tele2 * Tele2 Cloud (mittcloud.tele2.se) * Elkjøp (with
subsidiaries): * Elkjøp Cloud (cloud.elkjop.no) * Elgiganten Sweden
(cloud.elgiganten.se) * Elgiganten Denmark (cloud.elgiganten.dk) *
-Giganti Cloud (cloud.gigantti.fi) * ELKO Clouud (cloud.elko.is)
+Giganti Cloud (cloud.gigantti.fi) * ELKO Cloud (cloud.elko.is)
Most of the white-label versions are supported by this backend, although
may require different authentication setup - described below.
@@ -27174,11 +31398,38 @@ setting up the remote.
Standard authentication
-To configure Jottacloud you will need to generate a personal security
-token in the Jottacloud web interface. You will the option to do in your
-account security settings (for whitelabel version you need to find this
-page in its web interface). Note that the web interface may refer to
-this token as a JottaCli token.
+The standard authentication method used by the official service
+(jottacloud.com), as well as some of the whitelabel services, requires
+you to generate a single-use personal login token from the account
+security settings in the service's web interface. Log in to your
+account, go to "Settings" and then "Security", or use the direct link
+presented to you by rclone when configuring the remote:
+https://www.jottacloud.com/web/secure. Scroll down to the section
+"Personal login token", and click the "Generate" button. Note that if
+you are using a whitelabel service you probably can't use the direct
+link, you need to find the same page in their dedicated web interface,
+and also it may be in a different location than described above.
+
+To access your account from multiple instances of rclone, you need to
+configure each of them with a separate personal login token. E.g. you
+create a Jottacloud remote with rclone in one location, and copy the
+configuration file to a second location where you also want to run
+rclone and access the same remote. Then you need to replace the token
+for one of them, using the config reconnect command, which requires you
+to generate a new personal login token and supply as input. If you do
+not do this, the token may easily end up being invalidated, resulting in
+both instances failing with an error message something along the lines
+of:
+
+ oauth2: cannot fetch token: 400 Bad Request
+ Response: {"error":"invalid_grant","error_description":"Stale token"}
+
+When this happens, you need to replace the token as described above to
+be able to use your remote again.
+
+All personal login tokens you have taken into use will be listed in the
+web interface under "My logged in devices", and from the right side of
+that list you can click the "X" button to revoke individual tokens.
Legacy authentication
@@ -27220,56 +31471,78 @@ This will guide you through an interactive setup process:
q) Quit config
n/s/q> n
name> remote
+ Option Storage.
Type of storage to configure.
- Enter a string value. Press Enter for the default ("").
- Choose a number from below, or type in your own value
+ Choose a number from below, or type in your own value.
[snip]
XX / Jottacloud
- \ "jottacloud"
+ \ (jottacloud)
[snip]
Storage> jottacloud
- ** See help for jottacloud backend at: https://rclone.org/jottacloud/ **
-
- Edit advanced config? (y/n)
- y) Yes
- n) No
- y/n> n
- Remote config
- Use legacy authentication?.
- This is only required for certain whitelabel versions of Jottacloud and not recommended for normal users.
+ Edit advanced config?
y) Yes
n) No (default)
y/n> n
-
- Generate a personal login token here: https://www.jottacloud.com/web/secure
+ Option config_type.
+ Select authentication type.
+ Choose a number from below, or type in an existing string value.
+ Press Enter for the default (standard).
+ / Standard authentication.
+ 1 | Use this if you're a normal Jottacloud user.
+ \ (standard)
+ / Legacy authentication.
+ 2 | This is only required for certain whitelabel versions of Jottacloud and not recommended for normal users.
+ \ (legacy)
+ / Telia Cloud authentication.
+ 3 | Use this if you are using Telia Cloud.
+ \ (telia)
+ / Tele2 Cloud authentication.
+ 4 | Use this if you are using Tele2 Cloud.
+ \ (tele2)
+ config_type> 1
+ Personal login token.
+ Generate here: https://www.jottacloud.com/web/secure
Login Token>
-
- Do you want to use a non standard device/mountpoint e.g. for accessing files uploaded using the official Jottacloud client?
-
+ Use a non-standard device/mountpoint?
+ Choosing no, the default, will let you access the storage used for the archive
+ section of the official Jottacloud client. If you instead want to access the
+ sync or the backup section, for example, you must choose yes.
y) Yes
- n) No
+ n) No (default)
y/n> y
- Please select the device to use. Normally this will be Jotta
- Choose a number from below, or type in an existing value
+ Option config_device.
+ The device to use. In standard setup the built-in Jotta device is used,
+ which contains predefined mountpoints for archive, sync etc. All other devices
+ are treated as backup devices by the official Jottacloud client. You may create
+ a new by entering a unique name.
+ Choose a number from below, or type in your own string value.
+ Press Enter for the default (DESKTOP-3H31129).
1 > DESKTOP-3H31129
2 > Jotta
- Devices> 2
- Please select the mountpoint to user. Normally this will be Archive
- Choose a number from below, or type in an existing value
+ config_device> 2
+ Option config_mountpoint.
+ The mountpoint to use for the built-in device Jotta.
+ The standard setup is to use the Archive mountpoint. Most other mountpoints
+ have very limited support in rclone and should generally be avoided.
+ Choose a number from below, or type in an existing string value.
+ Press Enter for the default (Archive).
1 > Archive
- 2 > Links
+ 2 > Shared
3 > Sync
-
- Mountpoints> 1
+ config_mountpoint> 1
--------------------
- [jotta]
+ [remote]
type = jottacloud
+ configVersion = 1
+ client_id = jottacli
+ client_secret =
+ tokenURL = https://id.jottacloud.com/auth/realms/jottacloud/protocol/openid-connect/token
token = {........}
+ username = 2940e57271a93d987d6f8a21
device = Jotta
mountpoint = Archive
- configVersion = 1
--------------------
- y) Yes this is OK
+ y) Yes this is OK (default)
e) Edit this remote
d) Delete this remote
y/e/d> y
@@ -27291,21 +31564,30 @@ To copy a local directory to an Jottacloud directory called backup
Devices and Mountpoints
The official Jottacloud client registers a device for each computer you
-install it on, and then creates a mountpoint for each folder you select
-for Backup. The web interface uses a special device called Jotta for the
-Archive and Sync mountpoints.
-
-With rclone you'll want to use the Jotta/Archive device/mountpoint in
-most cases, however if you want to access files uploaded by any of the
-official clients rclone provides the option to select other devices and
-mountpoints during config. Note that uploading files is currently not
-supported to other devices than Jotta.
-
-The built-in Jotta device may also contain several other mountpoints,
-such as: Latest, Links, Shared and Trash. These are special mountpoints
-with a different internal representation than the "regular" mountpoints.
-Rclone will only to a very limited degree support them. Generally you
-should avoid these, unless you know what you are doing.
+install it on, and shows them in the backup section of the user
+interface. For each folder you select for backup it will create a
+mountpoint within this device. A built-in device called Jotta is
+special, and contains mountpoints Archive, Sync and some others, used
+for corresponding features in official clients.
+
+With rclone you'll want to use the standard Jotta/Archive
+device/mountpoint in most cases. However, you may for example want to
+access files from the sync or backup functionality provided by the
+official clients, and rclone therefore provides the option to select
+other devices and mountpoints during config.
+
+You are allowed to create new devices and mountpoints. All devices
+except the built-in Jotta device are treated as backup devices by
+official Jottacloud clients, and the mountpoints on them are individual
+backup sets.
+
+With the built-in Jotta device, only existing, built-in, mountpoints can
+be selected. In addition to the mentioned Archive and Sync, it may
+contain several other mountpoints such as: Latest, Links, Shared and
+Trash. All of these are special mountpoints with a different internal
+representation than the "regular" mountpoints. Rclone will only to a
+very limited degree support them. Generally you should avoid these,
+unless you know what you are doing.
--fast-list
@@ -27384,7 +31666,7 @@ current usage.
Advanced options
-Here are the advanced options specific to jottacloud (Jottacloud).
+Here are the Advanced options specific to jottacloud (Jottacloud).
--jottacloud-md5-memory-limit
@@ -27584,7 +31866,7 @@ strings.
Standard options
-Here are the standard options specific to koofr (Koofr, Digi Storage and
+Here are the Standard options specific to koofr (Koofr, Digi Storage and
other Koofr-compatible storage providers).
--koofr-provider
@@ -27674,7 +31956,7 @@ Properties:
Advanced options
-Here are the advanced options specific to koofr (Koofr, Digi Storage and
+Here are the Advanced options specific to koofr (Koofr, Digi Storage and
other Koofr-compatible storage providers).
--koofr-mountid
@@ -27894,8 +32176,22 @@ Features highlights
Configuration
-Here is an example of making a mailru configuration. First create a
-Mail.ru Cloud account and choose a tariff, then run
+Here is an example of making a mailru configuration.
+
+First create a Mail.ru Cloud account and choose a tariff.
+
+You will need to log in and create an app password for rclone. Rclone
+will not work with your normal username and password - it will give an
+error like oauth2: server response missing access_token.
+
+- Click on your user icon in the top right
+- Go to Security / "Пароль и безопасность"
+- Click password for apps / "Пароли для внешних приложений"
+- Add the password - give it a name - eg "rclone"
+- Copy the password and use this password below - your normal login
+ password won't work.
+
+Now run
rclone config
@@ -27920,6 +32216,10 @@ This will guide you through an interactive setup process:
Enter a string value. Press Enter for the default ("").
user> username@mail.ru
Password
+
+ This must be an app password - rclone will not work with your normal
+ password. See the Configuration section in the docs for how to make an
+ app password.
y) Yes type in my own password
g) Generate random password
y/g> y
@@ -28024,7 +32324,7 @@ strings.
Standard options
-Here are the standard options specific to mailru (Mail.ru Cloud).
+Here are the Standard options specific to mailru (Mail.ru Cloud).
--mailru-user
@@ -28041,6 +32341,10 @@ Properties:
Password.
+This must be an app password - rclone will not work with your normal
+password. See the Configuration section in the docs for how to make an
+app password.
+
NB Input to this must be obscured - see rclone obscure.
Properties:
@@ -28078,7 +32382,7 @@ Properties:
Advanced options
-Here are the advanced options specific to mailru (Mail.ru Cloud).
+Here are the Advanced options specific to mailru (Mail.ru Cloud).
--mailru-speedup-file-patterns
@@ -28315,6 +32619,38 @@ Use rclone dedupe to fix duplicated files.
Failure to log-in
+Object not found
+
+If you are connecting to your Mega remote for the first time, to test
+access and synchronization, you may receive an error such as
+
+ Failed to create file system for "my-mega-remote:":
+ couldn't login: Object (typically, node or user) not found
+
+The diagnostic steps often recommended in the rclone forum start with
+the MEGAcmd utility. Note that this refers to the official C++ command
+from https://github.com/meganz/MEGAcmd and not the go language built
+command from t3rm1n4l/megacmd that is no longer maintained.
+
+Follow the instructions for installing MEGAcmd and try accessing your
+remote as they recommend. You can establish whether or not you can log
+in using MEGAcmd, and obtain diagnostic information to help you, and
+search or work with others in the forum.
+
+ MEGA CMD> login me@example.com
+ Password:
+ Fetching nodes ...
+ Loading transfers from local cache
+ Login complete as me@example.com
+ me@example.com:/$
+
+Note that some have found issues with passwords containing special
+characters. If you can not log on with rclone, but MEGAcmd logs on just
+fine, then consider changing your password temporarily to pure
+alphanumeric characters, in case that helps.
+
+Repeated commands blocks access
+
Mega remotes seem to get blocked (reject logins) under "heavy use". We
haven't worked out the exact blocking rules but it seems to be related
to fast paced, successive rclone commands.
@@ -28361,7 +32697,7 @@ got the remote blocked for a while.
Standard options
-Here are the standard options specific to mega (Mega).
+Here are the Standard options specific to mega (Mega).
--mega-user
@@ -28389,7 +32725,7 @@ Properties:
Advanced options
-Here are the advanced options specific to mega (Mega).
+Here are the Advanced options specific to mega (Mega).
--mega-debug
@@ -28515,6 +32851,8 @@ See all buckets rclone lsd remote: The initial setup for Netstorage
involves getting an account and secret. Use rclone config to walk you
through the setup process.
+Configuration
+
Here's an example of how to make a remote called ns1.
1. To begin the interactive configuration process, enter this command:
@@ -28621,6 +32959,8 @@ You can't perform operations between different remotes.
rclone move ns1:/974012/testing/notes.txt ns1:/974450/testing2/
+Features
+
Symlink Support
The Netstorage backend changes the rclone --links, -l behavior. When
@@ -28656,7 +32996,7 @@ With NetStorage, directories can exist in one of two forms:
have created in a storage group.
2. Implicit Directory. This refers to a directory within a path that
has not been physically created. For example, during upload of a
- file, non-existent subdirectories can be specified in the target
+ file, nonexistent subdirectories can be specified in the target
path. NetStorage creates these as "implicit." While the directories
aren't physically created, they exist implicitly and the noted path
is connected with the uploaded file.
@@ -28669,7 +33009,7 @@ Content Management Shell (CMShell). Rclone will not guarantee
correctness of operations with implicit directories which might have
been created as a result of using an upload API directly.
-ListR Feature
+--fast-list / ListR support
NetStorage remote supports the ListR feature by using the "list"
NetStorage API action to return a lexicographical list of all objects
@@ -28696,7 +33036,7 @@ files in the directory and directory size as -1 when ListR method is
used. The workaround is to pass "--disable listR" flag if these numbers
are important in the output.
-Purge Feature
+Purge
NetStorage remote supports the purge feature by using the "quick-delete"
NetStorage API action. The quick-delete action is disabled by default
@@ -28712,7 +33052,7 @@ accessible.
Standard options
-Here are the standard options specific to netstorage (Akamai
+Here are the Standard options specific to netstorage (Akamai
NetStorage).
--netstorage-host
@@ -28757,7 +33097,7 @@ Properties:
Advanced options
-Here are the advanced options specific to netstorage (Akamai
+Here are the Advanced options specific to netstorage (Akamai
NetStorage).
--netstorage-protocol
@@ -28789,8 +33129,8 @@ Run them with
The help below will explain what arguments each command takes.
-See the "rclone backend" command for more info on how to pass options
-and arguments.
+See the backend command for more info on how to pass options and
+arguments.
These can be run on a running backend using the rc command
backend/command.
@@ -28889,7 +33229,12 @@ Modified time
The modified time is stored as metadata on the object with the mtime
key. It is stored using RFC3339 Format time with nanosecond precision.
The metadata is supplied during directory listings so there is no
-overhead to using it.
+performance overhead to using it.
+
+If you wish to use the Azure standard LastModified time stored on the
+object as the modified time, then use the --use-server-modtime flag.
+Note that rclone can't set LastModified, so using the --update flag when
+syncing is recommended if using --use-server-modtime.
Performance
@@ -28925,11 +33270,88 @@ MD5 hashes are stored with blobs. However blobs that were uploaded in
chunks only have an MD5 if the source remote was capable of MD5 hashes,
e.g. the local disk.
-Authenticating with Azure Blob Storage
+Authentication
+
+There are a number of ways of supplying credentials for Azure Blob
+Storage. Rclone tries them in the order of the sections below.
+
+Env Auth
+
+If the env_auth config parameter is true then rclone will pull
+credentials from the environment or runtime.
+
+It tries these authentication methods in this order:
+
+1. Environment Variables
+2. Managed Service Identity Credentials
+3. Azure CLI credentials (as used by the az tool)
+
+These are described in the following sections
+
+Env Auth: 1. Environment Variables
+
+If env_auth is set and environment variables are present rclone
+authenticates a service principal with a secret or certificate, or a
+user with a password, depending on which environment variable are set.
+It reads configuration from these variables, in the following order:
+
+1. Service principal with client secret
+ - AZURE_TENANT_ID: ID of the service principal's tenant. Also
+ called its "directory" ID.
+ - AZURE_CLIENT_ID: the service principal's client ID
+ - AZURE_CLIENT_SECRET: one of the service principal's client
+ secrets
+2. Service principal with certificate
+ - AZURE_TENANT_ID: ID of the service principal's tenant. Also
+ called its "directory" ID.
+ - AZURE_CLIENT_ID: the service principal's client ID
+ - AZURE_CLIENT_CERTIFICATE_PATH: path to a PEM or PKCS12
+ certificate file including the private key.
+ - AZURE_CLIENT_CERTIFICATE_PASSWORD: (optional) password for the
+ certificate file.
+ - AZURE_CLIENT_SEND_CERTIFICATE_CHAIN: (optional) Specifies
+ whether an authentication request will include an x5c header to
+ support subject name / issuer based authentication. When set to
+ "true" or "1", authentication requests include the x5c header.
+3. User with username and password
+ - AZURE_TENANT_ID: (optional) tenant to authenticate in. Defaults
+ to "organizations".
+ - AZURE_CLIENT_ID: client ID of the application the user will
+ authenticate to
+ - AZURE_USERNAME: a username (usually an email address)
+ - AZURE_PASSWORD: the user's password
+
+Env Auth: 2. Managed Service Identity Credentials
+
+When using Managed Service Identity if the VM(SS) on which this program
+is running has a system-assigned identity, it will be used by default.
+If the resource has no system-assigned but exactly one user-assigned
+identity, the user-assigned identity will be used by default.
+
+If the resource has multiple user-assigned identities you will need to
+unset env_auth and set use_msi instead. See the use_msi section.
-Rclone has 3 ways of authenticating with Azure Blob Storage:
+Env Auth: 3. Azure CLI credentials (as used by the az tool)
-Account and Key
+Credentials created with the az tool can be picked up using env_auth.
+
+For example if you were to login with a service principal like this:
+
+ az login --service-principal -u XXX -p XXX --tenant XXX
+
+Then you could access rclone resources like this:
+
+ rclone lsf :azureblob,env_auth,account=ACCOUNT:CONTAINER
+
+Or
+
+ rclone lsf --azureblob-env-auth --azureblob-acccount=ACCOUNT :azureblob:CONTAINER
+
+Which is analogous to using the az tool:
+
+ az storage blob list --container-name CONTAINER --account-name ACCOUNT --auth-mode login
+
+Account and Shared Key
This is the most straight forward and least flexible way. Just fill in
the account and key lines and leave the rest blank.
@@ -28938,7 +33360,7 @@ SAS URL
This can be an account level SAS URL or container level SAS URL.
-To use it leave account, key blank and fill in sas_url.
+To use it leave account and key blank and fill in sas_url.
An account level SAS URL or container level SAS URL can be obtained from
the Azure portal or the Azure Storage Explorer. To get a container level
@@ -28964,16 +33386,87 @@ Container level SAS URLs are useful for temporarily allowing third
parties access to a single container or putting credentials into an
untrusted environment such as a CI build server.
+Service principal with client secret
+
+If these variables are set, rclone will authenticate with a service
+principal with a client secret.
+
+- tenant: ID of the service principal's tenant. Also called its
+ "directory" ID.
+- client_id: the service principal's client ID
+- client_secret: one of the service principal's client secrets
+
+The credentials can also be placed in a file using the
+service_principal_file configuration option.
+
+Service principal with certificate
+
+If these variables are set, rclone will authenticate with a service
+principal with certificate.
+
+- tenant: ID of the service principal's tenant. Also called its
+ "directory" ID.
+- client_id: the service principal's client ID
+- client_certificate_path: path to a PEM or PKCS12 certificate file
+ including the private key.
+- client_certificate_password: (optional) password for the certificate
+ file.
+- client_send_certificate_chain: (optional) Specifies whether an
+ authentication request will include an x5c header to support subject
+ name / issuer based authentication. When set to "true" or "1",
+ authentication requests include the x5c header.
+
+NB client_certificate_password must be obscured - see rclone obscure.
+
+User with username and password
+
+If these variables are set, rclone will authenticate with username and
+password.
+
+- tenant: (optional) tenant to authenticate in. Defaults to
+ "organizations".
+- client_id: client ID of the application the user will authenticate
+ to
+- username: a username (usually an email address)
+- password: the user's password
+
+Microsoft doesn't recommend this kind of authentication, because it's
+less secure than other authentication flows. This method is not
+interactive, so it isn't compatible with any form of multi-factor
+authentication, and the application must already have user or admin
+consent. This credential can only authenticate work and school accounts;
+it can't authenticate Microsoft accounts.
+
+NB password must be obscured - see rclone obscure.
+
+Managed Service Identity Credentials
+
+If use_msi is set then managed service identity credentials are used.
+This authentication only works when running in an Azure service.
+env_auth needs to be unset to use this.
+
+However if you have multiple user identities to choose from these must
+be explicitly specified using exactly one of the msi_object_id,
+msi_client_id, or msi_mi_res_id parameters.
+
+If none of msi_object_id, msi_client_id, or msi_mi_res_id is set, this
+is is equivalent to using env_auth.
+
Standard options
-Here are the standard options specific to azureblob (Microsoft Azure
+Here are the Standard options specific to azureblob (Microsoft Azure
Blob Storage).
--azureblob-account
-Storage Account Name.
+Azure Storage Account Name.
-Leave blank to use SAS URL or Emulator.
+Set this to the Azure Storage Account Name in use.
+
+Leave blank to use SAS URL or Emulator, otherwise it needs to be set.
+
+If this is blank and if env_auth is set it will be read from the
+environment variable AZURE_STORAGE_ACCOUNT_NAME if possible.
Properties:
@@ -28982,31 +33475,22 @@ Properties:
- Type: string
- Required: false
---azureblob-service-principal-file
-
-Path to file containing credentials for use with a service principal.
-
-Leave blank normally. Needed only if you want to use a service principal
-instead of interactive login.
+--azureblob-env-auth
- $ az ad sp create-for-rbac --name "" \
- --role "Storage Blob Data Owner" \
- --scopes "/subscriptions//resourceGroups//providers/Microsoft.Storage/storageAccounts//blobServices/default/containers/" \
- > azure-principal.json
+Read credentials from runtime (environment variables, CLI or MSI).
-See "Create an Azure service principal" and "Assign an Azure role for
-access to blob data" pages for more details.
+See the authentication docs for full info.
Properties:
-- Config: service_principal_file
-- Env Var: RCLONE_AZUREBLOB_SERVICE_PRINCIPAL_FILE
-- Type: string
-- Required: false
+- Config: env_auth
+- Env Var: RCLONE_AZUREBLOB_ENV_AUTH
+- Type: bool
+- Default: false
--azureblob-key
-Storage Account Key.
+Storage Account Shared Key.
Leave blank to use SAS URL or Emulator.
@@ -29030,6 +33514,153 @@ Properties:
- Type: string
- Required: false
+--azureblob-tenant
+
+ID of the service principal's tenant. Also called its directory ID.
+
+Set this if using - Service principal with client secret - Service
+principal with certificate - User with username and password
+
+Properties:
+
+- Config: tenant
+- Env Var: RCLONE_AZUREBLOB_TENANT
+- Type: string
+- Required: false
+
+--azureblob-client-id
+
+The ID of the client in use.
+
+Set this if using - Service principal with client secret - Service
+principal with certificate - User with username and password
+
+Properties:
+
+- Config: client_id
+- Env Var: RCLONE_AZUREBLOB_CLIENT_ID
+- Type: string
+- Required: false
+
+--azureblob-client-secret
+
+One of the service principal's client secrets
+
+Set this if using - Service principal with client secret
+
+Properties:
+
+- Config: client_secret
+- Env Var: RCLONE_AZUREBLOB_CLIENT_SECRET
+- Type: string
+- Required: false
+
+--azureblob-client-certificate-path
+
+Path to a PEM or PKCS12 certificate file including the private key.
+
+Set this if using - Service principal with certificate
+
+Properties:
+
+- Config: client_certificate_path
+- Env Var: RCLONE_AZUREBLOB_CLIENT_CERTIFICATE_PATH
+- Type: string
+- Required: false
+
+--azureblob-client-certificate-password
+
+Password for the certificate file (optional).
+
+Optionally set this if using - Service principal with certificate
+
+And the certificate has a password.
+
+NB Input to this must be obscured - see rclone obscure.
+
+Properties:
+
+- Config: client_certificate_password
+- Env Var: RCLONE_AZUREBLOB_CLIENT_CERTIFICATE_PASSWORD
+- Type: string
+- Required: false
+
+Advanced options
+
+Here are the Advanced options specific to azureblob (Microsoft Azure
+Blob Storage).
+
+--azureblob-client-send-certificate-chain
+
+Send the certificate chain when using certificate auth.
+
+Specifies whether an authentication request will include an x5c header
+to support subject name / issuer based authentication. When set to true,
+authentication requests include the x5c header.
+
+Optionally set this if using - Service principal with certificate
+
+Properties:
+
+- Config: client_send_certificate_chain
+- Env Var: RCLONE_AZUREBLOB_CLIENT_SEND_CERTIFICATE_CHAIN
+- Type: bool
+- Default: false
+
+--azureblob-username
+
+User name (usually an email address)
+
+Set this if using - User with username and password
+
+Properties:
+
+- Config: username
+- Env Var: RCLONE_AZUREBLOB_USERNAME
+- Type: string
+- Required: false
+
+--azureblob-password
+
+The user's password
+
+Set this if using - User with username and password
+
+NB Input to this must be obscured - see rclone obscure.
+
+Properties:
+
+- Config: password
+- Env Var: RCLONE_AZUREBLOB_PASSWORD
+- Type: string
+- Required: false
+
+--azureblob-service-principal-file
+
+Path to file containing credentials for use with a service principal.
+
+Leave blank normally. Needed only if you want to use a service principal
+instead of interactive login.
+
+ $ az ad sp create-for-rbac --name "" \
+ --role "Storage Blob Data Owner" \
+ --scopes "/subscriptions//resourceGroups//providers/Microsoft.Storage/storageAccounts//blobServices/default/containers/" \
+ > azure-principal.json
+
+See "Create an Azure service principal" and "Assign an Azure role for
+access to blob data" pages for more details.
+
+It may be more convenient to put the credentials directly into the
+rclone config file under the client_id, tenant and client_secret keys
+instead of setting service_principal_file.
+
+Properties:
+
+- Config: service_principal_file
+- Env Var: RCLONE_AZUREBLOB_SERVICE_PRINCIPAL_FILE
+- Type: string
+- Required: false
+
--azureblob-use-msi
Use a managed service identity to authenticate (only works in Azure).
@@ -29052,24 +33683,6 @@ Properties:
- Type: bool
- Default: false
---azureblob-use-emulator
-
-Uses local storage emulator if provided as 'true'.
-
-Leave blank if using real azure storage endpoint.
-
-Properties:
-
-- Config: use_emulator
-- Env Var: RCLONE_AZUREBLOB_USE_EMULATOR
-- Type: bool
-- Default: false
-
-Advanced options
-
-Here are the advanced options specific to azureblob (Microsoft Azure
-Blob Storage).
-
--azureblob-msi-object-id
Object ID of the user-assigned MSI to use, if any.
@@ -29109,6 +33722,19 @@ Properties:
- Type: string
- Required: false
+--azureblob-use-emulator
+
+Uses local storage emulator if provided as 'true'.
+
+Leave blank if using real azure storage endpoint.
+
+Properties:
+
+- Config: use_emulator
+- Env Var: RCLONE_AZUREBLOB_USE_EMULATOR
+- Type: bool
+- Default: false
+
--azureblob-endpoint
Endpoint for the service.
@@ -29311,6 +33937,20 @@ Properties:
- "container"
- Allow full public read access for container and blob data.
+--azureblob-no-check-container
+
+If set, don't attempt to check the container exists or create it.
+
+This can be useful when trying to minimise the number of transactions
+rclone does if you know the container exists already.
+
+Properties:
+
+- Config: no_check_container
+- Env Var: RCLONE_AZUREBLOB_NO_CHECK_CONTAINER
+- Type: bool
+- Default: false
+
--azureblob-no-head-object
If set, do not do HEAD before GET when getting objects.
@@ -29322,6 +33962,18 @@ Properties:
- Type: bool
- Default: false
+Custom upload headers
+
+You can set custom upload headers with the --header-upload flag.
+
+- Cache-Control
+- Content-Disposition
+- Content-Encoding
+- Content-Language
+- Content-Type
+
+Eg --header-upload "Content-Type: text/potato"
+
Limitations
MD5 sums are only uploaded with chunked files if the source has an MD5
@@ -29332,15 +33984,24 @@ backend. Backends without this capability cannot determine free space
for an rclone mount or use policy mfs (most free space) as a member of
an rclone union remote.
-See List of backends that do not support rclone about See rclone about
+See List of backends that do not support rclone about and rclone about
Azure Storage Emulator Support
-You can test rclone with storage emulator locally, to do this make sure
-azure storage emulator installed locally and set up a new remote with
-rclone config follow instructions described in introduction, set
-use_emulator config as true, you do not need to provide default account
-name or key if using emulator.
+You can run rclone with the storage emulator (usually azurite).
+
+To do this, just set up a new remote with rclone config following the
+instructions in the introduction and set use_emulator in the advanced
+settings as true. You do not need to provide a default account name nor
+an account key. But you can override them in the account and key
+options. (Prior to v1.61 they were hard coded to azurite's
+devstoreaccount1.)
+
+Also, if you want to access a storage emulator instance running on a
+different machine, you can override the endpoint parameter in the
+advanced settings, setting it to
+http(s)://:/devstoreaccount1 (e.g.
+http://10.254.2.5:10000/devstoreaccount1).
Microsoft OneDrive
@@ -29390,9 +34051,10 @@ This will guide you through an interactive setup process:
n) No
y/n> n
Remote config
- Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+ Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+ If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -29457,12 +34119,16 @@ To copy a local directory to an OneDrive directory called backup
Getting your own Client ID and Key
-You can use your own Client ID if the default (client_id left blank) one
-doesn't work for you or you see lots of throttling. The default Client
-ID and Key is shared by all rclone users when performing requests.
+rclone uses a default Client ID when talking to OneDrive, unless a
+custom client_id is specified in the config. The default Client ID and
+Key are shared by all rclone users when performing requests.
-If you are having problems with them (E.g., seeing a lot of throttling),
-you can get your own Client ID and Key by following the steps below:
+You may choose to create and use your own Client ID, in case the default
+one does not work well for you. For example, you might see throttling.
+
+Creating Client ID for OneDrive Personal
+
+To create your own Client ID, please follow these steps:
1. Open
https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade
@@ -29480,17 +34146,47 @@ you can get your own Client ID and Key by following the steps below:
select Microsoft Graph then select delegated permissions.
5. Search and select the following permissions: Files.Read,
Files.ReadWrite, Files.Read.All, Files.ReadWrite.All,
- offline_access, User.Read, and optionally Sites.Read.All (see
- below). Once selected click Add permissions at the bottom.
+ offline_access, User.Read and Sites.Read.All (if custom access
+ scopes are configured, select the permissions accordingly). Once
+ selected click Add permissions at the bottom.
Now the application is complete. Run rclone config to create or edit a
OneDrive remote. Supply the app ID and password as Client ID and Secret,
respectively. rclone will walk you through the remaining steps.
+The access_scopes option allows you to configure the permissions
+requested by rclone. See Microsoft Docs for more information about the
+different scopes.
+
The Sites.Read.All permission is required if you need to search
SharePoint sites when configuring the remote. However, if that
-permission is not assigned, you need to set disable_site_permission
-option to true in the advanced options.
+permission is not assigned, you need to exclude Sites.Read.All from your
+access scopes or set disable_site_permission option to true in the
+advanced options.
+
+Creating Client ID for OneDrive Business
+
+The steps for OneDrive Personal may or may not work for OneDrive
+Business, depending on the security settings of the organization. A
+common error is that the publisher of the App is not verified.
+
+You may try to verify you account, or try to limit the App to your
+organization only, as shown below.
+
+1. Make sure to create the App with your business account.
+2. Follow the steps above to create an App. However, we need a
+ different account type here:
+ Accounts in this organizational directory only (*** - Single tenant).
+ Note that you can also change the account type after creating the
+ App.
+3. Find the tenant ID of your organization.
+4. In the rclone config, set auth_url to
+ https://login.microsoftonline.com/YOUR_TENANT_ID/oauth2/v2.0/authorize.
+5. In the rclone config, set token_url to
+ https://login.microsoftonline.com/YOUR_TENANT_ID/oauth2/v2.0/token.
+
+Note: If you have a special region, you may need a different host in
+step 4 and 5. Here are some hints.
Modification time and hashes
@@ -29547,7 +34243,7 @@ the OneDrive website.
Standard options
-Here are the standard options specific to onedrive (Microsoft OneDrive).
+Here are the Standard options specific to onedrive (Microsoft OneDrive).
--onedrive-client-id
@@ -29593,11 +34289,11 @@ Properties:
- "de"
- Microsoft Cloud Germany
- "cn"
- - Azure and Office 365 operated by 21Vianet in China
+ - Azure and Office 365 operated by Vnet Group in China
Advanced options
-Here are the advanced options specific to onedrive (Microsoft OneDrive).
+Here are the Advanced options specific to onedrive (Microsoft OneDrive).
--onedrive-token
@@ -29691,6 +34387,32 @@ Properties:
- Type: string
- Required: false
+--onedrive-access-scopes
+
+Set scopes to be requested by rclone.
+
+Choose or manually enter a custom space separated list with all scopes,
+that rclone should request.
+
+Properties:
+
+- Config: access_scopes
+- Env Var: RCLONE_ONEDRIVE_ACCESS_SCOPES
+- Type: SpaceSepList
+- Default: Files.Read Files.ReadWrite Files.Read.All
+ Files.ReadWrite.All Sites.Read.All offline_access
+- Examples:
+ - "Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All
+ Sites.Read.All offline_access"
+ - Read and write access to all resources
+ - "Files.Read Files.Read.All Sites.Read.All offline_access"
+ - Read only access to all resources
+ - "Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All
+ offline_access"
+ - Read and write access to all resources, without the ability
+ to browse SharePoint sites.
+ - Same as if disable_site_permission was set to true
+
--onedrive-disable-site-permission
Disable the request for Sites.Read.All permission.
@@ -29885,7 +34607,7 @@ OneDrive can be found here.
Versions
Every change in a file OneDrive causes the service to create a new
-version of the the file. This counts against a users quota. For example
+version of the file. This counts against a users quota. For example
changing the modification time of a file creates a second version, so
the file apparently uses twice the space.
@@ -29994,12 +34716,12 @@ Replacing/deleting existing files on Sharepoint gets "item not found"
It is a known issue that Sharepoint (not OneDrive or OneDrive for
Business) may return "item not found" errors when users try to replace
or delete uploaded files; this seems to mainly affect Office files
-(.docx, .xlsx, etc.). As a workaround, you may use the
---backup-dir command line argument so rclone moves the
-files to be replaced/deleted into a given backup directory (instead of
-directly replacing/deleting them). For example, to instruct rclone to
-move the files into the directory rclone-backup-dir on backend
-mysharepoint, you may use:
+(.docx, .xlsx, etc.) and web files (.html, .aspx, etc.). As a
+workaround, you may use the --backup-dir command line
+argument so rclone moves the files to be replaced/deleted into a given
+backup directory (instead of directly replacing/deleting them). For
+example, to instruct rclone to move the files into the directory
+rclone-backup-dir on backend mysharepoint, you may use:
--backup-dir mysharepoint:rclone-backup-dir
@@ -30014,7 +34736,7 @@ account. You can't do much about it, maybe write an email to your
admins.
However, there are other ways to interact with your OneDrive account.
-Have a look at the webdav backend: https://rclone.org/webdav/#sharepoint
+Have a look at the WebDAV backend: https://rclone.org/webdav/#sharepoint
invalid_grant (AADSTS50076)
@@ -30039,6 +34761,30 @@ didn't allow public links to be made for the organisation/sharepoint
library. To fix the permissions as an admin, take a look at the docs: 1,
2.
+Can not access Shared with me files
+
+Shared with me files is not supported by rclone currently, but there is
+a workaround:
+
+1. Visit https://onedrive.live.com
+
+2. Right click a item in Shared, then click Add shortcut to My files in
+ the context
+
+ Screenshot (Shared with me)
+
+ [make_shortcut]
+
+3. The shortcut will appear in My files, you can access it with rclone,
+ it behaves like a normal folder/file.
+
+ Screenshot (My Files)
+
+ [in_my_files]
+
+Screenshot (rclone mount)
+
+[rclone_mount]
OpenDrive
Paths are specified as remote:path
@@ -30135,7 +34881,7 @@ strings.
Standard options
-Here are the standard options specific to opendrive (OpenDrive).
+Here are the Standard options specific to opendrive (OpenDrive).
--opendrive-username
@@ -30163,7 +34909,7 @@ Properties:
Advanced options
-Here are the advanced options specific to opendrive (OpenDrive).
+Here are the Advanced options specific to opendrive (OpenDrive).
--opendrive-encoding
@@ -30208,7 +34954,534 @@ rclone about is not supported by the OpenDrive backend. Backends without
this capability cannot determine free space for an rclone mount or use
policy mfs (most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about See rclone about
+See List of backends that do not support rclone about and rclone about
+
+Oracle Object Storage
+
+Oracle Object Storage Overview
+
+Oracle Object Storage FAQ
+
+Paths are specified as remote:bucket (or remote: for the lsd command.)
+You may put subdirectories in too, e.g. remote:bucket/path/to/dir.
+
+Configuration
+
+Here is an example of making an oracle object storage configuration.
+rclone config walks you through it.
+
+Here is an example of how to make a remote called remote. First run:
+
+ rclone config
+
+This will guide you through an interactive setup process:
+
+ n) New remote
+ d) Delete remote
+ r) Rename remote
+ c) Copy remote
+ s) Set configuration password
+ q) Quit config
+ e/n/d/r/c/s/q> n
+
+ Enter name for new remote.
+ name> remote
+
+ Option Storage.
+ Type of storage to configure.
+ Choose a number from below, or type in your own value.
+ [snip]
+ XX / Oracle Cloud Infrastructure Object Storage
+ \ (oracleobjectstorage)
+ Storage> oracleobjectstorage
+
+ Option provider.
+ Choose your Auth Provider
+ Choose a number from below, or type in your own string value.
+ Press Enter for the default (env_auth).
+ 1 / automatically pickup the credentials from runtime(env), first one to provide auth wins
+ \ (env_auth)
+ / use an OCI user and an API key for authentication.
+ 2 | you’ll need to put in a config file your tenancy OCID, user OCID, region, the path, fingerprint to an API key.
+ | https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm
+ \ (user_principal_auth)
+ / use instance principals to authorize an instance to make API calls.
+ 3 | each instance has its own identity, and authenticates using the certificates that are read from instance metadata.
+ | https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm
+ \ (instance_principal_auth)
+ 4 / use resource principals to make API calls
+ \ (resource_principal_auth)
+ 5 / no credentials needed, this is typically for reading public buckets
+ \ (no_auth)
+ provider> 2
+
+ Option namespace.
+ Object storage namespace
+ Enter a value.
+ namespace> idbamagbg734
+
+ Option compartment.
+ Object storage compartment OCID
+ Enter a value.
+ compartment> ocid1.compartment.oc1..aaaaaaaapufkxc7ame3sthry5i7ujrwfc7ejnthhu6bhanm5oqfjpyasjkba
+
+ Option region.
+ Object storage Region
+ Enter a value.
+ region> us-ashburn-1
+
+ Option endpoint.
+ Endpoint for Object storage API.
+ Leave blank to use the default endpoint for the region.
+ Enter a value. Press Enter to leave empty.
+ endpoint>
+
+ Option config_file.
+ Path to OCI config file
+ Choose a number from below, or type in your own string value.
+ Press Enter for the default (~/.oci/config).
+ 1 / oci configuration file location
+ \ (~/.oci/config)
+ config_file> /etc/oci/dev.conf
+
+ Option config_profile.
+ Profile name inside OCI config file
+ Choose a number from below, or type in your own string value.
+ Press Enter for the default (Default).
+ 1 / Use the default profile
+ \ (Default)
+ config_profile> Test
+
+ Edit advanced config?
+ y) Yes
+ n) No (default)
+ y/n> n
+
+ Configuration complete.
+ Options:
+ - type: oracleobjectstorage
+ - namespace: idbamagbg734
+ - compartment: ocid1.compartment.oc1..aaaaaaaapufkxc7ame3sthry5i7ujrwfc7ejnthhu6bhanm5oqfjpyasjkba
+ - region: us-ashburn-1
+ - provider: user_principal_auth
+ - config_file: /etc/oci/dev.conf
+ - config_profile: Test
+ Keep this "remote" remote?
+ y) Yes this is OK (default)
+ e) Edit this remote
+ d) Delete this remote
+ y/e/d> y
+
+See all buckets
+
+ rclone lsd remote:
+
+Create a new bucket
+
+ rclone mkdir remote:bucket
+
+List the contents of a bucket
+
+ rclone ls remote:bucket
+ rclone ls remote:bucket --max-depth 1
+
+Modified time
+
+The modified time is stored as metadata on the object as opc-meta-mtime
+as floating point since the epoch, accurate to 1 ns.
+
+If the modification time needs to be updated rclone will attempt to
+perform a server side copy to update the modification if the object can
+be copied in a single part. In the case the object is larger than 5Gb,
+the object will be uploaded rather than copied.
+
+Note that reading this from the object takes an additional HEAD request
+as the metadata isn't returned in object listings.
+
+Multipart uploads
+
+rclone supports multipart uploads with OOS which means that it can
+upload files bigger than 5 GiB.
+
+Note that files uploaded both with multipart upload and through crypt
+remotes do not have MD5 sums.
+
+rclone switches from single part uploads to multipart uploads at the
+point specified by --oos-upload-cutoff. This can be a maximum of 5 GiB
+and a minimum of 0 (ie always upload multipart files).
+
+The chunk sizes used in the multipart upload are specified by
+--oos-chunk-size and the number of chunks uploaded concurrently is
+specified by --oos-upload-concurrency.
+
+Multipart uploads will use --transfers * --oos-upload-concurrency *
+--oos-chunk-size extra memory. Single part uploads to not use extra
+memory.
+
+Single part transfers can be faster than multipart transfers or slower
+depending on your latency from oos - the more latency, the more likely
+single part transfers will be faster.
+
+Increasing --oos-upload-concurrency will increase throughput (8 would be
+a sensible value) and increasing --oos-chunk-size also increases
+throughput (16M would be sensible). Increasing either of these will use
+more memory. The default values are high enough to gain most of the
+possible performance without using too much memory.
+
+Standard options
+
+Here are the Standard options specific to oracleobjectstorage (Oracle
+Cloud Infrastructure Object Storage).
+
+--oos-provider
+
+Choose your Auth Provider
+
+Properties:
+
+- Config: provider
+- Env Var: RCLONE_OOS_PROVIDER
+- Type: string
+- Default: "env_auth"
+- Examples:
+ - "env_auth"
+ - automatically pickup the credentials from runtime(env),
+ first one to provide auth wins
+ - "user_principal_auth"
+ - use an OCI user and an API key for authentication.
+ - you’ll need to put in a config file your tenancy OCID, user
+ OCID, region, the path, fingerprint to an API key.
+ - https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm
+ - "instance_principal_auth"
+ - use instance principals to authorize an instance to make API
+ calls.
+ - each instance has its own identity, and authenticates using
+ the certificates that are read from instance metadata.
+ - https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm
+ - "resource_principal_auth"
+ - use resource principals to make API calls
+ - "no_auth"
+ - no credentials needed, this is typically for reading public
+ buckets
+
+--oos-namespace
+
+Object storage namespace
+
+Properties:
+
+- Config: namespace
+- Env Var: RCLONE_OOS_NAMESPACE
+- Type: string
+- Required: true
+
+--oos-compartment
+
+Object storage compartment OCID
+
+Properties:
+
+- Config: compartment
+- Env Var: RCLONE_OOS_COMPARTMENT
+- Provider: !no_auth
+- Type: string
+- Required: true
+
+--oos-region
+
+Object storage Region
+
+Properties:
+
+- Config: region
+- Env Var: RCLONE_OOS_REGION
+- Type: string
+- Required: true
+
+--oos-endpoint
+
+Endpoint for Object storage API.
+
+Leave blank to use the default endpoint for the region.
+
+Properties:
+
+- Config: endpoint
+- Env Var: RCLONE_OOS_ENDPOINT
+- Type: string
+- Required: false
+
+--oos-config-file
+
+Path to OCI config file
+
+Properties:
+
+- Config: config_file
+- Env Var: RCLONE_OOS_CONFIG_FILE
+- Provider: user_principal_auth
+- Type: string
+- Default: "~/.oci/config"
+- Examples:
+ - "~/.oci/config"
+ - oci configuration file location
+
+--oos-config-profile
+
+Profile name inside the oci config file
+
+Properties:
+
+- Config: config_profile
+- Env Var: RCLONE_OOS_CONFIG_PROFILE
+- Provider: user_principal_auth
+- Type: string
+- Default: "Default"
+- Examples:
+ - "Default"
+ - Use the default profile
+
+Advanced options
+
+Here are the Advanced options specific to oracleobjectstorage (Oracle
+Cloud Infrastructure Object Storage).
+
+--oos-upload-cutoff
+
+Cutoff for switching to chunked upload.
+
+Any files larger than this will be uploaded in chunks of chunk_size. The
+minimum is 0 and the maximum is 5 GiB.
+
+Properties:
+
+- Config: upload_cutoff
+- Env Var: RCLONE_OOS_UPLOAD_CUTOFF
+- Type: SizeSuffix
+- Default: 200Mi
+
+--oos-chunk-size
+
+Chunk size to use for uploading.
+
+When uploading files larger than upload_cutoff or files with unknown
+size (e.g. from "rclone rcat" or uploaded with "rclone mount" or google
+photos or google docs) they will be uploaded as multipart uploads using
+this chunk size.
+
+Note that "upload_concurrency" chunks of this size are buffered in
+memory per transfer.
+
+If you are transferring large files over high-speed links and you have
+enough memory, then increasing this will speed up the transfers.
+
+Rclone will automatically increase the chunk size when uploading a large
+file of known size to stay below the 10,000 chunks limit.
+
+Files of unknown size are uploaded with the configured chunk_size. Since
+the default chunk size is 5 MiB and there can be at most 10,000 chunks,
+this means that by default the maximum size of a file you can stream
+upload is 48 GiB. If you wish to stream upload larger files then you
+will need to increase chunk_size.
+
+Increasing the chunk size decreases the accuracy of the progress
+statistics displayed with "-P" flag.
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_OOS_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 5Mi
+
+--oos-upload-concurrency
+
+Concurrency for multipart uploads.
+
+This is the number of chunks of the same file that are uploaded
+concurrently.
+
+If you are uploading small numbers of large files over high-speed links
+and these uploads do not fully utilize your bandwidth, then increasing
+this may help to speed up the transfers.
+
+Properties:
+
+- Config: upload_concurrency
+- Env Var: RCLONE_OOS_UPLOAD_CONCURRENCY
+- Type: int
+- Default: 10
+
+--oos-copy-cutoff
+
+Cutoff for switching to multipart copy.
+
+Any files larger than this that need to be server-side copied will be
+copied in chunks of this size.
+
+The minimum is 0 and the maximum is 5 GiB.
+
+Properties:
+
+- Config: copy_cutoff
+- Env Var: RCLONE_OOS_COPY_CUTOFF
+- Type: SizeSuffix
+- Default: 4.656Gi
+
+--oos-copy-timeout
+
+Timeout for copy.
+
+Copy is an asynchronous operation, specify timeout to wait for copy to
+succeed
+
+Properties:
+
+- Config: copy_timeout
+- Env Var: RCLONE_OOS_COPY_TIMEOUT
+- Type: Duration
+- Default: 1m0s
+
+--oos-disable-checksum
+
+Don't store MD5 checksum with object metadata.
+
+Normally rclone will calculate the MD5 checksum of the input before
+uploading it so it can add it to metadata on the object. This is great
+for data integrity checking but can cause long delays for large files to
+start uploading.
+
+Properties:
+
+- Config: disable_checksum
+- Env Var: RCLONE_OOS_DISABLE_CHECKSUM
+- Type: bool
+- Default: false
+
+--oos-encoding
+
+The encoding for the backend.
+
+See the encoding section in the overview for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_OOS_ENCODING
+- Type: MultiEncoder
+- Default: Slash,InvalidUtf8,Dot
+
+--oos-leave-parts-on-error
+
+If true avoid calling abort upload on a failure, leaving all
+successfully uploaded parts on S3 for manual recovery.
+
+It should be set to true for resuming uploads across different sessions.
+
+WARNING: Storing parts of an incomplete multipart upload counts towards
+space usage on object storage and will add additional costs if not
+cleaned up.
+
+Properties:
+
+- Config: leave_parts_on_error
+- Env Var: RCLONE_OOS_LEAVE_PARTS_ON_ERROR
+- Type: bool
+- Default: false
+
+--oos-no-check-bucket
+
+If set, don't attempt to check the bucket exists or create it.
+
+This can be useful when trying to minimise the number of transactions
+rclone does if you know the bucket exists already.
+
+It can also be needed if the user you are using does not have bucket
+creation permissions.
+
+Properties:
+
+- Config: no_check_bucket
+- Env Var: RCLONE_OOS_NO_CHECK_BUCKET
+- Type: bool
+- Default: false
+
+Backend commands
+
+Here are the commands specific to the oracleobjectstorage backend.
+
+Run them with
+
+ rclone backend COMMAND remote:
+
+The help below will explain what arguments each command takes.
+
+See the backend command for more info on how to pass options and
+arguments.
+
+These can be run on a running backend using the rc command
+backend/command.
+
+rename
+
+change the name of an object
+
+ rclone backend rename remote: [options] [+]
+
+This command can be used to rename a object.
+
+Usage Examples:
+
+ rclone backend rename oos:bucket relative-object-path-under-bucket object-new-name
+
+list-multipart-uploads
+
+List the unfinished multipart uploads
+
+ rclone backend list-multipart-uploads remote: [options] [+]
+
+This command lists the unfinished multipart uploads in JSON format.
+
+ rclone backend list-multipart-uploads oos:bucket/path/to/object
+
+It returns a dictionary of buckets with values as lists of unfinished
+multipart uploads.
+
+You can call it with no bucket in which case it lists all bucket, with a
+bucket or with a bucket and path.
+
+ {
+ "test-bucket": [
+ {
+ "namespace": "test-namespace",
+ "bucket": "test-bucket",
+ "object": "600m.bin",
+ "uploadId": "51dd8114-52a4-b2f2-c42f-5291f05eb3c8",
+ "timeCreated": "2022-07-29T06:21:16.595Z",
+ "storageTier": "Standard"
+ }
+ ]
+
+cleanup
+
+Remove unfinished multipart uploads.
+
+ rclone backend cleanup remote: [options] [+]
+
+This command removes unfinished multipart uploads of age greater than
+max-age which defaults to 24 hours.
+
+Note that you can use -i/--dry-run with this command to see what it
+would do.
+
+ rclone backend cleanup oos:bucket/path/to/object
+ rclone backend cleanup -o max-age=7w oos:bucket/path/to/object
+
+Durations are parsed as per the rest of rclone, 2h, 7d, 7w etc.
+
+Options:
+
+- "max-age": Max age of upload to delete
QingStor
@@ -30348,7 +35621,7 @@ strings.
Standard options
-Here are the standard options specific to qingstor (QingCloud Object
+Here are the Standard options specific to qingstor (QingCloud Object
Storage).
--qingstor-env-auth
@@ -30434,7 +35707,7 @@ Properties:
Advanced options
-Here are the advanced options specific to qingstor (QingCloud Object
+Here are the Advanced options specific to qingstor (QingCloud Object
Storage).
--qingstor-connection-retries
@@ -30522,7 +35795,7 @@ rclone about is not supported by the qingstor backend. Backends without
this capability cannot determine free space for an rclone mount or use
policy mfs (most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about See rclone about
+See List of backends that do not support rclone about and rclone about
Sia
@@ -30641,7 +35914,7 @@ Once configured, you can then use rclone like this:
Standard options
-Here are the standard options specific to sia (Sia Decentralized Cloud).
+Here are the Standard options specific to sia (Sia Decentralized Cloud).
--sia-api-url
@@ -30676,7 +35949,7 @@ Properties:
Advanced options
-Here are the advanced options specific to sia (Sia Decentralized Cloud).
+Here are the Advanced options specific to sia (Sia Decentralized Cloud).
--sia-user-agent
@@ -30948,7 +36221,7 @@ strings.
Standard options
-Here are the standard options specific to swift (OpenStack Swift
+Here are the Standard options specific to swift (OpenStack Swift
(Rackspace Cloud Files, Memset Memstore, OVH)).
--swift-env-auth
@@ -31193,7 +36466,7 @@ Properties:
Advanced options
-Here are the advanced options specific to swift (OpenStack Swift
+Here are the Advanced options specific to swift (OpenStack Swift
(Rackspace Cloud Files, Memset Memstore, OVH)).
--swift-leave-parts-on-error
@@ -31243,6 +36516,36 @@ Properties:
- Type: bool
- Default: false
+--swift-no-large-objects
+
+Disable support for static and dynamic large objects
+
+Swift cannot transparently store files bigger than 5 GiB. There are two
+schemes for doing that, static or dynamic large objects, and the API
+does not allow rclone to determine whether a file is a static or dynamic
+large object without doing a HEAD on the object. Since these need to be
+treated differently, this means rclone has to issue HEAD requests for
+objects for example when reading checksums.
+
+When no_large_objects is set, rclone will assume that there are no
+static or dynamic large objects stored. This means it can stop doing the
+extra HEAD calls which in turn increases performance greatly especially
+when doing a swift to swift transfer with --checksum set.
+
+Setting this option implies no_chunk and also that no files will be
+uploaded in chunks, so files bigger than 5 GiB will just fail on upload.
+
+If you set this option and there are static or dynamic large objects,
+then this will give incorrect hashes for them. Downloads will succeed,
+but other operations such as Remove and Copy will fail.
+
+Properties:
+
+- Config: no_large_objects
+- Env Var: RCLONE_SWIFT_NO_LARGE_OBJECTS
+- Type: bool
+- Default: false
+
--swift-encoding
The encoding for the backend.
@@ -31338,9 +36641,10 @@ This will guide you through an interactive setup process:
Pcloud App Client Secret - leave blank normally.
client_secret>
Remote config
- Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+ Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+ If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -31410,6 +36714,14 @@ Deleted files will be moved to the trash. Your subscription level will
determine how long items stay in the trash. rclone cleanup can be used
to empty the trash.
+Emptying the trash
+
+Due to an API limitation, the rclone cleanup command will only work if
+you set your username and password in the advanced options for this
+backend. Since we generally want to avoid storing user passwords in the
+rclone config file, we advise you to only set this up if you need the
+rclone cleanup command to work.
+
Root folder ID
You can set the root_folder_id for rclone. This is the directory
@@ -31433,7 +36745,7 @@ config.
Standard options
-Here are the standard options specific to pcloud (Pcloud).
+Here are the Standard options specific to pcloud (Pcloud).
--pcloud-client-id
@@ -31463,7 +36775,7 @@ Properties:
Advanced options
-Here are the advanced options specific to pcloud (Pcloud).
+Here are the Advanced options specific to pcloud (Pcloud).
--pcloud-token
@@ -31546,6 +36858,35 @@ Properties:
- "eapi.pcloud.com"
- EU region
+--pcloud-username
+
+Your pcloud username.
+
+This is only required when you want to use the cleanup command. Due to a
+bug in the pcloud API the required API does not support OAuth
+authentication so we have to rely on user password authentication for
+it.
+
+Properties:
+
+- Config: username
+- Env Var: RCLONE_PCLOUD_USERNAME
+- Type: string
+- Required: false
+
+--pcloud-password
+
+Your pcloud password.
+
+NB Input to this must be obscured - see rclone obscure.
+
+Properties:
+
+- Config: password
+- Env Var: RCLONE_PCLOUD_PASSWORD
+- Type: string
+- Required: false
+
premiumize.me
Paths are specified as remote:path
@@ -31581,9 +36922,10 @@ This will guide you through an interactive setup process:
** See help for premiumizeme backend at: https://rclone.org/premiumizeme/ **
Remote config
- Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+ Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+ If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -31645,7 +36987,7 @@ strings.
Standard options
-Here are the standard options specific to premiumizeme (premiumize.me).
+Here are the Standard options specific to premiumizeme (premiumize.me).
--premiumizeme-api-key
@@ -31662,7 +37004,7 @@ Properties:
Advanced options
-Here are the advanced options specific to premiumizeme (premiumize.me).
+Here are the Advanced options specific to premiumizeme (premiumize.me).
--premiumizeme-encoding
@@ -31723,9 +37065,10 @@ This will guide you through an interactive setup process:
** See help for putio backend at: https://rclone.org/putio/ **
Remote config
- Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+ Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+ If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -31757,12 +37100,15 @@ This will guide you through an interactive setup process:
q) Quit config
e/n/d/r/c/s/q> q
+See the remote setup docs for how to set it up on a machine with no
+Internet browser available.
+
Note that rclone runs a webserver on your local machine to collect the
-token as returned from Google if you use auto config mode. This only
-runs from the moment it opens your browser to the moment you get back
-the verification code. This is on http://127.0.0.1:53682/ and this it
-may require you to unblock it temporarily if you are running a host
-firewall, or use manual mode.
+token as returned from put.io if using web browser to automatically
+authenticate. This only runs from the moment it opens your browser to
+the moment you get back the verification code. This is on
+http://127.0.0.1:53682/ and this it may require you to unblock it
+temporarily if you are running a host firewall, or use manual mode.
You can then use it like this,
@@ -31792,7 +37138,7 @@ strings.
Advanced options
-Here are the advanced options specific to putio (Put.io).
+Here are the Advanced options specific to putio (Put.io).
--putio-encoding
@@ -31807,6 +37153,15 @@ Properties:
- Type: MultiEncoder
- Default: Slash,BackSlash,Del,Ctl,InvalidUtf8,Dot
+Limitations
+
+put.io has rate limiting. When you hit a limit, rclone automatically
+retries after waiting the amount of time requested by the server.
+
+If you want to avoid ever hitting these limits, you may use the
+--tpslimit flag with a low number. Note that the imposed limits may be
+different for different operations, and may change over time.
+
Seafile
This is a backend for the Seafile storage service: - It works with both
@@ -32065,7 +37420,7 @@ haven't been tested and might not work properly.
Standard options
-Here are the standard options specific to seafile (seafile).
+Here are the Standard options specific to seafile (seafile).
--seafile-url
@@ -32157,7 +37512,7 @@ Properties:
Advanced options
-Here are the advanced options specific to seafile (seafile).
+Here are the Advanced options specific to seafile (seafile).
--seafile-create-library
@@ -32189,7 +37544,7 @@ SFTP is the Secure (or SSH) File Transfer Protocol.
The SFTP backend can be used with a number of different providers:
-- C14
+- Hetzner Storage Box
- rsync.net
SFTP runs over SSH v2 and is installed as standard with most modern SSH
@@ -32198,13 +37553,16 @@ installations.
Paths are specified as remote:path. If the path does not begin with a /
it is relative to the home directory of the user. An empty path remote:
refers to the user's home directory. For example, rclone lsd remote:
-would list the home directory of the user cofigured in the rclone remote
-config (i.e /home/sftpuser). However, rclone lsd remote:/ would list the
-root directory for remote machine (i.e. /)
+would list the home directory of the user configured in the rclone
+remote config (i.e /home/sftpuser). However, rclone lsd remote:/ would
+list the root directory for remote machine (i.e. /)
Note that some SFTP servers will need the leading / - Synology is a good
-example of this. rsync.net, on the other hand, requires users to OMIT
-the leading /.
+example of this. rsync.net and Hetzner, on the other hand, requires
+users to OMIT the leading /.
+
+Note that by default rclone will try to execute shell commands on the
+server, see shell access considerations.
Configuration
@@ -32223,7 +37581,7 @@ This will guide you through an interactive setup process.
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
- XX / SSH/SFTP Connection
+ XX / SSH/SFTP
\ "sftp"
[snip]
Storage> sftp
@@ -32417,6 +37775,114 @@ And then at the end of the session
These commands can be used in scripts of course.
+Shell access
+
+Some functionality of the SFTP backend relies on remote shell access,
+and the possibility to execute commands. This includes checksum, and in
+some cases also about. The shell commands that must be executed may be
+different on different type of shells, and also quoting/escaping of file
+path arguments containing special characters may be different. Rclone
+therefore needs to know what type of shell it is, and if shell access is
+available at all.
+
+Most servers run on some version of Unix, and then a basic Unix shell
+can be assumed, without further distinction. Windows 10, Server 2019,
+and later can also run a SSH server, which is a port of OpenSSH (see
+official installation guide). On a Windows server the shell handling is
+different: Although it can also be set up to use a Unix type shell, e.g.
+Cygwin bash, the default is to use Windows Command Prompt (cmd.exe), and
+PowerShell is a recommended alternative. All of these have behave
+differently, which rclone must handle.
+
+Rclone tries to auto-detect what type of shell is used on the server,
+first time you access the SFTP remote. If a remote shell session is
+successfully created, it will look for indications that it is CMD or
+PowerShell, with fall-back to Unix if not something else is detected. If
+unable to even create a remote shell session, then shell command
+execution will be disabled entirely. The result is stored in the SFTP
+remote configuration, in option shell_type, so that the auto-detection
+only have to be performed once. If you manually set a value for this
+option before first run, the auto-detection will be skipped, and if you
+set a different value later this will override any existing. Value none
+can be set to avoid any attempts at executing shell commands, e.g. if
+this is not allowed on the server.
+
+When the server is rclone serve sftp, the rclone SFTP remote will detect
+this as a Unix type shell - even if it is running on Windows. This
+server does not actually have a shell, but it accepts input commands
+matching the specific ones that the SFTP backend relies on for Unix
+shells, e.g. md5sum and df. Also it handles the string escape rules used
+for Unix shell. Treating it as a Unix type shell from a SFTP remote will
+therefore always be correct, and support all features.
+
+Shell access considerations
+
+The shell type auto-detection logic, described above, means that by
+default rclone will try to run a shell command the first time a new sftp
+remote is accessed. If you configure a sftp remote without a config
+file, e.g. an on the fly remote, rclone will have nowhere to store the
+result, and it will re-run the command on every access. To avoid this
+you should explicitly set the shell_type option to the correct value, or
+to none if you want to prevent rclone from executing any remote shell
+commands.
+
+It is also important to note that, since the shell type decides how
+quoting and escaping of file paths used as command-line arguments are
+performed, configuring the wrong shell type may leave you exposed to
+command injection exploits. Make sure to confirm the auto-detected shell
+type, or explicitly set the shell type you know is correct, or disable
+shell access until you know.
+
+Checksum
+
+SFTP does not natively support checksums (file hash), but rclone is able
+to use checksumming if the same login has shell access, and can execute
+remote commands. If there is a command that can calculate compatible
+checksums on the remote system, Rclone can then be configured to execute
+this whenever a checksum is needed, and read back the results. Currently
+MD5 and SHA-1 are supported.
+
+Normally this requires an external utility being available on the
+server. By default rclone will try commands md5sum, md5 and
+rclone md5sum for MD5 checksums, and the first one found usable will be
+picked. Same with sha1sum, sha1 and rclone sha1sum commands for SHA-1
+checksums. These utilities normally need to be in the remote's PATH to
+be found.
+
+In some cases the shell itself is capable of calculating checksums.
+PowerShell is an example of such a shell. If rclone detects that the
+remote shell is PowerShell, which means it most probably is a Windows
+OpenSSH server, rclone will use a predefined script block to produce the
+checksums when no external checksum commands are found (see shell
+access). This assumes PowerShell version 4.0 or newer.
+
+The options md5sum_command and sha1_command can be used to customize the
+command to be executed for calculation of checksums. You can for example
+set a specific path to where md5sum and sha1sum executables are located,
+or use them to specify some other tools that print checksums in
+compatible format. The value can include command-line arguments, or even
+shell script blocks as with PowerShell. Rclone has subcommands md5sum
+and sha1sum that use compatible format, which means if you have an
+rclone executable on the server it can be used. As mentioned above, they
+will be automatically picked up if found in PATH, but if not you can set
+something like /path/to/rclone md5sum as the value of option
+md5sum_command to make sure a specific executable is used.
+
+Remote checksumming is recommended and enabled by default. First time
+rclone is using a SFTP remote, if options md5sum_command or sha1_command
+are not set, it will check if any of the default commands for each of
+them, as described above, can be used. The result will be saved in the
+remote configuration, so next time it will use the same. Value none will
+be set if none of the default commands could be used for a specific
+algorithm, and this algorithm will not be supported by the remote.
+
+Disabling the checksumming may be required if you are connecting to SFTP
+servers which are not under your control, and to which the execution of
+remote shell commands is prohibited. Set the configuration option
+disable_hashcheck to true to disable checksumming entirely, or set
+shell_type to none to disable all functionality based on remote shell
+command execution.
+
Modified time
Modified times are stored on the server to 1 second precision.
@@ -32429,9 +37895,24 @@ mod_sftp). If you are using one of these servers, you can set the option
set_modtime = false in your RClone backend configuration to disable this
behaviour.
+About command
+
+The about command returns the total space, free space, and used space on
+the remote for the disk of the specified path on the remote or, if not
+set, the disk of the root on the remote.
+
+SFTP usually supports the about command, but it depends on the server.
+If the server implements the vendor-specific VFS statistics extension,
+which is normally the case with OpenSSH instances, it will be used. If
+not, but the same login has access to a Unix shell, where the df command
+is available (e.g. in the remote's PATH), then this will be used
+instead. If the server shell is PowerShell, probably with a Windows
+OpenSSH server, rclone will use a built-in shell command (see shell
+access). If none of the above is applicable, about will fail.
+
Standard options
-Here are the standard options specific to sftp (SSH/SFTP Connection).
+Here are the Standard options specific to sftp (SSH/SFTP).
--sftp-host
@@ -32576,6 +38057,9 @@ methods:
Those algorithms are insecure and may allow plaintext data to be
recovered by an attacker.
+This must be false if you use either ciphers or key_exchange advanced
+options.
+
Properties:
- Config: use_insecure_cipher
@@ -32607,7 +38091,7 @@ Properties:
Advanced options
-Here are the advanced options specific to sftp (SSH/SFTP Connection).
+Here are the Advanced options specific to sftp (SSH/SFTP).
--sftp-known-hosts-file
@@ -32644,16 +38128,16 @@ Properties:
--sftp-path-override
-Override path used by SSH connection.
+Override path used by SSH shell commands.
This allows checksum calculation when SFTP and SSH paths are different.
This issue affects among others Synology NAS boxes.
-Shared folders can be found in directories representing volumes
+E.g. if shared folders can be found in directories representing volumes:
rclone sync /home/local/directory remote:/directory --sftp-path-override /volume2/directory
-Home directory can be found in a shared folder called "home"
+E.g. if home directory can be found in a shared folder called "home":
rclone sync /home/local/directory remote:/home/directory --sftp-path-override /volume1/homes/USER/directory
@@ -32675,6 +38159,28 @@ Properties:
- Type: bool
- Default: true
+--sftp-shell-type
+
+The type of SSH shell on remote server, if any.
+
+Leave blank for autodetect.
+
+Properties:
+
+- Config: shell_type
+- Env Var: RCLONE_SFTP_SHELL_TYPE
+- Type: string
+- Required: false
+- Examples:
+ - "none"
+ - No shell access
+ - "unix"
+ - Unix shell
+ - "powershell"
+ - PowerShell
+ - "cmd"
+ - Windows Command Prompt
+
--sftp-md5sum-command
The command used to read md5 hashes.
@@ -32812,25 +38318,139 @@ Properties:
- Type: Duration
- Default: 1m0s
+--sftp-chunk-size
+
+Upload and download chunk size.
+
+This controls the maximum size of payload in SFTP protocol packets. The
+RFC limits this to 32768 bytes (32k), which is the default. However, a
+lot of servers support larger sizes, typically limited to a maximum
+total package size of 256k, and setting it larger will increase transfer
+speed dramatically on high latency links. This includes OpenSSH, and,
+for example, using the value of 255k works well, leaving plenty of room
+for overhead while still being within a total packet size of 256k.
+
+Make sure to test thoroughly before using a value higher than 32k, and
+only use it if you always connect to the same server or after
+sufficiently broad testing. If you get errors such as "failed to send
+packet payload: EOF", lots of "connection lost", or "corrupted on
+transfer", when copying a larger file, try lowering the value. The
+server run by rclone serve sftp sends packets with standard 32k maximum
+payload so you must not set a different chunk_size when downloading
+files, but it accepts packets up to the 256k total size, so for uploads
+the chunk_size can be set as for the OpenSSH example above.
+
+Properties:
+
+- Config: chunk_size
+- Env Var: RCLONE_SFTP_CHUNK_SIZE
+- Type: SizeSuffix
+- Default: 32Ki
+
+--sftp-concurrency
+
+The maximum number of outstanding requests for one file
+
+This controls the maximum number of outstanding requests for one file.
+Increasing it will increase throughput on high latency links at the cost
+of using more memory.
+
+Properties:
+
+- Config: concurrency
+- Env Var: RCLONE_SFTP_CONCURRENCY
+- Type: int
+- Default: 64
+
+--sftp-set-env
+
+Environment variables to pass to sftp and commands
+
+Set environment variables in the form:
+
+ VAR=value
+
+to be passed to the sftp client and to any commands run (eg md5sum).
+
+Pass multiple variables space separated, eg
+
+ VAR1=value VAR2=value
+
+and pass variables with spaces in in quotes, eg
+
+ "VAR3=value with space" "VAR4=value with space" VAR5=nospacehere
+
+Properties:
+
+- Config: set_env
+- Env Var: RCLONE_SFTP_SET_ENV
+- Type: SpaceSepList
+- Default:
+
+--sftp-ciphers
+
+Space separated list of ciphers to be used for session encryption,
+ordered by preference.
+
+At least one must match with server configuration. This can be checked
+for example using ssh -Q cipher.
+
+This must not be set if use_insecure_cipher is true.
+
+Example:
+
+ aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com aes256-gcm@openssh.com
+
+Properties:
+
+- Config: ciphers
+- Env Var: RCLONE_SFTP_CIPHERS
+- Type: SpaceSepList
+- Default:
+
+--sftp-key-exchange
+
+Space separated list of key exchange algorithms, ordered by preference.
+
+At least one must match with server configuration. This can be checked
+for example using ssh -Q kex.
+
+This must not be set if use_insecure_cipher is true.
+
+Example:
+
+ sntrup761x25519-sha512@openssh.com curve25519-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256
+
+Properties:
+
+- Config: key_exchange
+- Env Var: RCLONE_SFTP_KEY_EXCHANGE
+- Type: SpaceSepList
+- Default:
+
+--sftp-macs
+
+Space separated list of MACs (message authentication code) algorithms,
+ordered by preference.
+
+At least one must match with server configuration. This can be checked
+for example using ssh -Q mac.
+
+Example:
+
+ umac-64-etm@openssh.com umac-128-etm@openssh.com hmac-sha2-256-etm@openssh.com
+
+Properties:
+
+- Config: macs
+- Env Var: RCLONE_SFTP_MACS
+- Type: SpaceSepList
+- Default:
+
Limitations
-SFTP supports checksums if the same login has shell access and md5sum or
-sha1sum as well as echo are in the remote's PATH. This remote
-checksumming (file hashing) is recommended and enabled by default.
-Disabling the checksumming may be required if you are connecting to SFTP
-servers which are not under your control, and to which the execution of
-remote commands is prohibited. Set the configuration option
-disable_hashcheck to true to disable checksumming.
-
-SFTP also supports about if the same login has shell access and df are
-in the remote's PATH. about will return the total space, free space, and
-used space on the remote for the disk of the specified path on the
-remote or, if not set, the disk of the root on the remote. about will
-fail if it does not have shell access or if df is not in the remote's
-PATH.
-
-Note that some SFTP servers (e.g. Synology) the paths are different for
-SSH and SFTP so the hashes can't be calculated properly. For them using
+On some SFTP servers (e.g. Synology) the paths are different for SSH and
+SFTP so the hashes can't be calculated properly. For them using
disable_hashcheck is a good idea.
The only ssh agent supported under Windows is Putty's pageant.
@@ -32844,22 +38464,250 @@ found in this paper.
SFTP isn't supported under plan9 until this issue is fixed.
Note that since SFTP isn't HTTP based the following flags don't work
-with it: --dump-headers, --dump-bodies, --dump-auth
+with it: --dump-headers, --dump-bodies, --dump-auth.
Note that --timeout and --contimeout are both supported.
-C14
-
-C14 is supported through the SFTP backend.
-
-See C14's documentation
-
rsync.net
rsync.net is supported through the SFTP backend.
See rsync.net's documentation of rclone examples.
+Hetzner Storage Box
+
+Hetzner Storage Boxes are supported through the SFTP backend on port 23.
+
+See Hetzner's documentation for details
+
+SMB
+
+SMB is a communication protocol to share files over network.
+
+This relies on go-smb2 library for communication with SMB protocol.
+
+Paths are specified as remote:sharename (or remote: for the lsd
+command.) You may put subdirectories in too, e.g.
+remote:item/path/to/dir.
+
+Notes
+
+The first path segment must be the name of the share, which you entered
+when you started to share on Windows. On smbd, it's the section title in
+smb.conf (usually in /etc/samba/) file. You can find shares by quering
+the root if you're unsure (e.g. rclone lsd remote:).
+
+You can't access to the shared printers from rclone, obviously.
+
+You can't use Anonymous access for logging in. You have to use the guest
+user with an empty password instead. The rclone client tries to avoid
+8.3 names when uploading files by encoding trailing spaces and periods.
+Alternatively, the local backend on Windows can access SMB servers using
+UNC paths, by \\server\share. This doesn't apply to non-Windows OSes,
+such as Linux and macOS.
+
+Configuration
+
+Here is an example of making a SMB configuration.
+
+First run
+
+ rclone config
+
+This will guide you through an interactive setup process.
+
+ No remotes found, make a new one?
+ n) New remote
+ s) Set configuration password
+ q) Quit config
+ n/s/q> n
+ name> remote
+ Option Storage.
+ Type of storage to configure.
+ Choose a number from below, or type in your own value.
+ XX / SMB / CIFS
+ \ (smb)
+ Storage> smb
+
+ Option host.
+ Samba hostname to connect to.
+ E.g. "example.com".
+ Enter a value.
+ host> localhost
+
+ Option user.
+ Samba username.
+ Enter a string value. Press Enter for the default (lesmi).
+ user> guest
+
+ Option port.
+ Samba port number.
+ Enter a signed integer. Press Enter for the default (445).
+ port>
+
+ Option pass.
+ Samba password.
+ Choose an alternative below. Press Enter for the default (n).
+ y) Yes, type in my own password
+ g) Generate random password
+ n) No, leave this optional password blank (default)
+ y/g/n> g
+ Password strength in bits.
+ 64 is just about memorable
+ 128 is secure
+ 1024 is the maximum
+ Bits> 64
+ Your password is: XXXX
+ Use this password? Please note that an obscured version of this
+ password (and not the password itself) will be stored under your
+ configuration file, so keep this generated password in a safe place.
+ y) Yes (default)
+ n) No
+ y/n> y
+
+ Option domain.
+ Domain name for NTLM authentication.
+ Enter a string value. Press Enter for the default (WORKGROUP).
+ domain>
+
+ Edit advanced config?
+ y) Yes
+ n) No (default)
+ y/n> n
+
+ Configuration complete.
+ Options:
+ - type: samba
+ - host: localhost
+ - user: guest
+ - pass: *** ENCRYPTED ***
+ Keep this "remote" remote?
+ y) Yes this is OK (default)
+ e) Edit this remote
+ d) Delete this remote
+ y/e/d> d
+
+Standard options
+
+Here are the Standard options specific to smb (SMB / CIFS).
+
+--smb-host
+
+SMB server hostname to connect to.
+
+E.g. "example.com".
+
+Properties:
+
+- Config: host
+- Env Var: RCLONE_SMB_HOST
+- Type: string
+- Required: true
+
+--smb-user
+
+SMB username.
+
+Properties:
+
+- Config: user
+- Env Var: RCLONE_SMB_USER
+- Type: string
+- Default: "$USER"
+
+--smb-port
+
+SMB port number.
+
+Properties:
+
+- Config: port
+- Env Var: RCLONE_SMB_PORT
+- Type: int
+- Default: 445
+
+--smb-pass
+
+SMB password.
+
+NB Input to this must be obscured - see rclone obscure.
+
+Properties:
+
+- Config: pass
+- Env Var: RCLONE_SMB_PASS
+- Type: string
+- Required: false
+
+--smb-domain
+
+Domain name for NTLM authentication.
+
+Properties:
+
+- Config: domain
+- Env Var: RCLONE_SMB_DOMAIN
+- Type: string
+- Default: "WORKGROUP"
+
+Advanced options
+
+Here are the Advanced options specific to smb (SMB / CIFS).
+
+--smb-idle-timeout
+
+Max time before closing idle connections.
+
+If no connections have been returned to the connection pool in the time
+given, rclone will empty the connection pool.
+
+Set to 0 to keep connections indefinitely.
+
+Properties:
+
+- Config: idle_timeout
+- Env Var: RCLONE_SMB_IDLE_TIMEOUT
+- Type: Duration
+- Default: 1m0s
+
+--smb-hide-special-share
+
+Hide special shares (e.g. print$) which users aren't supposed to access.
+
+Properties:
+
+- Config: hide_special_share
+- Env Var: RCLONE_SMB_HIDE_SPECIAL_SHARE
+- Type: bool
+- Default: true
+
+--smb-case-insensitive
+
+Whether the server is configured to be case-insensitive.
+
+Always true on Windows shares.
+
+Properties:
+
+- Config: case_insensitive
+- Env Var: RCLONE_SMB_CASE_INSENSITIVE
+- Type: bool
+- Default: true
+
+--smb-encoding
+
+The encoding for the backend.
+
+See the encoding section in the overview for more info.
+
+Properties:
+
+- Config: encoding
+- Env Var: RCLONE_SMB_ENCODING
+- Type: MultiEncoder
+- Default:
+ Slash,LtGt,DoubleQuote,Colon,Question,Asterisk,Pipe,BackSlash,Ctl,RightSpace,RightPeriod,InvalidUtf8,Dot
+
Storj
Storj is an encrypted, secure, and cost-effective object storage service
@@ -33065,7 +38913,7 @@ Setup with API key and passphrase
Standard options
-Here are the standard options specific to storj (Storj Decentralized
+Here are the Standard options specific to storj (Storj Decentralized
Cloud Storage).
--storj-provider
@@ -33269,7 +39117,7 @@ without this capability cannot determine free space for an rclone mount
or use policy mfs (most free space) as a member of an rclone union
remote.
-See List of backends that do not support rclone about See rclone about
+See List of backends that do not support rclone about and rclone about
Known issues
@@ -33404,7 +39252,7 @@ deleted straight away.
Standard options
-Here are the standard options specific to sugarsync (Sugarsync).
+Here are the Standard options specific to sugarsync (Sugarsync).
--sugarsync-app-id
@@ -33459,7 +39307,7 @@ Properties:
Advanced options
-Here are the advanced options specific to sugarsync (Sugarsync).
+Here are the Advanced options specific to sugarsync (Sugarsync).
--sugarsync-refresh-token
@@ -33558,7 +39406,7 @@ rclone about is not supported by the SugarSync backend. Backends without
this capability cannot determine free space for an rclone mount or use
policy mfs (most free space) as a member of an rclone union remote.
-See List of backends that do not support rclone about See rclone about
+See List of backends that do not support rclone about and rclone about
Tardigrade
@@ -33663,7 +39511,7 @@ strings.
Standard options
-Here are the standard options specific to uptobox (Uptobox).
+Here are the Standard options specific to uptobox (Uptobox).
--uptobox-access-token
@@ -33680,7 +39528,7 @@ Properties:
Advanced options
-Here are the advanced options specific to uptobox (Uptobox).
+Here are the Advanced options specific to uptobox (Uptobox).
--uptobox-encoding
@@ -33950,7 +39798,7 @@ much larger latency of remote file systems.
Standard options
-Here are the standard options specific to union (Union merges the
+Here are the Standard options specific to union (Union merges the
contents of several upstream fs).
--union-upstreams
@@ -34013,6 +39861,31 @@ Properties:
- Type: int
- Default: 120
+Advanced options
+
+Here are the Advanced options specific to union (Union merges the
+contents of several upstream fs).
+
+--union-min-free-space
+
+Minimum viable free space for lfs/eplfs policies.
+
+If a remote has less than this much free space then it won't be
+considered for use in lfs or eplfs policies.
+
+Properties:
+
+- Config: min_free_space
+- Env Var: RCLONE_UNION_MIN_FREE_SPACE
+- Type: SizeSuffix
+- Default: 1Gi
+
+Metadata
+
+Any metadata supported by the underlying remote is read and written.
+
+See the metadata docs for more info.
+
WebDAV
Paths are specified as remote:path
@@ -34040,7 +39913,7 @@ This will guide you through an interactive setup process:
Type of storage to configure.
Choose a number from below, or type in your own value
[snip]
- XX / Webdav
+ XX / WebDAV
\ "webdav"
[snip]
Storage> webdav
@@ -34049,7 +39922,7 @@ This will guide you through an interactive setup process:
1 / Connect to example.com
\ "https://example.com"
url> https://example.com/remote.php/webdav/
- Name of the Webdav site/service/software you are using
+ Name of the WebDAV site/service/software you are using
Choose a number from below, or type in your own value
1 / Nextcloud
\ "nextcloud"
@@ -34116,7 +39989,7 @@ objects, or only on objects which had a hash uploaded with them.
Standard options
-Here are the standard options specific to webdav (Webdav).
+Here are the Standard options specific to webdav (WebDAV).
--webdav-url
@@ -34133,7 +40006,7 @@ Properties:
--webdav-vendor
-Name of the Webdav site/service/software you are using.
+Name of the WebDAV site/service/software you are using.
Properties:
@@ -34194,7 +40067,7 @@ Properties:
Advanced options
-Here are the advanced options specific to webdav (Webdav).
+Here are the Advanced options specific to webdav (WebDAV).
--webdav-bearer-token-command
@@ -34440,9 +40313,10 @@ This will guide you through an interactive setup process:
Yandex Client Secret - leave blank normally.
client_secret>
Remote config
- Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+ Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+ If not sure try Y. If Y failed, try N.
y) Yes
n) No
y/n> y
@@ -34521,7 +40395,7 @@ strings.
Standard options
-Here are the standard options specific to yandex (Yandex Disk).
+Here are the Standard options specific to yandex (Yandex Disk).
--yandex-client-id
@@ -34551,7 +40425,7 @@ Properties:
Advanced options
-Here are the advanced options specific to yandex (Yandex Disk).
+Here are the Advanced options specific to yandex (Yandex Disk).
--yandex-token
@@ -34672,9 +40546,10 @@ This will guide you through an interactive setup process:
n) No (default)
y/n> n
Remote config
- Use auto config?
- * Say Y if not sure
- * Say N if you are working on a remote or headless machine
+ Use web browser to automatically authenticate rclone with remote?
+ * Say Y if the machine running rclone has a web browser you can use
+ * Say N if running rclone on a (remote) machine without web browser access
+ If not sure try Y. If Y failed, try N.
y) Yes (default)
n) No
y/n>
@@ -34753,7 +40628,7 @@ removed from filenames during upload.
Standard options
-Here are the standard options specific to zoho (Zoho).
+Here are the Standard options specific to zoho (Zoho).
--zoho-client-id
@@ -34801,12 +40676,16 @@ Properties:
- Europe
- "in"
- India
+ - "jp"
+ - Japan
+ - "com.cn"
+ - China
- "com.au"
- Australia
Advanced options
-Here are the advanced options specific to zoho (Zoho).
+Here are the Advanced options specific to zoho (Zoho).
--zoho-token
@@ -34858,6 +40737,22 @@ Properties:
- Type: MultiEncoder
- Default: Del,Ctl,InvalidUtf8
+Setting up your own client_id
+
+For Zoho we advise you to set up your own client_id. To do so you have
+to complete the following steps.
+
+1. Log in to the Zoho API Console
+
+2. Create a new client of type "Server-based Application". The name and
+ website don't matter, but you must add the redirect URL
+ http://localhost:53682/.
+
+3. Once the client is created, you can go to the settings tab and
+ enable it in other regions.
+
+The client id and client secret can now be used with rclone.
+
Local Filesystem
Local paths are specified as normal filesystem paths, e.g.
@@ -35156,7 +41051,7 @@ it isn't supported (e.g. Windows) it will be ignored.
Advanced options
-Here are the advanced options specific to local (Local Disk).
+Here are the Advanced options specific to local (Local Disk).
--local-nounc
@@ -35166,8 +41061,8 @@ Properties:
- Config: nounc
- Env Var: RCLONE_LOCAL_NOUNC
-- Type: string
-- Required: false
+- Type: bool
+- Default: false
- Examples:
- "true"
- Disables long file names.
@@ -35390,6 +41285,47 @@ Properties:
- Type: MultiEncoder
- Default: Slash,Dot
+Metadata
+
+Depending on which OS is in use the local backend may return only some
+of the system metadata. Setting system metadata is supported on all OSes
+but setting user metadata is only supported on linux, freebsd, netbsd,
+macOS and Solaris. It is not supported on Windows yet (see
+pkg/attrs#47).
+
+User metadata is stored as extended attributes (which may not be
+supported by all file systems) under the "user.*" prefix.
+
+Here are the possible system metadata items for the local backend.
+
+ ---------------------------------------------------------------------------------------------------
+ Name Help Type Example Read Only
+ ----------- -------------- ------------- ------------------------------------- --------------------
+ atime Time of last RFC 3339 2006-01-02T15:04:05.999999999Z07:00 N
+ access
+
+ btime Time of file RFC 3339 2006-01-02T15:04:05.999999999Z07:00 N
+ birth
+ (creation)
+
+ gid Group ID of decimal 500 N
+ owner number
+
+ mode File type and octal, unix 0100664 N
+ mode style
+
+ mtime Time of last RFC 3339 2006-01-02T15:04:05.999999999Z07:00 N
+ modification
+
+ rdev Device ID (if hexadecimal 1abc N
+ special file)
+
+ uid User ID of decimal 500 N
+ owner number
+ ---------------------------------------------------------------------------------------------------
+
+See the metadata docs for more info.
+
Backend commands
Here are the commands specific to the local backend.
@@ -35400,8 +41336,8 @@ Run them with
The help below will explain what arguments each command takes.
-See the "rclone backend" command for more info on how to pass options
-and arguments.
+See the backend command for more info on how to pass options and
+arguments.
These can be run on a running backend using the rc command
backend/command.
@@ -35422,6 +41358,640 @@ Options:
Changelog
+v1.61.0 - 2022-12-20
+
+See commits
+
+- New backends
+ - New S3 providers
+ - Liara LOS (MohammadReza)
+- New Features
+ - build: Add vulnerability testing using govulncheck (albertony)
+ - cmd: Enable SIGINFO (Ctrl-T) handler on FreeBSD, NetBSD, OpenBSD
+ and Dragonfly BSD (x3-apptech)
+ - config: Add config/setpath for setting config path via
+ rc/librclone (Nick Craig-Wood)
+ - dedupe
+ - Count Checks in the stats while scanning for duplicates
+ (Nick Craig-Wood)
+ - Make dedupe obey the filters (Nick Craig-Wood)
+ - dlna: Properly attribute code used from
+ https://github.com/anacrolix/dms (Nick Craig-Wood)
+ - docs
+ - Add minimum versions and status badges to backend and
+ command docs (Nick Craig-Wood, albertony)
+ - Remote names may not start or end with space (albertony)
+ - filter: Add metadata filters --metadata-include/exclude/filter
+ and friends (Nick Craig-Wood)
+ - fs
+ - Make all duration flags take y, M, w, d etc suffixes (Nick
+ Craig-Wood)
+ - Add global flag --color to control terminal colors (Kevin
+ Verstaen)
+ - fspath: Allow unicode numbers and letters in remote names
+ (albertony)
+ - lib/file: Improve error message for creating dir on non-existent
+ network host on windows (albertony)
+ - lib/http: Finish port of rclone servers to lib/http (Tom
+ Mombourquette, Nick Craig-Wood)
+ - lib/oauthutil: Improved usability of config flows needing web
+ browser (Ole Frost)
+ - ncdu
+ - Add support for modification time (albertony)
+ - Fallback to sort by name also for sort by average size
+ (albertony)
+ - Rework to use tcell directly instead of the termbox wrapper
+ (eNV25)
+ - rc: Add commands to set GC Percent & Memory Limit (go 1.19+)
+ (Anagh Kumar Baranwal)
+ - rcat: Preserve metadata when Copy falls back to Rcat (Nick
+ Craig-Wood)
+ - rcd: Refactor rclone rc server to use lib/http (Nick Craig-Wood)
+ - rcserver: Avoid generating default credentials with htpasswd
+ (Kamui)
+ - restic: Refactor to use lib/http (Nolan Woods)
+ - serve http: Support unix sockets and multiple listeners (Tom
+ Mombourquette)
+ - serve webdav: Refactor to use lib/http (Nick Craig-Wood)
+ - test: Replace defer cleanup with t.Cleanup (Eng Zer Jun)
+ - test memory: Read metadata if -M flag is specified (Nick
+ Craig-Wood)
+ - wasm: Comply with wasm_exec.js licence terms (Matthew Vernon)
+- Bug Fixes
+ - build: Update golang.org/x/net/http2 to fix GO-2022-1144 (Nick
+ Craig-Wood)
+ - restic: Fix typo in docs 'remove' should be 'remote'
+ (asdffdsazqqq)
+ - serve dlna: Fix panic: Logger uninitialized. (Nick Craig-Wood)
+- Mount
+ - Update cgofuse for FUSE-T support for mounting volumes on Mac
+ (Nick Craig-Wood)
+- VFS
+ - Windows: fix slow opening of exe files by not truncating files
+ when not necessary (Nick Craig-Wood)
+ - Fix IO Error opening a file with O_CREATE|O_RDONLY in
+ --vfs-cache-mode not full (Nick Craig-Wood)
+- Crypt
+ - Fix compress wrapping crypt giving upload errors (Nick
+ Craig-Wood)
+- Azure Blob
+ - Port to new SDK (Nick Craig-Wood)
+ - Revamp authentication to include all methods and docs (Nick
+ Craig-Wood)
+ - Port old authentication methods to new SDK (Nick Craig-Wood,
+ Brad Ackerman)
+ - Thanks to Stonebranch for sponsoring this work.
+ - Add --azureblob-no-check-container to assume container exists
+ (Nick Craig-Wood)
+ - Add --use-server-modtime support (Abdullah Saglam)
+ - Add support for custom upload headers (rkettelerij)
+ - Allow emulator account/key override (Roel Arents)
+ - Support simple "environment credentials" (Nathaniel Wesley
+ Filardo)
+ - Ignore AuthorizationFailure when trying to create a create a
+ container (Nick Craig-Wood)
+- Box
+ - Added note on Box API rate limits (Ole Frost)
+- Drive
+ - Handle shared drives with leading/trailing space in name
+ (related to) (albertony)
+- FTP
+ - Update help text of implicit/explicit TLS options to refer to
+ FTPS instead of FTP (ycdtosa)
+ - Improve performance to speed up --files-from and NewObject
+ (Anthony Pessy)
+- HTTP
+ - Parse GET responses when no_head is set (Arnie97)
+ - Do not update object size based on Range requests (Arnie97)
+ - Support Content-Range response header (Arnie97)
+- Onedrive
+ - Document workaround for shared with me files (vanplus)
+- S3
+ - Add Liara LOS to provider list (MohammadReza)
+ - Add DigitalOcean Spaces regions sfo3, fra1, syd1 (Jack)
+ - Avoid privileged GetBucketLocation to resolve s3 region (Anthony
+ Pessy)
+ - Stop setting object and bucket ACL to private if it is an empty
+ string (Philip Harvey)
+ - If bucket or object ACL is empty string then don't add
+ X-Amz-Acl: header (Nick Craig-Wood)
+ - Reduce memory consumption for s3 objects (Erik Agterdenbos)
+ - Fix listing loop when using v2 listing on v1 server (Nick
+ Craig-Wood)
+ - Fix nil pointer exception when using Versions (Nick Craig-Wood)
+ - Fix excess memory usage when using versions (Nick Craig-Wood)
+ - Ignore versionIDs from uploads unless using --s3-versions or
+ --s3-versions-at (Nick Craig-Wood)
+- SFTP
+ - Add configuration options to set ssh Ciphers / MACs /
+ KeyExchange (dgouju)
+ - Auto-detect shell type for fish (albertony)
+ - Fix NewObject with leading / (Nick Craig-Wood)
+- Smb
+ - Fix issue where spurious dot directory is created (albertony)
+- Storj
+ - Implement server side Copy (Kaloyan Raev)
+
+v1.60.1 - 2022-11-17
+
+See commits
+
+- Bug Fixes
+ - lib/cache: Fix alias backend shutting down too soon (Nick
+ Craig-Wood)
+ - wasm: Fix walltime link error by adding up-to-date wasm_exec.js
+ (João Henrique Franco)
+ - docs
+ - Update faq.md with bisync (Samuel Johnson)
+ - Corrected download links in windows install docs
+ (coultonluke)
+ - Add direct download link for windows arm64 (albertony)
+ - Remove link to rclone slack as it is no longer supported
+ (Nick Craig-Wood)
+ - Faq: how to use a proxy server that requires a username and
+ password (asdffdsazqqq)
+ - Oracle-object-storage: doc fix (Manoj Ghosh)
+ - Fix typo remove in rclone_serve_restic command (Joda Stößer)
+ - Fix character that was incorrectly interpreted as markdown
+ (Clément Notin)
+- VFS
+ - Fix deadlock caused by cache cleaner and upload finishing (Nick
+ Craig-Wood)
+- Local
+ - Clean absolute paths (albertony)
+ - Fix -L/--copy-links with filters missing directories (Nick
+ Craig-Wood)
+- Mailru
+ - Note that an app password is now needed (Nick Craig-Wood)
+ - Allow timestamps to be before the epoch 1970-01-01 (Nick
+ Craig-Wood)
+- S3
+ - Add provider quirk --s3-might-gzip to fix corrupted on transfer:
+ sizes differ (Nick Craig-Wood)
+ - Allow Storj to server side copy since it seems to work now (Nick
+ Craig-Wood)
+ - Fix for unchecked err value in s3 listv2 (Aaron Gokaslan)
+ - Add additional Wasabi locations (techknowlogick)
+- Smb
+ - Fix Failed to sync: context canceled at the end of syncs (Nick
+ Craig-Wood)
+- WebDAV
+ - Fix Move/Copy/DirMove when using -server-side-across-configs
+ (Nick Craig-Wood)
+
+v1.60.0 - 2022-10-21
+
+See commits
+
+- New backends
+ - Oracle object storage (Manoj Ghosh)
+ - SMB / CIFS (Windows file sharing) (Lesmiscore)
+ - New S3 providers
+ - IONOS Cloud Storage (Dmitry Deniskin)
+ - Qiniu KODO (Bachue Zhou)
+- New Features
+ - build
+ - Update to go1.19 and make go1.17 the minimum required
+ version (Nick Craig-Wood)
+ - Install.sh: fix arm-v7 download (Ole Frost)
+ - fs: Warn the user when using an existing remote name without a
+ colon (Nick Craig-Wood)
+ - httplib: Add --xxx-min-tls-version option to select minimum TLS
+ version for HTTP servers (Robert Newson)
+ - librclone: Add PHP bindings and test program (Jordi Gonzalez
+ Muñoz)
+ - operations
+ - Add --server-side-across-configs global flag for any backend
+ (Nick Craig-Wood)
+ - Optimise --copy-dest and --compare-dest (Nick Craig-Wood)
+ - rc: add job/stopgroup to stop group (Evan Spensley)
+ - serve dlna
+ - Add --announce-interval to control SSDP Announce Interval
+ (YanceyChiew)
+ - Add --interface to Specify SSDP interface names line (Simon
+ Bos)
+ - Add support for more external subtitles (YanceyChiew)
+ - Add verification of addresses (YanceyChiew)
+ - sync: Optimise --copy-dest and --compare-dest (Nick Craig-Wood)
+ - doc updates (albertony, Alexander Knorr, anonion, João Henrique
+ Franco, Josh Soref, Lorenzo Milesi, Marco Molteni, Mark Trolley,
+ Ole Frost, partev, Ryan Morey, Tom Mombourquette, YFdyh000)
+- Bug Fixes
+ - filter
+ - Fix incorrect filtering with UseFilter context flag and
+ wrapping backends (Nick Craig-Wood)
+ - Make sure we check --files-from when looking for a single
+ file (Nick Craig-Wood)
+ - rc
+ - Fix mount/listmounts not returning the full Fs entered in
+ mount/mount (Tom Mombourquette)
+ - Handle external unmount when mounting (Isaac Aymerich)
+ - Validate Daemon option is not set when mounting a volume via
+ RC (Isaac Aymerich)
+ - sync: Update docs and error messages to reflect fixes to overlap
+ checks (Nick Naumann)
+- VFS
+ - Reduce memory use by embedding sync.Cond (Nick Craig-Wood)
+ - Reduce memory usage by re-ordering commonly used structures
+ (Nick Craig-Wood)
+ - Fix excess CPU used by VFS cache cleaner looping (Nick
+ Craig-Wood)
+- Local
+ - Obey file filters in listing to fix errors on excluded files
+ (Nick Craig-Wood)
+ - Fix "Failed to read metadata: function not implemented" on old
+ Linux kernels (Nick Craig-Wood)
+- Compress
+ - Fix crash due to nil metadata (Nick Craig-Wood)
+ - Fix error handling to not use or return nil objects (Nick
+ Craig-Wood)
+- Drive
+ - Make --drive-stop-on-upload-limit obey quota exceeded error
+ (Steve Kowalik)
+- FTP
+ - Add --ftp-force-list-hidden option to show hidden items (Øyvind
+ Heddeland Instefjord)
+ - Fix hang when using ExplicitTLS to certain servers. (Nick
+ Craig-Wood)
+- Google Cloud Storage
+ - Add --gcs-endpoint flag and config parameter (Nick Craig-Wood)
+- Hubic
+ - Remove backend as service has now shut down (Nick Craig-Wood)
+- Onedrive
+ - Rename Onedrive(cn) 21Vianet to Vnet Group (Yen Hu)
+ - Disable change notify in China region since it is not supported
+ (Nick Craig-Wood)
+- S3
+ - Implement --s3-versions flag to show old versions of objects if
+ enabled (Nick Craig-Wood)
+ - Implement --s3-version-at flag to show versions of objects at a
+ particular time (Nick Craig-Wood)
+ - Implement backend versioning command to get/set bucket
+ versioning (Nick Craig-Wood)
+ - Implement Purge to purge versions and backend cleanup-hidden
+ (Nick Craig-Wood)
+ - Add --s3-decompress flag to decompress gzip-encoded files (Nick
+ Craig-Wood)
+ - Add --s3-sse-customer-key-base64 to supply keys with binary data
+ (Richard Bateman)
+ - Try to keep the maximum precision in ModTime with
+ --user-server-modtime (Nick Craig-Wood)
+ - Drop binary metadata with an ERROR message as it can't be stored
+ (Nick Craig-Wood)
+ - Add --s3-no-system-metadata to suppress read and write of system
+ metadata (Nick Craig-Wood)
+- SFTP
+ - Fix directory creation races (Lesmiscore)
+- Swift
+ - Add --swift-no-large-objects to reduce HEAD requests (Nick
+ Craig-Wood)
+- Union
+ - Propagate SlowHash feature to fix hasher interaction
+ (Lesmiscore)
+
+v1.59.2 - 2022-09-15
+
+See commits
+
+- Bug Fixes
+ - config: Move locking to fix fatal error: concurrent map read and
+ map write (Nick Craig-Wood)
+- Local
+ - Disable xattr support if the filesystems indicates it is not
+ supported (Nick Craig-Wood)
+- Azure Blob
+ - Fix chunksize calculations producing too many parts (Nick
+ Craig-Wood)
+- B2
+ - Fix chunksize calculations producing too many parts (Nick
+ Craig-Wood)
+- S3
+ - Fix chunksize calculations producing too many parts (Nick
+ Craig-Wood)
+
+v1.59.1 - 2022-08-08
+
+See commits
+
+- Bug Fixes
+ - accounting: Fix panic in core/stats-reset with unknown group
+ (Nick Craig-Wood)
+ - build: Fix android build after GitHub actions change (Nick
+ Craig-Wood)
+ - dlna: Fix SOAP action header parsing (Joram Schrijver)
+ - docs: Fix links to mount command from install docs (albertony)
+ - dropbox: Fix ChangeNotify was unable to decrypt errors (Nick
+ Craig-Wood)
+ - fs: Fix parsing of times and durations of the form "YYYY-MM-DD
+ HH:MM:SS" (Nick Craig-Wood)
+ - serve sftp: Fix checksum detection (Nick Craig-Wood)
+ - sync: Add accidentally missed filter-sensitivity to --backup-dir
+ option (Nick Naumann)
+- Combine
+ - Fix docs showing remote= instead of upstreams= (Nick Craig-Wood)
+ - Throw error if duplicate directory name is specified (Nick
+ Craig-Wood)
+ - Fix errors with backends shutting down while in use (Nick
+ Craig-Wood)
+- Dropbox
+ - Fix hang on quit with --dropbox-batch-mode off (Nick Craig-Wood)
+ - Fix infinite loop on uploading a corrupted file (Nick
+ Craig-Wood)
+- Internetarchive
+ - Ignore checksums for files using the different method
+ (Lesmiscore)
+ - Handle hash symbol in the middle of filename (Lesmiscore)
+- Jottacloud
+ - Fix working with whitelabel Elgiganten Cloud
+ - Do not store username in config when using standard auth
+ (albertony)
+- Mega
+ - Fix nil pointer exception when bad node received (Nick
+ Craig-Wood)
+- S3
+ - Fix --s3-no-head panic: reflect: Elem of invalid type
+ s3.PutObjectInput (Nick Craig-Wood)
+- SFTP
+ - Fix issue with WS_FTP by working around failing RealPath
+ (albertony)
+- Union
+ - Fix duplicated files when using directories with leading / (Nick
+ Craig-Wood)
+ - Fix multiple files being uploaded when roots don't exist (Nick
+ Craig-Wood)
+ - Fix panic due to misalignment of struct field in 32 bit
+ architectures (r-ricci)
+
+v1.59.0 - 2022-07-09
+
+See commits
+
+- New backends
+ - Combine multiple remotes in one directory tree (Nick Craig-Wood)
+ - Hidrive (Ovidiu Victor Tatar)
+ - Internet Archive (Lesmiscore (Naoya Ozaki))
+ - New S3 providers
+ - ArvanCloud AOS (ehsantdy)
+ - Cloudflare R2 (Nick Craig-Wood)
+ - Huawei OBS (m00594701)
+ - IDrive e2 (vyloy)
+- New commands
+ - test makefile: Create a single file for testing (Nick
+ Craig-Wood)
+- New Features
+ - Metadata framework to read and write system and user metadata on
+ backends (Nick Craig-Wood)
+ - Implemented initially for local, s3 and internetarchive
+ backends
+ - --metadata/-M flag to control whether metadata is copied
+ - --metadata-set flag to specify metadata for uploads
+ - Thanks to Manz Solutions for sponsoring this work.
+ - build
+ - Update to go1.18 and make go1.16 the minimum required
+ version (Nick Craig-Wood)
+ - Update android go build to 1.18.x and NDK to 23.1.7779620
+ (Nick Craig-Wood)
+ - All windows binaries now no longer CGO (Nick Craig-Wood)
+ - Add linux/arm/v6 to docker images (Nick Craig-Wood)
+ - A huge number of fixes found with staticcheck (albertony)
+ - Configurable version suffix independent of version number
+ (albertony)
+ - check: Implement --no-traverse and --no-unicode-normalization
+ (Nick Craig-Wood)
+ - config: Readability improvements (albertony)
+ - copyurl: Add --header-filename to honor the HTTP header filename
+ directive (J-P Treen)
+ - filter: Allow multiple --exclude-if-present flags (albertony)
+ - fshttp: Add --disable-http-keep-alives to disable HTTP Keep
+ Alives (Nick Craig-Wood)
+ - install.sh
+ - Set the modes on the files and/or directories on macOS
+ (Michael C Tiernan - MIT-Research Computing Project)
+ - Pre verify sudo authorization -v before calling curl.
+ (Michael C Tiernan - MIT-Research Computing Project)
+ - lib/encoder: Add Semicolon encoding (Nick Craig-Wood)
+ - lsf: Add metadata support with M flag (Nick Craig-Wood)
+ - lsjson: Add --metadata/-M flag (Nick Craig-Wood)
+ - ncdu
+ - Implement multi selection (CrossR)
+ - Replace termbox with tcell's termbox wrapper (eNV25)
+ - Display correct path in delete confirmation dialog (Roberto
+ Ricci)
+ - operations
+ - Speed up hash checking by aborting the other hash if first
+ returns nothing (Nick Craig-Wood)
+ - Use correct src/dst in some log messages (zzr93)
+ - rcat: Check checksums by default like copy does (Nick
+ Craig-Wood)
+ - selfupdate: Replace deprecated x/crypto/openpgp package with
+ ProtonMail/go-crypto (albertony)
+ - serve ftp: Check --passive-port arguments are correct (Nick
+ Craig-Wood)
+ - size: Warn about inaccurate results when objects with unknown
+ size (albertony)
+ - sync: Overlap check is now filter-sensitive so --backup-dir can
+ be in the root provided it is filtered (Nick)
+ - test info: Check file name lengths using 1,2,3,4 byte unicode
+ characters (Nick Craig-Wood)
+ - test makefile(s): --sparse, --zero, --pattern, --ascii,
+ --chargen flags to control file contents (Nick Craig-Wood)
+ - Make sure we call the Shutdown method on backends (Martin
+ Czygan)
+- Bug Fixes
+ - accounting: Fix unknown length file transfers counting 3
+ transfers each (buda)
+ - ncdu: Fix issue where dir size is summed when file sizes are -1
+ (albertony)
+ - sync/copy/move
+ - Fix --fast-list --create-empty-src-dirs and --exclude (Nick
+ Craig-Wood)
+ - Fix --max-duration and --cutoff-mode soft (Nick Craig-Wood)
+ - Fix fs cache unpin (Martin Czygan)
+ - Set proper exit code for errors that are not low-level retried
+ (e.g. size/timestamp changing) (albertony)
+- Mount
+ - Support windows/arm64 (may still be problems - see #5828) (Nick
+ Craig-Wood)
+ - Log IO errors at ERROR level (Nick Craig-Wood)
+ - Ignore _netdev mount argument (Hugal31)
+- VFS
+ - Add --vfs-fast-fingerprint for less accurate but faster
+ fingerprints (Nick Craig-Wood)
+ - Add --vfs-disk-space-total-size option to manually set the total
+ disk space (Claudio Maradonna)
+ - vfscache: Fix fatal error: sync: unlock of unlocked mutex error
+ (Nick Craig-Wood)
+- Local
+ - Fix parsing of --local-nounc flag (Nick Craig-Wood)
+ - Add Metadata support (Nick Craig-Wood)
+- Crypt
+ - Support metadata (Nick Craig-Wood)
+- Azure Blob
+ - Calculate Chunksize/blocksize to stay below maxUploadParts
+ (Leroy van Logchem)
+ - Use chunksize lib to determine chunksize dynamically (Derek
+ Battams)
+ - Case insensitive access tier (Rob Pickerill)
+ - Allow remote emulator (azurite) (Lorenzo Maiorfi)
+- B2
+ - Add --b2-version-at flag to show file versions at time specified
+ (SwazRGB)
+ - Use chunksize lib to determine chunksize dynamically (Derek
+ Battams)
+- Chunker
+ - Mark as not supporting metadata (Nick Craig-Wood)
+- Compress
+ - Support metadata (Nick Craig-Wood)
+- Drive
+ - Make backend config -o config add a combined AllDrives: remote
+ (Nick Craig-Wood)
+ - Make --drive-shared-with-me work with shared drives (Nick
+ Craig-Wood)
+ - Add --drive-resource-key for accessing link-shared files (Nick
+ Craig-Wood)
+ - Add backend commands exportformats and importformats for
+ debugging (Nick Craig-Wood)
+ - Fix 404 errors on copy/server side copy objects from public
+ folder (Nick Craig-Wood)
+ - Update Internal OAuth consent screen docs (Phil Shackleton)
+ - Moved root_folder_id to advanced section (Abhiraj)
+- Dropbox
+ - Migrate from deprecated api (m8rge)
+ - Add logs to show when poll interval limits are exceeded (Nick
+ Craig-Wood)
+ - Fix nil pointer exception on dropbox impersonate user not found
+ (Nick Craig-Wood)
+- Fichier
+ - Parse api error codes and them accordingly (buengese)
+- FTP
+ - Add support for disable_utf8 option (Jason Zheng)
+ - Revert to upstream github.com/jlaffaye/ftp from our fork (Nick
+ Craig-Wood)
+- Google Cloud Storage
+ - Add --gcs-no-check-bucket to minimise transactions and perms
+ (Nick Gooding)
+ - Add --gcs-decompress flag to decompress gzip-encoded files (Nick
+ Craig-Wood)
+ - by default these will be downloaded compressed (which
+ previously failed)
+- Hasher
+ - Support metadata (Nick Craig-Wood)
+- HTTP
+ - Fix missing response when using custom auth handler (albertony)
+- Jottacloud
+ - Add support for upload to custom device and mountpoint
+ (albertony)
+ - Always store username in config and use it to avoid initial API
+ request (albertony)
+ - Fix issue with server-side copy when destination is in trash
+ (albertony)
+ - Fix listing output of remote with special characters (albertony)
+- Mailru
+ - Fix timeout by using int instead of time.Duration for keeping
+ number of seconds (albertony)
+- Mega
+ - Document using MEGAcmd to help with login failures (Art M.
+ Gallagher)
+- Onedrive
+ - Implement --poll-interval for onedrive (Hugo Laloge)
+ - Add access scopes option (Sven Gerber)
+- Opendrive
+ - Resolve lag and truncate bugs (Scott Grimes)
+- Pcloud
+ - Fix about with no free space left (buengese)
+ - Fix cleanup (buengese)
+- S3
+ - Use PUT Object instead of presigned URLs to upload single part
+ objects (Nick Craig-Wood)
+ - Backend restore command to skip non-GLACIER objects (Vincent
+ Murphy)
+ - Use chunksize lib to determine chunksize dynamically (Derek
+ Battams)
+ - Retry RequestTimeout errors (Nick Craig-Wood)
+ - Implement reading and writing of metadata (Nick Craig-Wood)
+- SFTP
+ - Add support for about and hashsum on windows server (albertony)
+ - Use vendor-specific VFS statistics extension for about if
+ available (albertony)
+ - Add --sftp-chunk-size to control packets sizes for high latency
+ links (Nick Craig-Wood)
+ - Add --sftp-concurrency to improve high latency transfers (Nick
+ Craig-Wood)
+ - Add --sftp-set-env option to set environment variables (Nick
+ Craig-Wood)
+ - Add Hetzner Storage Boxes to supported sftp backends (Anthrazz)
+- Storj
+ - Fix put which lead to the file being unreadable when using mount
+ (Erik van Velzen)
+- Union
+ - Add min_free_space option for lfs/eplfs policies (Nick
+ Craig-Wood)
+ - Fix uploading files to union of all bucket based remotes (Nick
+ Craig-Wood)
+ - Fix get free space for remotes which don't support it (Nick
+ Craig-Wood)
+ - Fix eplus policy to select correct entry for existing files
+ (Nick Craig-Wood)
+ - Support metadata (Nick Craig-Wood)
+- Uptobox
+ - Fix root path handling (buengese)
+- WebDAV
+ - Add SharePoint in other specific regions support (Noah Hsu)
+- Yandex
+ - Handle api error on server-side move (albertony)
+- Zoho
+ - Add Japan and China regions (buengese)
+
+v1.58.1 - 2022-04-29
+
+See commits
+
+- Bug Fixes
+ - build: Update github.com/billziss-gh to github.com/winfsp (Nick
+ Craig-Wood)
+ - filter: Fix timezone of --min-age/-max-age from UTC to local as
+ documented (Nick Craig-Wood)
+ - rc/js: Correct RC method names (Sơn Trần-Nguyễn)
+ - docs
+ - Fix some links to command pages (albertony)
+ - Add --multi-thread-streams note to --transfers. (Zsolt Ero)
+- Mount
+ - Fix --devname and fusermount: unknown option 'fsname' when
+ mounting via rc (Nick Craig-Wood)
+- VFS
+ - Remove wording which suggests VFS is only for mounting (Nick
+ Craig-Wood)
+- Dropbox
+ - Fix retries of multipart uploads with incorrect_offset error
+ (Nick Craig-Wood)
+- Google Cloud Storage
+ - Use the s3 pacer to speed up transactions (Nick Craig-Wood)
+ - pacer: Default the Google pacer to a burst of 100 to fix gcs
+ pacing (Nick Craig-Wood)
+- Jottacloud
+ - Fix scope in token request (albertony)
+- Netstorage
+ - Fix unescaped HTML in documentation (Nick Craig-Wood)
+ - Make levels of headings consistent (Nick Craig-Wood)
+ - Add support contacts to netstorage doc (Nil Alexandrov)
+- Onedrive
+ - Note that sharepoint also changes web files (.html, .aspx) (GH)
+- Putio
+ - Handle rate limit errors (Berkan Teber)
+ - Fix multithread download and other ranged requests (rafma0)
+- S3
+ - Add ChinaMobile EOS to provider list (GuoXingbin)
+ - Sync providers in config description with providers (Nick
+ Craig-Wood)
+- SFTP
+ - Fix OpenSSH 8.8+ RSA keys incompatibility (KARBOWSKI Piotr)
+ - Note that Scaleway C14 is deprecating SFTP in favor of S3
+ (Adrien Rey-Jarthon)
+- Storj
+ - Fix bucket creation on Move (Nick Craig-Wood)
+- WebDAV
+ - Don't override Referer if user sets it (Nick Craig-Wood)
+
v1.58.0 - 2022-03-18
See commits
@@ -35465,7 +42035,7 @@ See commits
change (Nick Craig-Wood)
- Hard fork github.com/jlaffaye/ftp to fix
go get github.com/rclone/rclone (Nick Craig-Wood)
- - oauthutil: Fix crash when webrowser requests /robots.txt (Nick
+ - oauthutil: Fix crash when webbrowser requests /robots.txt (Nick
Craig-Wood)
- operations: Fix goroutine leak in case of copy retry (Ankur
Gupta)
@@ -35583,7 +42153,7 @@ See commits
(Nick Craig-Wood)
- Fix timeout on hashing large files by sending keepalives (Nick
Craig-Wood)
- - Fix unecessary seeking when uploading and downloading files
+ - Fix unnecessary seeking when uploading and downloading files
(Nick Craig-Wood)
- Update docs on how to create known_hosts file (Nick Craig-Wood)
- Storj
@@ -36383,9 +42953,9 @@ See commits
- Add toggle option for average s3ize in directory - key 'a'
(Adam Plánský)
- Add empty folder flag into ncdu browser (Adam Plánský)
- - Add ! (errror) and . (unreadable) file flags to go with e
+ - Add ! (error) and . (unreadable) file flags to go with e
(empty) (Nick Craig-Wood)
- - obscure: Make rclone osbcure - ignore newline at end of line
+ - obscure: Make rclone obscure - ignore newline at end of line
(Nick Craig-Wood)
- operations
- Add logs when need to upload files to set mod times (Nick
@@ -36422,7 +42992,7 @@ See commits
- move: Fix data loss when source and destination are the same
object (Nick Craig-Wood)
- operations
- - Fix --cutof-mode hard not cutting off immediately (Nick
+ - Fix --cutoff-mode hard not cutting off immediately (Nick
Craig-Wood)
- Fix --immutable error message (Nick Craig-Wood)
- sync
@@ -36491,7 +43061,7 @@ See commits
- Fixed crash on an empty file name (lluuaapp)
- Box
- Fix NewObject for files that differ in case (Nick Craig-Wood)
- - Fix finding directories in a case insentive way (Nick
+ - Fix finding directories in a case insensitive way (Nick
Craig-Wood)
- Chunker
- Skip long local hashing, hash in-transit (fixes) (Ivan Andreev)
@@ -36607,7 +43177,7 @@ See commits
Craig-Wood)
- Sugarsync
- Fix NewObject for files that differ in case (Nick Craig-Wood)
- - Fix finding directories in a case insentive way (Nick
+ - Fix finding directories in a case insensitive way (Nick
Craig-Wood)
- Swift
- Fix deletion of parts of Static Large Object (SLO) (Nguyễn Hữu
@@ -36703,7 +43273,7 @@ v1.53.2 - 2020-10-26
See commits
- Bug Fixes
- - acounting
+ - accounting
- Fix incorrect speed and transferTime in core/stats (Nick
Craig-Wood)
- Stabilize display order of transfers on Windows (Nick
@@ -38067,8 +44637,8 @@ v1.49.0 - 2019-08-26
- rcd: Fix permissions problems on cache directory with web gui
download (Nick Craig-Wood)
- Mount
- - Default --daemon-timout to 15 minutes on macOS and FreeBSD (Nick
- Craig-Wood)
+ - Default --daemon-timeout to 15 minutes on macOS and FreeBSD
+ (Nick Craig-Wood)
- Update docs to show mounting from root OK for bucket-based (Nick
Craig-Wood)
- Remove nonseekable flag from write files (Nick Craig-Wood)
@@ -38499,7 +45069,7 @@ v1.46 - 2019-02-09
- HTTP
- Add an example with username and password which is supported but
wasn't documented (Nick Craig-Wood)
- - Fix backend with --files-from and non-existent files (Nick
+ - Fix backend with --files-from and nonexistent files (Nick
Craig-Wood)
- Hubic
- Make error message more informative if authentication fails
@@ -39095,7 +45665,7 @@ v1.41 - 2018-04-28
- FTP
- Work around strange response from box FTP server
- More workarounds for FTP servers to fix mkParentDir error
- - Fix no error on listing non-existent directory
+ - Fix no error on listing nonexistent directory
- Google Cloud Storage
- Add service_account_credentials (Matt Holt)
- Detect bucket presence by listing it - minimises permissions
@@ -39186,7 +45756,7 @@ v1.40 - 2018-03-19
- Make a beta release for all branches on the main repo (but not
pull requests)
- Bug Fixes
- - config: fixes errors on non existing config by loading config
+ - config: fixes errors on nonexistent config by loading config
file only on first access
- config: retry saving the config after failure (Mateusz)
- sync: when using --backup-dir don't delete files if we can't set
@@ -39814,7 +46384,7 @@ v1.34 - 2016-11-06
Tomasz Mazur
- S3
- Command line and config file support for
- - Setting/overriding ACL - thanks Radek Senfeld
+ - Setting/overriding ACL - thanks Radek Šenfeld
- Setting storage class - thanks Asko Tamm
- Drive
- Make exponential backoff work exactly as per Google
@@ -40460,7 +47030,7 @@ node running rclone would need to have lots of bandwidth.
The syncs would be incremental (on a file by file basis).
-Eg
+e.g.
rclone sync -i drive:Folder s3:bucket
@@ -40507,9 +47077,7 @@ metadata, which breaks the desired 1:1 mapping of files to objects.
Can rclone do bi-directional sync?
-No, not at present. rclone only does uni-directional sync from A -> B.
-It may do in the future though since it has all the primitives - it just
-requires writing the algorithm to do it.
+Yes, since rclone v1.58.0, bidirectional cloud sync is available.
Can I use rclone with an HTTP proxy?
@@ -40534,6 +47102,13 @@ set all possibilities. So, on Linux, you may end up with code similar to
export HTTP_PROXY=$http_proxy
export HTTPS_PROXY=$http_proxy
+Note: If the proxy server requires a username and password, then use
+
+ export http_proxy=http://username:password@proxyserver:12345
+ export https_proxy=$http_proxy
+ export HTTP_PROXY=$http_proxy
+ export HTTPS_PROXY=$http_proxy
+
The NO_PROXY allows you to disable the proxy for specific hosts. Hosts
must be comma separated, and can contain domains or parts. For instance
"foo.com" also matches "bar.foo.com".
@@ -40543,7 +47118,7 @@ e.g.
export no_proxy=localhost,127.0.0.0/8,my.host.name
export NO_PROXY=$no_proxy
-Note that the ftp backend does not support ftp_proxy yet.
+Note that the FTP backend does not support ftp_proxy yet.
Rclone gives x509: failed to load system roots and no roots provided error
@@ -40651,7 +47226,7 @@ replacement strategy leads to unwanted renames. Read more here.
License
-This is free software under the terms of MIT the license (check the
+This is free software under the terms of the MIT license (check the
COPYING file included with the source code).
Copyright (C) 2019 by Nick Craig-Wood https://www.craig-wood.com/nick/
@@ -40904,6 +47479,7 @@ email addresses removed from here need to be addeed to bin/.ignore-emails to mak
- Jay dev@jaygoel.com
- andrea rota a@xelera.eu
- nicolov nicolov@users.noreply.github.com
+- Matt Joiner anacrolix@gmail.com
- Dario Guzik dario@guzik.com.ar
- qip qip@users.noreply.github.com
- yair@unicorn yair@unicorn
@@ -41251,6 +47827,105 @@ email addresses removed from here need to be addeed to bin/.ignore-emails to mak
- Vincent Murphy vdm@vdm.ie
- ctrl-q 34975747+ctrl-q@users.noreply.github.com
- Nil Alexandrov nalexand@akamai.com
+- GuoXingbin 101376330+guoxingbin@users.noreply.github.com
+- Berkan Teber berkan@berkanteber.com
+- Tobias Klauser tklauser@distanz.ch
+- KARBOWSKI Piotr piotr.karbowski@gmail.com
+- GH geeklihui@foxmail.com
+- rafma0 int.main@gmail.com
+- Adrien Rey-Jarthon jobs@adrienjarthon.com
+- Nick Gooding 73336146+nickgooding@users.noreply.github.com
+- Leroy van Logchem lr.vanlogchem@gmail.com
+- Zsolt Ero zsolt.ero@gmail.com
+- Lesmiscore nao20010128@gmail.com
+- ehsantdy ehsan.tadayon@arvancloud.com
+- SwazRGB 65694696+swazrgb@users.noreply.github.com
+- Mateusz Puczyński mati6095@gmail.com
+- Michael C Tiernan - MIT-Research Computing Project mtiernan@mit.edu
+- Kaspian 34658474+KaspianDev@users.noreply.github.com
+- Werner EvilOlaf@users.noreply.github.com
+- Hugal31 hugo.laloge@gmail.com
+- Christian Galo 36752715+cgalo5758@users.noreply.github.com
+- Erik van Velzen erik@evanv.nl
+- Derek Battams derek@battams.ca
+- SimonLiu simonliu009@users.noreply.github.com
+- Hugo Laloge hla@lescompanions.com
+- Mr-Kanister 68117355+Mr-Kanister@users.noreply.github.com
+- Rob Pickerill r.pickerill@gmail.com
+- Andrey to.merge@gmail.com
+- Eric Wolf 19wolf@gmail.com
+- Nick nick.naumann@mailbox.tu-dresden.de
+- Jason Zheng jszheng17@gmail.com
+- Matthew Vernon mvernon@wikimedia.org
+- Noah Hsu i@nn.ci
+- m00594701 mengpengbo@huawei.com
+- Art M. Gallagher artmg50@gmail.com
+- Sven Gerber 49589423+svengerber@users.noreply.github.com
+- CrossR r.cross@lancaster.ac.uk
+- Maciej Radzikowski maciej@radzikowski.com.pl
+- Scott Grimes scott.grimes@spaciq.com
+- Phil Shackleton 71221528+philshacks@users.noreply.github.com
+- eNV25 env252525@gmail.com
+- Caleb inventor96@users.noreply.github.com
+- J-P Treen jp@wraptious.com
+- Martin Czygan 53705+miku@users.noreply.github.com
+- buda sandrojijavadze@protonmail.com
+- mirekphd 36706320+mirekphd@users.noreply.github.com
+- vyloy vyloy@qq.com
+- Anthrazz 25553648+Anthrazz@users.noreply.github.com
+- zzr93 34027824+zzr93@users.noreply.github.com
+- Paul Norman penorman@mac.com
+- Lorenzo Maiorfi maiorfi@gmail.com
+- Claudio Maradonna penguyman@stronzi.org
+- Ovidiu Victor Tatar ovi.tatar@googlemail.com
+- Evan Spensley epspensley@gmail.com
+- Yen Hu 61753151+0x59656e@users.noreply.github.com
+- Steve Kowalik steven@wedontsleep.org
+- Jordi Gonzalez Muñoz jordigonzm@gmail.com
+- Joram Schrijver i@joram.io
+- Mark Trolley marktrolley@gmail.com
+- João Henrique Franco joaohenrique.franco@gmail.com
+- anonion aman207@users.noreply.github.com
+- Ryan Morey 4590343+rmorey@users.noreply.github.com
+- Simon Bos simonbos9@gmail.com
+- YFdyh000 yfdyh000@gmail.com * Josh Soref
+ 2119212+jsoref@users.noreply.github.com
+- Øyvind Heddeland Instefjord instefjord@outlook.com
+- Dmitry Deniskin 110819396+ddeniskin@users.noreply.github.com
+- Alexander Knorr 106825+opexxx@users.noreply.github.com
+- Richard Bateman richard@batemansr.us
+- Dimitri Papadopoulos Orfanos
+ 3234522+DimitriPapadopoulos@users.noreply.github.com
+- Lorenzo Milesi lorenzo.milesi@yetopen.com
+- Isaac Aymerich isaac.aymerich@gmail.com
+- YanceyChiew 35898533+YanceyChiew@users.noreply.github.com
+- Manoj Ghosh msays2000@gmail.com
+- Bachue Zhou bachue.shu@gmail.com
+- Manoj Ghosh manoj.ghosh@oracle.com
+- Tom Mombourquette tom@devnode.com
+- Robert Newson rnewson@apache.org
+- Samuel Johnson esamueljohnson@gmail.com
+- coultonluke luke@luke.org.uk
+- Anthony Pessy anthony@cogniteev.com
+- Philip Harvey pharvey@battelleecology.org
+- dgouju dgouju@users.noreply.github.com
+- Clément Notin clement.notin@gmail.com
+- x3-apptech 66947598+x3-apptech@users.noreply.github.com
+- Arnie97 arnie97@gmail.com
+- Roel Arents 2691308+roelarents@users.noreply.github.com
+- Aaron Gokaslan aaronGokaslan@gmail.com
+- techknowlogick matti@mdranta.net
+- rkettelerij richard@mindloops.nl
+- Kamui fin-kamui@pm.me
+- asdffdsazqqq 90116442+asdffdsazqqq@users.noreply.github.com
+- Nathaniel Wesley Filardo nfilardo@microsoft.com
+- ycdtosa ycdtosa@users.noreply.github.com
+- Erik Agterdenbos agterdenbos@users.noreply.github.com
+- Kevin Verstaen 48050031+kverstae@users.noreply.github.com
+- MohammadReza mrvashian@gmail.com
+- vanplus 60313789+vanplus@users.noreply.github.com
+- Jack 16779171+jkpe@users.noreply.github.com
+- Abdullah Saglam abdullah.saglam@stonebranch.com
Contact the rclone project
diff --git a/Makefile b/Makefile
index f921a27432a3e..a5ad7f1425495 100644
--- a/Makefile
+++ b/Makefile
@@ -262,12 +262,12 @@ winzip:
zip -9 rclone-$(TAG).zip rclone.exe
# docker volume plugin
-PLUGIN_USER ?= rclone
+PLUGIN_USER ?= itstoggle
PLUGIN_TAG ?= latest
PLUGIN_BASE_TAG ?= latest
PLUGIN_ARCH ?= amd64
-PLUGIN_IMAGE := $(PLUGIN_USER)/docker-volume-rclone:$(PLUGIN_TAG)
-PLUGIN_BASE := $(PLUGIN_USER)/rclone:$(PLUGIN_BASE_TAG)
+PLUGIN_IMAGE := $(PLUGIN_USER)/docker-volume-rclone_rd:$(PLUGIN_TAG)
+PLUGIN_BASE := $(PLUGIN_USER)/rclone_rd:$(PLUGIN_BASE_TAG)
PLUGIN_BUILD_DIR := ./build/docker-plugin
PLUGIN_CONTRIB_DIR := ./contrib/docker-plugin/managed
diff --git a/README.md b/README.md
index 0235323b5ada6..9c47e6b770b76 100644
--- a/README.md
+++ b/README.md
@@ -42,12 +42,15 @@ Rclone *("rsync for cloud storage")* is a command-line program to sync files and
* Google Drive [:page_facing_up:](https://rclone.org/drive/)
* Google Photos [:page_facing_up:](https://rclone.org/googlephotos/)
* HDFS (Hadoop Distributed Filesystem) [:page_facing_up:](https://rclone.org/hdfs/)
+ * HiDrive [:page_facing_up:](https://rclone.org/hidrive/)
* HTTP [:page_facing_up:](https://rclone.org/http/)
- * Hubic [:page_facing_up:](https://rclone.org/hubic/)
+ * Huawei Cloud Object Storage Service(OBS) [:page_facing_up:](https://rclone.org/s3/#huawei-obs)
* Internet Archive [:page_facing_up:](https://rclone.org/internetarchive/)
* Jottacloud [:page_facing_up:](https://rclone.org/jottacloud/)
* IBM COS S3 [:page_facing_up:](https://rclone.org/s3/#ibm-cos-s3)
+ * IONOS Cloud [:page_facing_up:](https://rclone.org/s3/#ionos)
* Koofr [:page_facing_up:](https://rclone.org/koofr/)
+ * Liara Object Storage [:page_facing_up:](https://rclone.org/s3/#liara-object-storage)
* Mail.ru Cloud [:page_facing_up:](https://rclone.org/mailru/)
* Memset Memstore [:page_facing_up:](https://rclone.org/swift/)
* Mega [:page_facing_up:](https://rclone.org/mega/)
@@ -60,17 +63,20 @@ Rclone *("rsync for cloud storage")* is a command-line program to sync files and
* OpenDrive [:page_facing_up:](https://rclone.org/opendrive/)
* OpenStack Swift [:page_facing_up:](https://rclone.org/swift/)
* Oracle Cloud Storage [:page_facing_up:](https://rclone.org/swift/)
+ * Oracle Object Storage [:page_facing_up:](https://rclone.org/oracleobjectstorage/)
* ownCloud [:page_facing_up:](https://rclone.org/webdav/#owncloud)
* pCloud [:page_facing_up:](https://rclone.org/pcloud/)
* premiumize.me [:page_facing_up:](https://rclone.org/premiumizeme/)
* put.io [:page_facing_up:](https://rclone.org/putio/)
* QingStor [:page_facing_up:](https://rclone.org/qingstor/)
+ * Qiniu Cloud Object Storage (Kodo) [:page_facing_up:](https://rclone.org/s3/#qiniu)
* Rackspace Cloud Files [:page_facing_up:](https://rclone.org/swift/)
* RackCorp Object Storage [:page_facing_up:](https://rclone.org/s3/#RackCorp)
* Scaleway [:page_facing_up:](https://rclone.org/s3/#scaleway)
* Seafile [:page_facing_up:](https://rclone.org/seafile/)
* SeaweedFS [:page_facing_up:](https://rclone.org/s3/#seaweedfs)
* SFTP [:page_facing_up:](https://rclone.org/sftp/)
+ * SMB / CIFS [:page_facing_up:](https://rclone.org/smb/)
* StackPath [:page_facing_up:](https://rclone.org/s3/#stackpath)
* Storj [:page_facing_up:](https://rclone.org/storj/)
* SugarSync [:page_facing_up:](https://rclone.org/sugarsync/)
@@ -83,6 +89,19 @@ Rclone *("rsync for cloud storage")* is a command-line program to sync files and
Please see [the full list of all storage providers and their features](https://rclone.org/overview/)
+### Virtual storage providers
+
+These backends adapt or modify other storage providers
+
+ * Alias: rename existing remotes [:page_facing_up:](https://rclone.org/alias/)
+ * Cache: cache remotes (DEPRECATED) [:page_facing_up:](https://rclone.org/cache/)
+ * Chunker: split large files [:page_facing_up:](https://rclone.org/chunker/)
+ * Combine: combine multiple remotes into a directory tree [:page_facing_up:](https://rclone.org/combine/)
+ * Compress: compress files [:page_facing_up:](https://rclone.org/compress/)
+ * Crypt: encrypt files [:page_facing_up:](https://rclone.org/crypt/)
+ * Hasher: hash files [:page_facing_up:](https://rclone.org/hasher/)
+ * Union: join multiple remotes to work together [:page_facing_up:](https://rclone.org/union/)
+
## Features
* MD5/SHA-1 hashes checked at all times for file integrity
@@ -97,7 +116,7 @@ Please see [the full list of all storage providers and their features](https://r
* Optional encryption ([Crypt](https://rclone.org/crypt/))
* Optional FUSE mount ([rclone mount](https://rclone.org/commands/rclone_mount/))
* Multi-threaded downloads to local disk
- * Can [serve](https://rclone.org/commands/rclone_serve/) local or remote files over HTTP/WebDav/FTP/SFTP/dlna
+ * Can [serve](https://rclone.org/commands/rclone_serve/) local or remote files over HTTP/WebDAV/FTP/SFTP/DLNA
## Installation & documentation
@@ -118,5 +137,5 @@ Please see the [rclone website](https://rclone.org/) for:
License
-------
-This is free software under the terms of MIT the license (check the
+This is free software under the terms of the MIT license (check the
[COPYING file](/COPYING) included in this package).
diff --git a/RELEASE.md b/RELEASE.md
index 3747fb8e8e9ed..c2a23c277c0bd 100644
--- a/RELEASE.md
+++ b/RELEASE.md
@@ -53,6 +53,14 @@ doing that so it may be necessary to roll back dependencies to the
version specified by `make updatedirect` in order to get rclone to
build.
+## Tidy beta
+
+At some point after the release run
+
+ bin/tidy-beta v1.55
+
+where the version number is that of a couple ago to remove old beta binaries.
+
## Making a point release
If rclone needs a point release due to some horrendous bug:
@@ -66,8 +74,7 @@ Set vars
First make the release branch. If this is a second point release then
this will be done already.
- * git branch ${BASE_TAG} ${BASE_TAG}-stable
- * git co ${BASE_TAG}-stable
+ * git co -b ${BASE_TAG}-stable ${BASE_TAG}.0
* make startstable
Now
diff --git a/VERSION b/VERSION
index 2abfc1f86ca0a..0f4b5a76da7d2 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-v1.59.0
+v1.62.0
diff --git a/backend/alias/alias.go b/backend/alias/alias.go
index 33ba5d664ecce..92dda17bf65b6 100644
--- a/backend/alias/alias.go
+++ b/backend/alias/alias.go
@@ -1,3 +1,4 @@
+// Package alias implements a virtual provider to rename existing remotes.
package alias
import (
diff --git a/backend/all/all.go b/backend/all/all.go
index a93909eca9053..007eed5dcff8b 100644
--- a/backend/all/all.go
+++ b/backend/all/all.go
@@ -1,3 +1,4 @@
+// Package all imports all the backends
package all
import (
@@ -9,6 +10,7 @@ import (
_ "github.com/rclone/rclone/backend/box"
_ "github.com/rclone/rclone/backend/cache"
_ "github.com/rclone/rclone/backend/chunker"
+ _ "github.com/rclone/rclone/backend/combine"
_ "github.com/rclone/rclone/backend/compress"
_ "github.com/rclone/rclone/backend/crypt"
_ "github.com/rclone/rclone/backend/drive"
@@ -20,8 +22,8 @@ import (
_ "github.com/rclone/rclone/backend/googlephotos"
_ "github.com/rclone/rclone/backend/hasher"
_ "github.com/rclone/rclone/backend/hdfs"
+ _ "github.com/rclone/rclone/backend/hidrive"
_ "github.com/rclone/rclone/backend/http"
- _ "github.com/rclone/rclone/backend/hubic"
_ "github.com/rclone/rclone/backend/internetarchive"
_ "github.com/rclone/rclone/backend/jottacloud"
_ "github.com/rclone/rclone/backend/koofr"
@@ -32,15 +34,18 @@ import (
_ "github.com/rclone/rclone/backend/netstorage"
_ "github.com/rclone/rclone/backend/onedrive"
_ "github.com/rclone/rclone/backend/opendrive"
+ _ "github.com/rclone/rclone/backend/oracleobjectstorage"
_ "github.com/rclone/rclone/backend/pcloud"
_ "github.com/rclone/rclone/backend/premiumizeme"
_ "github.com/rclone/rclone/backend/putio"
_ "github.com/rclone/rclone/backend/qingstor"
+ _ "github.com/rclone/rclone/backend/realdebrid"
_ "github.com/rclone/rclone/backend/s3"
_ "github.com/rclone/rclone/backend/seafile"
_ "github.com/rclone/rclone/backend/sftp"
_ "github.com/rclone/rclone/backend/sharefile"
_ "github.com/rclone/rclone/backend/sia"
+ _ "github.com/rclone/rclone/backend/smb"
_ "github.com/rclone/rclone/backend/storj"
_ "github.com/rclone/rclone/backend/sugarsync"
_ "github.com/rclone/rclone/backend/swift"
diff --git a/backend/amazonclouddrive/amazonclouddrive.go b/backend/amazonclouddrive/amazonclouddrive.go
index 58a14427bc4f4..1bc6bcb8453c7 100644
--- a/backend/amazonclouddrive/amazonclouddrive.go
+++ b/backend/amazonclouddrive/amazonclouddrive.go
@@ -435,7 +435,7 @@ func (f *Fs) listAll(ctx context.Context, dirID string, title string, directorie
query += " AND kind:" + folderKind
} else if filesOnly {
query += " AND kind:" + fileKind
- } else {
+ //} else {
// FIXME none of these work
//query += " AND kind:(" + fileKind + " OR " + folderKind + ")"
//query += " AND (kind:" + fileKind + " OR kind:" + folderKind + ")"
@@ -556,9 +556,9 @@ func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err e
//
// This is a workaround for Amazon sometimes returning
//
-// * 408 REQUEST_TIMEOUT
-// * 504 GATEWAY_TIMEOUT
-// * 500 Internal server error
+// - 408 REQUEST_TIMEOUT
+// - 504 GATEWAY_TIMEOUT
+// - 500 Internal server error
//
// At the end of large uploads. The speculation is that the timeout
// is waiting for the sha1 hashing to complete and the file may well
@@ -626,7 +626,7 @@ func (f *Fs) checkUpload(ctx context.Context, resp *http.Response, in io.Reader,
// Put the object into the container
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
@@ -685,9 +685,9 @@ func (f *Fs) Mkdir(ctx context.Context, dir string) error {
// Move src to this remote using server-side move operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -1002,7 +1002,6 @@ func (o *Object) readMetaData(ctx context.Context) (err error) {
// ModTime returns the modification time of the object
//
-//
// It attempts to read the objects mtime and if that isn't present the
// LastModified returned in the http headers
func (o *Object) ModTime(ctx context.Context) time.Time {
diff --git a/backend/azureblob/azureblob.go b/backend/azureblob/azureblob.go
index f94c1ea00f1bf..6a2ffddd8e3cc 100644
--- a/backend/azureblob/azureblob.go
+++ b/backend/azureblob/azureblob.go
@@ -1,35 +1,44 @@
-// Package azureblob provides an interface to the Microsoft Azure blob object storage system
-
-//go:build !plan9 && !solaris && !js
-// +build !plan9,!solaris,!js
+//go:build !plan9 && !solaris && !js && go1.18
+// +build !plan9,!solaris,!js,go1.18
+// Package azureblob provides an interface to the Microsoft Azure blob object storage system
package azureblob
import (
+ "bytes"
"context"
+ "crypto/md5"
"encoding/base64"
"encoding/hex"
"encoding/json"
"errors"
"fmt"
"io"
- "io/ioutil"
"net/http"
"net/url"
+ "os"
"path"
"strconv"
"strings"
"sync"
"time"
- "github.com/Azure/azure-pipeline-go/pipeline"
- "github.com/Azure/azure-storage-blob-go/azblob"
- "github.com/Azure/go-autorest/autorest/adal"
+ "github.com/Azure/azure-sdk-for-go/sdk/azcore"
+ "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
+ "github.com/Azure/azure-sdk-for-go/sdk/azidentity"
+ "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob"
+ "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/bloberror"
+ "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blockblob"
+ "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/container"
+ "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/sas"
+ "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/service"
"github.com/rclone/rclone/fs"
+ "github.com/rclone/rclone/fs/accounting"
"github.com/rclone/rclone/fs/chunksize"
"github.com/rclone/rclone/fs/config"
"github.com/rclone/rclone/fs/config/configmap"
"github.com/rclone/rclone/fs/config/configstruct"
+ "github.com/rclone/rclone/fs/config/obscure"
"github.com/rclone/rclone/fs/fserrors"
"github.com/rclone/rclone/fs/fshttp"
"github.com/rclone/rclone/fs/hash"
@@ -39,21 +48,21 @@ import (
"github.com/rclone/rclone/lib/env"
"github.com/rclone/rclone/lib/pacer"
"github.com/rclone/rclone/lib/pool"
+ "github.com/rclone/rclone/lib/readers"
+ "golang.org/x/sync/errgroup"
)
const (
minSleep = 10 * time.Millisecond
maxSleep = 10 * time.Second
- decayConstant = 1 // bigger for slower decay, exponential
- maxListChunkSize = 5000 // number of items to read at once
- maxUploadParts = 50000 // maximum allowed number of parts/blocks in a multi-part upload
+ decayConstant = 1 // bigger for slower decay, exponential
+ maxListChunkSize = 5000 // number of items to read at once
modTimeKey = "mtime"
timeFormatIn = time.RFC3339
timeFormatOut = "2006-01-02T15:04:05.000000000Z07:00"
storageDefaultBaseURL = "blob.core.windows.net"
defaultChunkSize = 4 * fs.Mebi
- defaultAccessTier = azblob.AccessTierNone
- maxTryTimeout = time.Hour * 24 * 365 //max time of an azure web request response window (whether or not data is flowing)
+ defaultAccessTier = blob.AccessTier("") // FIXME AccessTierNone
// Default storage account, key and blob endpoint for emulator support,
// though it is a base64 key checked in here, it is publicly available secret.
emulatorAccount = "devstoreaccount1"
@@ -75,7 +84,103 @@ func init() {
NewFs: NewFs,
Options: []fs.Option{{
Name: "account",
- Help: "Storage Account Name.\n\nLeave blank to use SAS URL or Emulator.",
+ Help: `Azure Storage Account Name.
+
+Set this to the Azure Storage Account Name in use.
+
+Leave blank to use SAS URL or Emulator, otherwise it needs to be set.
+
+If this is blank and if env_auth is set it will be read from the
+environment variable ` + "`AZURE_STORAGE_ACCOUNT_NAME`" + ` if possible.
+`,
+ }, {
+ Name: "env_auth",
+ Help: `Read credentials from runtime (environment variables, CLI or MSI).
+
+See the [authentication docs](/azureblob#authentication) for full info.`,
+ Default: false,
+ }, {
+ Name: "key",
+ Help: `Storage Account Shared Key.
+
+Leave blank to use SAS URL or Emulator.`,
+ }, {
+ Name: "sas_url",
+ Help: `SAS URL for container level access only.
+
+Leave blank if using account/key or Emulator.`,
+ }, {
+ Name: "tenant",
+ Help: `ID of the service principal's tenant. Also called its directory ID.
+
+Set this if using
+- Service principal with client secret
+- Service principal with certificate
+- User with username and password
+`,
+ }, {
+ Name: "client_id",
+ Help: `The ID of the client in use.
+
+Set this if using
+- Service principal with client secret
+- Service principal with certificate
+- User with username and password
+`,
+ }, {
+ Name: "client_secret",
+ Help: `One of the service principal's client secrets
+
+Set this if using
+- Service principal with client secret
+`,
+ }, {
+ Name: "client_certificate_path",
+ Help: `Path to a PEM or PKCS12 certificate file including the private key.
+
+Set this if using
+- Service principal with certificate
+`,
+ }, {
+ Name: "client_certificate_password",
+ Help: `Password for the certificate file (optional).
+
+Optionally set this if using
+- Service principal with certificate
+
+And the certificate has a password.
+`,
+ IsPassword: true,
+ }, {
+ Name: "client_send_certificate_chain",
+ Help: `Send the certificate chain when using certificate auth.
+
+Specifies whether an authentication request will include an x5c header
+to support subject name / issuer based authentication. When set to
+true, authentication requests include the x5c header.
+
+Optionally set this if using
+- Service principal with certificate
+`,
+ Default: false,
+ Advanced: true,
+ }, {
+ Name: "username",
+ Help: `User name (usually an email address)
+
+Set this if using
+- User with username and password
+`,
+ Advanced: true,
+ }, {
+ Name: "password",
+ Help: `The user's password
+
+Set this if using
+- User with username and password
+`,
+ IsPassword: true,
+ Advanced: true,
}, {
Name: "service_principal_file",
Help: `Path to file containing credentials for use with a service principal.
@@ -88,13 +193,12 @@ Leave blank normally. Needed only if you want to use a service principal instead
> azure-principal.json
See ["Create an Azure service principal"](https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli) and ["Assign an Azure role for access to blob data"](https://docs.microsoft.com/en-us/azure/storage/common/storage-auth-aad-rbac-cli) pages for more details.
+
+It may be more convenient to put the credentials directly into the
+rclone config file under the ` + "`client_id`, `tenant` and `client_secret`" + `
+keys instead of setting ` + "`service_principal_file`" + `.
`,
- }, {
- Name: "key",
- Help: "Storage Account Key.\n\nLeave blank to use SAS URL or Emulator.",
- }, {
- Name: "sas_url",
- Help: "SAS URL for container level access only.\n\nLeave blank if using account/key or Emulator.",
+ Advanced: true,
}, {
Name: "use_msi",
Help: `Use a managed service identity to authenticate (only works in Azure).
@@ -107,7 +211,8 @@ be used by default. If the resource has no system-assigned but exactly one user-
the user-assigned identity will be used by default. If the resource has multiple user-assigned
identities, the identity to use must be explicitly specified using exactly one of the msi_object_id,
msi_client_id, or msi_mi_res_id parameters.`,
- Default: false,
+ Default: false,
+ Advanced: true,
}, {
Name: "msi_object_id",
Help: "Object ID of the user-assigned MSI to use, if any.\n\nLeave blank if msi_client_id or msi_mi_res_id specified.",
@@ -121,9 +226,10 @@ msi_client_id, or msi_mi_res_id parameters.`,
Help: "Azure resource ID of the user-assigned MSI to use, if any.\n\nLeave blank if msi_client_id or msi_object_id specified.",
Advanced: true,
}, {
- Name: "use_emulator",
- Help: "Uses local storage emulator if provided as 'true'.\n\nLeave blank if using real azure storage endpoint.",
- Default: false,
+ Name: "use_emulator",
+ Help: "Uses local storage emulator if provided as 'true'.\n\nLeave blank if using real azure storage endpoint.",
+ Default: false,
+ Advanced: true,
}, {
Name: "endpoint",
Help: "Endpoint for the service.\n\nLeave blank normally.",
@@ -243,20 +349,29 @@ This option controls how often unused buffers will be removed from the pool.`,
}, {
Name: "public_access",
Help: "Public access level of a container: blob or container.",
- Default: string(azblob.PublicAccessNone),
+ Default: "",
Examples: []fs.OptionExample{
{
- Value: string(azblob.PublicAccessNone),
+ Value: "",
Help: "The container and its blobs can be accessed only with an authorized request.\nIt's a default value.",
}, {
- Value: string(azblob.PublicAccessBlob),
+ Value: string(container.PublicAccessTypeBlob),
Help: "Blob data within this container can be read via anonymous request.",
}, {
- Value: string(azblob.PublicAccessContainer),
+ Value: string(container.PublicAccessTypeContainer),
Help: "Allow full public read access for container and blob data.",
},
},
Advanced: true,
+ }, {
+ Name: "no_check_container",
+ Help: `If set, don't attempt to check the container exists or create it.
+
+This can be useful when trying to minimise the number of transactions
+rclone does if you know the container exists already.
+`,
+ Default: false,
+ Advanced: true,
}, {
Name: "no_head_object",
Help: `If set, do not do HEAD before GET when getting objects.`,
@@ -268,61 +383,70 @@ This option controls how often unused buffers will be removed from the pool.`,
// Options defines the configuration for this backend
type Options struct {
- Account string `config:"account"`
- ServicePrincipalFile string `config:"service_principal_file"`
- Key string `config:"key"`
- UseMSI bool `config:"use_msi"`
- MSIObjectID string `config:"msi_object_id"`
- MSIClientID string `config:"msi_client_id"`
- MSIResourceID string `config:"msi_mi_res_id"`
- Endpoint string `config:"endpoint"`
- SASURL string `config:"sas_url"`
- ChunkSize fs.SizeSuffix `config:"chunk_size"`
- UploadConcurrency int `config:"upload_concurrency"`
- ListChunkSize uint `config:"list_chunk"`
- AccessTier string `config:"access_tier"`
- ArchiveTierDelete bool `config:"archive_tier_delete"`
- UseEmulator bool `config:"use_emulator"`
- DisableCheckSum bool `config:"disable_checksum"`
- MemoryPoolFlushTime fs.Duration `config:"memory_pool_flush_time"`
- MemoryPoolUseMmap bool `config:"memory_pool_use_mmap"`
- Enc encoder.MultiEncoder `config:"encoding"`
- PublicAccess string `config:"public_access"`
- NoHeadObject bool `config:"no_head_object"`
+ Account string `config:"account"`
+ EnvAuth bool `config:"env_auth"`
+ Key string `config:"key"`
+ SASURL string `config:"sas_url"`
+ Tenant string `config:"tenant"`
+ ClientID string `config:"client_id"`
+ ClientSecret string `config:"client_secret"`
+ ClientCertificatePath string `config:"client_certificate_path"`
+ ClientCertificatePassword string `config:"client_certificate_password"`
+ ClientSendCertificateChain bool `config:"client_send_certificate_chain"`
+ Username string `config:"username"`
+ Password string `config:"password"`
+ ServicePrincipalFile string `config:"service_principal_file"`
+ UseMSI bool `config:"use_msi"`
+ MSIObjectID string `config:"msi_object_id"`
+ MSIClientID string `config:"msi_client_id"`
+ MSIResourceID string `config:"msi_mi_res_id"`
+ Endpoint string `config:"endpoint"`
+ ChunkSize fs.SizeSuffix `config:"chunk_size"`
+ UploadConcurrency int `config:"upload_concurrency"`
+ ListChunkSize uint `config:"list_chunk"`
+ AccessTier string `config:"access_tier"`
+ ArchiveTierDelete bool `config:"archive_tier_delete"`
+ UseEmulator bool `config:"use_emulator"`
+ DisableCheckSum bool `config:"disable_checksum"`
+ MemoryPoolFlushTime fs.Duration `config:"memory_pool_flush_time"`
+ MemoryPoolUseMmap bool `config:"memory_pool_use_mmap"`
+ Enc encoder.MultiEncoder `config:"encoding"`
+ PublicAccess string `config:"public_access"`
+ NoCheckContainer bool `config:"no_check_container"`
+ NoHeadObject bool `config:"no_head_object"`
}
// Fs represents a remote azure server
type Fs struct {
- name string // name of this remote
- root string // the path we are working on if any
- opt Options // parsed config options
- ci *fs.ConfigInfo // global config
- features *fs.Features // optional features
- client *http.Client // http client we are using
- svcURL *azblob.ServiceURL // reference to serviceURL
- cntURLcacheMu sync.Mutex // mutex to protect cntURLcache
- cntURLcache map[string]*azblob.ContainerURL // reference to containerURL per container
- rootContainer string // container part of root (if any)
- rootDirectory string // directory part of root (if any)
- isLimited bool // if limited to one container
- cache *bucket.Cache // cache for container creation status
- pacer *fs.Pacer // To pace and retry the API calls
- imdsPacer *fs.Pacer // Same but for IMDS
- uploadToken *pacer.TokenDispenser // control concurrency
- pool *pool.Pool // memory pool
- publicAccess azblob.PublicAccessType // Container Public Access Level
+ name string // name of this remote
+ root string // the path we are working on if any
+ opt Options // parsed config options
+ ci *fs.ConfigInfo // global config
+ features *fs.Features // optional features
+ cntSVCcacheMu sync.Mutex // mutex to protect cntSVCcache
+ cntSVCcache map[string]*container.Client // reference to containerClient per container
+ svc *service.Client // client to access azblob
+ rootContainer string // container part of root (if any)
+ rootDirectory string // directory part of root (if any)
+ isLimited bool // if limited to one container
+ cache *bucket.Cache // cache for container creation status
+ pacer *fs.Pacer // To pace and retry the API calls
+ uploadToken *pacer.TokenDispenser // control concurrency
+ pool *pool.Pool // memory pool
+ poolSize int64 // size of pages in memory pool
+ publicAccess container.PublicAccessType // Container Public Access Level
}
// Object describes an azure object
type Object struct {
- fs *Fs // what this object is part of
- remote string // The remote path
- modTime time.Time // The modified time of the object if known
- md5 string // MD5 hash if known
- size int64 // Size of the object
- mimeType string // Content-Type of the object
- accessTier azblob.AccessTierType // Blob Access Tier
- meta map[string]string // blob metadata
+ fs *Fs // what this object is part of
+ remote string // The remote path
+ modTime time.Time // The modified time of the object if known
+ md5 string // MD5 hash if known
+ size int64 // Size of the object
+ mimeType string // Content-Type of the object
+ accessTier blob.AccessTier // Blob Access Tier
+ meta map[string]string // blob metadata
}
// ------------------------------------------------------------
@@ -373,17 +497,17 @@ func (o *Object) split() (container, containerPath string) {
// validateAccessTier checks if azureblob supports user supplied tier
func validateAccessTier(tier string) bool {
- return strings.EqualFold(tier, string(azblob.AccessTierHot)) ||
- strings.EqualFold(tier, string(azblob.AccessTierCool)) ||
- strings.EqualFold(tier, string(azblob.AccessTierArchive))
+ return strings.EqualFold(tier, string(blob.AccessTierHot)) ||
+ strings.EqualFold(tier, string(blob.AccessTierCool)) ||
+ strings.EqualFold(tier, string(blob.AccessTierArchive))
}
// validatePublicAccess checks if azureblob supports use supplied public access level
func validatePublicAccess(publicAccess string) bool {
switch publicAccess {
- case string(azblob.PublicAccessNone),
- string(azblob.PublicAccessBlob),
- string(azblob.PublicAccessContainer):
+ case "",
+ string(container.PublicAccessTypeBlob),
+ string(container.PublicAccessTypeContainer):
// valid cases
return true
default:
@@ -408,21 +532,19 @@ func (f *Fs) shouldRetry(ctx context.Context, err error) (bool, error) {
return false, err
}
// FIXME interpret special errors - more to do here
- if storageErr, ok := err.(azblob.StorageError); ok {
- switch storageErr.ServiceCode() {
+ if storageErr, ok := err.(*azcore.ResponseError); ok {
+ switch storageErr.ErrorCode {
case "InvalidBlobOrBlock":
// These errors happen sometimes in multipart uploads
// because of block concurrency issues
return true, err
}
- statusCode := storageErr.Response().StatusCode
+ statusCode := storageErr.StatusCode
for _, e := range retryErrorCodes {
if statusCode == e {
return true, err
}
}
- } else if httpErr, ok := err.(httpError); ok {
- return fserrors.ShouldRetryHTTP(httpErr.Response, retryErrorCodes), err
}
return fserrors.ShouldRetry(err), err
}
@@ -443,89 +565,47 @@ func (f *Fs) setUploadChunkSize(cs fs.SizeSuffix) (old fs.SizeSuffix, err error)
return
}
-// httpClientFactory creates a Factory object that sends HTTP requests
-// to an rclone's http.Client.
-//
-// copied from azblob.newDefaultHTTPClientFactory
-func httpClientFactory(client *http.Client) pipeline.Factory {
- return pipeline.FactoryFunc(func(next pipeline.Policy, po *pipeline.PolicyOptions) pipeline.PolicyFunc {
- return func(ctx context.Context, request pipeline.Request) (pipeline.Response, error) {
- r, err := client.Do(request.WithContext(ctx))
- if err != nil {
- err = pipeline.NewError(err, "HTTP request failed")
- }
- return pipeline.NewHTTPResponse(r), err
- }
- })
-}
-
type servicePrincipalCredentials struct {
AppID string `json:"appId"`
Password string `json:"password"`
Tenant string `json:"tenant"`
}
-const azureActiveDirectoryEndpoint = "https://login.microsoftonline.com/"
-const azureStorageEndpoint = "https://storage.azure.com/"
-
-// newServicePrincipalTokenRefresher takes the client ID and secret, and returns a refresh-able access token.
-func newServicePrincipalTokenRefresher(ctx context.Context, credentialsData []byte) (azblob.TokenRefresher, error) {
+// parseServicePrincipalCredentials unmarshals a service principal credentials JSON file as generated by az cli.
+func parseServicePrincipalCredentials(ctx context.Context, credentialsData []byte) (*servicePrincipalCredentials, error) {
var spCredentials servicePrincipalCredentials
if err := json.Unmarshal(credentialsData, &spCredentials); err != nil {
return nil, fmt.Errorf("error parsing credentials from JSON file: %w", err)
}
- oauthConfig, err := adal.NewOAuthConfig(azureActiveDirectoryEndpoint, spCredentials.Tenant)
- if err != nil {
- return nil, fmt.Errorf("error creating oauth config: %w", err)
- }
-
- // Create service principal token for Azure Storage.
- servicePrincipalToken, err := adal.NewServicePrincipalToken(
- *oauthConfig,
- spCredentials.AppID,
- spCredentials.Password,
- azureStorageEndpoint)
- if err != nil {
- return nil, fmt.Errorf("error creating service principal token: %w", err)
- }
-
- // Wrap token inside a refresher closure.
- var tokenRefresher azblob.TokenRefresher = func(credential azblob.TokenCredential) time.Duration {
- if err := servicePrincipalToken.Refresh(); err != nil {
- panic(err)
- }
- refreshedToken := servicePrincipalToken.Token()
- credential.SetToken(refreshedToken.AccessToken)
- exp := refreshedToken.Expires().Sub(time.Now().Add(2 * time.Minute))
- return exp
+ // TODO: support certificate credentials
+ // Validate all fields present
+ if spCredentials.AppID == "" || spCredentials.Password == "" || spCredentials.Tenant == "" {
+ return nil, fmt.Errorf("missing fields in credentials file")
}
+ return &spCredentials, nil
+}
- return tokenRefresher, nil
+// setRoot changes the root of the Fs
+func (f *Fs) setRoot(root string) {
+ f.root = parsePath(root)
+ f.rootContainer, f.rootDirectory = bucket.Split(f.root)
}
-// newPipeline creates a Pipeline using the specified credentials and options.
-//
-// this code was copied from azblob.NewPipeline
-func (f *Fs) newPipeline(c azblob.Credential, o azblob.PipelineOptions) pipeline.Pipeline {
- // Don't log stuff to syslog/Windows Event log
- pipeline.SetForceLogEnabled(false)
+// Wrap the http.Transport to satisfy the Transporter interface
+type transporter struct {
+ http.RoundTripper
+}
- // Closest to API goes first; closest to the wire goes last
- factories := []pipeline.Factory{
- azblob.NewTelemetryPolicyFactory(o.Telemetry),
- azblob.NewUniqueRequestIDPolicyFactory(),
- azblob.NewRetryPolicyFactory(o.Retry),
- c,
- pipeline.MethodFactoryMarker(), // indicates at what stage in the pipeline the method factory is invoked
- azblob.NewRequestLogPolicyFactory(o.RequestLog),
+// Make a new transporter
+func newTransporter(ctx context.Context) transporter {
+ return transporter{
+ RoundTripper: fshttp.NewTransport(ctx),
}
- return pipeline.NewPipeline(factories, pipeline.Options{HTTPSender: httpClientFactory(f.client), Log: o.Log})
}
-// setRoot changes the root of the Fs
-func (f *Fs) setRoot(root string) {
- f.root = parsePath(root)
- f.rootContainer, f.rootDirectory = bucket.Split(f.root)
+// Do sends the HTTP request and returns the HTTP response or error.
+func (tr transporter) Do(req *http.Request) (*http.Response, error) {
+ return tr.RoundTripper.RoundTrip(req)
}
// NewFs constructs an Fs from the path, container:path
@@ -539,25 +619,22 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
err = checkUploadChunkSize(opt.ChunkSize)
if err != nil {
- return nil, fmt.Errorf("azure: chunk size: %w", err)
+ return nil, fmt.Errorf("chunk size: %w", err)
}
if opt.ListChunkSize > maxListChunkSize {
- return nil, fmt.Errorf("azure: blob list size can't be greater than %v - was %v", maxListChunkSize, opt.ListChunkSize)
- }
- if opt.Endpoint == "" {
- opt.Endpoint = storageDefaultBaseURL
+ return nil, fmt.Errorf("blob list size can't be greater than %v - was %v", maxListChunkSize, opt.ListChunkSize)
}
if opt.AccessTier == "" {
opt.AccessTier = string(defaultAccessTier)
} else if !validateAccessTier(opt.AccessTier) {
- return nil, fmt.Errorf("Azure Blob: Supported access tiers are %s, %s and %s",
- string(azblob.AccessTierHot), string(azblob.AccessTierCool), string(azblob.AccessTierArchive))
+ return nil, fmt.Errorf("supported access tiers are %s, %s and %s",
+ string(blob.AccessTierHot), string(blob.AccessTierCool), string(blob.AccessTierArchive))
}
if !validatePublicAccess((opt.PublicAccess)) {
- return nil, fmt.Errorf("Azure Blob: Supported public access level are %s and %s",
- string(azblob.PublicAccessBlob), string(azblob.PublicAccessContainer))
+ return nil, fmt.Errorf("supported public access level are %s and %s",
+ string(container.PublicAccessTypeBlob), string(container.PublicAccessTypeContainer))
}
ci := fs.GetConfig(ctx)
@@ -566,20 +643,18 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
opt: *opt,
ci: ci,
pacer: fs.NewPacer(ctx, pacer.NewS3(pacer.MinSleep(minSleep), pacer.MaxSleep(maxSleep), pacer.DecayConstant(decayConstant))),
- imdsPacer: fs.NewPacer(ctx, pacer.NewAzureIMDS()),
uploadToken: pacer.NewTokenDispenser(ci.Transfers),
- client: fshttp.NewClient(ctx),
cache: bucket.NewCache(),
- cntURLcache: make(map[string]*azblob.ContainerURL, 1),
+ cntSVCcache: make(map[string]*container.Client, 1),
pool: pool.New(
time.Duration(opt.MemoryPoolFlushTime),
int(opt.ChunkSize),
ci.Transfers,
opt.MemoryPoolUseMmap,
),
+ poolSize: int64(opt.ChunkSize),
}
- f.publicAccess = azblob.PublicAccessType(opt.PublicAccess)
- f.imdsPacer.SetRetries(5) // per IMDS documentation
+ f.publicAccess = container.PublicAccessType(opt.PublicAccess)
f.setRoot(root)
f.features = (&fs.Features{
ReadMimeType: true,
@@ -590,146 +665,211 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
GetTier: true,
}).Fill(ctx, f)
+ // Client options specifying our own transport
+ policyClientOptions := policy.ClientOptions{
+ Transport: newTransporter(ctx),
+ }
+ clientOpt := service.ClientOptions{
+ ClientOptions: policyClientOptions,
+ }
+
+ // Here we auth by setting one of cred, sharedKeyCred or f.svc
var (
- u *url.URL
- serviceURL azblob.ServiceURL
+ cred azcore.TokenCredential
+ sharedKeyCred *service.SharedKeyCredential
)
switch {
+ case opt.EnvAuth:
+ // Read account from environment if needed
+ if opt.Account == "" {
+ opt.Account, _ = os.LookupEnv("AZURE_STORAGE_ACCOUNT_NAME")
+ }
+ // Read credentials from the environment
+ options := azidentity.DefaultAzureCredentialOptions{
+ ClientOptions: policyClientOptions,
+ }
+ cred, err = azidentity.NewDefaultAzureCredential(&options)
+ if err != nil {
+ return nil, fmt.Errorf("create azure enviroment credential failed: %w", err)
+ }
case opt.UseEmulator:
- credential, err := azblob.NewSharedKeyCredential(emulatorAccount, emulatorAccountKey)
+ if opt.Account == "" {
+ opt.Account = emulatorAccount
+ }
+ if opt.Key == "" {
+ opt.Key = emulatorAccountKey
+ }
+ if opt.Endpoint == "" {
+ opt.Endpoint = emulatorBlobEndpoint
+ }
+ sharedKeyCred, err = service.NewSharedKeyCredential(opt.Account, opt.Key)
if err != nil {
- return nil, fmt.Errorf("Failed to parse credentials: %w", err)
+ return nil, fmt.Errorf("create new shared key credential for emulator failed: %w", err)
}
- u, err = url.Parse(emulatorBlobEndpoint)
+ case opt.Account != "" && opt.Key != "":
+ sharedKeyCred, err = service.NewSharedKeyCredential(opt.Account, opt.Key)
if err != nil {
- return nil, fmt.Errorf("failed to make azure storage url from account and endpoint: %w", err)
+ return nil, fmt.Errorf("create new shared key credential failed: %w", err)
}
- pipeline := f.newPipeline(credential, azblob.PipelineOptions{Retry: azblob.RetryOptions{TryTimeout: maxTryTimeout}})
- serviceURL = azblob.NewServiceURL(*u, pipeline)
- case opt.UseMSI:
- var token adal.Token
- var userMSI = &userMSI{}
- if len(opt.MSIClientID) > 0 || len(opt.MSIObjectID) > 0 || len(opt.MSIResourceID) > 0 {
- // Specifying a user-assigned identity. Exactly one of the above IDs must be specified.
- // Validate and ensure exactly one is set. (To do: better validation.)
- if len(opt.MSIClientID) > 0 {
- if len(opt.MSIObjectID) > 0 || len(opt.MSIResourceID) > 0 {
- return nil, errors.New("more than one user-assigned identity ID is set")
- }
- userMSI.Type = msiClientID
- userMSI.Value = opt.MSIClientID
- }
- if len(opt.MSIObjectID) > 0 {
- if len(opt.MSIClientID) > 0 || len(opt.MSIResourceID) > 0 {
- return nil, errors.New("more than one user-assigned identity ID is set")
- }
- userMSI.Type = msiObjectID
- userMSI.Value = opt.MSIObjectID
- }
- if len(opt.MSIResourceID) > 0 {
- if len(opt.MSIClientID) > 0 || len(opt.MSIObjectID) > 0 {
- return nil, errors.New("more than one user-assigned identity ID is set")
- }
- userMSI.Type = msiResourceID
- userMSI.Value = opt.MSIResourceID
+ case opt.SASURL != "":
+ parts, err := sas.ParseURL(opt.SASURL)
+ if err != nil {
+ return nil, fmt.Errorf("failed to parse SAS URL: %w", err)
+ }
+ endpoint := opt.SASURL
+ containerName := parts.ContainerName
+ // Check if we have container level SAS or account level SAS
+ if containerName != "" {
+ // Container level SAS
+ if f.rootContainer != "" && containerName != f.rootContainer {
+ return nil, fmt.Errorf("container name in SAS URL (%q) and container provided in command (%q) do not match", containerName, f.rootContainer)
}
- } else {
- userMSI = nil
+ // Rewrite the endpoint string to be without the container
+ parts.ContainerName = ""
+ endpoint = parts.String()
}
- err = f.imdsPacer.Call(func() (bool, error) {
- // Retry as specified by the documentation:
- // https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-use-vm-token#retry-guidance
- token, err = GetMSIToken(ctx, userMSI)
- return f.shouldRetry(ctx, err)
- })
-
+ f.svc, err = service.NewClientWithNoCredential(endpoint, &clientOpt)
if err != nil {
- return nil, fmt.Errorf("Failed to acquire MSI token: %w", err)
+ return nil, fmt.Errorf("unable to create SAS URL client: %w", err)
}
-
- u, err = url.Parse(fmt.Sprintf("https://%s.%s", opt.Account, opt.Endpoint))
+ // if using Container level SAS put the container client into the cache
+ if containerName != "" {
+ _ = f.cntSVC(containerName)
+ f.isLimited = true
+ }
+ case opt.ClientID != "" && opt.Tenant != "" && opt.ClientSecret != "":
+ // Service principal with client secret
+ options := azidentity.ClientSecretCredentialOptions{
+ ClientOptions: policyClientOptions,
+ }
+ cred, err = azidentity.NewClientSecretCredential(opt.Tenant, opt.ClientID, opt.ClientSecret, &options)
if err != nil {
- return nil, fmt.Errorf("failed to make azure storage url from account and endpoint: %w", err)
+ return nil, fmt.Errorf("error creating a client secret credential: %w", err)
}
- credential := azblob.NewTokenCredential(token.AccessToken, func(credential azblob.TokenCredential) time.Duration {
- fs.Debugf(f, "Token refresher called.")
- var refreshedToken adal.Token
- err := f.imdsPacer.Call(func() (bool, error) {
- refreshedToken, err = GetMSIToken(ctx, userMSI)
- return f.shouldRetry(ctx, err)
- })
+ case opt.ClientID != "" && opt.Tenant != "" && opt.ClientCertificatePath != "":
+ // Service principal with certificate
+ //
+ // Read the certificate
+ data, err := os.ReadFile(env.ShellExpand(opt.ClientCertificatePath))
+ if err != nil {
+ return nil, fmt.Errorf("error reading client certificate file: %w", err)
+ }
+ // NewClientCertificateCredential requires at least one *x509.Certificate, and a
+ // crypto.PrivateKey.
+ //
+ // ParseCertificates returns these given certificate data in PEM or PKCS12 format.
+ // It handles common scenarios but has limitations, for example it doesn't load PEM
+ // encrypted private keys.
+ var password []byte
+ if opt.ClientCertificatePassword != "" {
+ pw, err := obscure.Reveal(opt.Password)
if err != nil {
- // Failed to refresh.
- return 0
- }
- credential.SetToken(refreshedToken.AccessToken)
- now := time.Now().UTC()
- // Refresh one minute before expiry.
- refreshAt := refreshedToken.Expires().UTC().Add(-1 * time.Minute)
- fs.Debugf(f, "Acquired new token that expires at %v; refreshing in %d s", refreshedToken.Expires(),
- int(refreshAt.Sub(now).Seconds()))
- if now.After(refreshAt) {
- // Acquired a causality violation.
- return 0
+ return nil, fmt.Errorf("certificate password decode failed - did you obscure it?: %w", err)
}
- return refreshAt.Sub(now)
- })
- pipeline := f.newPipeline(credential, azblob.PipelineOptions{Retry: azblob.RetryOptions{TryTimeout: maxTryTimeout}})
- serviceURL = azblob.NewServiceURL(*u, pipeline)
- case opt.Account != "" && opt.Key != "":
- credential, err := azblob.NewSharedKeyCredential(opt.Account, opt.Key)
+ password = []byte(pw)
+ }
+ certs, key, err := azidentity.ParseCertificates(data, password)
if err != nil {
- return nil, fmt.Errorf("Failed to parse credentials: %w", err)
+ return nil, fmt.Errorf("failed to parse client certificate file: %w", err)
}
-
- u, err = url.Parse(fmt.Sprintf("https://%s.%s", opt.Account, opt.Endpoint))
+ options := azidentity.ClientCertificateCredentialOptions{
+ ClientOptions: policyClientOptions,
+ SendCertificateChain: opt.ClientSendCertificateChain,
+ }
+ cred, err = azidentity.NewClientCertificateCredential(
+ opt.Tenant, opt.ClientID, certs, key, &options,
+ )
if err != nil {
- return nil, fmt.Errorf("failed to make azure storage url from account and endpoint: %w", err)
+ return nil, fmt.Errorf("create azure service principal with client certificate credential failed: %w", err)
}
- pipeline := f.newPipeline(credential, azblob.PipelineOptions{Retry: azblob.RetryOptions{TryTimeout: maxTryTimeout}})
- serviceURL = azblob.NewServiceURL(*u, pipeline)
- case opt.SASURL != "":
- u, err = url.Parse(opt.SASURL)
+ case opt.ClientID != "" && opt.Tenant != "" && opt.Username != "" && opt.Password != "":
+ // User with username and password
+ options := azidentity.UsernamePasswordCredentialOptions{
+ ClientOptions: policyClientOptions,
+ }
+ password, err := obscure.Reveal(opt.Password)
if err != nil {
- return nil, fmt.Errorf("failed to parse SAS URL: %w", err)
+ return nil, fmt.Errorf("user password decode failed - did you obscure it?: %w", err)
}
- // use anonymous credentials in case of sas url
- pipeline := f.newPipeline(azblob.NewAnonymousCredential(), azblob.PipelineOptions{Retry: azblob.RetryOptions{TryTimeout: maxTryTimeout}})
- // Check if we have container level SAS or account level sas
- parts := azblob.NewBlobURLParts(*u)
- if parts.ContainerName != "" {
- if f.rootContainer != "" && parts.ContainerName != f.rootContainer {
- return nil, errors.New("Container name in SAS URL and container provided in command do not match")
- }
- containerURL := azblob.NewContainerURL(*u, pipeline)
- f.cntURLcache[parts.ContainerName] = &containerURL
- f.isLimited = true
- } else {
- serviceURL = azblob.NewServiceURL(*u, pipeline)
+ cred, err = azidentity.NewUsernamePasswordCredential(
+ opt.Tenant, opt.ClientID, opt.Username, password, &options,
+ )
+ if err != nil {
+ return nil, fmt.Errorf("authenticate user with password failed: %w", err)
}
case opt.ServicePrincipalFile != "":
- // Create a standard URL.
- u, err = url.Parse(fmt.Sprintf("https://%s.%s", opt.Account, opt.Endpoint))
+ // Loading service principal credentials from file.
+ loadedCreds, err := os.ReadFile(env.ShellExpand(opt.ServicePrincipalFile))
if err != nil {
- return nil, fmt.Errorf("failed to make azure storage url from account and endpoint: %w", err)
+ return nil, fmt.Errorf("error opening service principal credentials file: %w", err)
}
- // Try loading service principal credentials from file.
- loadedCreds, err := ioutil.ReadFile(env.ShellExpand(opt.ServicePrincipalFile))
+ parsedCreds, err := parseServicePrincipalCredentials(ctx, loadedCreds)
if err != nil {
- return nil, fmt.Errorf("error opening service principal credentials file: %w", err)
+ return nil, fmt.Errorf("error parsing service principal credentials file: %w", err)
+ }
+ options := azidentity.ClientSecretCredentialOptions{
+ ClientOptions: policyClientOptions,
+ }
+ cred, err = azidentity.NewClientSecretCredential(parsedCreds.Tenant, parsedCreds.AppID, parsedCreds.Password, &options)
+ if err != nil {
+ return nil, fmt.Errorf("error creating a client secret credential: %w", err)
+ }
+ case opt.UseMSI:
+ // Specifying a user-assigned identity. Exactly one of the above IDs must be specified.
+ // Validate and ensure exactly one is set. (To do: better validation.)
+ var b2i = map[bool]int{false: 0, true: 1}
+ set := b2i[opt.MSIClientID != ""] + b2i[opt.MSIObjectID != ""] + b2i[opt.MSIResourceID != ""]
+ if set > 1 {
+ return nil, errors.New("more than one user-assigned identity ID is set")
+ }
+ var options azidentity.ManagedIdentityCredentialOptions
+ switch {
+ case opt.MSIClientID != "":
+ options.ID = azidentity.ClientID(opt.MSIClientID)
+ case opt.MSIObjectID != "":
+ // FIXME this doesn't appear to be in the new SDK?
+ return nil, fmt.Errorf("MSI object ID is currently unsupported")
+ case opt.MSIResourceID != "":
+ options.ID = azidentity.ResourceID(opt.MSIResourceID)
}
- // Create a token refresher from service principal credentials.
- tokenRefresher, err := newServicePrincipalTokenRefresher(ctx, loadedCreds)
+ cred, err = azidentity.NewManagedIdentityCredential(&options)
if err != nil {
- return nil, fmt.Errorf("failed to create a service principal token: %w", err)
+ return nil, fmt.Errorf("failed to acquire MSI token: %w", err)
}
- options := azblob.PipelineOptions{Retry: azblob.RetryOptions{TryTimeout: maxTryTimeout}}
- pipe := f.newPipeline(azblob.NewTokenCredential("", tokenRefresher), options)
- serviceURL = azblob.NewServiceURL(*u, pipe)
default:
- return nil, errors.New("No authentication method configured")
+ return nil, errors.New("no authentication method configured")
+ }
+
+ // Make the client if not already created
+ if f.svc == nil {
+ // Work out what the endpoint is if it is still unset
+ if opt.Endpoint == "" {
+ if opt.Account == "" {
+ return nil, fmt.Errorf("account must be set: can't make service URL")
+ }
+ u, err := url.Parse(fmt.Sprintf("https://%s.%s", opt.Account, storageDefaultBaseURL))
+ if err != nil {
+ return nil, fmt.Errorf("failed to make azure storage URL from account: %w", err)
+ }
+ opt.Endpoint = u.String()
+ }
+ if sharedKeyCred != nil {
+ // Shared key cred
+ f.svc, err = service.NewClientWithSharedKeyCredential(opt.Endpoint, sharedKeyCred, &clientOpt)
+ if err != nil {
+ return nil, fmt.Errorf("create client with shared key failed: %w", err)
+ }
+ } else if cred != nil {
+ // Azidentity cred
+ f.svc, err = service.NewClient(opt.Endpoint, cred, &clientOpt)
+ if err != nil {
+ return nil, fmt.Errorf("create client failed: %w", err)
+ }
+ }
+ }
+ if f.svc == nil {
+ return nil, fmt.Errorf("internal error: auth failed to make credentials or client")
}
- f.svcURL = &serviceURL
if f.rootContainer != "" && f.rootDirectory != "" {
// Check to see if the (container,directory) is actually an existing file
@@ -751,24 +891,22 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
return f, nil
}
-// return the container URL for the container passed in
-func (f *Fs) cntURL(container string) (containerURL *azblob.ContainerURL) {
- f.cntURLcacheMu.Lock()
- defer f.cntURLcacheMu.Unlock()
+// return the container client for the container passed in
+func (f *Fs) cntSVC(containerName string) (containerClient *container.Client) {
+ f.cntSVCcacheMu.Lock()
+ defer f.cntSVCcacheMu.Unlock()
var ok bool
- if containerURL, ok = f.cntURLcache[container]; !ok {
- cntURL := f.svcURL.NewContainerURL(container)
- containerURL = &cntURL
- f.cntURLcache[container] = containerURL
+ if containerClient, ok = f.cntSVCcache[containerName]; !ok {
+ containerClient = f.svc.NewContainerClient(containerName)
+ f.cntSVCcache[containerName] = containerClient
}
- return containerURL
-
+ return containerClient
}
// Return an Object from a path
//
// If it can't be found it returns the error fs.ErrorObjectNotFound.
-func (f *Fs) newObjectWithInfo(remote string, info *azblob.BlobItemInternal) (fs.Object, error) {
+func (f *Fs) newObjectWithInfo(remote string, info *container.BlobItem) (fs.Object, error) {
o := &Object{
fs: f,
remote: remote,
@@ -793,9 +931,14 @@ func (f *Fs) NewObject(ctx context.Context, remote string) (fs.Object, error) {
return f.newObjectWithInfo(remote, nil)
}
-// getBlobReference creates an empty blob reference with no metadata
-func (f *Fs) getBlobReference(container, containerPath string) azblob.BlobURL {
- return f.cntURL(container).NewBlobURL(containerPath)
+// getBlobSVC creates a blob client
+func (f *Fs) getBlobSVC(container, containerPath string) *blob.Client {
+ return f.cntSVC(container).NewBlobClient(containerPath)
+}
+
+// getBlockBlobSVC creates a block blob client
+func (f *Fs) getBlockBlobSVC(container, containerPath string) *blockblob.Client {
+ return f.cntSVC(container).NewBlockBlobClient(containerPath)
}
// updateMetadataWithModTime adds the modTime passed in to o.meta.
@@ -810,22 +953,51 @@ func (o *Object) updateMetadataWithModTime(modTime time.Time) {
}
// Returns whether file is a directory marker or not
-func isDirectoryMarker(size int64, metadata azblob.Metadata, remote string) bool {
+func isDirectoryMarker(size int64, metadata map[string]string, remote string) bool {
// Directory markers are 0 length
if size == 0 {
+ endsWithSlash := strings.HasSuffix(remote, "/")
+ if endsWithSlash || remote == "" {
+ return true
+ }
// Note that metadata with hdi_isfolder = true seems to be a
// defacto standard for marking blobs as directories.
+ // Note also that the metadata hasn't been normalised to lower case yet
+ for k, v := range metadata {
+ if strings.EqualFold(k, "hdi_isfolder") && v == "true" {
+ return true
+ }
+ }
+ }
+ return false
+}
+
+// Returns whether file is a directory marker or not using metadata
+// with pointers to strings as the SDK seems to use both forms rather
+// annoyingly.
+//
+// NB This is a duplicate of isDirectoryMarker
+func isDirectoryMarkerP(size int64, metadata map[string]*string, remote string) bool {
+ // Directory markers are 0 length
+ if size == 0 {
endsWithSlash := strings.HasSuffix(remote, "/")
- if endsWithSlash || remote == "" || metadata["hdi_isfolder"] == "true" {
+ if endsWithSlash || remote == "" {
return true
}
-
+ // Note that metadata with hdi_isfolder = true seems to be a
+ // defacto standard for marking blobs as directories.
+ // Note also that the metadata hasn't been normalised to lower case yet
+ for k, pv := range metadata {
+ if strings.EqualFold(k, "hdi_isfolder") && pv != nil && *pv == "true" {
+ return true
+ }
+ }
}
return false
}
// listFn is called from list to handle an object
-type listFn func(remote string, object *azblob.BlobItemInternal, isDirectory bool) error
+type listFn func(remote string, object *container.BlobItem, isDirectory bool) error
// list lists the objects into the function supplied from
// the container and root supplied
@@ -834,8 +1006,8 @@ type listFn func(remote string, object *azblob.BlobItemInternal, isDirectory boo
//
// The remote has prefix removed from it and if addContainer is set then
// it adds the container to the start.
-func (f *Fs) list(ctx context.Context, container, directory, prefix string, addContainer bool, recurse bool, maxResults uint, fn listFn) error {
- if f.cache.IsDeleted(container) {
+func (f *Fs) list(ctx context.Context, containerName, directory, prefix string, addContainer bool, recurse bool, maxResults int32, fn listFn) error {
+ if f.cache.IsDeleted(containerName) {
return fs.ErrorDirNotFound
}
if prefix != "" {
@@ -849,51 +1021,57 @@ func (f *Fs) list(ctx context.Context, container, directory, prefix string, addC
delimiter = "/"
}
- options := azblob.ListBlobsSegmentOptions{
- Details: azblob.BlobListingDetails{
+ pager := f.cntSVC(containerName).NewListBlobsHierarchyPager(delimiter, &container.ListBlobsHierarchyOptions{
+ // Copy, Metadata, Snapshots, UncommittedBlobs, Deleted, Tags, Versions, LegalHold, ImmutabilityPolicy, DeletedWithVersions bool
+ Include: container.ListBlobsInclude{
Copy: false,
Metadata: true,
Snapshots: false,
UncommittedBlobs: false,
Deleted: false,
},
- Prefix: directory,
- MaxResults: int32(maxResults),
- }
- for marker := (azblob.Marker{}); marker.NotDone(); {
- var response *azblob.ListBlobsHierarchySegmentResponse
+ Prefix: &directory,
+ MaxResults: &maxResults,
+ })
+ for pager.More() {
+ var response container.ListBlobsHierarchyResponse
err := f.pacer.Call(func() (bool, error) {
var err error
- response, err = f.cntURL(container).ListBlobsHierarchySegment(ctx, marker, delimiter, options)
+ response, err = pager.NextPage(ctx)
+ //response, err = f.srv.ListBlobsHierarchySegment(ctx, marker, delimiter, options)
return f.shouldRetry(ctx, err)
})
if err != nil {
// Check http error code along with service code, current SDK doesn't populate service code correctly sometimes
- if storageErr, ok := err.(azblob.StorageError); ok && (storageErr.ServiceCode() == azblob.ServiceCodeContainerNotFound || storageErr.Response().StatusCode == http.StatusNotFound) {
+ if storageErr, ok := err.(*azcore.ResponseError); ok && (storageErr.ErrorCode == string(bloberror.ContainerNotFound) || storageErr.StatusCode == http.StatusNotFound) {
return fs.ErrorDirNotFound
}
return err
}
// Advance marker to next
- marker = response.NextMarker
+ // marker = response.NextMarker
for i := range response.Segment.BlobItems {
- file := &response.Segment.BlobItems[i]
+ file := response.Segment.BlobItems[i]
// Finish if file name no longer has prefix
// if prefix != "" && !strings.HasPrefix(file.Name, prefix) {
// return nil
// }
- remote := f.opt.Enc.ToStandardPath(file.Name)
+ if file.Name == nil {
+ fs.Debugf(f, "Nil name received")
+ continue
+ }
+ remote := f.opt.Enc.ToStandardPath(*file.Name)
if !strings.HasPrefix(remote, prefix) {
fs.Debugf(f, "Odd name received %q", remote)
continue
}
remote = remote[len(prefix):]
- if isDirectoryMarker(*file.Properties.ContentLength, file.Metadata, remote) {
+ if isDirectoryMarkerP(*file.Properties.ContentLength, file.Metadata, remote) {
continue // skip directory marker
}
if addContainer {
- remote = path.Join(container, remote)
+ remote = path.Join(containerName, remote)
}
// Send object
err = fn(remote, file, false)
@@ -903,7 +1081,11 @@ func (f *Fs) list(ctx context.Context, container, directory, prefix string, addC
}
// Send the subdirectories
for _, remote := range response.Segment.BlobPrefixes {
- remote := strings.TrimRight(remote.Name, "/")
+ if remote.Name == nil {
+ fs.Debugf(f, "Nil prefix received")
+ continue
+ }
+ remote := strings.TrimRight(*remote.Name, "/")
remote = f.opt.Enc.ToStandardPath(remote)
if !strings.HasPrefix(remote, prefix) {
fs.Debugf(f, "Odd directory name received %q", remote)
@@ -911,7 +1093,7 @@ func (f *Fs) list(ctx context.Context, container, directory, prefix string, addC
}
remote = remote[len(prefix):]
if addContainer {
- remote = path.Join(container, remote)
+ remote = path.Join(containerName, remote)
}
// Send object
err = fn(remote, nil, true)
@@ -924,7 +1106,7 @@ func (f *Fs) list(ctx context.Context, container, directory, prefix string, addC
}
// Convert a list item into a DirEntry
-func (f *Fs) itemToDirEntry(remote string, object *azblob.BlobItemInternal, isDirectory bool) (fs.DirEntry, error) {
+func (f *Fs) itemToDirEntry(remote string, object *container.BlobItem, isDirectory bool) (fs.DirEntry, error) {
if isDirectory {
d := fs.NewDir(remote, time.Time{})
return d, nil
@@ -941,9 +1123,9 @@ func (f *Fs) containerOK(container string) bool {
if !f.isLimited {
return true
}
- f.cntURLcacheMu.Lock()
- defer f.cntURLcacheMu.Unlock()
- for limitedContainer := range f.cntURLcache {
+ f.cntSVCcacheMu.Lock()
+ defer f.cntSVCcacheMu.Unlock()
+ for limitedContainer := range f.cntSVCcache {
if container == limitedContainer {
return true
}
@@ -952,11 +1134,11 @@ func (f *Fs) containerOK(container string) bool {
}
// listDir lists a single directory
-func (f *Fs) listDir(ctx context.Context, container, directory, prefix string, addContainer bool) (entries fs.DirEntries, err error) {
- if !f.containerOK(container) {
+func (f *Fs) listDir(ctx context.Context, containerName, directory, prefix string, addContainer bool) (entries fs.DirEntries, err error) {
+ if !f.containerOK(containerName) {
return nil, fs.ErrorDirNotFound
}
- err = f.list(ctx, container, directory, prefix, addContainer, false, f.opt.ListChunkSize, func(remote string, object *azblob.BlobItemInternal, isDirectory bool) error {
+ err = f.list(ctx, containerName, directory, prefix, addContainer, false, int32(f.opt.ListChunkSize), func(remote string, object *container.BlobItem, isDirectory bool) error {
entry, err := f.itemToDirEntry(remote, object, isDirectory)
if err != nil {
return err
@@ -970,24 +1152,24 @@ func (f *Fs) listDir(ctx context.Context, container, directory, prefix string, a
return nil, err
}
// container must be present if listing succeeded
- f.cache.MarkOK(container)
+ f.cache.MarkOK(containerName)
return entries, nil
}
// listContainers returns all the containers to out
func (f *Fs) listContainers(ctx context.Context) (entries fs.DirEntries, err error) {
if f.isLimited {
- f.cntURLcacheMu.Lock()
- for container := range f.cntURLcache {
+ f.cntSVCcacheMu.Lock()
+ for container := range f.cntSVCcache {
d := fs.NewDir(container, time.Time{})
entries = append(entries, d)
}
- f.cntURLcacheMu.Unlock()
+ f.cntSVCcacheMu.Unlock()
return entries, nil
}
- err = f.listContainersToFn(func(container *azblob.ContainerItem) error {
- d := fs.NewDir(f.opt.Enc.ToStandardName(container.Name), container.Properties.LastModified)
- f.cache.MarkOK(container.Name)
+ err = f.listContainersToFn(func(Name string, LastModified time.Time) error {
+ d := fs.NewDir(f.opt.Enc.ToStandardName(Name), LastModified)
+ f.cache.MarkOK(Name)
entries = append(entries, d)
return nil
})
@@ -1034,10 +1216,10 @@ func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err e
// Don't implement this unless you have a more efficient way
// of listing recursively that doing a directory traversal.
func (f *Fs) ListR(ctx context.Context, dir string, callback fs.ListRCallback) (err error) {
- container, directory := f.split(dir)
+ containerName, directory := f.split(dir)
list := walk.NewListRHelper(callback)
- listR := func(container, directory, prefix string, addContainer bool) error {
- return f.list(ctx, container, directory, prefix, addContainer, true, f.opt.ListChunkSize, func(remote string, object *azblob.BlobItemInternal, isDirectory bool) error {
+ listR := func(containerName, directory, prefix string, addContainer bool) error {
+ return f.list(ctx, containerName, directory, prefix, addContainer, true, int32(f.opt.ListChunkSize), func(remote string, object *container.BlobItem, isDirectory bool) error {
entry, err := f.itemToDirEntry(remote, object, isDirectory)
if err != nil {
return err
@@ -1045,7 +1227,7 @@ func (f *Fs) ListR(ctx context.Context, dir string, callback fs.ListRCallback) (
return list.Add(entry)
})
}
- if container == "" {
+ if containerName == "" {
entries, err := f.listContainers(ctx)
if err != nil {
return err
@@ -1064,46 +1246,50 @@ func (f *Fs) ListR(ctx context.Context, dir string, callback fs.ListRCallback) (
f.cache.MarkOK(container)
}
} else {
- if !f.containerOK(container) {
+ if !f.containerOK(containerName) {
return fs.ErrorDirNotFound
}
- err = listR(container, directory, f.rootDirectory, f.rootContainer == "")
+ err = listR(containerName, directory, f.rootDirectory, f.rootContainer == "")
if err != nil {
return err
}
// container must be present if listing succeeded
- f.cache.MarkOK(container)
+ f.cache.MarkOK(containerName)
}
return list.Flush()
}
// listContainerFn is called from listContainersToFn to handle a container
-type listContainerFn func(*azblob.ContainerItem) error
+type listContainerFn func(Name string, LastModified time.Time) error
// listContainersToFn lists the containers to the function supplied
func (f *Fs) listContainersToFn(fn listContainerFn) error {
- params := azblob.ListContainersSegmentOptions{
- MaxResults: int32(f.opt.ListChunkSize),
- }
+ max := int32(f.opt.ListChunkSize)
+ pager := f.svc.NewListContainersPager(&service.ListContainersOptions{
+ Include: service.ListContainersInclude{Metadata: true, Deleted: true},
+ MaxResults: &max,
+ })
ctx := context.Background()
- for marker := (azblob.Marker{}); marker.NotDone(); {
- var response *azblob.ListContainersSegmentResponse
+ for pager.More() {
+ var response service.ListContainersResponse
err := f.pacer.Call(func() (bool, error) {
var err error
- response, err = f.svcURL.ListContainersSegment(ctx, marker, params)
+ response, err = pager.NextPage(ctx)
return f.shouldRetry(ctx, err)
})
if err != nil {
return err
}
- for i := range response.ContainerItems {
- err = fn(&response.ContainerItems[i])
+ for _, cnt := range response.ContainerItems {
+ if cnt == nil || cnt.Name == nil || cnt.Properties == nil || cnt.Properties.LastModified == nil {
+ fs.Debugf(f, "nil returned in container info")
+ }
+ err = fn(*cnt.Name, *cnt.Properties.LastModified)
if err != nil {
return err
}
}
- marker = response.NextMarker
}
return nil
@@ -1111,7 +1297,7 @@ func (f *Fs) listContainersToFn(fn listContainerFn) error {
// Put the object into the container
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
@@ -1136,20 +1322,34 @@ func (f *Fs) Mkdir(ctx context.Context, dir string) error {
// makeContainer creates the container if it doesn't exist
func (f *Fs) makeContainer(ctx context.Context, container string) error {
+ if f.opt.NoCheckContainer {
+ return nil
+ }
return f.cache.Create(container, func() error {
// If this is a SAS URL limited to a container then assume it is already created
if f.isLimited {
return nil
}
+ opt := service.CreateContainerOptions{
+ // Optional. Specifies a user-defined name-value pair associated with the blob.
+ //Metadata map[string]string
+
+ // Optional. Specifies the encryption scope settings to set on the container.
+ //CpkScopeInfo *CpkScopeInfo
+ }
+ if f.publicAccess != "" {
+ // Specifies whether data in the container may be accessed publicly and the level of access
+ opt.Access = &f.publicAccess
+ }
// now try to create the container
return f.pacer.Call(func() (bool, error) {
- _, err := f.cntURL(container).Create(ctx, azblob.Metadata{}, f.publicAccess)
+ _, err := f.svc.CreateContainer(ctx, container, &opt)
if err != nil {
- if storageErr, ok := err.(azblob.StorageError); ok {
- switch storageErr.ServiceCode() {
- case azblob.ServiceCodeContainerAlreadyExists:
+ if storageErr, ok := err.(*azcore.ResponseError); ok {
+ switch bloberror.Code(storageErr.ErrorCode) {
+ case bloberror.ContainerAlreadyExists:
return false, nil
- case azblob.ServiceCodeContainerBeingDeleted:
+ case bloberror.ContainerBeingDeleted:
// From https://docs.microsoft.com/en-us/rest/api/storageservices/delete-container
// When a container is deleted, a container with the same name cannot be created
// for at least 30 seconds; the container may not be available for more than 30
@@ -1157,6 +1357,11 @@ func (f *Fs) makeContainer(ctx context.Context, container string) error {
time.Sleep(6 * time.Second) // default 10 retries will be 60 seconds
f.cache.MarkDeleted(container)
return true, err
+ case bloberror.AuthorizationFailure:
+ // Assume that the user does not have permission to
+ // create the container and carry on anyway.
+ fs.Debugf(f, "Tried to create container but got %s error - carrying on assuming container exists. Use no_check_container to stop this check..", storageErr.ErrorCode)
+ return false, nil
}
}
}
@@ -1166,9 +1371,9 @@ func (f *Fs) makeContainer(ctx context.Context, container string) error {
}
// isEmpty checks to see if a given (container, directory) is empty and returns an error if not
-func (f *Fs) isEmpty(ctx context.Context, container, directory string) (err error) {
+func (f *Fs) isEmpty(ctx context.Context, containerName, directory string) (err error) {
empty := true
- err = f.list(ctx, container, directory, f.rootDirectory, f.rootContainer == "", true, 1, func(remote string, object *azblob.BlobItemInternal, isDirectory bool) error {
+ err = f.list(ctx, containerName, directory, f.rootDirectory, f.rootContainer == "", true, 1, func(remote string, object *container.BlobItem, isDirectory bool) error {
empty = false
return nil
})
@@ -1183,18 +1388,19 @@ func (f *Fs) isEmpty(ctx context.Context, container, directory string) (err erro
// deleteContainer deletes the container. It can delete a full
// container so use isEmpty if you don't want that.
-func (f *Fs) deleteContainer(ctx context.Context, container string) error {
- return f.cache.Remove(container, func() error {
- options := azblob.ContainerAccessConditions{}
+func (f *Fs) deleteContainer(ctx context.Context, containerName string) error {
+ return f.cache.Remove(containerName, func() error {
+ getOptions := container.GetPropertiesOptions{}
+ delOptions := container.DeleteOptions{}
return f.pacer.Call(func() (bool, error) {
- _, err := f.cntURL(container).GetProperties(ctx, azblob.LeaseAccessConditions{})
+ _, err := f.cntSVC(containerName).GetProperties(ctx, &getOptions)
if err == nil {
- _, err = f.cntURL(container).Delete(ctx, options)
+ _, err = f.cntSVC(containerName).Delete(ctx, &delOptions)
}
if err != nil {
// Check http error code along with service code, current SDK doesn't populate service code correctly sometimes
- if storageErr, ok := err.(azblob.StorageError); ok && (storageErr.ServiceCode() == azblob.ServiceCodeContainerNotFound || storageErr.Response().StatusCode == http.StatusNotFound) {
+ if storageErr, ok := err.(*azcore.ResponseError); ok && (storageErr.ErrorCode == string(bloberror.ContainerNotFound) || storageErr.StatusCode == http.StatusNotFound) {
return false, fs.ErrorDirNotFound
}
@@ -1243,9 +1449,9 @@ func (f *Fs) Purge(ctx context.Context, dir string) error {
// Copy src to this remote using server-side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -1261,33 +1467,32 @@ func (f *Fs) Copy(ctx context.Context, src fs.Object, remote string) (fs.Object,
fs.Debugf(src, "Can't copy - not same remote type")
return nil, fs.ErrorCantCopy
}
- dstBlobURL := f.getBlobReference(dstContainer, dstPath)
- srcBlobURL := srcObj.getBlobReference()
+ dstBlobSVC := f.getBlobSVC(dstContainer, dstPath)
+ srcBlobSVC := srcObj.getBlobSVC()
+ srcURL := srcBlobSVC.URL()
- source, err := url.Parse(srcBlobURL.String())
- if err != nil {
- return nil, err
+ tier := blob.AccessTier(f.opt.AccessTier)
+ options := blob.StartCopyFromURLOptions{
+ Tier: &tier,
}
-
- options := azblob.BlobAccessConditions{}
- var startCopy *azblob.BlobStartCopyFromURLResponse
-
+ var startCopy blob.StartCopyFromURLResponse
err = f.pacer.Call(func() (bool, error) {
- startCopy, err = dstBlobURL.StartCopyFromURL(ctx, *source, nil, azblob.ModifiedAccessConditions{}, options, azblob.AccessTierType(f.opt.AccessTier), nil)
+ startCopy, err = dstBlobSVC.StartCopyFromURL(ctx, srcURL, &options)
return f.shouldRetry(ctx, err)
})
if err != nil {
return nil, err
}
- copyStatus := startCopy.CopyStatus()
- for copyStatus == azblob.CopyStatusPending {
+ copyStatus := startCopy.CopyStatus
+ getOptions := blob.GetPropertiesOptions{}
+ for copyStatus != nil && string(*copyStatus) == string(container.CopyStatusTypePending) {
time.Sleep(1 * time.Second)
- getMetadata, err := dstBlobURL.GetProperties(ctx, options, azblob.ClientProvidedKeyOptions{})
+ getMetadata, err := dstBlobSVC.GetProperties(ctx, &getOptions)
if err != nil {
return nil, err
}
- copyStatus = getMetadata.CopyStatus()
+ copyStatus = getMetadata.CopyStatus
}
return f.NewObject(ctx, remote)
@@ -1337,7 +1542,7 @@ func (o *Object) Hash(ctx context.Context, t hash.Type) (string, error) {
}
data, err := base64.StdEncoding.DecodeString(o.md5)
if err != nil {
- return "", fmt.Errorf("Failed to decode Content-MD5: %q: %w", o.md5, err)
+ return "", fmt.Errorf("failed to decode Content-MD5: %q: %w", o.md5, err)
}
return hex.EncodeToString(data), nil
}
@@ -1347,10 +1552,16 @@ func (o *Object) Size() int64 {
return o.size
}
-func (o *Object) setMetadata(metadata azblob.Metadata) {
+func (o *Object) setMetadata(metadata map[string]string) {
if len(metadata) > 0 {
- o.meta = metadata
- if modTime, ok := metadata[modTimeKey]; ok {
+ // Lower case the metadata
+ o.meta = make(map[string]string, len(metadata))
+ for k, v := range metadata {
+ o.meta[strings.ToLower(k)] = v
+ }
+ // Set o.modTime from metadata if it exists and
+ // UseServerModTime isn't in use.
+ if modTime, ok := o.meta[modTimeKey]; !o.fs.ci.UseServerModTime && ok {
when, err := time.Parse(timeFormatIn, modTime)
if err != nil {
fs.Debugf(o, "Couldn't parse %v = %q: %v", modTimeKey, modTime, err)
@@ -1362,49 +1573,102 @@ func (o *Object) setMetadata(metadata azblob.Metadata) {
}
}
+// Duplicte of setMetadata but taking pointers to strings
+func (o *Object) setMetadataP(metadata map[string]*string) {
+ if len(metadata) > 0 {
+ // Convert the format of the metadata
+ newMeta := make(map[string]string, len(metadata))
+ for k, v := range metadata {
+ if v != nil {
+ newMeta[k] = *v
+ }
+ }
+ o.setMetadata(newMeta)
+ } else {
+ o.meta = nil
+ }
+}
+
// decodeMetaDataFromPropertiesResponse sets the metadata from the data passed in
//
// Sets
-// o.id
-// o.modTime
-// o.size
-// o.md5
-// o.meta
-func (o *Object) decodeMetaDataFromPropertiesResponse(info *azblob.BlobGetPropertiesResponse) (err error) {
- metadata := info.NewMetadata()
- size := info.ContentLength()
+//
+// o.id
+// o.modTime
+// o.size
+// o.md5
+// o.meta
+func (o *Object) decodeMetaDataFromPropertiesResponse(info *blob.GetPropertiesResponse) (err error) {
+ metadata := info.Metadata
+ var size int64
+ if info.ContentLength == nil {
+ size = -1
+ } else {
+ size = *info.ContentLength
+ }
if isDirectoryMarker(size, metadata, o.remote) {
return fs.ErrorNotAFile
}
// NOTE - Client library always returns MD5 as base64 decoded string, Object needs to maintain
// this as base64 encoded string.
- o.md5 = base64.StdEncoding.EncodeToString(info.ContentMD5())
- o.mimeType = info.ContentType()
+ o.md5 = base64.StdEncoding.EncodeToString(info.ContentMD5)
+ if info.ContentType == nil {
+ o.mimeType = ""
+ } else {
+ o.mimeType = *info.ContentType
+ }
o.size = size
- o.modTime = info.LastModified()
- o.accessTier = azblob.AccessTierType(info.AccessTier())
+ if info.LastModified == nil {
+ o.modTime = time.Now()
+ } else {
+ o.modTime = *info.LastModified
+ }
+ if info.AccessTier == nil {
+ o.accessTier = blob.AccessTier("")
+ } else {
+ o.accessTier = blob.AccessTier(*info.AccessTier)
+ }
o.setMetadata(metadata)
return nil
}
-func (o *Object) decodeMetaDataFromDownloadResponse(info *azblob.DownloadResponse) (err error) {
- metadata := info.NewMetadata()
- size := info.ContentLength()
+func (o *Object) decodeMetaDataFromDownloadResponse(info *blob.DownloadStreamResponse) (err error) {
+ metadata := info.Metadata
+ var size int64
+ if info.ContentLength == nil {
+ size = -1
+ } else {
+ size = *info.ContentLength
+ }
if isDirectoryMarker(size, metadata, o.remote) {
return fs.ErrorNotAFile
}
// NOTE - Client library always returns MD5 as base64 decoded string, Object needs to maintain
// this as base64 encoded string.
- o.md5 = base64.StdEncoding.EncodeToString(info.ContentMD5())
- o.mimeType = info.ContentType()
+ o.md5 = base64.StdEncoding.EncodeToString(info.ContentMD5)
+ if info.ContentType == nil {
+ o.mimeType = ""
+ } else {
+ o.mimeType = *info.ContentType
+ }
o.size = size
- o.modTime = info.LastModified()
- o.accessTier = o.AccessTier()
+ if info.LastModified == nil {
+ o.modTime = time.Now()
+ } else {
+ o.modTime = *info.LastModified
+ }
+ // FIXME response doesn't appear to have AccessTier in?
+ // if info.AccessTier == nil {
+ // o.accessTier = blob.AccessTier("")
+ // } else {
+ // o.accessTier = blob.AccessTier(*info.AccessTier)
+ // }
o.setMetadata(metadata)
// If it was a Range request, the size is wrong, so correct it
- if contentRange := info.ContentRange(); contentRange != "" {
+ if info.ContentRange != nil {
+ contentRange := *info.ContentRange
slash := strings.IndexRune(contentRange, '/')
if slash >= 0 {
i, err := strconv.ParseInt(contentRange[slash+1:], 10, 64)
@@ -1421,27 +1685,54 @@ func (o *Object) decodeMetaDataFromDownloadResponse(info *azblob.DownloadRespons
return nil
}
-func (o *Object) decodeMetaDataFromBlob(info *azblob.BlobItemInternal) (err error) {
+func (o *Object) decodeMetaDataFromBlob(info *container.BlobItem) (err error) {
+ if info.Properties == nil {
+ return errors.New("nil Properties in decodeMetaDataFromBlob")
+ }
metadata := info.Metadata
- size := *info.Properties.ContentLength
- if isDirectoryMarker(size, metadata, o.remote) {
+ var size int64
+ if info.Properties.ContentLength == nil {
+ size = -1
+ } else {
+ size = *info.Properties.ContentLength
+ }
+ if isDirectoryMarkerP(size, metadata, o.remote) {
return fs.ErrorNotAFile
}
// NOTE - Client library always returns MD5 as base64 decoded string, Object needs to maintain
// this as base64 encoded string.
o.md5 = base64.StdEncoding.EncodeToString(info.Properties.ContentMD5)
- o.mimeType = *info.Properties.ContentType
+ if info.Properties.ContentType == nil {
+ o.mimeType = ""
+ } else {
+ o.mimeType = *info.Properties.ContentType
+ }
o.size = size
- o.modTime = info.Properties.LastModified
- o.accessTier = info.Properties.AccessTier
- o.setMetadata(metadata)
+ if info.Properties.LastModified == nil {
+ o.modTime = time.Now()
+ } else {
+ o.modTime = *info.Properties.LastModified
+ }
+ if info.Properties.AccessTier == nil {
+ o.accessTier = blob.AccessTier("")
+ } else {
+ o.accessTier = *info.Properties.AccessTier
+ }
+ o.setMetadataP(metadata)
+
return nil
}
-// getBlobReference creates an empty blob reference with no metadata
-func (o *Object) getBlobReference() azblob.BlobURL {
+// getBlobSVC creates a blob client
+func (o *Object) getBlobSVC() *blob.Client {
container, directory := o.split()
- return o.fs.getBlobReference(container, directory)
+ return o.fs.getBlobSVC(container, directory)
+}
+
+// getBlockBlobSVC creates a block blob client
+func (o *Object) getBlockBlobSVC() *blockblob.Client {
+ container, directory := o.split()
+ return o.fs.getBlockBlobSVC(container, directory)
}
// clearMetaData clears enough metadata so readMetaData will re-read it
@@ -1452,10 +1743,11 @@ func (o *Object) clearMetaData() {
// readMetaData gets the metadata if it hasn't already been fetched
//
// Sets
-// o.id
-// o.modTime
-// o.size
-// o.md5
+//
+// o.id
+// o.modTime
+// o.size
+// o.md5
func (o *Object) readMetaData() (err error) {
container, _ := o.split()
if !o.fs.containerOK(container) {
@@ -1464,25 +1756,26 @@ func (o *Object) readMetaData() (err error) {
if !o.modTime.IsZero() {
return nil
}
- blob := o.getBlobReference()
+ blb := o.getBlobSVC()
+ // fs.Debugf(o, "Blob URL = %q", blb.URL())
// Read metadata (this includes metadata)
- options := azblob.BlobAccessConditions{}
+ options := blob.GetPropertiesOptions{}
ctx := context.Background()
- var blobProperties *azblob.BlobGetPropertiesResponse
+ var blobProperties blob.GetPropertiesResponse
err = o.fs.pacer.Call(func() (bool, error) {
- blobProperties, err = blob.GetProperties(ctx, options, azblob.ClientProvidedKeyOptions{})
+ blobProperties, err = blb.GetProperties(ctx, &options)
return o.fs.shouldRetry(ctx, err)
})
if err != nil {
// On directories - GetProperties does not work and current SDK does not populate service code correctly hence check regular http response as well
- if storageErr, ok := err.(azblob.StorageError); ok && (storageErr.ServiceCode() == azblob.ServiceCodeBlobNotFound || storageErr.Response().StatusCode == http.StatusNotFound) {
+ if storageErr, ok := err.(*azcore.ResponseError); ok && (storageErr.ErrorCode == string(bloberror.BlobNotFound) || storageErr.StatusCode == http.StatusNotFound) {
return fs.ErrorObjectNotFound
}
return err
}
- return o.decodeMetaDataFromPropertiesResponse(blobProperties)
+ return o.decodeMetaDataFromPropertiesResponse(&blobProperties)
}
// ModTime returns the modification time of the object
@@ -1504,9 +1797,10 @@ func (o *Object) SetModTime(ctx context.Context, modTime time.Time) error {
// Set modTimeKey in it
o.meta[modTimeKey] = modTime.Format(timeFormatOut)
- blob := o.getBlobReference()
+ blb := o.getBlobSVC()
+ opt := blob.SetMetadataOptions{}
err := o.fs.pacer.Call(func() (bool, error) {
- _, err := blob.SetMetadata(ctx, o.meta, azblob.BlobAccessConditions{}, azblob.ClientProvidedKeyOptions{})
+ _, err := blb.SetMetadata(ctx, o.meta, &opt)
return o.fs.shouldRetry(ctx, err)
})
if err != nil {
@@ -1526,8 +1820,8 @@ func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (in io.Read
// Offset and Count for range download
var offset int64
var count int64
- if o.AccessTier() == azblob.AccessTierArchive {
- return nil, fmt.Errorf("Blob in archive tier, you need to set tier to hot or cool first")
+ if o.AccessTier() == blob.AccessTierArchive {
+ return nil, fmt.Errorf("blob in archive tier, you need to set tier to hot or cool first")
}
fs.FixRangeOption(options, o.size)
for _, option := range options {
@@ -1545,55 +1839,36 @@ func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (in io.Read
}
}
}
- blob := o.getBlobReference()
- ac := azblob.BlobAccessConditions{}
- var downloadResponse *azblob.DownloadResponse
+ blb := o.getBlobSVC()
+ opt := blob.DownloadStreamOptions{
+ // When set to true and specified together with the Range, the service returns the MD5 hash for the range, as long as the
+ // range is less than or equal to 4 MB in size.
+ //RangeGetContentMD5 *bool
+
+ // Range specifies a range of bytes. The default value is all bytes.
+ //Range HTTPRange
+ Range: blob.HTTPRange{
+ Offset: offset,
+ Count: count,
+ },
+
+ // AccessConditions *AccessConditions
+ // CpkInfo *CpkInfo
+ // CpkScopeInfo *CpkScopeInfo
+ }
+ var downloadResponse blob.DownloadStreamResponse
err = o.fs.pacer.Call(func() (bool, error) {
- downloadResponse, err = blob.Download(ctx, offset, count, ac, false, azblob.ClientProvidedKeyOptions{})
+ downloadResponse, err = blb.DownloadStream(ctx, &opt)
return o.fs.shouldRetry(ctx, err)
})
if err != nil {
return nil, fmt.Errorf("failed to open for download: %w", err)
}
- err = o.decodeMetaDataFromDownloadResponse(downloadResponse)
+ err = o.decodeMetaDataFromDownloadResponse(&downloadResponse)
if err != nil {
return nil, fmt.Errorf("failed to decode metadata for download: %w", err)
}
- in = downloadResponse.Body(azblob.RetryReaderOptions{})
- return in, nil
-}
-
-// dontEncode is the characters that do not need percent-encoding
-//
-// The characters that do not need percent-encoding are a subset of
-// the printable ASCII characters: upper-case letters, lower-case
-// letters, digits, ".", "_", "-", "/", "~", "!", "$", "'", "(", ")",
-// "*", ";", "=", ":", and "@". All other byte values in a UTF-8 must
-// be replaced with "%" and the two-digit hex value of the byte.
-const dontEncode = (`abcdefghijklmnopqrstuvwxyz` +
- `ABCDEFGHIJKLMNOPQRSTUVWXYZ` +
- `0123456789` +
- `._-/~!$'()*;=:@`)
-
-// noNeedToEncode is a bitmap of characters which don't need % encoding
-var noNeedToEncode [256]bool
-
-func init() {
- for _, c := range dontEncode {
- noNeedToEncode[c] = true
- }
-}
-
-// increment the slice passed in as LSB binary
-func increment(xs []byte) {
- for i, digit := range xs {
- newDigit := digit + 1
- xs[i] = newDigit
- if newDigit >= digit {
- // exit if no carry
- break
- }
- }
+ return downloadResponse.Body, nil
}
// poolWrapper wraps a pool.Pool as an azblob.TransferManager
@@ -1605,7 +1880,7 @@ type poolWrapper struct {
// newPoolWrapper creates an azblob.TransferManager that will use a
// pool.Pool with maximum concurrency as specified.
-func (f *Fs) newPoolWrapper(concurrency int) azblob.TransferManager {
+func (f *Fs) newPoolWrapper(concurrency int) *poolWrapper {
return &poolWrapper{
pool: f.pool,
bufToken: make(chan struct{}, concurrency),
@@ -1638,11 +1913,253 @@ func (pw *poolWrapper) Run(f func()) {
func (pw *poolWrapper) Close() {
}
+// Converts a string into a pointer to a string
+func pString(s string) *string {
+ return &s
+}
+
+// readSeekCloser joins an io.Reader and an io.Seeker and provides a no-op io.Closer
+type readSeekCloser struct {
+ io.Reader
+ io.Seeker
+}
+
+// Close does nothing
+func (rs *readSeekCloser) Close() error {
+ return nil
+}
+
+// increment the slice passed in as LSB binary
+func increment(xs []byte) {
+ for i, digit := range xs {
+ newDigit := digit + 1
+ xs[i] = newDigit
+ if newDigit >= digit {
+ // exit if no carry
+ break
+ }
+ }
+}
+
+var warnStreamUpload sync.Once
+
+// uploadMultipart uploads a file using multipart upload
+//
+// Write a larger blob, using CreateBlockBlob, PutBlock, and PutBlockList.
+func (o *Object) uploadMultipart(ctx context.Context, in io.Reader, size int64, blb *blockblob.Client, httpHeaders *blob.HTTPHeaders) (err error) {
+ // Calculate correct partSize
+ partSize := o.fs.opt.ChunkSize
+ totalParts := -1
+
+ // make concurrency machinery
+ concurrency := o.fs.opt.UploadConcurrency
+ if concurrency < 1 {
+ concurrency = 1
+ }
+ tokens := pacer.NewTokenDispenser(concurrency)
+
+ // Note that the max size of file is 4.75 TB (100 MB X 50,000
+ // blocks) and this is bigger than the max uncommitted block
+ // size (9.52 TB) so we do not need to part commit block lists
+ // or garbage collect uncommitted blocks.
+ //
+ // See: https://docs.microsoft.com/en-gb/rest/api/storageservices/put-block
+
+ // size can be -1 here meaning we don't know the size of the incoming file. We use ChunkSize
+ // buffers here (default 4MB). With a maximum number of parts (50,000) this will be a file of
+ // 195GB which seems like a not too unreasonable limit.
+ if size == -1 {
+ warnStreamUpload.Do(func() {
+ fs.Logf(o, "Streaming uploads using chunk size %v will have maximum file size of %v",
+ o.fs.opt.ChunkSize, partSize*fs.SizeSuffix(blockblob.MaxBlocks))
+ })
+ } else {
+ partSize = chunksize.Calculator(o, size, blockblob.MaxBlocks, o.fs.opt.ChunkSize)
+ if partSize > fs.SizeSuffix(blockblob.MaxStageBlockBytes) {
+ return fmt.Errorf("can't upload as it is too big %v - takes more than %d chunks of %v", fs.SizeSuffix(size), fs.SizeSuffix(blockblob.MaxBlocks), fs.SizeSuffix(blockblob.MaxStageBlockBytes))
+ }
+ totalParts = int(fs.SizeSuffix(size) / partSize)
+ if fs.SizeSuffix(size)%partSize != 0 {
+ totalParts++
+ }
+ }
+
+ fs.Debugf(o, "Multipart upload session started for %d parts of size %v", totalParts, partSize)
+
+ // unwrap the accounting from the input, we use wrap to put it
+ // back on after the buffering
+ in, wrap := accounting.UnWrap(in)
+
+ // FIXME it would be nice to delete uncommitted blocks
+ // See: https://github.com/rclone/rclone/issues/5583
+ //
+ // However there doesn't seem to be an easy way of doing this other than
+ // by deleting the target.
+ //
+ // This means that a failed upload deletes the target which isn't ideal.
+ //
+ // Uploading a zero length blob and deleting it will remove the
+ // uncommitted blocks I think.
+ //
+ // Could check to see if a file exists already and if it
+ // doesn't then create a 0 length file and delete it to flush
+ // the uncommitted blocks.
+ //
+ // This is what azcopy does
+ // https://github.com/MicrosoftDocs/azure-docs/issues/36347#issuecomment-541457962
+ // defer atexit.OnError(&err, func() {
+ // fs.Debugf(o, "Cancelling multipart upload")
+ // // Code goes here!
+ // })()
+
+ // Upload the chunks
+ var (
+ g, gCtx = errgroup.WithContext(ctx)
+ remaining = fs.SizeSuffix(size) // remaining size in file for logging only, -1 if size < 0
+ position = fs.SizeSuffix(0) // position in file
+ memPool = o.fs.getMemoryPool(int64(partSize)) // pool to get memory from
+ finished = false // set when we have read EOF
+ blocks []string // list of blocks for finalize
+ binaryBlockID = make([]byte, 8) // block counter as LSB first 8 bytes
+ )
+ for part := 0; !finished; part++ {
+ // Get a block of memory from the pool and a token which limits concurrency
+ tokens.Get()
+ buf := memPool.Get()
+
+ free := func() {
+ memPool.Put(buf) // return the buf
+ tokens.Put() // return the token
+ }
+
+ // Fail fast, in case an errgroup managed function returns an error
+ // gCtx is cancelled. There is no point in uploading all the other parts.
+ if gCtx.Err() != nil {
+ free()
+ break
+ }
+
+ // Read the chunk
+ n, err := readers.ReadFill(in, buf) // this can never return 0, nil
+ if err == io.EOF {
+ if n == 0 { // end if no data
+ free()
+ break
+ }
+ finished = true
+ } else if err != nil {
+ free()
+ return fmt.Errorf("multipart upload failed to read source: %w", err)
+ }
+ buf = buf[:n]
+
+ // increment the blockID and save the blocks for finalize
+ increment(binaryBlockID)
+ blockID := base64.StdEncoding.EncodeToString(binaryBlockID)
+ blocks = append(blocks, blockID)
+
+ // Transfer the chunk
+ fs.Debugf(o, "Uploading part %d/%d offset %v/%v part size %d", part+1, totalParts, position, fs.SizeSuffix(size), len(buf))
+ g.Go(func() (err error) {
+ defer free()
+
+ // Upload the block, with MD5 for check
+ md5sum := md5.Sum(buf)
+ transactionalMD5 := md5sum[:]
+ err = o.fs.pacer.Call(func() (bool, error) {
+ bufferReader := bytes.NewReader(buf)
+ wrappedReader := wrap(bufferReader)
+ rs := readSeekCloser{wrappedReader, bufferReader}
+ options := blockblob.StageBlockOptions{
+ // Specify the transactional md5 for the body, to be validated by the service.
+ TransactionalValidation: blob.TransferValidationTypeMD5(transactionalMD5),
+ }
+ _, err = blb.StageBlock(ctx, blockID, &rs, &options)
+ return o.fs.shouldRetry(ctx, err)
+ })
+ if err != nil {
+ return fmt.Errorf("multipart upload failed to upload part: %w", err)
+ }
+ return nil
+ })
+
+ // ready for next block
+ if size >= 0 {
+ remaining -= partSize
+ }
+ position += partSize
+ }
+ err = g.Wait()
+ if err != nil {
+ return err
+ }
+
+ tier := blob.AccessTier(o.fs.opt.AccessTier)
+ options := blockblob.CommitBlockListOptions{
+ Metadata: o.meta,
+ Tier: &tier,
+ HTTPHeaders: httpHeaders,
+ }
+
+ // Finalise the upload session
+ err = o.fs.pacer.Call(func() (bool, error) {
+ _, err := blb.CommitBlockList(ctx, blocks, &options)
+ return o.fs.shouldRetry(ctx, err)
+ })
+ if err != nil {
+ return fmt.Errorf("multipart upload failed to finalize: %w", err)
+ }
+ return nil
+}
+
+// uploadSinglepart uploads a short blob using a single part upload
+func (o *Object) uploadSinglepart(ctx context.Context, in io.Reader, size int64, blb *blockblob.Client, httpHeaders *blob.HTTPHeaders) (err error) {
+ // fs.Debugf(o, "Single part upload starting of object %d bytes", size)
+ if size > o.fs.poolSize || size < 0 {
+ return fmt.Errorf("internal error: single part upload size too big %d > %d", size, o.fs.opt.ChunkSize)
+ }
+
+ buf := o.fs.pool.Get()
+ defer o.fs.pool.Put(buf)
+
+ n, err := readers.ReadFill(in, buf)
+ if err == nil {
+ // Check to see whether in is exactly len(buf) or bigger
+ var buf2 = []byte{0}
+ n2, err2 := readers.ReadFill(in, buf2)
+ if n2 != 0 || err2 != io.EOF {
+ return fmt.Errorf("single part upload read failed: object longer than expected (expecting %d but got > %d)", size, len(buf))
+ }
+ }
+ if err != nil && err != io.EOF {
+ return fmt.Errorf("single part upload read failed: %w", err)
+ }
+ if int64(n) != size {
+ return fmt.Errorf("single part upload: expecting to read %d bytes but read %d", size, n)
+ }
+
+ b := bytes.NewReader(buf[:n])
+ rs := &readSeekCloser{Reader: b, Seeker: b}
+
+ tier := blob.AccessTier(o.fs.opt.AccessTier)
+ options := blockblob.UploadOptions{
+ Metadata: o.meta,
+ Tier: &tier,
+ HTTPHeaders: httpHeaders,
+ }
+
+ // Don't retry, return a retry error instead
+ return o.fs.pacer.CallNoRetry(func() (bool, error) {
+ _, err = blb.Upload(ctx, rs, &options)
+ return o.fs.shouldRetry(ctx, err)
+ })
+}
+
// Update the object with the contents of the io.Reader, modTime and size
//
// The new object may have been created if an error is returned
func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (err error) {
- if o.accessTier == azblob.AccessTierArchive {
+ if o.accessTier == blob.AccessTierArchive {
if o.fs.opt.ArchiveTierDelete {
fs.Debugf(o, "deleting archive tier blob before updating")
err = o.Remove(ctx)
@@ -1668,9 +2185,10 @@ func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, op
return err
}
- blob := o.getBlobReference()
- httpHeaders := azblob.BlobHTTPHeaders{}
- httpHeaders.ContentType = fs.MimeType(ctx, src)
+ // Create the HTTP headers for the upload
+ httpHeaders := blob.HTTPHeaders{
+ BlobContentType: pString(fs.MimeType(ctx, src)),
+ }
// Compute the Content-MD5 of the file. As we stream all uploads it
// will be set in PutBlockList API call using the 'x-ms-blob-content-md5' header
@@ -1678,40 +2196,46 @@ func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, op
if sourceMD5, _ := src.Hash(ctx, hash.MD5); sourceMD5 != "" {
sourceMD5bytes, err := hex.DecodeString(sourceMD5)
if err == nil {
- httpHeaders.ContentMD5 = sourceMD5bytes
+ httpHeaders.BlobContentMD5 = sourceMD5bytes
} else {
fs.Debugf(o, "Failed to decode %q as MD5: %v", sourceMD5, err)
}
}
}
- uploadParts := int64(maxUploadParts)
- if uploadParts < 1 {
- uploadParts = 1
- } else if uploadParts > maxUploadParts {
- uploadParts = maxUploadParts
+ // Apply upload options (also allows one to overwrite content-type)
+ for _, option := range options {
+ key, value := option.Header()
+ lowerKey := strings.ToLower(key)
+ switch lowerKey {
+ case "":
+ // ignore
+ case "cache-control":
+ httpHeaders.BlobCacheControl = pString(value)
+ case "content-disposition":
+ httpHeaders.BlobContentDisposition = pString(value)
+ case "content-encoding":
+ httpHeaders.BlobContentEncoding = pString(value)
+ case "content-language":
+ httpHeaders.BlobContentLanguage = pString(value)
+ case "content-type":
+ httpHeaders.BlobContentType = pString(value)
+ }
}
- // calculate size of parts/blocks
- partSize := chunksize.Calculator(o, int(uploadParts), o.fs.opt.ChunkSize)
- putBlobOptions := azblob.UploadStreamToBlockBlobOptions{
- BufferSize: int(partSize),
- MaxBuffers: o.fs.opt.UploadConcurrency,
- Metadata: o.meta,
- BlobHTTPHeaders: httpHeaders,
- TransferManager: o.fs.newPoolWrapper(o.fs.opt.UploadConcurrency),
- }
+ blb := o.fs.getBlockBlobSVC(container, containerPath)
+ size := src.Size()
+ multipartUpload := size < 0 || size > o.fs.poolSize
- // Don't retry, return a retry error instead
- err = o.fs.pacer.CallNoRetry(func() (bool, error) {
- // Stream contents of the reader object to the given blob URL
- blockBlobURL := blob.ToBlockBlobURL()
- _, err = azblob.UploadStreamToBlockBlob(ctx, in, blockBlobURL, putBlobOptions)
- return o.fs.shouldRetry(ctx, err)
- })
+ if multipartUpload {
+ err = o.uploadMultipart(ctx, in, size, blb, &httpHeaders)
+ } else {
+ err = o.uploadSinglepart(ctx, in, size, blb, &httpHeaders)
+ }
if err != nil {
return err
}
+
// Refresh metadata on object
o.clearMetaData()
err = o.readMetaData()
@@ -1730,11 +2254,13 @@ func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, op
// Remove an object
func (o *Object) Remove(ctx context.Context) error {
- blob := o.getBlobReference()
- snapShotOptions := azblob.DeleteSnapshotsOptionNone
- ac := azblob.BlobAccessConditions{}
+ blb := o.getBlobSVC()
+ //only := blob.DeleteSnapshotsOptionTypeOnly
+ opt := blob.DeleteOptions{
+ //DeleteSnapshots: &only,
+ }
return o.fs.pacer.Call(func() (bool, error) {
- _, err := blob.Delete(ctx, snapShotOptions, ac)
+ _, err := blb.Delete(ctx, &opt)
return o.fs.shouldRetry(ctx, err)
})
}
@@ -1745,30 +2271,34 @@ func (o *Object) MimeType(ctx context.Context) string {
}
// AccessTier of an object, default is of type none
-func (o *Object) AccessTier() azblob.AccessTierType {
+func (o *Object) AccessTier() blob.AccessTier {
return o.accessTier
}
// SetTier performs changing object tier
func (o *Object) SetTier(tier string) error {
if !validateAccessTier(tier) {
- return fmt.Errorf("Tier %s not supported by Azure Blob Storage", tier)
+ return fmt.Errorf("tier %s not supported by Azure Blob Storage", tier)
}
// Check if current tier already matches with desired tier
if o.GetTier() == tier {
return nil
}
- desiredAccessTier := azblob.AccessTierType(tier)
- blob := o.getBlobReference()
+ desiredAccessTier := blob.AccessTier(tier)
+ blb := o.getBlobSVC()
ctx := context.Background()
+ priority := blob.RehydratePriorityStandard
+ opt := blob.SetTierOptions{
+ RehydratePriority: &priority,
+ }
err := o.fs.pacer.Call(func() (bool, error) {
- _, err := blob.SetTier(ctx, desiredAccessTier, azblob.LeaseAccessConditions{})
+ _, err := blb.SetTier(ctx, desiredAccessTier, &opt)
return o.fs.shouldRetry(ctx, err)
})
if err != nil {
- return fmt.Errorf("Failed to set Blob Tier: %w", err)
+ return fmt.Errorf("failed to set Blob Tier: %w", err)
}
// Set access tier on local object also, this typically
diff --git a/backend/azureblob/azureblob_internal_test.go b/backend/azureblob/azureblob_internal_test.go
index 827653a80847a..daa3b811482c3 100644
--- a/backend/azureblob/azureblob_internal_test.go
+++ b/backend/azureblob/azureblob_internal_test.go
@@ -1,5 +1,5 @@
-//go:build !plan9 && !solaris && !js
-// +build !plan9,!solaris,!js
+//go:build !plan9 && !solaris && !js && go1.18
+// +build !plan9,!solaris,!js,go1.18
package azureblob
diff --git a/backend/azureblob/azureblob_test.go b/backend/azureblob/azureblob_test.go
index f9ebd7b3d34fa..fba31da8452a5 100644
--- a/backend/azureblob/azureblob_test.go
+++ b/backend/azureblob/azureblob_test.go
@@ -1,12 +1,11 @@
// Test AzureBlob filesystem interface
-//go:build !plan9 && !solaris && !js
-// +build !plan9,!solaris,!js
+//go:build !plan9 && !solaris && !js && go1.18
+// +build !plan9,!solaris,!js,go1.18
package azureblob
import (
- "context"
"testing"
"github.com/rclone/rclone/fs"
@@ -17,10 +16,12 @@ import (
// TestIntegration runs integration tests against the remote
func TestIntegration(t *testing.T) {
fstests.Run(t, &fstests.Opt{
- RemoteName: "TestAzureBlob:",
- NilObject: (*Object)(nil),
- TiersToTest: []string{"Hot", "Cool"},
- ChunkedUpload: fstests.ChunkedUploadConfig{},
+ RemoteName: "TestAzureBlob:",
+ NilObject: (*Object)(nil),
+ TiersToTest: []string{"Hot", "Cool"},
+ ChunkedUpload: fstests.ChunkedUploadConfig{
+ MinChunkSize: defaultChunkSize,
+ },
})
}
@@ -32,36 +33,6 @@ var (
_ fstests.SetUploadChunkSizer = (*Fs)(nil)
)
-// TestServicePrincipalFileSuccess checks that, given a proper JSON file, we can create a token.
-func TestServicePrincipalFileSuccess(t *testing.T) {
- ctx := context.TODO()
- credentials := `
-{
- "appId": "my application (client) ID",
- "password": "my secret",
- "tenant": "my active directory tenant ID"
-}
-`
- tokenRefresher, err := newServicePrincipalTokenRefresher(ctx, []byte(credentials))
- if assert.NoError(t, err) {
- assert.NotNil(t, tokenRefresher)
- }
-}
-
-// TestServicePrincipalFileFailure checks that, given a JSON file with a missing secret, it returns an error.
-func TestServicePrincipalFileFailure(t *testing.T) {
- ctx := context.TODO()
- credentials := `
-{
- "appId": "my application (client) ID",
- "tenant": "my active directory tenant ID"
-}
-`
- _, err := newServicePrincipalTokenRefresher(ctx, []byte(credentials))
- assert.Error(t, err)
- assert.EqualError(t, err, "error creating service principal token: parameter 'secret' cannot be empty")
-}
-
func TestValidateAccessTier(t *testing.T) {
tests := map[string]struct {
accessTier string
diff --git a/backend/azureblob/azureblob_unsupported.go b/backend/azureblob/azureblob_unsupported.go
index 369d6e367bace..08d5c40630aaa 100644
--- a/backend/azureblob/azureblob_unsupported.go
+++ b/backend/azureblob/azureblob_unsupported.go
@@ -1,7 +1,7 @@
// Build for azureblob for unsupported platforms to stop go complaining
// about "no buildable Go source files "
-//go:build plan9 || solaris || js
-// +build plan9 solaris js
+//go:build plan9 || solaris || js || !go1.18
+// +build plan9 solaris js !go1.18
package azureblob
diff --git a/backend/azureblob/imds.go b/backend/azureblob/imds.go
deleted file mode 100644
index b23e91d626f3e..0000000000000
--- a/backend/azureblob/imds.go
+++ /dev/null
@@ -1,137 +0,0 @@
-//go:build !plan9 && !solaris && !js
-// +build !plan9,!solaris,!js
-
-package azureblob
-
-import (
- "bytes"
- "context"
- "encoding/json"
- "fmt"
- "io"
- "io/ioutil"
- "net/http"
-
- "github.com/Azure/go-autorest/autorest/adal"
- "github.com/rclone/rclone/fs"
- "github.com/rclone/rclone/fs/fshttp"
-)
-
-const (
- azureResource = "https://storage.azure.com"
- imdsAPIVersion = "2018-02-01"
- msiEndpointDefault = "http://169.254.169.254/metadata/identity/oauth2/token"
-)
-
-// This custom type is used to add the port the test server has bound to
-// to the request context.
-type testPortKey string
-
-type msiIdentifierType int
-
-const (
- msiClientID msiIdentifierType = iota
- msiObjectID
- msiResourceID
-)
-
-type userMSI struct {
- Type msiIdentifierType
- Value string
-}
-
-type httpError struct {
- Response *http.Response
-}
-
-func (e httpError) Error() string {
- return fmt.Sprintf("HTTP error %v (%v)", e.Response.StatusCode, e.Response.Status)
-}
-
-// GetMSIToken attempts to obtain an MSI token from the Azure Instance
-// Metadata Service.
-func GetMSIToken(ctx context.Context, identity *userMSI) (adal.Token, error) {
- // Attempt to get an MSI token; silently continue if unsuccessful.
- // This code has been lovingly stolen from azcopy's OAuthTokenManager.
- result := adal.Token{}
- req, err := http.NewRequestWithContext(ctx, "GET", msiEndpointDefault, nil)
- if err != nil {
- fs.Debugf(nil, "Failed to create request: %v", err)
- return result, err
- }
- params := req.URL.Query()
- params.Set("resource", azureResource)
- params.Set("api-version", imdsAPIVersion)
-
- // Specify user-assigned identity if requested.
- if identity != nil {
- switch identity.Type {
- case msiClientID:
- params.Set("client_id", identity.Value)
- case msiObjectID:
- params.Set("object_id", identity.Value)
- case msiResourceID:
- params.Set("mi_res_id", identity.Value)
- default:
- // If this happens, the calling function and this one don't agree on
- // what valid ID types exist.
- return result, fmt.Errorf("unknown MSI identity type specified")
- }
- }
- req.URL.RawQuery = params.Encode()
-
- // The Metadata header is required by all calls to IMDS.
- req.Header.Set("Metadata", "true")
-
- // If this function is run in a test, query the test server instead of IMDS.
- testPort, isTest := ctx.Value(testPortKey("testPort")).(int)
- if isTest {
- req.URL.Host = fmt.Sprintf("localhost:%d", testPort)
- req.Host = req.URL.Host
- }
-
- // Send request
- httpClient := fshttp.NewClient(ctx)
- resp, err := httpClient.Do(req)
- if err != nil {
- return result, fmt.Errorf("MSI is not enabled on this VM: %w", err)
- }
- defer func() { // resp and Body should not be nil
- _, err = io.Copy(ioutil.Discard, resp.Body)
- if err != nil {
- fs.Debugf(nil, "Unable to drain IMDS response: %v", err)
- }
- err = resp.Body.Close()
- if err != nil {
- fs.Debugf(nil, "Unable to close IMDS response: %v", err)
- }
- }()
- // Check if the status code indicates success
- // The request returns 200 currently, add 201 and 202 as well for possible extension.
- switch resp.StatusCode {
- case 200, 201, 202:
- break
- default:
- body, _ := ioutil.ReadAll(resp.Body)
- fs.Errorf(nil, "Couldn't obtain OAuth token from IMDS; server returned status code %d and body: %v", resp.StatusCode, string(body))
- return result, httpError{Response: resp}
- }
-
- b, err := ioutil.ReadAll(resp.Body)
- if err != nil {
- return result, fmt.Errorf("Couldn't read IMDS response: %w", err)
- }
- // Remove BOM, if any. azcopy does this so I'm following along.
- b = bytes.TrimPrefix(b, []byte("\xef\xbb\xbf"))
-
- // This would be a good place to persist the token if a large number of rclone
- // invocations are being made in a short amount of time. If the token is
- // persisted, the azureblob code will need to check for expiry before every
- // storage API call.
- err = json.Unmarshal(b, &result)
- if err != nil {
- return result, fmt.Errorf("Couldn't unmarshal IMDS response: %w", err)
- }
-
- return result, nil
-}
diff --git a/backend/azureblob/imds_test.go b/backend/azureblob/imds_test.go
deleted file mode 100644
index c449b545c6329..0000000000000
--- a/backend/azureblob/imds_test.go
+++ /dev/null
@@ -1,118 +0,0 @@
-//go:build !plan9 && !solaris && !js
-// +build !plan9,!solaris,!js
-
-package azureblob
-
-import (
- "context"
- "encoding/json"
- "net/http"
- "net/http/httptest"
- "strconv"
- "strings"
- "testing"
-
- "github.com/Azure/go-autorest/autorest/adal"
- "github.com/stretchr/testify/assert"
- "github.com/stretchr/testify/require"
-)
-
-func handler(t *testing.T, actual *map[string]string) http.HandlerFunc {
- return func(w http.ResponseWriter, r *http.Request) {
- err := r.ParseForm()
- require.NoError(t, err)
- parameters := r.URL.Query()
- (*actual)["path"] = r.URL.Path
- (*actual)["Metadata"] = r.Header.Get("Metadata")
- (*actual)["method"] = r.Method
- for paramName := range parameters {
- (*actual)[paramName] = parameters.Get(paramName)
- }
- // Make response.
- response := adal.Token{}
- responseBytes, err := json.Marshal(response)
- require.NoError(t, err)
- _, err = w.Write(responseBytes)
- require.NoError(t, err)
- }
-}
-
-func TestManagedIdentity(t *testing.T) {
- // test user-assigned identity specifiers to use
- testMSIClientID := "d859b29f-5c9c-42f8-a327-ec1bc6408d79"
- testMSIObjectID := "9ffeb650-3ca0-4278-962b-5a38d520591a"
- testMSIResourceID := "/subscriptions/fe714c49-b8a4-4d49-9388-96a20daa318f/resourceGroups/somerg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/someidentity"
- tests := []struct {
- identity *userMSI
- identityParameterName string
- expectedAbsent []string
- }{
- {&userMSI{msiClientID, testMSIClientID}, "client_id", []string{"object_id", "mi_res_id"}},
- {&userMSI{msiObjectID, testMSIObjectID}, "object_id", []string{"client_id", "mi_res_id"}},
- {&userMSI{msiResourceID, testMSIResourceID}, "mi_res_id", []string{"object_id", "client_id"}},
- {nil, "(default)", []string{"object_id", "client_id", "mi_res_id"}},
- }
- alwaysExpected := map[string]string{
- "path": "/metadata/identity/oauth2/token",
- "resource": "https://storage.azure.com",
- "Metadata": "true",
- "api-version": "2018-02-01",
- "method": "GET",
- }
- for _, test := range tests {
- actual := make(map[string]string, 10)
- testServer := httptest.NewServer(handler(t, &actual))
- defer testServer.Close()
- testServerPort, err := strconv.Atoi(strings.Split(testServer.URL, ":")[2])
- require.NoError(t, err)
- ctx := context.WithValue(context.TODO(), testPortKey("testPort"), testServerPort)
- _, err = GetMSIToken(ctx, test.identity)
- require.NoError(t, err)
-
- // Validate expected query parameters present
- expected := make(map[string]string)
- for k, v := range alwaysExpected {
- expected[k] = v
- }
- if test.identity != nil {
- expected[test.identityParameterName] = test.identity.Value
- }
-
- for key := range expected {
- value, exists := actual[key]
- if assert.Truef(t, exists, "test of %s: query parameter %s was not passed",
- test.identityParameterName, key) {
- assert.Equalf(t, expected[key], value,
- "test of %s: parameter %s has incorrect value", test.identityParameterName, key)
- }
- }
-
- // Validate unexpected query parameters absent
- for _, key := range test.expectedAbsent {
- _, exists := actual[key]
- assert.Falsef(t, exists, "query parameter %s was unexpectedly passed")
- }
- }
-}
-
-func errorHandler(resultCode int) http.HandlerFunc {
- return func(w http.ResponseWriter, r *http.Request) {
- http.Error(w, "Test error generated", resultCode)
- }
-}
-
-func TestIMDSErrors(t *testing.T) {
- errorCodes := []int{404, 429, 500}
- for _, code := range errorCodes {
- testServer := httptest.NewServer(errorHandler(code))
- defer testServer.Close()
- testServerPort, err := strconv.Atoi(strings.Split(testServer.URL, ":")[2])
- require.NoError(t, err)
- ctx := context.WithValue(context.TODO(), testPortKey("testPort"), testServerPort)
- _, err = GetMSIToken(ctx, nil)
- require.Error(t, err)
- httpErr, ok := err.(httpError)
- require.Truef(t, ok, "HTTP error %d did not result in an httpError object", code)
- assert.Equalf(t, httpErr.Response.StatusCode, code, "desired error %d but didn't get it", code)
- }
-}
diff --git a/backend/b2/api/types.go b/backend/b2/api/types.go
index e139dc8c1155a..4d981d950daec 100644
--- a/backend/b2/api/types.go
+++ b/backend/b2/api/types.go
@@ -1,3 +1,4 @@
+// Package api provides types used by the Backblaze B2 API.
package api
import (
@@ -238,7 +239,7 @@ type GetFileInfoRequest struct {
// If the original source of the file being uploaded has a last
// modified time concept, Backblaze recommends using
// src_last_modified_millis as the name, and a string holding the base
-// 10 number number of milliseconds since midnight, January 1, 1970
+// 10 number of milliseconds since midnight, January 1, 1970
// UTC. This fits in a 64 bit integer such as the type "long" in the
// programming language Java. It is intended to be compatible with
// Java's time long. For example, it can be passed directly into the
diff --git a/backend/b2/b2.go b/backend/b2/b2.go
index ba3e03eb75895..52794d8025c61 100644
--- a/backend/b2/b2.go
+++ b/backend/b2/b2.go
@@ -1,4 +1,4 @@
-// Package b2 provides an interface to the Backblaze B2 object storage system
+// Package b2 provides an interface to the Backblaze B2 object storage system.
package b2
// FIXME should we remove sha1 checks from here as rclone now supports
@@ -280,7 +280,7 @@ func (f *Fs) Root() string {
// String converts this Fs to a string
func (f *Fs) String() string {
if f.rootBucket == "" {
- return fmt.Sprintf("B2 root")
+ return "B2 root"
}
if f.rootDirectory == "" {
return fmt.Sprintf("B2 bucket %s", f.rootBucket)
@@ -656,15 +656,15 @@ var errEndList = errors.New("end list")
//
// (bucket, directory) is the starting directory
//
-// If prefix is set then it is removed from all file names
+// If prefix is set then it is removed from all file names.
//
// If addBucket is set then it adds the bucket to the start of the
-// remotes generated
+// remotes generated.
//
-// If recurse is set the function will recursively list
+// If recurse is set the function will recursively list.
//
// If limit is > 0 then it limits to that many files (must be less
-// than 1000)
+// than 1000).
//
// If hidden is set then it will list the hidden (deleted) files too.
//
@@ -1025,7 +1025,7 @@ func (f *Fs) clearBucketID(bucket string) {
// Put the object into the bucket
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
@@ -1205,10 +1205,7 @@ func (f *Fs) purge(ctx context.Context, dir string, oldOnly bool) error {
}
}
var isUnfinishedUploadStale = func(timestamp api.Timestamp) bool {
- if time.Since(time.Time(timestamp)).Hours() > 24 {
- return true
- }
- return false
+ return time.Since(time.Time(timestamp)).Hours() > 24
}
// Delete Config.Transfers in parallel
@@ -1337,9 +1334,9 @@ func (f *Fs) copy(ctx context.Context, dstObj *Object, srcObj *Object, newInfo *
// Copy src to this remote using server-side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -1481,26 +1478,23 @@ func (o *Object) Size() int64 {
// Clean the SHA1
//
-// Make sure it is lower case
+// Make sure it is lower case.
//
// Remove unverified prefix - see https://www.backblaze.com/b2/docs/uploading.html
// Some tools (e.g. Cyberduck) use this
-func cleanSHA1(sha1 string) (out string) {
- out = strings.ToLower(sha1)
+func cleanSHA1(sha1 string) string {
const unverified = "unverified:"
- if strings.HasPrefix(out, unverified) {
- out = out[len(unverified):]
- }
- return out
+ return strings.TrimPrefix(strings.ToLower(sha1), unverified)
}
// decodeMetaDataRaw sets the metadata from the data passed in
//
// Sets
-// o.id
-// o.modTime
-// o.size
-// o.sha1
+//
+// o.id
+// o.modTime
+// o.size
+// o.sha1
func (o *Object) decodeMetaDataRaw(ID, SHA1 string, Size int64, UploadTimestamp api.Timestamp, Info map[string]string, mimeType string) (err error) {
o.id = ID
o.sha1 = SHA1
@@ -1519,10 +1513,11 @@ func (o *Object) decodeMetaDataRaw(ID, SHA1 string, Size int64, UploadTimestamp
// decodeMetaData sets the metadata in the object from an api.File
//
// Sets
-// o.id
-// o.modTime
-// o.size
-// o.sha1
+//
+// o.id
+// o.modTime
+// o.size
+// o.sha1
func (o *Object) decodeMetaData(info *api.File) (err error) {
return o.decodeMetaDataRaw(info.ID, info.SHA1, info.Size, info.UploadTimestamp, info.Info, info.ContentType)
}
@@ -1530,10 +1525,11 @@ func (o *Object) decodeMetaData(info *api.File) (err error) {
// decodeMetaDataFileInfo sets the metadata in the object from an api.FileInfo
//
// Sets
-// o.id
-// o.modTime
-// o.size
-// o.sha1
+//
+// o.id
+// o.modTime
+// o.size
+// o.sha1
func (o *Object) decodeMetaDataFileInfo(info *api.FileInfo) (err error) {
return o.decodeMetaDataRaw(info.ID, info.SHA1, info.Size, info.UploadTimestamp, info.Info, info.ContentType)
}
@@ -1591,10 +1587,11 @@ func (o *Object) getMetaData(ctx context.Context) (info *api.File, err error) {
// readMetaData gets the metadata if it hasn't already been fetched
//
// Sets
-// o.id
-// o.modTime
-// o.size
-// o.sha1
+//
+// o.id
+// o.modTime
+// o.size
+// o.sha1
func (o *Object) readMetaData(ctx context.Context) (err error) {
if o.id != "" {
return nil
diff --git a/backend/b2/upload.go b/backend/b2/upload.go
index 8a1f676354887..47ba53473e078 100644
--- a/backend/b2/upload.go
+++ b/backend/b2/upload.go
@@ -97,7 +97,7 @@ func (f *Fs) newLargeUpload(ctx context.Context, o *Object, in io.Reader, src fs
if size == -1 {
fs.Debugf(o, "Streaming upload with --b2-chunk-size %s allows uploads of up to %s and will fail only when that limit is reached.", f.opt.ChunkSize, maxParts*f.opt.ChunkSize)
} else {
- chunkSize = chunksize.Calculator(src, maxParts, defaultChunkSize)
+ chunkSize = chunksize.Calculator(o, size, maxParts, defaultChunkSize)
parts = size / int64(chunkSize)
if size%int64(chunkSize) != 0 {
parts++
diff --git a/backend/box/api/types.go b/backend/box/api/types.go
index d3549f6aa7a63..6ff87761c25bc 100644
--- a/backend/box/api/types.go
+++ b/backend/box/api/types.go
@@ -14,7 +14,7 @@ const (
timeFormat = `"` + time.RFC3339 + `"`
)
-// Time represents represents date and time information for the
+// Time represents date and time information for the
// box API, by using RFC3339
type Time time.Time
diff --git a/backend/box/box.go b/backend/box/box.go
index bde259cead077..e0cfbed07d6bf 100644
--- a/backend/box/box.go
+++ b/backend/box/box.go
@@ -17,9 +17,9 @@ import (
"errors"
"fmt"
"io"
- "io/ioutil"
"net/http"
"net/url"
+ "os"
"path"
"strconv"
"strings"
@@ -183,7 +183,7 @@ func refreshJWTToken(ctx context.Context, jsonFile string, boxSubType string, na
}
func getBoxConfig(configFile string) (boxConfig *api.ConfigJSON, err error) {
- file, err := ioutil.ReadFile(configFile)
+ file, err := os.ReadFile(configFile)
if err != nil {
return nil, fmt.Errorf("box: failed to read Box config: %w", err)
}
@@ -266,7 +266,7 @@ type Fs struct {
root string // the path we are working on
opt Options // parsed options
features *fs.Features // optional features
- srv *rest.Client // the connection to the one drive server
+ srv *rest.Client // the connection to the server
dirCache *dircache.DirCache // Map of directory path to directory id
pacer *fs.Pacer // pacer for API calls
tokenRenewer *oauthutil.Renew // renew the token on expiry
@@ -692,7 +692,7 @@ func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err e
// Creates from the parameters passed in a half finished Object which
// must have setMetaData called on it
//
-// Returns the object, leaf, directoryID and error
+// Returns the object, leaf, directoryID and error.
//
// Used to create new objects
func (f *Fs) createObject(ctx context.Context, remote string, modTime time.Time, size int64) (o *Object, leaf string, directoryID string, err error) {
@@ -752,7 +752,7 @@ func (f *Fs) preUploadCheck(ctx context.Context, leaf, directoryID string, size
// Put the object
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
@@ -792,9 +792,9 @@ func (f *Fs) PutStream(ctx context.Context, in io.Reader, src fs.ObjectInfo, opt
// PutUnchecked the object into the container
//
-// This will produce an error if the object already exists
+// This will produce an error if the object already exists.
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) PutUnchecked(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
@@ -877,9 +877,9 @@ func (f *Fs) Precision() time.Duration {
// Copy src to this remote using server-side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -897,7 +897,7 @@ func (f *Fs) Copy(ctx context.Context, src fs.Object, remote string) (fs.Object,
srcPath := srcObj.fs.rootSlash() + srcObj.remote
dstPath := f.rootSlash() + remote
- if strings.ToLower(srcPath) == strings.ToLower(dstPath) {
+ if strings.EqualFold(srcPath, dstPath) {
return nil, fmt.Errorf("can't copy %q -> %q as are same name when lowercase", srcPath, dstPath)
}
@@ -995,9 +995,9 @@ func (f *Fs) About(ctx context.Context) (usage *fs.Usage, err error) {
// Move src to this remote using server-side move operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -1235,7 +1235,6 @@ func (o *Object) readMetaData(ctx context.Context) (err error) {
// ModTime returns the modification time of the object
//
-//
// It attempts to read the objects mtime and if that isn't present the
// LastModified returned in the http headers
func (o *Object) ModTime(ctx context.Context) time.Time {
@@ -1346,9 +1345,9 @@ func (o *Object) upload(ctx context.Context, in io.Reader, leaf, directoryID str
// Update the object with the contents of the io.Reader, modTime and size
//
-// If existing is set then it updates the object rather than creating a new one
+// If existing is set then it updates the object rather than creating a new one.
//
-// The new object may have been created if an error is returned
+// The new object may have been created if an error is returned.
func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (err error) {
if o.fs.tokenRenewer != nil {
o.fs.tokenRenewer.Start()
diff --git a/backend/cache/cache.go b/backend/cache/cache.go
index fc038f6adc5b4..5c4e5dc87654e 100644
--- a/backend/cache/cache.go
+++ b/backend/cache/cache.go
@@ -1,6 +1,7 @@
//go:build !plan9 && !js
// +build !plan9,!js
+// Package cache implements a virtual provider to cache existing remotes.
package cache
import (
@@ -1128,7 +1129,7 @@ func (f *Fs) ListR(ctx context.Context, dir string, callback fs.ListRCallback) (
case fs.Directory:
_ = f.cache.AddDir(DirectoryFromOriginal(ctx, f, o))
default:
- return fmt.Errorf("Unknown object type %T", entry)
+ return fmt.Errorf("unknown object type %T", entry)
}
}
diff --git a/backend/cache/cache_internal_test.go b/backend/cache/cache_internal_test.go
index 4bea042914856..82ae0bf012f12 100644
--- a/backend/cache/cache_internal_test.go
+++ b/backend/cache/cache_internal_test.go
@@ -11,7 +11,6 @@ import (
goflag "flag"
"fmt"
"io"
- "io/ioutil"
"log"
"math/rand"
"os"
@@ -102,14 +101,12 @@ func TestMain(m *testing.M) {
func TestInternalListRootAndInnerRemotes(t *testing.T) {
id := fmt.Sprintf("tilrair%v", time.Now().Unix())
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true, nil, nil)
- defer runInstance.cleanupFs(t, rootFs, boltDb)
+ rootFs, _ := runInstance.newCacheFs(t, remoteName, id, true, true, nil)
// Instantiate inner fs
innerFolder := "inner"
runInstance.mkdir(t, rootFs, innerFolder)
- rootFs2, boltDb2 := runInstance.newCacheFs(t, remoteName, id+"/"+innerFolder, true, true, nil, nil)
- defer runInstance.cleanupFs(t, rootFs2, boltDb2)
+ rootFs2, _ := runInstance.newCacheFs(t, remoteName, id+"/"+innerFolder, true, true, nil)
runInstance.writeObjectString(t, rootFs2, "one", "content")
listRoot, err := runInstance.list(t, rootFs, "")
@@ -167,7 +164,7 @@ func TestInternalVfsCache(t *testing.T) {
li2 := [2]string{path.Join("test", "one"), path.Join("test", "second")}
for _, r := range li2 {
var err error
- ci, err := ioutil.ReadDir(path.Join(runInstance.chunkPath, runInstance.encryptRemoteIfNeeded(t, path.Join(id, r))))
+ ci, err := os.ReadDir(path.Join(runInstance.chunkPath, runInstance.encryptRemoteIfNeeded(t, path.Join(id, r))))
if err != nil || len(ci) == 0 {
log.Printf("========== '%v' not in cache", r)
} else {
@@ -226,8 +223,7 @@ func TestInternalVfsCache(t *testing.T) {
func TestInternalObjWrapFsFound(t *testing.T) {
id := fmt.Sprintf("tiowff%v", time.Now().Unix())
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true, nil, nil)
- defer runInstance.cleanupFs(t, rootFs, boltDb)
+ rootFs, _ := runInstance.newCacheFs(t, remoteName, id, true, true, nil)
cfs, err := runInstance.getCacheFs(rootFs)
require.NoError(t, err)
@@ -259,8 +255,7 @@ func TestInternalObjWrapFsFound(t *testing.T) {
func TestInternalObjNotFound(t *testing.T) {
id := fmt.Sprintf("tionf%v", time.Now().Unix())
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, false, true, nil, nil)
- defer runInstance.cleanupFs(t, rootFs, boltDb)
+ rootFs, _ := runInstance.newCacheFs(t, remoteName, id, false, true, nil)
obj, err := rootFs.NewObject(context.Background(), "404")
require.Error(t, err)
@@ -270,8 +265,7 @@ func TestInternalObjNotFound(t *testing.T) {
func TestInternalCachedWrittenContentMatches(t *testing.T) {
testy.SkipUnreliable(t)
id := fmt.Sprintf("ticwcm%v", time.Now().Unix())
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, false, true, nil, nil)
- defer runInstance.cleanupFs(t, rootFs, boltDb)
+ rootFs, _ := runInstance.newCacheFs(t, remoteName, id, false, true, nil)
cfs, err := runInstance.getCacheFs(rootFs)
require.NoError(t, err)
@@ -298,8 +292,7 @@ func TestInternalDoubleWrittenContentMatches(t *testing.T) {
t.Skip("Skip test on windows/386")
}
id := fmt.Sprintf("tidwcm%v", time.Now().Unix())
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, false, true, nil, nil)
- defer runInstance.cleanupFs(t, rootFs, boltDb)
+ rootFs, _ := runInstance.newCacheFs(t, remoteName, id, false, true, nil)
// write the object
runInstance.writeRemoteString(t, rootFs, "one", "one content")
@@ -317,8 +310,7 @@ func TestInternalDoubleWrittenContentMatches(t *testing.T) {
func TestInternalCachedUpdatedContentMatches(t *testing.T) {
testy.SkipUnreliable(t)
id := fmt.Sprintf("ticucm%v", time.Now().Unix())
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, false, true, nil, nil)
- defer runInstance.cleanupFs(t, rootFs, boltDb)
+ rootFs, _ := runInstance.newCacheFs(t, remoteName, id, false, true, nil)
var err error
// create some rand test data
@@ -347,8 +339,7 @@ func TestInternalCachedUpdatedContentMatches(t *testing.T) {
func TestInternalWrappedWrittenContentMatches(t *testing.T) {
id := fmt.Sprintf("tiwwcm%v", time.Now().Unix())
vfsflags.Opt.DirCacheTime = time.Second
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true, nil, nil)
- defer runInstance.cleanupFs(t, rootFs, boltDb)
+ rootFs, _ := runInstance.newCacheFs(t, remoteName, id, true, true, nil)
if runInstance.rootIsCrypt {
t.Skip("test skipped with crypt remote")
}
@@ -378,8 +369,7 @@ func TestInternalWrappedWrittenContentMatches(t *testing.T) {
func TestInternalLargeWrittenContentMatches(t *testing.T) {
id := fmt.Sprintf("tilwcm%v", time.Now().Unix())
vfsflags.Opt.DirCacheTime = time.Second
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true, nil, nil)
- defer runInstance.cleanupFs(t, rootFs, boltDb)
+ rootFs, _ := runInstance.newCacheFs(t, remoteName, id, true, true, nil)
if runInstance.rootIsCrypt {
t.Skip("test skipped with crypt remote")
}
@@ -405,8 +395,7 @@ func TestInternalLargeWrittenContentMatches(t *testing.T) {
func TestInternalWrappedFsChangeNotSeen(t *testing.T) {
id := fmt.Sprintf("tiwfcns%v", time.Now().Unix())
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, false, true, nil, nil)
- defer runInstance.cleanupFs(t, rootFs, boltDb)
+ rootFs, _ := runInstance.newCacheFs(t, remoteName, id, false, true, nil)
cfs, err := runInstance.getCacheFs(rootFs)
require.NoError(t, err)
@@ -460,8 +449,7 @@ func TestInternalWrappedFsChangeNotSeen(t *testing.T) {
func TestInternalMoveWithNotify(t *testing.T) {
id := fmt.Sprintf("timwn%v", time.Now().Unix())
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, false, true, nil, nil)
- defer runInstance.cleanupFs(t, rootFs, boltDb)
+ rootFs, _ := runInstance.newCacheFs(t, remoteName, id, false, true, nil)
if !runInstance.wrappedIsExternal {
t.Skipf("Not external")
}
@@ -547,8 +535,7 @@ func TestInternalMoveWithNotify(t *testing.T) {
func TestInternalNotifyCreatesEmptyParts(t *testing.T) {
id := fmt.Sprintf("tincep%v", time.Now().Unix())
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, false, true, nil, nil)
- defer runInstance.cleanupFs(t, rootFs, boltDb)
+ rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, false, true, nil)
if !runInstance.wrappedIsExternal {
t.Skipf("Not external")
}
@@ -634,8 +621,7 @@ func TestInternalNotifyCreatesEmptyParts(t *testing.T) {
func TestInternalChangeSeenAfterDirCacheFlush(t *testing.T) {
id := fmt.Sprintf("ticsadcf%v", time.Now().Unix())
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, false, true, nil, nil)
- defer runInstance.cleanupFs(t, rootFs, boltDb)
+ rootFs, _ := runInstance.newCacheFs(t, remoteName, id, false, true, nil)
cfs, err := runInstance.getCacheFs(rootFs)
require.NoError(t, err)
@@ -667,8 +653,7 @@ func TestInternalChangeSeenAfterDirCacheFlush(t *testing.T) {
func TestInternalCacheWrites(t *testing.T) {
id := "ticw"
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, false, true, nil, map[string]string{"writes": "true"})
- defer runInstance.cleanupFs(t, rootFs, boltDb)
+ rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, false, true, map[string]string{"writes": "true"})
cfs, err := runInstance.getCacheFs(rootFs)
require.NoError(t, err)
@@ -689,8 +674,7 @@ func TestInternalMaxChunkSizeRespected(t *testing.T) {
t.Skip("Skip test on windows/386")
}
id := fmt.Sprintf("timcsr%v", time.Now().Unix())
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, false, true, nil, map[string]string{"workers": "1"})
- defer runInstance.cleanupFs(t, rootFs, boltDb)
+ rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, false, true, map[string]string{"workers": "1"})
cfs, err := runInstance.getCacheFs(rootFs)
require.NoError(t, err)
@@ -725,8 +709,7 @@ func TestInternalMaxChunkSizeRespected(t *testing.T) {
func TestInternalExpiredEntriesRemoved(t *testing.T) {
id := fmt.Sprintf("tieer%v", time.Now().Unix())
vfsflags.Opt.DirCacheTime = time.Second * 4 // needs to be lower than the defined
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true, map[string]string{"info_age": "5s"}, nil)
- defer runInstance.cleanupFs(t, rootFs, boltDb)
+ rootFs, _ := runInstance.newCacheFs(t, remoteName, id, true, true, nil)
cfs, err := runInstance.getCacheFs(rootFs)
require.NoError(t, err)
@@ -763,9 +746,7 @@ func TestInternalBug2117(t *testing.T) {
vfsflags.Opt.DirCacheTime = time.Second * 10
id := fmt.Sprintf("tib2117%v", time.Now().Unix())
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, false, true, nil,
- map[string]string{"info_age": "72h", "chunk_clean_interval": "15m"})
- defer runInstance.cleanupFs(t, rootFs, boltDb)
+ rootFs, _ := runInstance.newCacheFs(t, remoteName, id, false, true, map[string]string{"info_age": "72h", "chunk_clean_interval": "15m"})
if runInstance.rootIsCrypt {
t.Skipf("skipping crypt")
@@ -841,7 +822,7 @@ func newRun() *run {
}
if uploadDir == "" {
- r.tmpUploadDir, err = ioutil.TempDir("", "rclonecache-tmp")
+ r.tmpUploadDir, err = os.MkdirTemp("", "rclonecache-tmp")
if err != nil {
panic(fmt.Sprintf("Failed to create temp dir: %v", err))
}
@@ -866,7 +847,7 @@ func (r *run) encryptRemoteIfNeeded(t *testing.T, remote string) string {
return enc
}
-func (r *run) newCacheFs(t *testing.T, remote, id string, needRemote, purge bool, cfg map[string]string, flags map[string]string) (fs.Fs, *cache.Persistent) {
+func (r *run) newCacheFs(t *testing.T, remote, id string, needRemote, purge bool, flags map[string]string) (fs.Fs, *cache.Persistent) {
fstest.Initialise()
remoteExists := false
for _, s := range config.FileSections() {
@@ -959,10 +940,15 @@ func (r *run) newCacheFs(t *testing.T, remote, id string, needRemote, purge bool
}
err = f.Mkdir(context.Background(), "")
require.NoError(t, err)
+
+ t.Cleanup(func() {
+ runInstance.cleanupFs(t, f)
+ })
+
return f, boltDb
}
-func (r *run) cleanupFs(t *testing.T, f fs.Fs, b *cache.Persistent) {
+func (r *run) cleanupFs(t *testing.T, f fs.Fs) {
err := f.Features().Purge(context.Background(), "")
require.NoError(t, err)
cfs, err := r.getCacheFs(f)
@@ -984,7 +970,7 @@ func (r *run) randomReader(t *testing.T, size int64) io.ReadCloser {
chunk := int64(1024)
cnt := size / chunk
left := size % chunk
- f, err := ioutil.TempFile("", "rclonecache-tempfile")
+ f, err := os.CreateTemp("", "rclonecache-tempfile")
require.NoError(t, err)
for i := 0; i < int(cnt); i++ {
diff --git a/backend/cache/cache_test.go b/backend/cache/cache_test.go
index 44307ea6d58b3..9ad4e31e5afe8 100644
--- a/backend/cache/cache_test.go
+++ b/backend/cache/cache_test.go
@@ -19,7 +19,7 @@ func TestIntegration(t *testing.T) {
RemoteName: "TestCache:",
NilObject: (*cache.Object)(nil),
UnimplementableFsMethods: []string{"PublicLink", "OpenWriterAt"},
- UnimplementableObjectMethods: []string{"MimeType", "ID", "GetTier", "SetTier"},
+ UnimplementableObjectMethods: []string{"MimeType", "ID", "GetTier", "SetTier", "Metadata"},
SkipInvalidUTF8: true, // invalid UTF-8 confuses the cache
})
}
diff --git a/backend/cache/cache_upload_test.go b/backend/cache/cache_upload_test.go
index 3356613bda086..b6a2c584274bd 100644
--- a/backend/cache/cache_upload_test.go
+++ b/backend/cache/cache_upload_test.go
@@ -21,10 +21,8 @@ import (
func TestInternalUploadTempDirCreated(t *testing.T) {
id := fmt.Sprintf("tiutdc%v", time.Now().Unix())
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, false, true,
- nil,
+ runInstance.newCacheFs(t, remoteName, id, false, true,
map[string]string{"tmp_upload_path": path.Join(runInstance.tmpUploadDir, id)})
- defer runInstance.cleanupFs(t, rootFs, boltDb)
_, err := os.Stat(path.Join(runInstance.tmpUploadDir, id))
require.NoError(t, err)
@@ -63,9 +61,7 @@ func testInternalUploadQueueOneFile(t *testing.T, id string, rootFs fs.Fs, boltD
func TestInternalUploadQueueOneFileNoRest(t *testing.T) {
id := fmt.Sprintf("tiuqofnr%v", time.Now().Unix())
rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true,
- nil,
map[string]string{"tmp_upload_path": path.Join(runInstance.tmpUploadDir, id), "tmp_wait_time": "0s"})
- defer runInstance.cleanupFs(t, rootFs, boltDb)
testInternalUploadQueueOneFile(t, id, rootFs, boltDb)
}
@@ -73,19 +69,15 @@ func TestInternalUploadQueueOneFileNoRest(t *testing.T) {
func TestInternalUploadQueueOneFileWithRest(t *testing.T) {
id := fmt.Sprintf("tiuqofwr%v", time.Now().Unix())
rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true,
- nil,
map[string]string{"tmp_upload_path": path.Join(runInstance.tmpUploadDir, id), "tmp_wait_time": "1m"})
- defer runInstance.cleanupFs(t, rootFs, boltDb)
testInternalUploadQueueOneFile(t, id, rootFs, boltDb)
}
func TestInternalUploadMoveExistingFile(t *testing.T) {
id := fmt.Sprintf("tiumef%v", time.Now().Unix())
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true,
- nil,
+ rootFs, _ := runInstance.newCacheFs(t, remoteName, id, true, true,
map[string]string{"tmp_upload_path": path.Join(runInstance.tmpUploadDir, id), "tmp_wait_time": "3s"})
- defer runInstance.cleanupFs(t, rootFs, boltDb)
err := rootFs.Mkdir(context.Background(), "one")
require.NoError(t, err)
@@ -119,10 +111,8 @@ func TestInternalUploadMoveExistingFile(t *testing.T) {
func TestInternalUploadTempPathCleaned(t *testing.T) {
id := fmt.Sprintf("tiutpc%v", time.Now().Unix())
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true,
- nil,
+ rootFs, _ := runInstance.newCacheFs(t, remoteName, id, true, true,
map[string]string{"cache-tmp-upload-path": path.Join(runInstance.tmpUploadDir, id), "cache-tmp-wait-time": "5s"})
- defer runInstance.cleanupFs(t, rootFs, boltDb)
err := rootFs.Mkdir(context.Background(), "one")
require.NoError(t, err)
@@ -162,10 +152,8 @@ func TestInternalUploadTempPathCleaned(t *testing.T) {
func TestInternalUploadQueueMoreFiles(t *testing.T) {
id := fmt.Sprintf("tiuqmf%v", time.Now().Unix())
- rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true,
- nil,
+ rootFs, _ := runInstance.newCacheFs(t, remoteName, id, true, true,
map[string]string{"tmp_upload_path": path.Join(runInstance.tmpUploadDir, id), "tmp_wait_time": "1s"})
- defer runInstance.cleanupFs(t, rootFs, boltDb)
err := rootFs.Mkdir(context.Background(), "test")
require.NoError(t, err)
@@ -213,9 +201,7 @@ func TestInternalUploadQueueMoreFiles(t *testing.T) {
func TestInternalUploadTempFileOperations(t *testing.T) {
id := "tiutfo"
rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true,
- nil,
map[string]string{"tmp_upload_path": path.Join(runInstance.tmpUploadDir, id), "tmp_wait_time": "1h"})
- defer runInstance.cleanupFs(t, rootFs, boltDb)
boltDb.PurgeTempUploads()
@@ -343,9 +329,7 @@ func TestInternalUploadTempFileOperations(t *testing.T) {
func TestInternalUploadUploadingFileOperations(t *testing.T) {
id := "tiuufo"
rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true,
- nil,
map[string]string{"tmp_upload_path": path.Join(runInstance.tmpUploadDir, id), "tmp_wait_time": "1h"})
- defer runInstance.cleanupFs(t, rootFs, boltDb)
boltDb.PurgeTempUploads()
diff --git a/backend/cache/plex.go b/backend/cache/plex.go
index e3a333c73a1b2..8d57ecb17f72b 100644
--- a/backend/cache/plex.go
+++ b/backend/cache/plex.go
@@ -8,7 +8,7 @@ import (
"crypto/tls"
"encoding/json"
"fmt"
- "io/ioutil"
+ "io"
"net/http"
"net/url"
"strings"
@@ -167,7 +167,7 @@ func (p *plexConnector) listenWebsocket() {
continue
}
var data []byte
- data, err = ioutil.ReadAll(resp.Body)
+ data, err = io.ReadAll(resp.Body)
if err != nil {
continue
}
@@ -213,7 +213,7 @@ func (p *plexConnector) authenticate() error {
var data map[string]interface{}
err = json.NewDecoder(resp.Body).Decode(&data)
if err != nil {
- return fmt.Errorf("failed to obtain token: %v", err)
+ return fmt.Errorf("failed to obtain token: %w", err)
}
tokenGen, ok := get(data, "user", "authToken")
if !ok {
diff --git a/backend/cache/storage_memory.go b/backend/cache/storage_memory.go
index 8e8a360fce5ef..25ac3bb6258f2 100644
--- a/backend/cache/storage_memory.go
+++ b/backend/cache/storage_memory.go
@@ -76,10 +76,7 @@ func (m *Memory) CleanChunksByAge(chunkAge time.Duration) {
// CleanChunksByNeed will cleanup chunks after the FS passes a specific chunk
func (m *Memory) CleanChunksByNeed(offset int64) {
- var items map[string]cache.Item
-
- items = m.db.Items()
- for key := range items {
+ for key := range m.db.Items() {
sepIdx := strings.LastIndex(key, "-")
keyOffset, err := strconv.ParseInt(key[sepIdx+1:], 10, 64)
if err != nil {
diff --git a/backend/cache/storage_persistent.go b/backend/cache/storage_persistent.go
index 89af35f87342c..ac8fdfd57c976 100644
--- a/backend/cache/storage_persistent.go
+++ b/backend/cache/storage_persistent.go
@@ -9,7 +9,6 @@ import (
"encoding/binary"
"encoding/json"
"fmt"
- "io/ioutil"
"os"
"path"
"strconv"
@@ -250,7 +249,7 @@ func (b *Persistent) GetDirEntries(cachedDir *Directory) (fs.DirEntries, error)
if val != nil {
err := json.Unmarshal(val, cachedDir)
if err != nil {
- return fmt.Errorf("error during unmarshalling obj: %v", err)
+ return fmt.Errorf("error during unmarshalling obj: %w", err)
}
} else {
return fmt.Errorf("missing cached dir: %v", cachedDir)
@@ -456,10 +455,7 @@ func (b *Persistent) HasEntry(remote string) bool {
return fmt.Errorf("couldn't find object (%v)", remote)
})
- if err == nil {
- return true
- }
- return false
+ return err == nil
}
// HasChunk confirms the existence of a single chunk of an object
@@ -476,7 +472,7 @@ func (b *Persistent) GetChunk(cachedObject *Object, offset int64) ([]byte, error
var data []byte
fp := path.Join(b.dataPath, cachedObject.abs(), strconv.FormatInt(offset, 10))
- data, err := ioutil.ReadFile(fp)
+ data, err := os.ReadFile(fp)
if err != nil {
return nil, err
}
@@ -489,7 +485,7 @@ func (b *Persistent) AddChunk(fp string, data []byte, offset int64) error {
_ = os.MkdirAll(path.Join(b.dataPath, fp), os.ModePerm)
filePath := path.Join(b.dataPath, fp, strconv.FormatInt(offset, 10))
- err := ioutil.WriteFile(filePath, data, os.ModePerm)
+ err := os.WriteFile(filePath, data, os.ModePerm)
if err != nil {
return err
}
@@ -554,7 +550,7 @@ func (b *Persistent) CleanChunksBySize(maxSize int64) {
err := b.db.Update(func(tx *bolt.Tx) error {
dataTsBucket := tx.Bucket([]byte(DataTsBucket))
if dataTsBucket == nil {
- return fmt.Errorf("Couldn't open (%v) bucket", DataTsBucket)
+ return fmt.Errorf("couldn't open (%v) bucket", DataTsBucket)
}
// iterate through ts
c := dataTsBucket.Cursor()
@@ -904,16 +900,16 @@ func (b *Persistent) rollbackPendingUpload(remote string) error {
v := bucket.Get([]byte(remote))
err = json.Unmarshal(v, tempObj)
if err != nil {
- return fmt.Errorf("pending upload (%v) not found %v", remote, err)
+ return fmt.Errorf("pending upload (%v) not found: %w", remote, err)
}
tempObj.Started = false
v2, err := json.Marshal(tempObj)
if err != nil {
- return fmt.Errorf("pending upload not updated %v", err)
+ return fmt.Errorf("pending upload not updated: %w", err)
}
err = bucket.Put([]byte(tempObj.DestPath), v2)
if err != nil {
- return fmt.Errorf("pending upload not updated %v", err)
+ return fmt.Errorf("pending upload not updated: %w", err)
}
return nil
})
@@ -969,11 +965,11 @@ func (b *Persistent) updatePendingUpload(remote string, fn func(item *tempUpload
}
v2, err := json.Marshal(tempObj)
if err != nil {
- return fmt.Errorf("pending upload not updated %v", err)
+ return fmt.Errorf("pending upload not updated: %w", err)
}
err = bucket.Put([]byte(tempObj.DestPath), v2)
if err != nil {
- return fmt.Errorf("pending upload not updated %v", err)
+ return fmt.Errorf("pending upload not updated: %w", err)
}
return nil
diff --git a/backend/chunker/chunker.go b/backend/chunker/chunker.go
index bfb3e3e65ef5d..bb4b498126a1e 100644
--- a/backend/chunker/chunker.go
+++ b/backend/chunker/chunker.go
@@ -12,7 +12,6 @@ import (
"fmt"
gohash "hash"
"io"
- "io/ioutil"
"math/rand"
"path"
"regexp"
@@ -32,7 +31,6 @@ import (
"github.com/rclone/rclone/fs/operations"
)
-//
// Chunker's composite files have one or more chunks
// and optional metadata object. If it's present,
// meta object is named after the original file.
@@ -65,7 +63,7 @@ import (
// length of 13 decimals it makes a 7-digit base-36 number.
//
// When transactions is set to the norename style, data chunks will
-// keep their temporary chunk names (with the transacion identifier
+// keep their temporary chunk names (with the transaction identifier
// suffix). To distinguish them from temporary chunks, the txn field
// of the metadata file is set to match the transaction identifier of
// the data chunks.
@@ -79,7 +77,6 @@ import (
// Metadata format v1 does not define any control chunk types,
// they are currently ignored aka reserved.
// In future they can be used to implement resumable uploads etc.
-//
const (
ctrlTypeRegStr = `[a-z][a-z0-9]{2,6}`
tempSuffixFormat = `_%04s`
@@ -542,7 +539,6 @@ func (f *Fs) setChunkNameFormat(pattern string) error {
//
// xactID is a transaction identifier. Empty xactID denotes active chunk,
// otherwise temporary chunk name is produced.
-//
func (f *Fs) makeChunkName(filePath string, chunkNo int, ctrlType, xactID string) string {
dir, parentName := path.Split(filePath)
var name, tempSuffix string
@@ -708,7 +704,6 @@ func (f *Fs) newXactID(ctx context.Context, filePath string) (xactID string, err
// directory together with dead chunks.
// In future a flag named like `--chunker-list-hidden` may be added to
// rclone that will tell List to reveal hidden chunks.
-//
func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err error) {
entries, err = f.base.List(ctx, dir)
if err != nil {
@@ -868,7 +863,6 @@ func (f *Fs) processEntries(ctx context.Context, origEntries fs.DirEntries, dirP
// Note that chunker prefers analyzing file names rather than reading
// the content of meta object assuming that directory scans are fast
// but opening even a small file can be slow on some backends.
-//
func (f *Fs) NewObject(ctx context.Context, remote string) (fs.Object, error) {
return f.scanObject(ctx, remote, false)
}
@@ -1043,7 +1037,7 @@ func (o *Object) readMetadata(ctx context.Context) error {
if err != nil {
return err
}
- metadata, err := ioutil.ReadAll(reader)
+ metadata, err := io.ReadAll(reader)
_ = reader.Close() // ensure file handle is freed on windows
if err != nil {
return err
@@ -1084,7 +1078,7 @@ func (o *Object) readMetadata(ctx context.Context) error {
// readXactID returns the transaction ID stored in the passed metadata object
func (o *Object) readXactID(ctx context.Context) (xactID string, err error) {
- // if xactID has already been read and cahced return it now
+ // if xactID has already been read and cached return it now
if o.xIDCached {
return o.xactID, nil
}
@@ -1102,7 +1096,7 @@ func (o *Object) readXactID(ctx context.Context) (xactID string, err error) {
if err != nil {
return "", err
}
- data, err := ioutil.ReadAll(reader)
+ data, err := io.ReadAll(reader)
_ = reader.Close() // ensure file handle is freed on windows
if err != nil {
return "", err
@@ -1586,7 +1580,6 @@ func (f *Fs) Rmdir(ctx context.Context, dir string) error {
// This command will chain to `purge` from wrapped remote.
// As a result it removes not only composite chunker files with their
// active chunks but also all hidden temporary chunks in the directory.
-//
func (f *Fs) Purge(ctx context.Context, dir string) error {
do := f.base.Features().Purge
if do == nil {
@@ -1628,7 +1621,6 @@ func (f *Fs) Purge(ctx context.Context, dir string) error {
// Unsupported control chunks will get re-picked by a more recent
// rclone version with unexpected results. This can be helped by
// the `delete hidden` flag above or at least the user has been warned.
-//
func (o *Object) Remove(ctx context.Context) (err error) {
if err := o.f.forbidChunk(o, o.Remote()); err != nil {
// operations.Move can still call Remove if chunker's Move refuses
@@ -1804,9 +1796,9 @@ func (f *Fs) okForServerSide(ctx context.Context, src fs.Object, opName string)
// Copy src to this remote using server-side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -1825,9 +1817,9 @@ func (f *Fs) Copy(ctx context.Context, src fs.Object, remote string) (fs.Object,
// Move src to this remote using server-side move operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -2125,7 +2117,6 @@ func (o *Object) SetModTime(ctx context.Context, mtime time.Time) error {
// file, then tries to read it from metadata. This in theory
// handles the unusual case when a small file has been tampered
// on the level of wrapped remote but chunker is unaware of that.
-//
func (o *Object) Hash(ctx context.Context, hashType hash.Type) (string, error) {
if err := o.readMetadata(ctx); err != nil {
return "", err // valid metadata is required to get hash, abort
@@ -2414,7 +2405,6 @@ type metaSimpleJSON struct {
// - for files larger than chunk size
// - if file contents can be mistaken as meta object
// - if consistent hashing is On but wrapped remote can't provide given hash
-//
func marshalSimpleJSON(ctx context.Context, size int64, nChunks int, md5, sha1, xactID string) ([]byte, error) {
version := metadataVersion
if xactID == "" && version == 2 {
@@ -2447,7 +2437,6 @@ func marshalSimpleJSON(ctx context.Context, size int64, nChunks int, md5, sha1,
// New format will have a higher version number and cannot be correctly
// handled by current implementation.
// The version check below will then explicitly ask user to upgrade rclone.
-//
func unmarshalSimpleJSON(ctx context.Context, metaObject fs.Object, data []byte) (info *ObjectInfo, madeByChunker bool, err error) {
// Be strict about JSON format
// to reduce possibility that a random small file resembles metadata.
diff --git a/backend/chunker/chunker_internal_test.go b/backend/chunker/chunker_internal_test.go
index 9299305dc39ba..fc3e958b02c06 100644
--- a/backend/chunker/chunker_internal_test.go
+++ b/backend/chunker/chunker_internal_test.go
@@ -5,7 +5,7 @@ import (
"context"
"flag"
"fmt"
- "io/ioutil"
+ "io"
"path"
"regexp"
"strings"
@@ -59,7 +59,7 @@ var mtime1 = fstest.Time("2001-02-03T04:05:06.499999999Z")
func testPutFile(ctx context.Context, t *testing.T, f fs.Fs, name, contents, message string, check bool) fs.Object {
item := fstest.Item{Path: name, ModTime: mtime1}
- _, obj := fstests.PutTestContents(ctx, t, f, &item, contents, check)
+ obj := fstests.PutTestContents(ctx, t, f, &item, contents, check)
assert.NotNil(t, obj, message)
return obj
}
@@ -413,7 +413,7 @@ func testSmallFileInternals(t *testing.T, f *Fs) {
if r == nil {
return
}
- data, err := ioutil.ReadAll(r)
+ data, err := io.ReadAll(r)
assert.NoError(t, err)
assert.Equal(t, contents, string(data))
_ = r.Close()
@@ -440,7 +440,7 @@ func testSmallFileInternals(t *testing.T, f *Fs) {
checkSmallFile := func(name, contents string) {
filename := path.Join(dir, name)
item := fstest.Item{Path: filename, ModTime: modTime}
- _, put := fstests.PutTestContents(ctx, t, f, &item, contents, false)
+ put := fstests.PutTestContents(ctx, t, f, &item, contents, false)
assert.NotNil(t, put)
checkSmallFileInternals(put)
checkContents(put, contents)
@@ -489,7 +489,7 @@ func testPreventCorruption(t *testing.T, f *Fs) {
newFile := func(name string) fs.Object {
item := fstest.Item{Path: path.Join(dir, name), ModTime: modTime}
- _, obj := fstests.PutTestContents(ctx, t, f, &item, contents, true)
+ obj := fstests.PutTestContents(ctx, t, f, &item, contents, true)
require.NotNil(t, obj)
return obj
}
@@ -538,7 +538,7 @@ func testPreventCorruption(t *testing.T, f *Fs) {
assert.NoError(t, err)
var chunkContents []byte
assert.NotPanics(t, func() {
- chunkContents, err = ioutil.ReadAll(r)
+ chunkContents, err = io.ReadAll(r)
_ = r.Close()
})
assert.NoError(t, err)
@@ -573,7 +573,7 @@ func testPreventCorruption(t *testing.T, f *Fs) {
r, err = willyChunk.Open(ctx)
assert.NoError(t, err)
assert.NotPanics(t, func() {
- _, err = ioutil.ReadAll(r)
+ _, err = io.ReadAll(r)
_ = r.Close()
})
assert.NoError(t, err)
@@ -599,7 +599,7 @@ func testChunkNumberOverflow(t *testing.T, f *Fs) {
newFile := func(f fs.Fs, name string) (obj fs.Object, filename string, txnID string) {
filename = path.Join(dir, name)
item := fstest.Item{Path: filename, ModTime: modTime}
- _, obj = fstests.PutTestContents(ctx, t, f, &item, contents, true)
+ obj = fstests.PutTestContents(ctx, t, f, &item, contents, true)
require.NotNil(t, obj)
if chunkObj, isChunkObj := obj.(*Object); isChunkObj {
txnID = chunkObj.xactID
@@ -672,7 +672,7 @@ func testMetadataInput(t *testing.T, f *Fs) {
assert.NoError(t, err, "open "+description)
assert.NotNil(t, r, "open stream of "+description)
if err == nil && r != nil {
- data, err := ioutil.ReadAll(r)
+ data, err := io.ReadAll(r)
assert.NoError(t, err, "read all of "+description)
assert.Equal(t, contents, string(data), description+" contents is ok")
_ = r.Close()
@@ -716,7 +716,7 @@ func testFutureProof(t *testing.T, f *Fs) {
name = f.makeChunkName(name, part-1, "", "")
}
item := fstest.Item{Path: name, ModTime: modTime}
- _, obj := fstests.PutTestContents(ctx, t, f.base, &item, data, true)
+ obj := fstests.PutTestContents(ctx, t, f.base, &item, data, true)
assert.NotNil(t, obj, msg)
}
@@ -758,8 +758,8 @@ func testFutureProof(t *testing.T, f *Fs) {
assert.Error(t, err)
// Rcat must fail
- in := ioutil.NopCloser(bytes.NewBufferString("abc"))
- robj, err := operations.Rcat(ctx, f, file, in, modTime)
+ in := io.NopCloser(bytes.NewBufferString("abc"))
+ robj, err := operations.Rcat(ctx, f, file, in, modTime, nil)
assert.Nil(t, robj)
assert.NotNil(t, err)
if err != nil {
@@ -790,7 +790,7 @@ func testBackwardsCompatibility(t *testing.T, f *Fs) {
newFile := func(f fs.Fs, name string) (fs.Object, string) {
filename := path.Join(dir, name)
item := fstest.Item{Path: filename, ModTime: modTime}
- _, obj := fstests.PutTestContents(ctx, t, f, &item, contents, true)
+ obj := fstests.PutTestContents(ctx, t, f, &item, contents, true)
require.NotNil(t, obj)
return obj, filename
}
@@ -844,7 +844,7 @@ func testChunkerServerSideMove(t *testing.T, f *Fs) {
modTime := fstest.Time("2001-02-03T04:05:06.499999999Z")
item := fstest.Item{Path: "movefile", ModTime: modTime}
contents := "abcdef"
- _, file := fstests.PutTestContents(ctx, t, fs1, &item, contents, true)
+ file := fstests.PutTestContents(ctx, t, fs1, &item, contents, true)
dstOverwritten, _ := fs2.NewObject(ctx, "movefile")
dstFile, err := operations.Move(ctx, fs2, dstOverwritten, "movefile", file)
@@ -854,7 +854,7 @@ func testChunkerServerSideMove(t *testing.T, f *Fs) {
r, err := dstFile.Open(ctx)
assert.NoError(t, err)
assert.NotNil(t, r)
- data, err := ioutil.ReadAll(r)
+ data, err := io.ReadAll(r)
assert.NoError(t, err)
assert.Equal(t, contents, string(data))
_ = r.Close()
diff --git a/backend/chunker/chunker_test.go b/backend/chunker/chunker_test.go
index 4acdf5b5aab18..7f0c0310d0856 100644
--- a/backend/chunker/chunker_test.go
+++ b/backend/chunker/chunker_test.go
@@ -35,6 +35,7 @@ func TestIntegration(t *testing.T) {
"MimeType",
"GetTier",
"SetTier",
+ "Metadata",
},
UnimplementableFsMethods: []string{
"PublicLink",
@@ -53,6 +54,7 @@ func TestIntegration(t *testing.T) {
{Name: name, Key: "type", Value: "chunker"},
{Name: name, Key: "remote", Value: tempDir},
}
+ opt.QuickTestOK = true
}
fstests.Run(t, &opt)
}
diff --git a/backend/combine/combine.go b/backend/combine/combine.go
new file mode 100644
index 0000000000000..63fb4635ecee5
--- /dev/null
+++ b/backend/combine/combine.go
@@ -0,0 +1,992 @@
+// Package combine implents a backend to combine multiple remotes in a directory tree
+package combine
+
+/*
+ Have API to add/remove branches in the combine
+*/
+
+import (
+ "context"
+ "errors"
+ "fmt"
+ "io"
+ "path"
+ "strings"
+ "sync"
+ "time"
+
+ "github.com/rclone/rclone/fs"
+ "github.com/rclone/rclone/fs/cache"
+ "github.com/rclone/rclone/fs/config/configmap"
+ "github.com/rclone/rclone/fs/config/configstruct"
+ "github.com/rclone/rclone/fs/hash"
+ "github.com/rclone/rclone/fs/operations"
+ "github.com/rclone/rclone/fs/walk"
+ "golang.org/x/sync/errgroup"
+)
+
+// Register with Fs
+func init() {
+ fsi := &fs.RegInfo{
+ Name: "combine",
+ Description: "Combine several remotes into one",
+ NewFs: NewFs,
+ MetadataInfo: &fs.MetadataInfo{
+ Help: `Any metadata supported by the underlying remote is read and written.`,
+ },
+ Options: []fs.Option{{
+ Name: "upstreams",
+ Help: `Upstreams for combining
+
+These should be in the form
+
+ dir=remote:path dir2=remote2:path
+
+Where before the = is specified the root directory and after is the remote to
+put there.
+
+Embedded spaces can be added using quotes
+
+ "dir=remote:path with space" "dir2=remote2:path with space"
+
+`,
+ Required: true,
+ Default: fs.SpaceSepList(nil),
+ }},
+ }
+ fs.Register(fsi)
+}
+
+// Options defines the configuration for this backend
+type Options struct {
+ Upstreams fs.SpaceSepList `config:"upstreams"`
+}
+
+// Fs represents a combine of upstreams
+type Fs struct {
+ name string // name of this remote
+ features *fs.Features // optional features
+ opt Options // options for this Fs
+ root string // the path we are working on
+ hashSet hash.Set // common hashes
+ when time.Time // directory times
+ upstreams map[string]*upstream // map of upstreams
+}
+
+// adjustment stores the info to add a prefix to a path or chop characters off
+type adjustment struct {
+ root string
+ rootSlash string
+ mountpoint string
+ mountpointSlash string
+}
+
+// newAdjustment makes a new path adjustment adjusting between mountpoint and root
+//
+// mountpoint is the point the upstream is mounted and root is the combine root
+func newAdjustment(root, mountpoint string) (a adjustment) {
+ return adjustment{
+ root: root,
+ rootSlash: root + "/",
+ mountpoint: mountpoint,
+ mountpointSlash: mountpoint + "/",
+ }
+}
+
+var errNotUnderRoot = errors.New("file not under root")
+
+// do makes the adjustment on s, mapping an upstream path into a combine path
+func (a *adjustment) do(s string) (string, error) {
+ absPath := join(a.mountpoint, s)
+ if a.root == "" {
+ return absPath, nil
+ }
+ if absPath == a.root {
+ return "", nil
+ }
+ if !strings.HasPrefix(absPath, a.rootSlash) {
+ return "", errNotUnderRoot
+ }
+ return absPath[len(a.rootSlash):], nil
+}
+
+// undo makes the adjustment on s, mapping a combine path into an upstream path
+func (a *adjustment) undo(s string) (string, error) {
+ absPath := join(a.root, s)
+ if absPath == a.mountpoint {
+ return "", nil
+ }
+ if !strings.HasPrefix(absPath, a.mountpointSlash) {
+ return "", errNotUnderRoot
+ }
+ return absPath[len(a.mountpointSlash):], nil
+}
+
+// upstream represents an upstream Fs
+type upstream struct {
+ f fs.Fs
+ parent *Fs
+ dir string // directory the upstream is mounted
+ pathAdjustment adjustment // how to fiddle with the path
+}
+
+// Create an upstream from the directory it is mounted on and the remote
+func (f *Fs) newUpstream(ctx context.Context, dir, remote string) (*upstream, error) {
+ uFs, err := cache.Get(ctx, remote)
+ if err == fs.ErrorIsFile {
+ return nil, fmt.Errorf("can't combine files yet, only directories %q: %w", remote, err)
+ }
+ if err != nil {
+ return nil, fmt.Errorf("failed to create upstream %q: %w", remote, err)
+ }
+ u := &upstream{
+ f: uFs,
+ parent: f,
+ dir: dir,
+ pathAdjustment: newAdjustment(f.root, dir),
+ }
+ cache.PinUntilFinalized(u.f, u)
+ return u, nil
+}
+
+// NewFs constructs an Fs from the path.
+//
+// The returned Fs is the actual Fs, referenced by remote in the config
+func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (outFs fs.Fs, err error) {
+ // defer log.Trace(nil, "name=%q, root=%q, m=%v", name, root, m)("f=%+v, err=%v", &outFs, &err)
+ // Parse config into Options struct
+ opt := new(Options)
+ err = configstruct.Set(m, opt)
+ if err != nil {
+ return nil, err
+ }
+ // Backward compatible to old config
+ if len(opt.Upstreams) == 0 {
+ return nil, errors.New("combine can't point to an empty upstream - check the value of the upstreams setting")
+ }
+ for _, u := range opt.Upstreams {
+ if strings.HasPrefix(u, name+":") {
+ return nil, errors.New("can't point combine remote at itself - check the value of the upstreams setting")
+ }
+ }
+ isDir := false
+ for strings.HasSuffix(root, "/") {
+ root = root[:len(root)-1]
+ isDir = true
+ }
+
+ f := &Fs{
+ name: name,
+ root: root,
+ opt: *opt,
+ upstreams: make(map[string]*upstream, len(opt.Upstreams)),
+ when: time.Now(),
+ }
+
+ g, gCtx := errgroup.WithContext(ctx)
+ var mu sync.Mutex
+ for _, upstream := range opt.Upstreams {
+ upstream := upstream
+ g.Go(func() (err error) {
+ equal := strings.IndexRune(upstream, '=')
+ if equal < 0 {
+ return fmt.Errorf("no \"=\" in upstream definition %q", upstream)
+ }
+ dir, remote := upstream[:equal], upstream[equal+1:]
+ if dir == "" {
+ return fmt.Errorf("empty dir in upstream definition %q", upstream)
+ }
+ if remote == "" {
+ return fmt.Errorf("empty remote in upstream definition %q", upstream)
+ }
+ if strings.ContainsRune(dir, '/') {
+ return fmt.Errorf("dirs can't contain / (yet): %q", dir)
+ }
+ u, err := f.newUpstream(gCtx, dir, remote)
+ if err != nil {
+ return err
+ }
+ mu.Lock()
+ if _, found := f.upstreams[dir]; found {
+ err = fmt.Errorf("duplicate directory name %q", dir)
+ } else {
+ f.upstreams[dir] = u
+ }
+ mu.Unlock()
+ return err
+ })
+ }
+ err = g.Wait()
+ if err != nil {
+ return nil, err
+ }
+ // check features
+ var features = (&fs.Features{
+ CaseInsensitive: true,
+ DuplicateFiles: false,
+ ReadMimeType: true,
+ WriteMimeType: true,
+ CanHaveEmptyDirectories: true,
+ BucketBased: true,
+ SetTier: true,
+ GetTier: true,
+ ReadMetadata: true,
+ WriteMetadata: true,
+ UserMetadata: true,
+ }).Fill(ctx, f)
+ canMove := true
+ for _, u := range f.upstreams {
+ features = features.Mask(ctx, u.f) // Mask all upstream fs
+ if !operations.CanServerSideMove(u.f) {
+ canMove = false
+ }
+ }
+ // We can move if all remotes support Move or Copy
+ if canMove {
+ features.Move = f.Move
+ }
+
+ // Enable ListR when upstreams either support ListR or is local
+ // But not when all upstreams are local
+ if features.ListR == nil {
+ for _, u := range f.upstreams {
+ if u.f.Features().ListR != nil {
+ features.ListR = f.ListR
+ } else if !u.f.Features().IsLocal {
+ features.ListR = nil
+ break
+ }
+ }
+ }
+
+ // Enable Purge when any upstreams support it
+ if features.Purge == nil {
+ for _, u := range f.upstreams {
+ if u.f.Features().Purge != nil {
+ features.Purge = f.Purge
+ break
+ }
+ }
+ }
+
+ // Enable Shutdown when any upstreams support it
+ if features.Shutdown == nil {
+ for _, u := range f.upstreams {
+ if u.f.Features().Shutdown != nil {
+ features.Shutdown = f.Shutdown
+ break
+ }
+ }
+ }
+
+ // Enable DirCacheFlush when any upstreams support it
+ if features.DirCacheFlush == nil {
+ for _, u := range f.upstreams {
+ if u.f.Features().DirCacheFlush != nil {
+ features.DirCacheFlush = f.DirCacheFlush
+ break
+ }
+ }
+ }
+
+ // Enable ChangeNotify when any upstreams support it
+ if features.ChangeNotify == nil {
+ for _, u := range f.upstreams {
+ if u.f.Features().ChangeNotify != nil {
+ features.ChangeNotify = f.ChangeNotify
+ break
+ }
+ }
+ }
+
+ f.features = features
+
+ // Get common intersection of hashes
+ var hashSet hash.Set
+ var first = true
+ for _, u := range f.upstreams {
+ if first {
+ hashSet = u.f.Hashes()
+ first = false
+ } else {
+ hashSet = hashSet.Overlap(u.f.Hashes())
+ }
+ }
+ f.hashSet = hashSet
+
+ // Check to see if the root is actually a file
+ if f.root != "" && !isDir {
+ _, err := f.NewObject(ctx, "")
+ if err != nil {
+ if err == fs.ErrorObjectNotFound || err == fs.ErrorNotAFile || err == fs.ErrorIsDir {
+ // File doesn't exist or is a directory so return old f
+ return f, nil
+ }
+ return nil, err
+ }
+
+ // Check to see if the root path is actually an existing file
+ f.root = path.Dir(f.root)
+ if f.root == "." {
+ f.root = ""
+ }
+ // Adjust path adjustment to remove leaf
+ for _, u := range f.upstreams {
+ u.pathAdjustment = newAdjustment(f.root, u.dir)
+ }
+ return f, fs.ErrorIsFile
+ }
+ return f, nil
+}
+
+// Run a function over all the upstreams in parallel
+func (f *Fs) multithread(ctx context.Context, fn func(context.Context, *upstream) error) error {
+ g, gCtx := errgroup.WithContext(ctx)
+ for _, u := range f.upstreams {
+ u := u
+ g.Go(func() (err error) {
+ return fn(gCtx, u)
+ })
+ }
+ return g.Wait()
+}
+
+// join the elements together but unline path.Join return empty string
+func join(elem ...string) string {
+ result := path.Join(elem...)
+ if result == "." {
+ return ""
+ }
+ if len(result) > 0 && result[0] == '/' {
+ result = result[1:]
+ }
+ return result
+}
+
+// find the upstream for the remote passed in, returning the upstream and the adjusted path
+func (f *Fs) findUpstream(remote string) (u *upstream, uRemote string, err error) {
+ // defer log.Trace(remote, "")("f=%v, uRemote=%q, err=%v", &u, &uRemote, &err)
+ for _, u := range f.upstreams {
+ uRemote, err = u.pathAdjustment.undo(remote)
+ if err == nil {
+ return u, uRemote, nil
+ }
+ }
+ return nil, "", fmt.Errorf("combine for remote %q: %w", remote, fs.ErrorDirNotFound)
+}
+
+// Name of the remote (as passed into NewFs)
+func (f *Fs) Name() string {
+ return f.name
+}
+
+// Root of the remote (as passed into NewFs)
+func (f *Fs) Root() string {
+ return f.root
+}
+
+// String converts this Fs to a string
+func (f *Fs) String() string {
+ return fmt.Sprintf("combine root '%s'", f.root)
+}
+
+// Features returns the optional features of this Fs
+func (f *Fs) Features() *fs.Features {
+ return f.features
+}
+
+// Rmdir removes the root directory of the Fs object
+func (f *Fs) Rmdir(ctx context.Context, dir string) error {
+ // The root always exists
+ if f.root == "" && dir == "" {
+ return nil
+ }
+ u, uRemote, err := f.findUpstream(dir)
+ if err != nil {
+ return err
+ }
+ return u.f.Rmdir(ctx, uRemote)
+}
+
+// Hashes returns hash.HashNone to indicate remote hashing is unavailable
+func (f *Fs) Hashes() hash.Set {
+ return f.hashSet
+}
+
+// Mkdir makes the root directory of the Fs object
+func (f *Fs) Mkdir(ctx context.Context, dir string) error {
+ // The root always exists
+ if f.root == "" && dir == "" {
+ return nil
+ }
+ u, uRemote, err := f.findUpstream(dir)
+ if err != nil {
+ return err
+ }
+ return u.f.Mkdir(ctx, uRemote)
+}
+
+// purge the upstream or fallback to a slow way
+func (u *upstream) purge(ctx context.Context, dir string) (err error) {
+ if do := u.f.Features().Purge; do != nil {
+ err = do(ctx, dir)
+ } else {
+ err = operations.Purge(ctx, u.f, dir)
+ }
+ return err
+}
+
+// Purge all files in the directory
+//
+// Implement this if you have a way of deleting all the files
+// quicker than just running Remove() on the result of List()
+//
+// Return an error if it doesn't exist
+func (f *Fs) Purge(ctx context.Context, dir string) error {
+ if f.root == "" && dir == "" {
+ return f.multithread(ctx, func(ctx context.Context, u *upstream) error {
+ return u.purge(ctx, "")
+ })
+ }
+ u, uRemote, err := f.findUpstream(dir)
+ if err != nil {
+ return err
+ }
+ return u.purge(ctx, uRemote)
+}
+
+// Copy src to this remote using server-side copy operations.
+//
+// This is stored with the remote path given.
+//
+// It returns the destination Object and a possible error.
+//
+// Will only be called if src.Fs().Name() == f.Name()
+//
+// If it isn't possible then return fs.ErrorCantCopy
+func (f *Fs) Copy(ctx context.Context, src fs.Object, remote string) (fs.Object, error) {
+ srcObj, ok := src.(*Object)
+ if !ok {
+ fs.Debugf(src, "Can't copy - not same remote type")
+ return nil, fs.ErrorCantCopy
+ }
+
+ dstU, dstRemote, err := f.findUpstream(remote)
+ if err != nil {
+ return nil, err
+ }
+
+ do := dstU.f.Features().Copy
+ if do == nil {
+ return nil, fs.ErrorCantCopy
+ }
+
+ o, err := do(ctx, srcObj.Object, dstRemote)
+ if err != nil {
+ return nil, err
+ }
+
+ return dstU.newObject(o), nil
+}
+
+// Move src to this remote using server-side move operations.
+//
+// This is stored with the remote path given.
+//
+// It returns the destination Object and a possible error.
+//
+// Will only be called if src.Fs().Name() == f.Name()
+//
+// If it isn't possible then return fs.ErrorCantMove
+func (f *Fs) Move(ctx context.Context, src fs.Object, remote string) (fs.Object, error) {
+ srcObj, ok := src.(*Object)
+ if !ok {
+ fs.Debugf(src, "Can't move - not same remote type")
+ return nil, fs.ErrorCantMove
+ }
+
+ dstU, dstRemote, err := f.findUpstream(remote)
+ if err != nil {
+ return nil, err
+ }
+
+ do := dstU.f.Features().Move
+ useCopy := false
+ if do == nil {
+ do = dstU.f.Features().Copy
+ if do == nil {
+ return nil, fs.ErrorCantMove
+ }
+ useCopy = true
+ }
+
+ o, err := do(ctx, srcObj.Object, dstRemote)
+ if err != nil {
+ return nil, err
+ }
+
+ // If did Copy then remove the source object
+ if useCopy {
+ err = srcObj.Remove(ctx)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ return dstU.newObject(o), nil
+}
+
+// DirMove moves src, srcRemote to this remote at dstRemote
+// using server-side move operations.
+//
+// Will only be called if src.Fs().Name() == f.Name()
+//
+// If it isn't possible then return fs.ErrorCantDirMove
+//
+// If destination exists then return fs.ErrorDirExists
+func (f *Fs) DirMove(ctx context.Context, src fs.Fs, srcRemote, dstRemote string) (err error) {
+ // defer log.Trace(f, "src=%v, srcRemote=%q, dstRemote=%q", src, srcRemote, dstRemote)("err=%v", &err)
+ srcFs, ok := src.(*Fs)
+ if !ok {
+ fs.Debugf(src, "Can't move directory - not same remote type")
+ return fs.ErrorCantDirMove
+ }
+
+ dstU, dstURemote, err := f.findUpstream(dstRemote)
+ if err != nil {
+ return err
+ }
+
+ srcU, srcURemote, err := srcFs.findUpstream(srcRemote)
+ if err != nil {
+ return err
+ }
+
+ do := dstU.f.Features().DirMove
+ if do == nil {
+ return fs.ErrorCantDirMove
+ }
+
+ fs.Logf(dstU.f, "srcU.f=%v, srcURemote=%q, dstURemote=%q", srcU.f, srcURemote, dstURemote)
+ return do(ctx, srcU.f, srcURemote, dstURemote)
+}
+
+// ChangeNotify calls the passed function with a path
+// that has had changes. If the implementation
+// uses polling, it should adhere to the given interval.
+// At least one value will be written to the channel,
+// specifying the initial value and updated values might
+// follow. A 0 Duration should pause the polling.
+// The ChangeNotify implementation must empty the channel
+// regularly. When the channel gets closed, the implementation
+// should stop polling and release resources.
+func (f *Fs) ChangeNotify(ctx context.Context, notifyFunc func(string, fs.EntryType), ch <-chan time.Duration) {
+ var uChans []chan time.Duration
+
+ for _, u := range f.upstreams {
+ u := u
+ if do := u.f.Features().ChangeNotify; do != nil {
+ ch := make(chan time.Duration)
+ uChans = append(uChans, ch)
+ wrappedNotifyFunc := func(path string, entryType fs.EntryType) {
+ newPath, err := u.pathAdjustment.do(path)
+ if err != nil {
+ fs.Logf(f, "ChangeNotify: unable to process %q: %s", path, err)
+ return
+ }
+ fs.Debugf(f, "ChangeNotify: path %q entryType %d", newPath, entryType)
+ notifyFunc(newPath, entryType)
+ }
+ do(ctx, wrappedNotifyFunc, ch)
+ }
+ }
+
+ go func() {
+ for i := range ch {
+ for _, c := range uChans {
+ c <- i
+ }
+ }
+ for _, c := range uChans {
+ close(c)
+ }
+ }()
+}
+
+// DirCacheFlush resets the directory cache - used in testing
+// as an optional interface
+func (f *Fs) DirCacheFlush() {
+ ctx := context.Background()
+ _ = f.multithread(ctx, func(ctx context.Context, u *upstream) error {
+ if do := u.f.Features().DirCacheFlush; do != nil {
+ do()
+ }
+ return nil
+ })
+}
+
+func (f *Fs) put(ctx context.Context, in io.Reader, src fs.ObjectInfo, stream bool, options ...fs.OpenOption) (fs.Object, error) {
+ srcPath := src.Remote()
+ u, uRemote, err := f.findUpstream(srcPath)
+ if err != nil {
+ return nil, err
+ }
+ uSrc := fs.NewOverrideRemote(src, uRemote)
+ var o fs.Object
+ if stream {
+ o, err = u.f.Features().PutStream(ctx, in, uSrc, options...)
+ } else {
+ o, err = u.f.Put(ctx, in, uSrc, options...)
+ }
+ if err != nil {
+ return nil, err
+ }
+ return u.newObject(o), nil
+}
+
+// Put in to the remote path with the modTime given of the given size
+//
+// May create the object even if it returns an error - if so
+// will return the object and the error, otherwise will return
+// nil and the error
+func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
+ o, err := f.NewObject(ctx, src.Remote())
+ switch err {
+ case nil:
+ return o, o.Update(ctx, in, src, options...)
+ case fs.ErrorObjectNotFound:
+ return f.put(ctx, in, src, false, options...)
+ default:
+ return nil, err
+ }
+}
+
+// PutStream uploads to the remote path with the modTime given of indeterminate size
+//
+// May create the object even if it returns an error - if so
+// will return the object and the error, otherwise will return
+// nil and the error
+func (f *Fs) PutStream(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
+ o, err := f.NewObject(ctx, src.Remote())
+ switch err {
+ case nil:
+ return o, o.Update(ctx, in, src, options...)
+ case fs.ErrorObjectNotFound:
+ return f.put(ctx, in, src, true, options...)
+ default:
+ return nil, err
+ }
+}
+
+// About gets quota information from the Fs
+func (f *Fs) About(ctx context.Context) (*fs.Usage, error) {
+ usage := &fs.Usage{
+ Total: new(int64),
+ Used: new(int64),
+ Trashed: new(int64),
+ Other: new(int64),
+ Free: new(int64),
+ Objects: new(int64),
+ }
+ for _, u := range f.upstreams {
+ doAbout := u.f.Features().About
+ if doAbout == nil {
+ continue
+ }
+ usg, err := doAbout(ctx)
+ if errors.Is(err, fs.ErrorDirNotFound) {
+ continue
+ }
+ if err != nil {
+ return nil, err
+ }
+ if usg.Total != nil && usage.Total != nil {
+ *usage.Total += *usg.Total
+ } else {
+ usage.Total = nil
+ }
+ if usg.Used != nil && usage.Used != nil {
+ *usage.Used += *usg.Used
+ } else {
+ usage.Used = nil
+ }
+ if usg.Trashed != nil && usage.Trashed != nil {
+ *usage.Trashed += *usg.Trashed
+ } else {
+ usage.Trashed = nil
+ }
+ if usg.Other != nil && usage.Other != nil {
+ *usage.Other += *usg.Other
+ } else {
+ usage.Other = nil
+ }
+ if usg.Free != nil && usage.Free != nil {
+ *usage.Free += *usg.Free
+ } else {
+ usage.Free = nil
+ }
+ if usg.Objects != nil && usage.Objects != nil {
+ *usage.Objects += *usg.Objects
+ } else {
+ usage.Objects = nil
+ }
+ }
+ return usage, nil
+}
+
+// Wraps entries for this upstream
+func (u *upstream) wrapEntries(ctx context.Context, entries fs.DirEntries) (fs.DirEntries, error) {
+ for i, entry := range entries {
+ switch x := entry.(type) {
+ case fs.Object:
+ entries[i] = u.newObject(x)
+ case fs.Directory:
+ newDir := fs.NewDirCopy(ctx, x)
+ newPath, err := u.pathAdjustment.do(newDir.Remote())
+ if err != nil {
+ return nil, err
+ }
+ newDir.SetRemote(newPath)
+ entries[i] = newDir
+ default:
+ return nil, fmt.Errorf("unknown entry type %T", entry)
+ }
+ }
+ return entries, nil
+}
+
+// List the objects and directories in dir into entries. The
+// entries can be returned in any order but should be for a
+// complete directory.
+//
+// dir should be "" to list the root, and should not have
+// trailing slashes.
+//
+// This should return ErrDirNotFound if the directory isn't
+// found.
+func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err error) {
+ // defer log.Trace(f, "dir=%q", dir)("entries = %v, err=%v", &entries, &err)
+ if f.root == "" && dir == "" {
+ entries = make(fs.DirEntries, 0, len(f.upstreams))
+ for combineDir := range f.upstreams {
+ d := fs.NewDir(combineDir, f.when)
+ entries = append(entries, d)
+ }
+ return entries, nil
+ }
+ u, uRemote, err := f.findUpstream(dir)
+ if err != nil {
+ return nil, err
+ }
+ entries, err = u.f.List(ctx, uRemote)
+ if err != nil {
+ return nil, err
+ }
+ return u.wrapEntries(ctx, entries)
+}
+
+// ListR lists the objects and directories of the Fs starting
+// from dir recursively into out.
+//
+// dir should be "" to start from the root, and should not
+// have trailing slashes.
+//
+// This should return ErrDirNotFound if the directory isn't
+// found.
+//
+// It should call callback for each tranche of entries read.
+// These need not be returned in any particular order. If
+// callback returns an error then the listing will stop
+// immediately.
+//
+// Don't implement this unless you have a more efficient way
+// of listing recursively that doing a directory traversal.
+func (f *Fs) ListR(ctx context.Context, dir string, callback fs.ListRCallback) (err error) {
+ // defer log.Trace(f, "dir=%q, callback=%v", dir, callback)("err=%v", &err)
+ if f.root == "" && dir == "" {
+ rootEntries, err := f.List(ctx, "")
+ if err != nil {
+ return err
+ }
+ err = callback(rootEntries)
+ if err != nil {
+ return err
+ }
+ var mu sync.Mutex
+ syncCallback := func(entries fs.DirEntries) error {
+ mu.Lock()
+ defer mu.Unlock()
+ return callback(entries)
+ }
+ err = f.multithread(ctx, func(ctx context.Context, u *upstream) error {
+ return f.ListR(ctx, u.dir, syncCallback)
+ })
+ if err != nil {
+ return err
+ }
+ return nil
+ }
+ u, uRemote, err := f.findUpstream(dir)
+ if err != nil {
+ return err
+ }
+ wrapCallback := func(entries fs.DirEntries) error {
+ entries, err := u.wrapEntries(ctx, entries)
+ if err != nil {
+ return err
+ }
+ return callback(entries)
+ }
+ if do := u.f.Features().ListR; do != nil {
+ err = do(ctx, uRemote, wrapCallback)
+ } else {
+ err = walk.ListR(ctx, u.f, uRemote, true, -1, walk.ListAll, wrapCallback)
+ }
+ if err == fs.ErrorDirNotFound {
+ err = nil
+ }
+ return err
+}
+
+// NewObject creates a new remote combine file object
+func (f *Fs) NewObject(ctx context.Context, remote string) (fs.Object, error) {
+ u, uRemote, err := f.findUpstream(remote)
+ if err != nil {
+ return nil, err
+ }
+ if uRemote == "" || strings.HasSuffix(uRemote, "/") {
+ return nil, fs.ErrorIsDir
+ }
+ o, err := u.f.NewObject(ctx, uRemote)
+ if err != nil {
+ return nil, err
+ }
+ return u.newObject(o), nil
+}
+
+// Precision is the greatest Precision of all upstreams
+func (f *Fs) Precision() time.Duration {
+ var greatestPrecision time.Duration
+ for _, u := range f.upstreams {
+ uPrecision := u.f.Precision()
+ if uPrecision > greatestPrecision {
+ greatestPrecision = uPrecision
+ }
+ }
+ return greatestPrecision
+}
+
+// Shutdown the backend, closing any background tasks and any
+// cached connections.
+func (f *Fs) Shutdown(ctx context.Context) error {
+ return f.multithread(ctx, func(ctx context.Context, u *upstream) error {
+ if do := u.f.Features().Shutdown; do != nil {
+ return do(ctx)
+ }
+ return nil
+ })
+}
+
+// Object describes a wrapped Object
+//
+// This is a wrapped Object which knows its path prefix
+type Object struct {
+ fs.Object
+ u *upstream
+}
+
+func (u *upstream) newObject(o fs.Object) *Object {
+ return &Object{
+ Object: o,
+ u: u,
+ }
+}
+
+// Fs returns read only access to the Fs that this object is part of
+func (o *Object) Fs() fs.Info {
+ return o.u.parent
+}
+
+// String returns the remote path
+func (o *Object) String() string {
+ return o.Remote()
+}
+
+// Remote returns the remote path
+func (o *Object) Remote() string {
+ newPath, err := o.u.pathAdjustment.do(o.Object.String())
+ if err != nil {
+ fs.Errorf(o, "Bad object: %v", err)
+ return err.Error()
+ }
+ return newPath
+}
+
+// MimeType returns the content type of the Object if known
+func (o *Object) MimeType(ctx context.Context) (mimeType string) {
+ if do, ok := o.Object.(fs.MimeTyper); ok {
+ mimeType = do.MimeType(ctx)
+ }
+ return mimeType
+}
+
+// UnWrap returns the Object that this Object is wrapping or
+// nil if it isn't wrapping anything
+func (o *Object) UnWrap() fs.Object {
+ return o.Object
+}
+
+// GetTier returns storage tier or class of the Object
+func (o *Object) GetTier() string {
+ do, ok := o.Object.(fs.GetTierer)
+ if !ok {
+ return ""
+ }
+ return do.GetTier()
+}
+
+// ID returns the ID of the Object if known, or "" if not
+func (o *Object) ID() string {
+ do, ok := o.Object.(fs.IDer)
+ if !ok {
+ return ""
+ }
+ return do.ID()
+}
+
+// Metadata returns metadata for an object
+//
+// It should return nil if there is no Metadata
+func (o *Object) Metadata(ctx context.Context) (fs.Metadata, error) {
+ do, ok := o.Object.(fs.Metadataer)
+ if !ok {
+ return nil, nil
+ }
+ return do.Metadata(ctx)
+}
+
+// SetTier performs changing storage tier of the Object if
+// multiple storage classes supported
+func (o *Object) SetTier(tier string) error {
+ do, ok := o.Object.(fs.SetTierer)
+ if !ok {
+ return errors.New("underlying remote does not support SetTier")
+ }
+ return do.SetTier(tier)
+}
+
+// Check the interfaces are satisfied
+var (
+ _ fs.Fs = (*Fs)(nil)
+ _ fs.Purger = (*Fs)(nil)
+ _ fs.PutStreamer = (*Fs)(nil)
+ _ fs.Copier = (*Fs)(nil)
+ _ fs.Mover = (*Fs)(nil)
+ _ fs.DirMover = (*Fs)(nil)
+ _ fs.DirCacheFlusher = (*Fs)(nil)
+ _ fs.ChangeNotifier = (*Fs)(nil)
+ _ fs.Abouter = (*Fs)(nil)
+ _ fs.ListRer = (*Fs)(nil)
+ _ fs.Shutdowner = (*Fs)(nil)
+ _ fs.FullObject = (*Object)(nil)
+)
diff --git a/backend/combine/combine_internal_test.go b/backend/combine/combine_internal_test.go
new file mode 100644
index 0000000000000..5c889bb8c551b
--- /dev/null
+++ b/backend/combine/combine_internal_test.go
@@ -0,0 +1,94 @@
+package combine
+
+import (
+ "fmt"
+ "testing"
+
+ "github.com/stretchr/testify/assert"
+)
+
+func TestAdjustmentDo(t *testing.T) {
+ for _, test := range []struct {
+ root string
+ mountpoint string
+ in string
+ want string
+ wantErr error
+ }{
+ {
+ root: "",
+ mountpoint: "mountpoint",
+ in: "path/to/file.txt",
+ want: "mountpoint/path/to/file.txt",
+ },
+ {
+ root: "mountpoint",
+ mountpoint: "mountpoint",
+ in: "path/to/file.txt",
+ want: "path/to/file.txt",
+ },
+ {
+ root: "mountpoint/path",
+ mountpoint: "mountpoint",
+ in: "path/to/file.txt",
+ want: "to/file.txt",
+ },
+ {
+ root: "mountpoint/path",
+ mountpoint: "mountpoint",
+ in: "wrongpath/to/file.txt",
+ want: "",
+ wantErr: errNotUnderRoot,
+ },
+ } {
+ what := fmt.Sprintf("%+v", test)
+ a := newAdjustment(test.root, test.mountpoint)
+ got, gotErr := a.do(test.in)
+ assert.Equal(t, test.wantErr, gotErr)
+ assert.Equal(t, test.want, got, what)
+ }
+
+}
+
+func TestAdjustmentUndo(t *testing.T) {
+ for _, test := range []struct {
+ root string
+ mountpoint string
+ in string
+ want string
+ wantErr error
+ }{
+ {
+ root: "",
+ mountpoint: "mountpoint",
+ in: "mountpoint/path/to/file.txt",
+ want: "path/to/file.txt",
+ },
+ {
+ root: "mountpoint",
+ mountpoint: "mountpoint",
+ in: "path/to/file.txt",
+ want: "path/to/file.txt",
+ },
+ {
+ root: "mountpoint/path",
+ mountpoint: "mountpoint",
+ in: "to/file.txt",
+ want: "path/to/file.txt",
+ },
+ {
+ root: "wrongmountpoint/path",
+ mountpoint: "mountpoint",
+ in: "to/file.txt",
+ want: "",
+ wantErr: errNotUnderRoot,
+ },
+ } {
+ what := fmt.Sprintf("%+v", test)
+ a := newAdjustment(test.root, test.mountpoint)
+ got, gotErr := a.undo(test.in)
+ assert.Equal(t, test.wantErr, gotErr)
+ assert.Equal(t, test.want, got, what)
+ }
+
+}
diff --git a/backend/combine/combine_test.go b/backend/combine/combine_test.go
new file mode 100644
index 0000000000000..46b49bcf0305f
--- /dev/null
+++ b/backend/combine/combine_test.go
@@ -0,0 +1,81 @@
+// Test Combine filesystem interface
+package combine_test
+
+import (
+ "testing"
+
+ _ "github.com/rclone/rclone/backend/local"
+ _ "github.com/rclone/rclone/backend/memory"
+ "github.com/rclone/rclone/fstest"
+ "github.com/rclone/rclone/fstest/fstests"
+)
+
+// TestIntegration runs integration tests against the remote
+func TestIntegration(t *testing.T) {
+ if *fstest.RemoteName == "" {
+ t.Skip("Skipping as -remote not set")
+ }
+ fstests.Run(t, &fstests.Opt{
+ RemoteName: *fstest.RemoteName,
+ UnimplementableFsMethods: []string{"OpenWriterAt", "DuplicateFiles"},
+ UnimplementableObjectMethods: []string{"MimeType"},
+ })
+}
+
+func TestLocal(t *testing.T) {
+ if *fstest.RemoteName != "" {
+ t.Skip("Skipping as -remote set")
+ }
+ dirs := MakeTestDirs(t, 3)
+ upstreams := "dir1=" + dirs[0] + " dir2=" + dirs[1] + " dir3=" + dirs[2]
+ name := "TestCombineLocal"
+ fstests.Run(t, &fstests.Opt{
+ RemoteName: name + ":dir1",
+ ExtraConfig: []fstests.ExtraConfigItem{
+ {Name: name, Key: "type", Value: "combine"},
+ {Name: name, Key: "upstreams", Value: upstreams},
+ },
+ QuickTestOK: true,
+ })
+}
+
+func TestMemory(t *testing.T) {
+ if *fstest.RemoteName != "" {
+ t.Skip("Skipping as -remote set")
+ }
+ upstreams := "dir1=:memory:dir1 dir2=:memory:dir2 dir3=:memory:dir3"
+ name := "TestCombineMemory"
+ fstests.Run(t, &fstests.Opt{
+ RemoteName: name + ":dir1",
+ ExtraConfig: []fstests.ExtraConfigItem{
+ {Name: name, Key: "type", Value: "combine"},
+ {Name: name, Key: "upstreams", Value: upstreams},
+ },
+ QuickTestOK: true,
+ })
+}
+
+func TestMixed(t *testing.T) {
+ if *fstest.RemoteName != "" {
+ t.Skip("Skipping as -remote set")
+ }
+ dirs := MakeTestDirs(t, 2)
+ upstreams := "dir1=" + dirs[0] + " dir2=" + dirs[1] + " dir3=:memory:dir3"
+ name := "TestCombineMixed"
+ fstests.Run(t, &fstests.Opt{
+ RemoteName: name + ":dir1",
+ ExtraConfig: []fstests.ExtraConfigItem{
+ {Name: name, Key: "type", Value: "combine"},
+ {Name: name, Key: "upstreams", Value: upstreams},
+ },
+ })
+}
+
+// MakeTestDirs makes directories in /tmp for testing
+func MakeTestDirs(t *testing.T, n int) (dirs []string) {
+ for i := 1; i <= n; i++ {
+ dir := t.TempDir()
+ dirs = append(dirs, dir)
+ }
+ return dirs
+}
diff --git a/backend/compress/compress.go b/backend/compress/compress.go
index 9656fb57308be..21ab99c03f50a 100644
--- a/backend/compress/compress.go
+++ b/backend/compress/compress.go
@@ -13,7 +13,6 @@ import (
"errors"
"fmt"
"io"
- "io/ioutil"
"os"
"regexp"
"strings"
@@ -29,6 +28,7 @@ import (
"github.com/rclone/rclone/fs/config/configstruct"
"github.com/rclone/rclone/fs/fspath"
"github.com/rclone/rclone/fs/hash"
+ "github.com/rclone/rclone/fs/log"
"github.com/rclone/rclone/fs/object"
"github.com/rclone/rclone/fs/operations"
)
@@ -53,7 +53,7 @@ const (
Gzip = 2
)
-var nameRegexp = regexp.MustCompile("^(.+?)\\.([A-Za-z0-9-_]{11})$")
+var nameRegexp = regexp.MustCompile(`^(.+?)\.([A-Za-z0-9-_]{11})$`)
// Register with Fs
func init() {
@@ -70,6 +70,9 @@ func init() {
Name: "compress",
Description: "Compress a remote",
NewFs: NewFs,
+ MetadataInfo: &fs.MetadataInfo{
+ Help: `Any metadata supported by the underlying remote is read and written.`,
+ },
Options: []fs.Option{{
Name: "remote",
Help: "Remote to compress.",
@@ -87,7 +90,7 @@ Generally -1 (default, equivalent to 5) is recommended.
Levels 1 to 9 increase compression at the cost of speed. Going past 6
generally offers very little return.
-Level -2 uses Huffmann encoding only. Only use if you know what you
+Level -2 uses Huffman encoding only. Only use if you know what you
are doing.
Level 0 turns off compression.`,
Default: sgzip.DefaultCompression,
@@ -127,7 +130,7 @@ type Fs struct {
features *fs.Features // optional features
}
-// NewFs contstructs an Fs from the path, container:path
+// NewFs constructs an Fs from the path, container:path
func NewFs(ctx context.Context, name, rpath string, m configmap.Mapper) (fs.Fs, error) {
// Parse config into Options struct
opt := new(Options)
@@ -180,6 +183,9 @@ func NewFs(ctx context.Context, name, rpath string, m configmap.Mapper) (fs.Fs,
SetTier: true,
BucketBased: true,
CanHaveEmptyDirectories: true,
+ ReadMetadata: true,
+ WriteMetadata: true,
+ UserMetadata: true,
}).Fill(ctx, f).Mask(ctx, wrappedFs).WrapsFs(f, wrappedFs)
// We support reading MIME types no matter the wrapped fs
f.features.ReadMimeType = true
@@ -222,7 +228,7 @@ func processFileName(compressedFileName string) (origFileName string, extension
// Separate the filename and size from the extension
extensionPos := strings.LastIndex(compressedFileName, ".")
if extensionPos == -1 {
- return "", "", 0, errors.New("File name has no extension")
+ return "", "", 0, errors.New("file name has no extension")
}
extension = compressedFileName[extensionPos:]
nameWithSize := compressedFileName[:extensionPos]
@@ -231,11 +237,11 @@ func processFileName(compressedFileName string) (origFileName string, extension
}
match := nameRegexp.FindStringSubmatch(nameWithSize)
if match == nil || len(match) != 3 {
- return "", "", 0, errors.New("Invalid filename")
+ return "", "", 0, errors.New("invalid filename")
}
size, err := base64ToInt64(match[2])
if err != nil {
- return "", "", 0, errors.New("Could not decode size")
+ return "", "", 0, errors.New("could not decode size")
}
return match[1], gzFileExt, size, nil
}
@@ -304,7 +310,7 @@ func (f *Fs) processEntries(entries fs.DirEntries) (newEntries fs.DirEntries, er
case fs.Directory:
f.addDir(&newEntries, x)
default:
- return nil, fmt.Errorf("Unknown object type %T", entry)
+ return nil, fmt.Errorf("unknown object type %T", entry)
}
}
return newEntries, nil
@@ -361,13 +367,16 @@ func (f *Fs) NewObject(ctx context.Context, remote string) (fs.Object, error) {
if err != nil {
return nil, err
}
- meta := readMetadata(ctx, mo)
- if meta == nil {
- return nil, errors.New("error decoding metadata")
+ meta, err := readMetadata(ctx, mo)
+ if err != nil {
+ return nil, fmt.Errorf("error decoding metadata: %w", err)
}
// Create our Object
o, err := f.Fs.NewObject(ctx, makeDataName(remote, meta.CompressionMetadata.Size, meta.Mode))
- return f.newObject(o, mo, meta), err
+ if err != nil {
+ return nil, err
+ }
+ return f.newObject(o, mo, meta), nil
}
// checkCompressAndType checks if an object is compressible and determines it's mime type
@@ -445,7 +454,7 @@ func (f *Fs) rcat(ctx context.Context, dstFileName string, in io.ReadCloser, mod
return f.Fs.Put(ctx, bytes.NewBuffer(buf[:n]), src, options...)
}
- // Need to include what we allready read
+ // Need to include what we already read
in = &ReadCloserWrapper{
Reader: io.MultiReader(bytes.NewReader(buf), in),
Closer: in,
@@ -458,7 +467,7 @@ func (f *Fs) rcat(ctx context.Context, dstFileName string, in io.ReadCloser, mod
}
fs.Debugf(f, "Target remote doesn't support streaming uploads, creating temporary local file")
- tempFile, err := ioutil.TempFile("", "rclone-press-")
+ tempFile, err := os.CreateTemp("", "rclone-press-")
defer func() {
// these errors should be relatively uncritical and the upload should've succeeded so it's okay-ish
// to ignore them
@@ -466,10 +475,10 @@ func (f *Fs) rcat(ctx context.Context, dstFileName string, in io.ReadCloser, mod
_ = os.Remove(tempFile.Name())
}()
if err != nil {
- return nil, fmt.Errorf("Failed to create temporary local FS to spool file: %w", err)
+ return nil, fmt.Errorf("failed to create temporary local FS to spool file: %w", err)
}
if _, err = io.Copy(tempFile, in); err != nil {
- return nil, fmt.Errorf("Failed to write temporary local file: %w", err)
+ return nil, fmt.Errorf("failed to write temporary local file: %w", err)
}
if _, err = tempFile.Seek(0, 0); err != nil {
return nil, err
@@ -536,8 +545,8 @@ func (f *Fs) putCompress(ctx context.Context, in io.Reader, src fs.ObjectInfo, o
}
// Transfer the data
- o, err := f.rcat(ctx, makeDataName(src.Remote(), src.Size(), f.mode), ioutil.NopCloser(wrappedIn), src.ModTime(ctx), options)
- //o, err := operations.Rcat(ctx, f.Fs, makeDataName(src.Remote(), src.Size(), f.mode), ioutil.NopCloser(wrappedIn), src.ModTime(ctx))
+ o, err := f.rcat(ctx, makeDataName(src.Remote(), src.Size(), f.mode), io.NopCloser(wrappedIn), src.ModTime(ctx), options)
+ //o, err := operations.Rcat(ctx, f.Fs, makeDataName(src.Remote(), src.Size(), f.mode), io.NopCloser(wrappedIn), src.ModTime(ctx))
if err != nil {
if o != nil {
removeErr := o.Remove(ctx)
@@ -671,7 +680,7 @@ func (f *Fs) putWithCustomFunctions(ctx context.Context, in io.Reader, src fs.Ob
}
return nil, err
}
- return f.newObject(dataObject, mo, meta), err
+ return f.newObject(dataObject, mo, meta), nil
}
// Put in to the remote path with the modTime given of the given size
@@ -720,23 +729,23 @@ func (f *Fs) PutStream(ctx context.Context, in io.Reader, src fs.ObjectInfo, opt
if found && (oldObj.(*Object).meta.Mode != Uncompressed || compressible) {
err = oldObj.(*Object).Object.Remove(ctx)
if err != nil {
- return nil, fmt.Errorf("Could remove original object: %w", err)
+ return nil, fmt.Errorf("couldn't remove original object: %w", err)
}
}
// If our new object is compressed we have to rename it with the correct size.
- // Uncompressed objects don't store the size in the name so we they'll allready have the correct name.
+ // Uncompressed objects don't store the size in the name so we they'll already have the correct name.
if compressible {
wrapObj, err := operations.Move(ctx, f.Fs, nil, f.dataName(src.Remote(), newObj.size, compressible), newObj.Object)
if err != nil {
- return nil, fmt.Errorf("Couldn't rename streamed Object.: %w", err)
+ return nil, fmt.Errorf("couldn't rename streamed object: %w", err)
}
newObj.Object = wrapObj
}
return newObj, nil
}
-// Temporarely disabled. There might be a way to implement this correctly but with the current handling metadata duplicate objects
+// Temporarily disabled. There might be a way to implement this correctly but with the current handling metadata duplicate objects
// will break stuff. Right no I can't think of a way to make this work.
// PutUnchecked uploads the object
@@ -779,9 +788,9 @@ func (f *Fs) Purge(ctx context.Context, dir string) error {
// Copy src to this remote using server side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -829,9 +838,9 @@ func (f *Fs) Copy(ctx context.Context, src fs.Object, remote string) (fs.Object,
// Move src to this remote using server side move operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -1034,24 +1043,19 @@ func newMetadata(size int64, mode int, cmeta sgzip.GzipMetadata, md5 string, mim
}
// This function will read the metadata from a metadata object.
-func readMetadata(ctx context.Context, mo fs.Object) (meta *ObjectMetadata) {
+func readMetadata(ctx context.Context, mo fs.Object) (meta *ObjectMetadata, err error) {
// Open our meradata object
rc, err := mo.Open(ctx)
if err != nil {
- return nil
+ return nil, err
}
- defer func() {
- err := rc.Close()
- if err != nil {
- fs.Errorf(mo, "Error closing object: %v", err)
- }
- }()
+ defer fs.CheckClose(rc, &err)
jr := json.NewDecoder(rc)
meta = new(ObjectMetadata)
if err = jr.Decode(meta); err != nil {
- return nil
+ return nil, err
}
- return meta
+ return meta, nil
}
// Remove removes this object
@@ -1096,6 +1100,9 @@ func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, op
origName := o.Remote()
if o.meta.Mode != Uncompressed || compressible {
newObject, err = o.f.putWithCustomFunctions(ctx, in, o.f.wrapInfo(src, origName, src.Size()), options, o.f.Fs.Put, updateMeta, compressible, mimeType)
+ if err != nil {
+ return err
+ }
if newObject.Object.Remote() != o.Object.Remote() {
if removeErr := o.Object.Remove(ctx); removeErr != nil {
return removeErr
@@ -1109,9 +1116,9 @@ func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, op
}
// If we are, just update the object and metadata
newObject, err = o.f.putWithCustomFunctions(ctx, in, src, options, update, updateMeta, compressible, mimeType)
- }
- if err != nil {
- return err
+ if err != nil {
+ return err
+ }
}
// Update object metadata and return
o.Object = newObject.Object
@@ -1122,6 +1129,9 @@ func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, op
// This will initialize the variables of a new press Object. The metadata object, mo, and metadata struct, meta, must be specified.
func (f *Fs) newObject(o fs.Object, mo fs.Object, meta *ObjectMetadata) *Object {
+ if o == nil {
+ log.Trace(nil, "newObject(%#v, %#v, %#v) called with nil o", o, mo, meta)
+ }
return &Object{
Object: o,
f: f,
@@ -1134,6 +1144,9 @@ func (f *Fs) newObject(o fs.Object, mo fs.Object, meta *ObjectMetadata) *Object
// This initializes the variables of a press Object with only the size. The metadata will be loaded later on demand.
func (f *Fs) newObjectSizeAndNameOnly(o fs.Object, moName string, size int64) *Object {
+ if o == nil {
+ log.Trace(nil, "newObjectSizeAndNameOnly(%#v, %#v, %#v) called with nil o", o, moName, size)
+ }
return &Object{
Object: o,
f: f,
@@ -1161,7 +1174,7 @@ func (o *Object) loadMetadataIfNotLoaded(ctx context.Context) (err error) {
return err
}
if o.meta == nil {
- o.meta = readMetadata(ctx, o.mo)
+ o.meta, err = readMetadata(ctx, o.mo)
}
return err
}
@@ -1214,6 +1227,21 @@ func (o *Object) MimeType(ctx context.Context) string {
return o.meta.MimeType
}
+// Metadata returns metadata for an object
+//
+// It should return nil if there is no Metadata
+func (o *Object) Metadata(ctx context.Context) (fs.Metadata, error) {
+ err := o.loadMetadataIfNotLoaded(ctx)
+ if err != nil {
+ return nil, err
+ }
+ do, ok := o.mo.(fs.Metadataer)
+ if !ok {
+ return nil, nil
+ }
+ return do.Metadata(ctx)
+}
+
// Hash returns the selected checksum of the file
// If no checksum is available it returns ""
func (o *Object) Hash(ctx context.Context, ht hash.Type) (string, error) {
@@ -1360,6 +1388,51 @@ func (o *ObjectInfo) Hash(ctx context.Context, ht hash.Type) (string, error) {
return "", nil // cannot know the checksum
}
+// ID returns the ID of the Object if known, or "" if not
+func (o *ObjectInfo) ID() string {
+ do, ok := o.src.(fs.IDer)
+ if !ok {
+ return ""
+ }
+ return do.ID()
+}
+
+// MimeType returns the content type of the Object if
+// known, or "" if not
+func (o *ObjectInfo) MimeType(ctx context.Context) string {
+ do, ok := o.src.(fs.MimeTyper)
+ if !ok {
+ return ""
+ }
+ return do.MimeType(ctx)
+}
+
+// UnWrap returns the Object that this Object is wrapping or
+// nil if it isn't wrapping anything
+func (o *ObjectInfo) UnWrap() fs.Object {
+ return fs.UnWrapObjectInfo(o.src)
+}
+
+// Metadata returns metadata for an object
+//
+// It should return nil if there is no Metadata
+func (o *ObjectInfo) Metadata(ctx context.Context) (fs.Metadata, error) {
+ do, ok := o.src.(fs.Metadataer)
+ if !ok {
+ return nil, nil
+ }
+ return do.Metadata(ctx)
+}
+
+// GetTier returns storage tier or class of the Object
+func (o *ObjectInfo) GetTier() string {
+ do, ok := o.src.(fs.GetTierer)
+ if !ok {
+ return ""
+ }
+ return do.GetTier()
+}
+
// ID returns the ID of the Object if known, or "" if not
func (o *Object) ID() string {
do, ok := o.Object.(fs.IDer)
@@ -1412,11 +1485,6 @@ var (
_ fs.ChangeNotifier = (*Fs)(nil)
_ fs.PublicLinker = (*Fs)(nil)
_ fs.Shutdowner = (*Fs)(nil)
- _ fs.ObjectInfo = (*ObjectInfo)(nil)
- _ fs.GetTierer = (*Object)(nil)
- _ fs.SetTierer = (*Object)(nil)
- _ fs.Object = (*Object)(nil)
- _ fs.ObjectUnWrapper = (*Object)(nil)
- _ fs.IDer = (*Object)(nil)
- _ fs.MimeTyper = (*Object)(nil)
+ _ fs.FullObjectInfo = (*ObjectInfo)(nil)
+ _ fs.FullObject = (*Object)(nil)
)
diff --git a/backend/compress/compress_test.go b/backend/compress/compress_test.go
index 76baf22aa91cd..356e9dd438295 100644
--- a/backend/compress/compress_test.go
+++ b/backend/compress/compress_test.go
@@ -61,5 +61,6 @@ func TestRemoteGzip(t *testing.T) {
{Name: name, Key: "remote", Value: tempdir},
{Name: name, Key: "compression_mode", Value: "gzip"},
},
+ QuickTestOK: true,
})
}
diff --git a/backend/crypt/cipher.go b/backend/crypt/cipher.go
index 4a3556295b69e..ae1e623936dec 100644
--- a/backend/crypt/cipher.go
+++ b/backend/crypt/cipher.go
@@ -96,7 +96,7 @@ func NewNameEncryptionMode(s string) (mode NameEncryptionMode, err error) {
case "obfuscate":
mode = NameEncryptionObfuscated
default:
- err = fmt.Errorf("Unknown file name encryption mode %q", s)
+ err = fmt.Errorf("unknown file name encryption mode %q", s)
}
return mode, err
}
@@ -127,11 +127,11 @@ type fileNameEncoding interface {
// RFC4648
//
// The standard encoding is modified in two ways
-// * it becomes lower case (no-one likes upper case filenames!)
-// * we strip the padding character `=`
+// - it becomes lower case (no-one likes upper case filenames!)
+// - we strip the padding character `=`
type caseInsensitiveBase32Encoding struct{}
-// EncodeToString encodes a strign using the modified version of
+// EncodeToString encodes a string using the modified version of
// base32 encoding.
func (caseInsensitiveBase32Encoding) EncodeToString(src []byte) string {
encoded := base32.HexEncoding.EncodeToString(src)
@@ -162,7 +162,7 @@ func NewNameEncoding(s string) (enc fileNameEncoding, err error) {
case "base32768":
enc = base32768.SafeEncoding
default:
- err = fmt.Errorf("Unknown file name encoding mode %q", s)
+ err = fmt.Errorf("unknown file name encoding mode %q", s)
}
return enc, err
}
@@ -244,7 +244,7 @@ func (c *Cipher) putBlock(buf []byte) {
// encryptSegment encrypts a path segment
//
-// This uses EME with AES
+// This uses EME with AES.
//
// EME (ECB-Mix-ECB) is a wide-block encryption mode presented in the
// 2003 paper "A Parallelizable Enciphering Mode" by Halevi and
@@ -254,8 +254,8 @@ func (c *Cipher) putBlock(buf []byte) {
// same filename must encrypt to the same thing.
//
// This means that
-// * filenames with the same name will encrypt the same
-// * filenames which start the same won't have a common prefix
+// - filenames with the same name will encrypt the same
+// - filenames which start the same won't have a common prefix
func (c *Cipher) encryptSegment(plaintext string) string {
if plaintext == "" {
return ""
@@ -1085,7 +1085,7 @@ func (c *Cipher) DecryptData(rc io.ReadCloser) (io.ReadCloser, error) {
// DecryptDataSeek decrypts the data stream from offset
//
-// The open function must return a ReadCloser opened to the offset supplied
+// The open function must return a ReadCloser opened to the offset supplied.
//
// You must use this form of DecryptData if you might want to Seek the file handle
func (c *Cipher) DecryptDataSeek(ctx context.Context, open OpenRangeSeek, offset, limit int64) (ReadSeekCloser, error) {
diff --git a/backend/crypt/cipher_test.go b/backend/crypt/cipher_test.go
index 565ef6af528d6..d0ba808be4678 100644
--- a/backend/crypt/cipher_test.go
+++ b/backend/crypt/cipher_test.go
@@ -8,7 +8,6 @@ import (
"errors"
"fmt"
"io"
- "io/ioutil"
"strings"
"testing"
@@ -1073,7 +1072,7 @@ func testEncryptDecrypt(t *testing.T, bufSize int, copySize int64) {
source := newRandomSource(copySize)
encrypted, err := c.newEncrypter(source, nil)
assert.NoError(t, err)
- decrypted, err := c.newDecrypter(ioutil.NopCloser(encrypted))
+ decrypted, err := c.newDecrypter(io.NopCloser(encrypted))
assert.NoError(t, err)
sink := newRandomSource(copySize)
n, err := io.CopyBuffer(sink, decrypted, buf)
@@ -1144,15 +1143,15 @@ func TestEncryptData(t *testing.T) {
buf := bytes.NewBuffer(test.in)
encrypted, err := c.EncryptData(buf)
assert.NoError(t, err)
- out, err := ioutil.ReadAll(encrypted)
+ out, err := io.ReadAll(encrypted)
assert.NoError(t, err)
assert.Equal(t, test.expected, out)
// Check we can decode the data properly too...
buf = bytes.NewBuffer(out)
- decrypted, err := c.DecryptData(ioutil.NopCloser(buf))
+ decrypted, err := c.DecryptData(io.NopCloser(buf))
assert.NoError(t, err)
- out, err = ioutil.ReadAll(decrypted)
+ out, err = io.ReadAll(decrypted)
assert.NoError(t, err)
assert.Equal(t, test.in, out)
}
@@ -1187,7 +1186,7 @@ func TestNewEncrypterErrUnexpectedEOF(t *testing.T) {
fh, err := c.newEncrypter(in, nil)
assert.NoError(t, err)
- n, err := io.CopyN(ioutil.Discard, fh, 1e6)
+ n, err := io.CopyN(io.Discard, fh, 1e6)
assert.Equal(t, io.ErrUnexpectedEOF, err)
assert.Equal(t, int64(32), n)
}
@@ -1257,12 +1256,12 @@ func TestNewDecrypterErrUnexpectedEOF(t *testing.T) {
in2 := &readers.ErrorReader{Err: io.ErrUnexpectedEOF}
in1 := bytes.NewBuffer(file16)
- in := ioutil.NopCloser(io.MultiReader(in1, in2))
+ in := io.NopCloser(io.MultiReader(in1, in2))
fh, err := c.newDecrypter(in)
assert.NoError(t, err)
- n, err := io.CopyN(ioutil.Discard, fh, 1e6)
+ n, err := io.CopyN(io.Discard, fh, 1e6)
assert.Equal(t, io.ErrUnexpectedEOF, err)
assert.Equal(t, int64(16), n)
}
@@ -1274,14 +1273,14 @@ func TestNewDecrypterSeekLimit(t *testing.T) {
// Make random data
const dataSize = 150000
- plaintext, err := ioutil.ReadAll(newRandomSource(dataSize))
+ plaintext, err := io.ReadAll(newRandomSource(dataSize))
assert.NoError(t, err)
// Encrypt the data
buf := bytes.NewBuffer(plaintext)
encrypted, err := c.EncryptData(buf)
assert.NoError(t, err)
- ciphertext, err := ioutil.ReadAll(encrypted)
+ ciphertext, err := io.ReadAll(encrypted)
assert.NoError(t, err)
trials := []int{0, 1, 2, 3, 4, 5, 7, 8, 9, 15, 16, 17, 31, 32, 33, 63, 64, 65,
@@ -1300,7 +1299,7 @@ func TestNewDecrypterSeekLimit(t *testing.T) {
end = len(ciphertext)
}
}
- reader = ioutil.NopCloser(bytes.NewBuffer(ciphertext[int(underlyingOffset):end]))
+ reader = io.NopCloser(bytes.NewBuffer(ciphertext[int(underlyingOffset):end]))
return reader, nil
}
@@ -1490,7 +1489,7 @@ func TestDecrypterRead(t *testing.T) {
assert.NoError(t, err, what)
continue
}
- _, err = ioutil.ReadAll(fh)
+ _, err = io.ReadAll(fh)
var expectedErr error
switch {
case i == fileHeaderSize:
@@ -1514,7 +1513,7 @@ func TestDecrypterRead(t *testing.T) {
cd := newCloseDetector(in)
fh, err := c.newDecrypter(cd)
assert.NoError(t, err)
- _, err = ioutil.ReadAll(fh)
+ _, err = io.ReadAll(fh)
assert.Error(t, err, "potato")
assert.Equal(t, 0, cd.closed)
@@ -1524,13 +1523,13 @@ func TestDecrypterRead(t *testing.T) {
copy(file16copy, file16)
for i := range file16copy {
file16copy[i] ^= 0xFF
- fh, err := c.newDecrypter(ioutil.NopCloser(bytes.NewBuffer(file16copy)))
+ fh, err := c.newDecrypter(io.NopCloser(bytes.NewBuffer(file16copy)))
if i < fileMagicSize {
assert.Error(t, err, ErrorEncryptedBadMagic.Error())
assert.Nil(t, fh)
} else {
assert.NoError(t, err)
- _, err = ioutil.ReadAll(fh)
+ _, err = io.ReadAll(fh)
assert.Error(t, err, ErrorEncryptedFileBadHeader.Error())
}
file16copy[i] ^= 0xFF
@@ -1565,7 +1564,7 @@ func TestDecrypterClose(t *testing.T) {
assert.Equal(t, 0, cd.closed)
// close after reading
- out, err := ioutil.ReadAll(fh)
+ out, err := io.ReadAll(fh)
assert.NoError(t, err)
assert.Equal(t, []byte{1}, out)
assert.Equal(t, io.EOF, fh.err)
diff --git a/backend/crypt/crypt.go b/backend/crypt/crypt.go
index 11dd55dad9954..f3eb8317da9d4 100644
--- a/backend/crypt/crypt.go
+++ b/backend/crypt/crypt.go
@@ -28,6 +28,9 @@ func init() {
Description: "Encrypt/Decrypt a remote",
NewFs: NewFs,
CommandHelp: commandHelp,
+ MetadataInfo: &fs.MetadataInfo{
+ Help: `Any metadata supported by the underlying remote is read and written.`,
+ },
Options: []fs.Option{{
Name: "remote",
Help: "Remote to encrypt/decrypt.\n\nNormally should contain a ':' and a path, e.g. \"myremote:path/to/dir\",\n\"myremote:bucket\" or maybe \"myremote:\" (not recommended).",
@@ -122,7 +125,7 @@ names, or for debugging purposes.`,
This option could help with shortening the encrypted filename. The
suitable option would depend on the way your remote count the filename
-length and if it's case sensitve.`,
+length and if it's case sensitive.`,
Default: "base32",
Examples: []fs.OptionExample{
{
@@ -232,7 +235,7 @@ func NewFs(ctx context.Context, name, rpath string, m configmap.Mapper) (fs.Fs,
// the features here are ones we could support, and they are
// ANDed with the ones from wrappedFs
f.features = (&fs.Features{
- CaseInsensitive: cipher.NameEncryptionMode() == NameEncryptionOff,
+ CaseInsensitive: !cipher.dirNameEncrypt || cipher.NameEncryptionMode() == NameEncryptionOff,
DuplicateFiles: true,
ReadMimeType: false, // MimeTypes not supported with crypt
WriteMimeType: false,
@@ -241,6 +244,9 @@ func NewFs(ctx context.Context, name, rpath string, m configmap.Mapper) (fs.Fs,
SetTier: true,
GetTier: true,
ServerSideAcrossConfigs: opt.ServerSideAcrossConfigs,
+ ReadMetadata: true,
+ WriteMetadata: true,
+ UserMetadata: true,
}).Fill(ctx, f).Mask(ctx, wrappedFs).WrapsFs(f, wrappedFs)
return f, err
@@ -328,7 +334,7 @@ func (f *Fs) encryptEntries(ctx context.Context, entries fs.DirEntries) (newEntr
case fs.Directory:
f.addDir(ctx, &newEntries, x)
default:
- return nil, fmt.Errorf("Unknown object type %T", entry)
+ return nil, fmt.Errorf("unknown object type %T", entry)
}
}
return newEntries, nil
@@ -390,6 +396,8 @@ type putFn func(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ..
// put implements Put or PutStream
func (f *Fs) put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options []fs.OpenOption, put putFn) (fs.Object, error) {
+ ci := fs.GetConfig(ctx)
+
if f.opt.NoDataEncryption {
o, err := put(ctx, in, f.newObjectInfo(src, nonce{}), options...)
if err == nil && o != nil {
@@ -407,6 +415,9 @@ func (f *Fs) put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options [
// Find a hash the destination supports to compute a hash of
// the encrypted data
ht := f.Fs.Hashes().GetOne()
+ if ci.IgnoreChecksum {
+ ht = hash.None
+ }
var hasher *hash.MultiHasher
if ht != hash.None {
hasher, err = hash.NewMultiHasherTypes(hash.NewHashSet(ht))
@@ -501,9 +512,9 @@ func (f *Fs) Purge(ctx context.Context, dir string) error {
// Copy src to this remote using server-side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -526,9 +537,9 @@ func (f *Fs) Copy(ctx context.Context, src fs.Object, remote string) (fs.Object,
// Move src to this remote using server-side move operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -1041,10 +1052,11 @@ func (o *ObjectInfo) Hash(ctx context.Context, hash hash.Type) (string, error) {
// Get the underlying object if there is one
if srcObj, ok = o.ObjectInfo.(fs.Object); ok {
// Prefer direct interface assertion
- } else if do, ok := o.ObjectInfo.(fs.ObjectUnWrapper); ok {
- // Otherwise likely is an operations.OverrideRemote
+ } else if do, ok := o.ObjectInfo.(*fs.OverrideRemote); ok {
+ // Unwrap if it is an operations.OverrideRemote
srcObj = do.UnWrap()
} else {
+ // Otherwise don't unwrap any further
return "", nil
}
// if this is wrapping a local object then we work out the hash
@@ -1056,6 +1068,50 @@ func (o *ObjectInfo) Hash(ctx context.Context, hash hash.Type) (string, error) {
return "", nil
}
+// GetTier returns storage tier or class of the Object
+func (o *ObjectInfo) GetTier() string {
+ do, ok := o.ObjectInfo.(fs.GetTierer)
+ if !ok {
+ return ""
+ }
+ return do.GetTier()
+}
+
+// ID returns the ID of the Object if known, or "" if not
+func (o *ObjectInfo) ID() string {
+ do, ok := o.ObjectInfo.(fs.IDer)
+ if !ok {
+ return ""
+ }
+ return do.ID()
+}
+
+// Metadata returns metadata for an object
+//
+// It should return nil if there is no Metadata
+func (o *ObjectInfo) Metadata(ctx context.Context) (fs.Metadata, error) {
+ do, ok := o.ObjectInfo.(fs.Metadataer)
+ if !ok {
+ return nil, nil
+ }
+ return do.Metadata(ctx)
+}
+
+// MimeType returns the content type of the Object if
+// known, or "" if not
+//
+// This is deliberately unsupported so we don't leak mime type info by
+// default.
+func (o *ObjectInfo) MimeType(ctx context.Context) string {
+ return ""
+}
+
+// UnWrap returns the Object that this Object is wrapping or
+// nil if it isn't wrapping anything
+func (o *ObjectInfo) UnWrap() fs.Object {
+ return fs.UnWrapObjectInfo(o.ObjectInfo)
+}
+
// ID returns the ID of the Object if known, or "" if not
func (o *Object) ID() string {
do, ok := o.Object.(fs.IDer)
@@ -1084,6 +1140,26 @@ func (o *Object) GetTier() string {
return do.GetTier()
}
+// Metadata returns metadata for an object
+//
+// It should return nil if there is no Metadata
+func (o *Object) Metadata(ctx context.Context) (fs.Metadata, error) {
+ do, ok := o.Object.(fs.Metadataer)
+ if !ok {
+ return nil, nil
+ }
+ return do.Metadata(ctx)
+}
+
+// MimeType returns the content type of the Object if
+// known, or "" if not
+//
+// This is deliberately unsupported so we don't leak mime type info by
+// default.
+func (o *Object) MimeType(ctx context.Context) string {
+ return ""
+}
+
// Check the interfaces are satisfied
var (
_ fs.Fs = (*Fs)(nil)
@@ -1106,10 +1182,6 @@ var (
_ fs.UserInfoer = (*Fs)(nil)
_ fs.Disconnecter = (*Fs)(nil)
_ fs.Shutdowner = (*Fs)(nil)
- _ fs.ObjectInfo = (*ObjectInfo)(nil)
- _ fs.Object = (*Object)(nil)
- _ fs.ObjectUnWrapper = (*Object)(nil)
- _ fs.IDer = (*Object)(nil)
- _ fs.SetTierer = (*Object)(nil)
- _ fs.GetTierer = (*Object)(nil)
+ _ fs.FullObjectInfo = (*ObjectInfo)(nil)
+ _ fs.FullObject = (*Object)(nil)
)
diff --git a/backend/crypt/crypt_internal_test.go b/backend/crypt/crypt_internal_test.go
index 2f7f1f8b36d0f..a6eaecbc5a2e6 100644
--- a/backend/crypt/crypt_internal_test.go
+++ b/backend/crypt/crypt_internal_test.go
@@ -17,41 +17,28 @@ import (
"github.com/stretchr/testify/require"
)
-type testWrapper struct {
- fs.ObjectInfo
-}
-
-// UnWrap returns the Object that this Object is wrapping or nil if it
-// isn't wrapping anything
-func (o testWrapper) UnWrap() fs.Object {
- if o, ok := o.ObjectInfo.(fs.Object); ok {
- return o
- }
- return nil
-}
-
// Create a temporary local fs to upload things from
-func makeTempLocalFs(t *testing.T) (localFs fs.Fs, cleanup func()) {
+func makeTempLocalFs(t *testing.T) (localFs fs.Fs) {
localFs, err := fs.TemporaryLocalFs(context.Background())
require.NoError(t, err)
- cleanup = func() {
+ t.Cleanup(func() {
require.NoError(t, localFs.Rmdir(context.Background(), ""))
- }
- return localFs, cleanup
+ })
+ return localFs
}
// Upload a file to a remote
-func uploadFile(t *testing.T, f fs.Fs, remote, contents string) (obj fs.Object, cleanup func()) {
+func uploadFile(t *testing.T, f fs.Fs, remote, contents string) (obj fs.Object) {
inBuf := bytes.NewBufferString(contents)
t1 := time.Date(2012, time.December, 17, 18, 32, 31, 0, time.UTC)
upSrc := object.NewStaticObjectInfo(remote, t1, int64(len(contents)), true, nil, nil)
obj, err := f.Put(context.Background(), inBuf, upSrc)
require.NoError(t, err)
- cleanup = func() {
+ t.Cleanup(func() {
require.NoError(t, obj.Remove(context.Background()))
- }
- return obj, cleanup
+ })
+ return obj
}
// Test the ObjectInfo
@@ -65,11 +52,9 @@ func testObjectInfo(t *testing.T, f *Fs, wrap bool) {
path = "_wrap"
}
- localFs, cleanupLocalFs := makeTempLocalFs(t)
- defer cleanupLocalFs()
+ localFs := makeTempLocalFs(t)
- obj, cleanupObj := uploadFile(t, localFs, path, contents)
- defer cleanupObj()
+ obj := uploadFile(t, localFs, path, contents)
// encrypt the data
inBuf := bytes.NewBufferString(contents)
@@ -83,7 +68,7 @@ func testObjectInfo(t *testing.T, f *Fs, wrap bool) {
var oi fs.ObjectInfo = obj
if wrap {
// wrap the object in an fs.ObjectUnwrapper if required
- oi = testWrapper{oi}
+ oi = fs.NewOverrideRemote(oi, "new_remote")
}
// wrap the object in a crypt for upload using the nonce we
@@ -91,7 +76,9 @@ func testObjectInfo(t *testing.T, f *Fs, wrap bool) {
src := f.newObjectInfo(oi, nonce)
// Test ObjectInfo methods
- assert.Equal(t, int64(outBuf.Len()), src.Size())
+ if !f.opt.NoDataEncryption {
+ assert.Equal(t, int64(outBuf.Len()), src.Size())
+ }
assert.Equal(t, f, src.Fs())
assert.NotEqual(t, path, src.Remote())
@@ -114,16 +101,13 @@ func testComputeHash(t *testing.T, f *Fs) {
t.Skipf("%v: does not support hashes", f.Fs)
}
- localFs, cleanupLocalFs := makeTempLocalFs(t)
- defer cleanupLocalFs()
+ localFs := makeTempLocalFs(t)
// Upload a file to localFs as a test object
- localObj, cleanupLocalObj := uploadFile(t, localFs, path, contents)
- defer cleanupLocalObj()
+ localObj := uploadFile(t, localFs, path, contents)
// Upload the same data to the remote Fs also
- remoteObj, cleanupRemoteObj := uploadFile(t, f, path, contents)
- defer cleanupRemoteObj()
+ remoteObj := uploadFile(t, f, path, contents)
// Calculate the expected Hash of the remote object
computedHash, err := f.ComputeHash(ctx, remoteObj.(*Object), localObj, hashType)
diff --git a/backend/crypt/crypt_test.go b/backend/crypt/crypt_test.go
index 8369a60f7d2dd..d4b9dc1e43283 100644
--- a/backend/crypt/crypt_test.go
+++ b/backend/crypt/crypt_test.go
@@ -4,6 +4,7 @@ package crypt_test
import (
"os"
"path/filepath"
+ "runtime"
"testing"
"github.com/rclone/rclone/backend/crypt"
@@ -46,6 +47,7 @@ func TestStandardBase32(t *testing.T) {
},
UnimplementableFsMethods: []string{"OpenWriterAt"},
UnimplementableObjectMethods: []string{"MimeType"},
+ QuickTestOK: true,
})
}
@@ -67,6 +69,7 @@ func TestStandardBase64(t *testing.T) {
},
UnimplementableFsMethods: []string{"OpenWriterAt"},
UnimplementableObjectMethods: []string{"MimeType"},
+ QuickTestOK: true,
})
}
@@ -88,6 +91,7 @@ func TestStandardBase32768(t *testing.T) {
},
UnimplementableFsMethods: []string{"OpenWriterAt"},
UnimplementableObjectMethods: []string{"MimeType"},
+ QuickTestOK: true,
})
}
@@ -109,6 +113,7 @@ func TestOff(t *testing.T) {
},
UnimplementableFsMethods: []string{"OpenWriterAt"},
UnimplementableObjectMethods: []string{"MimeType"},
+ QuickTestOK: true,
})
}
@@ -117,6 +122,9 @@ func TestObfuscate(t *testing.T) {
if *fstest.RemoteName != "" {
t.Skip("Skipping as -remote set")
}
+ if runtime.GOOS == "darwin" {
+ t.Skip("Skipping on macOS as obfuscating control characters makes filenames macOS can't cope with")
+ }
tempdir := filepath.Join(os.TempDir(), "rclone-crypt-test-obfuscate")
name := "TestCrypt3"
fstests.Run(t, &fstests.Opt{
@@ -131,6 +139,7 @@ func TestObfuscate(t *testing.T) {
SkipBadWindowsCharacters: true,
UnimplementableFsMethods: []string{"OpenWriterAt"},
UnimplementableObjectMethods: []string{"MimeType"},
+ QuickTestOK: true,
})
}
@@ -139,6 +148,9 @@ func TestNoDataObfuscate(t *testing.T) {
if *fstest.RemoteName != "" {
t.Skip("Skipping as -remote set")
}
+ if runtime.GOOS == "darwin" {
+ t.Skip("Skipping on macOS as obfuscating control characters makes filenames macOS can't cope with")
+ }
tempdir := filepath.Join(os.TempDir(), "rclone-crypt-test-obfuscate")
name := "TestCrypt4"
fstests.Run(t, &fstests.Opt{
@@ -154,5 +166,6 @@ func TestNoDataObfuscate(t *testing.T) {
SkipBadWindowsCharacters: true,
UnimplementableFsMethods: []string{"OpenWriterAt"},
UnimplementableObjectMethods: []string{"MimeType"},
+ QuickTestOK: true,
})
}
diff --git a/backend/crypt/pkcs7/pkcs7.go b/backend/crypt/pkcs7/pkcs7.go
index db604ae4b6a06..d2a547042ad5e 100644
--- a/backend/crypt/pkcs7/pkcs7.go
+++ b/backend/crypt/pkcs7/pkcs7.go
@@ -8,11 +8,11 @@ import "errors"
// Errors Unpad can return
var (
- ErrorPaddingNotFound = errors.New("Bad PKCS#7 padding - not padded")
- ErrorPaddingNotAMultiple = errors.New("Bad PKCS#7 padding - not a multiple of blocksize")
- ErrorPaddingTooLong = errors.New("Bad PKCS#7 padding - too long")
- ErrorPaddingTooShort = errors.New("Bad PKCS#7 padding - too short")
- ErrorPaddingNotAllTheSame = errors.New("Bad PKCS#7 padding - not all the same")
+ ErrorPaddingNotFound = errors.New("bad PKCS#7 padding - not padded")
+ ErrorPaddingNotAMultiple = errors.New("bad PKCS#7 padding - not a multiple of blocksize")
+ ErrorPaddingTooLong = errors.New("bad PKCS#7 padding - too long")
+ ErrorPaddingTooShort = errors.New("bad PKCS#7 padding - too short")
+ ErrorPaddingNotAllTheSame = errors.New("bad PKCS#7 padding - not all the same")
)
// Pad buf using PKCS#7 to a multiple of n.
diff --git a/backend/drive/drive.go b/backend/drive/drive.go
index dc26a39d70790..7bd0c41e53076 100644
--- a/backend/drive/drive.go
+++ b/backend/drive/drive.go
@@ -14,9 +14,9 @@ import (
"errors"
"fmt"
"io"
- "io/ioutil"
"mime"
"net/http"
+ "os"
"path"
"sort"
"strconv"
@@ -50,6 +50,7 @@ import (
drive_v2 "google.golang.org/api/drive/v2"
drive "google.golang.org/api/drive/v3"
"google.golang.org/api/googleapi"
+ "google.golang.org/api/option"
)
// Constants
@@ -276,6 +277,7 @@ Leave blank normally.
Fill in to access "Computers" folders (see docs), or for rclone to use
a non root folder as its starting point.
`,
+ Advanced: true,
}, {
Name: "service_account_file",
Help: "Service Account Credentials JSON file path.\n\nLeave blank normally.\nNeeded only if you want use SA instead of interactive login." + env.ShellExpandHelp,
@@ -564,6 +566,27 @@ If this is set then rclone will not show any dangling shortcuts in listings.
`,
Advanced: true,
Default: false,
+ }, {
+ Name: "resource_key",
+ Help: `Resource key for accessing a link-shared file.
+
+If you need to access files shared with a link like this
+
+ https://drive.google.com/drive/folders/XXX?resourcekey=YYY&usp=sharing
+
+Then you will need to use the first part "XXX" as the "root_folder_id"
+and the second part "YYY" as the "resource_key" otherwise you will get
+404 not found errors when trying to access the directory.
+
+See: https://developers.google.com/drive/api/guides/resource-keys
+
+This resource key requirement only applies to a subset of old files.
+
+Note also that opening the folder once in the web interface (with the
+user you've authenticated rclone with) seems to be enough so that the
+resource key is no needed.
+`,
+ Advanced: true,
}, {
Name: config.ConfigEncoding,
Help: config.ConfigEncodingHelp,
@@ -625,6 +648,7 @@ type Options struct {
StopOnDownloadLimit bool `config:"stop_on_download_limit"`
SkipShortcuts bool `config:"skip_shortcuts"`
SkipDanglingShortcuts bool `config:"skip_dangling_shortcuts"`
+ ResourceKey string `config:"resource_key"`
Enc encoder.MultiEncoder `config:"encoding"`
}
@@ -650,6 +674,7 @@ type Fs struct {
grouping int32 // number of IDs to search at once in ListR - read with atomic
listRmu *sync.Mutex // protects listRempties
listRempties map[string]struct{} // IDs of supposedly empty directories which triggered grouping disable
+ dirResourceKeys *sync.Map // map directory ID to resource key
}
type baseObject struct {
@@ -732,6 +757,9 @@ func (f *Fs) shouldRetry(ctx context.Context, err error) (bool, error) {
} else if f.opt.StopOnDownloadLimit && reason == "downloadQuotaExceeded" {
fs.Errorf(f, "Received download limit error: %v", err)
return false, fserrors.FatalError(err)
+ } else if f.opt.StopOnUploadLimit && reason == "quotaExceeded" {
+ fs.Errorf(f, "Received upload limit error: %v", err)
+ return false, fserrors.FatalError(err)
} else if f.opt.StopOnUploadLimit && reason == "teamDriveFileLimitExceeded" {
fs.Errorf(f, "Received Shared Drive file limit error: %v", err)
return false, fserrors.FatalError(err)
@@ -801,6 +829,7 @@ func (f *Fs) list(ctx context.Context, dirIDs []string, title string, directorie
// We must not filter with parent when we try list "ROOT" with drive-shared-with-me
// If we need to list file inside those shared folders, we must search it without sharedWithMe
parentsQuery := bytes.NewBufferString("(")
+ var resourceKeys []string
for _, dirID := range dirIDs {
if dirID == "" {
continue
@@ -821,7 +850,12 @@ func (f *Fs) list(ctx context.Context, dirIDs []string, title string, directorie
} else {
_, _ = fmt.Fprintf(parentsQuery, "'%s' in parents", dirID)
}
+ resourceKey, hasResourceKey := f.dirResourceKeys.Load(dirID)
+ if hasResourceKey {
+ resourceKeys = append(resourceKeys, fmt.Sprintf("%s/%s", dirID, resourceKey))
+ }
}
+ resourceKeysHeader := strings.Join(resourceKeys, ",")
if parentsQuery.Len() > 1 {
_ = parentsQuery.WriteByte(')')
query = append(query, parentsQuery.String())
@@ -885,7 +919,7 @@ func (f *Fs) list(ctx context.Context, dirIDs []string, title string, directorie
}
list.SupportsAllDrives(true)
list.IncludeItemsFromAllDrives(true)
- if f.isTeamDrive {
+ if f.isTeamDrive && !f.opt.SharedWithMe {
list.DriveId(f.opt.TeamDriveID)
list.Corpora("drive")
}
@@ -893,6 +927,10 @@ func (f *Fs) list(ctx context.Context, dirIDs []string, title string, directorie
if f.rootFolderID == "appDataFolder" {
list.Spaces("appDataFolder")
}
+ // Add resource Keys if necessary
+ if resourceKeysHeader != "" {
+ list.Header().Add("X-Goog-Drive-Resource-Keys", resourceKeysHeader)
+ }
fields := fmt.Sprintf("files(%s),nextPageToken,incompleteSearch", f.fileFields)
@@ -1069,7 +1107,7 @@ func createOAuthClient(ctx context.Context, opt *Options, name string, m configm
// try loading service account credentials from env variable, then from a file
if len(opt.ServiceAccountCredentials) == 0 && opt.ServiceAccountFile != "" {
- loadedCreds, err := ioutil.ReadFile(env.ShellExpand(opt.ServiceAccountFile))
+ loadedCreds, err := os.ReadFile(env.ShellExpand(opt.ServiceAccountFile))
if err != nil {
return nil, fmt.Errorf("error opening service account credentials file: %w", err)
}
@@ -1152,15 +1190,16 @@ func newFs(ctx context.Context, name, path string, m configmap.Mapper) (*Fs, err
ci := fs.GetConfig(ctx)
f := &Fs{
- name: name,
- root: root,
- opt: *opt,
- ci: ci,
- pacer: fs.NewPacer(ctx, pacer.NewGoogleDrive(pacer.MinSleep(opt.PacerMinSleep), pacer.Burst(opt.PacerBurst))),
- m: m,
- grouping: listRGrouping,
- listRmu: new(sync.Mutex),
- listRempties: make(map[string]struct{}),
+ name: name,
+ root: root,
+ opt: *opt,
+ ci: ci,
+ pacer: fs.NewPacer(ctx, pacer.NewGoogleDrive(pacer.MinSleep(opt.PacerMinSleep), pacer.Burst(opt.PacerBurst))),
+ m: m,
+ grouping: listRGrouping,
+ listRmu: new(sync.Mutex),
+ listRempties: make(map[string]struct{}),
+ dirResourceKeys: new(sync.Map),
}
f.isTeamDrive = opt.TeamDriveID != ""
f.fileFields = f.getFileFields()
@@ -1170,17 +1209,18 @@ func newFs(ctx context.Context, name, path string, m configmap.Mapper) (*Fs, err
WriteMimeType: true,
CanHaveEmptyDirectories: true,
ServerSideAcrossConfigs: opt.ServerSideAcrossConfigs,
+ FilterAware: true,
}).Fill(ctx, f)
// Create a new authorized Drive client.
f.client = oAuthClient
- f.svc, err = drive.New(f.client)
+ f.svc, err = drive.NewService(context.Background(), option.WithHTTPClient(f.client))
if err != nil {
return nil, fmt.Errorf("couldn't create Drive client: %w", err)
}
if f.opt.V2DownloadMinSize >= 0 {
- f.v2Svc, err = drive_v2.New(f.client)
+ f.v2Svc, err = drive_v2.NewService(context.Background(), option.WithHTTPClient(f.client))
if err != nil {
return nil, fmt.Errorf("couldn't create Drive v2 client: %w", err)
}
@@ -1222,6 +1262,11 @@ func NewFs(ctx context.Context, name, path string, m configmap.Mapper) (fs.Fs, e
f.dirCache = dircache.New(f.root, f.rootFolderID, f)
+ // If resource key is set then cache it for the root folder id
+ if f.opt.ResourceKey != "" {
+ f.dirResourceKeys.Store(f.rootFolderID, f.opt.ResourceKey)
+ }
+
// Parse extensions
if f.opt.Extensions != "" {
if f.opt.ExportExtensions != defaultExportExtensions {
@@ -2019,7 +2064,7 @@ func splitID(compositeID string) (actualID, shortcutID string) {
// isShortcutID returns true if compositeID refers to a shortcut
func isShortcutID(compositeID string) bool {
- return strings.IndexRune(compositeID, shortcutSeparator) >= 0
+ return strings.ContainsRune(compositeID, shortcutSeparator)
}
// actualID returns an actual ID from a composite ID
@@ -2090,6 +2135,10 @@ func (f *Fs) itemToDirEntry(ctx context.Context, remote string, item *drive.File
case item.MimeType == driveFolderType:
// cache the directory ID for later lookups
f.dirCache.Put(remote, item.Id)
+ // cache the resource key for later lookups
+ if item.ResourceKey != "" {
+ f.dirResourceKeys.Store(item.Id, item.ResourceKey)
+ }
when, _ := time.Parse(timeFormatIn, item.ModifiedTime)
d := fs.NewDir(remote, when).SetID(item.Id)
if len(item.Parents) > 0 {
@@ -2131,7 +2180,7 @@ func (f *Fs) createFileInfo(ctx context.Context, remote string, modTime time.Tim
// Put the object
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
@@ -2173,10 +2222,10 @@ func (f *Fs) PutUnchecked(ctx context.Context, in io.Reader, src fs.ObjectInfo,
exportExt, _, _ = f.findExportFormatByMimeType(ctx, importMimeType)
if exportExt == "" {
- return nil, fmt.Errorf("No export format found for %q", importMimeType)
+ return nil, fmt.Errorf("no export format found for %q", importMimeType)
}
if exportExt != srcExt && !f.opt.AllowImportNameChange {
- return nil, fmt.Errorf("Can't convert %q to a document with a different export filetype (%q)", srcExt, exportExt)
+ return nil, fmt.Errorf("can't convert %q to a document with a different export filetype (%q)", srcExt, exportExt)
}
}
}
@@ -2365,9 +2414,9 @@ func (f *Fs) Precision() time.Duration {
// Copy src to this remote using server-side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -2481,7 +2530,7 @@ func (f *Fs) Copy(ctx context.Context, src fs.Object, remote string) (fs.Object,
// result of List()
func (f *Fs) Purge(ctx context.Context, dir string) error {
if f.opt.TrashedOnly {
- return errors.New("Can't purge with --drive-trashed-only. Use delete if you want to selectively delete files")
+ return errors.New("can't purge with --drive-trashed-only, use delete if you want to selectively delete files")
}
return f.purgeCheck(ctx, dir, false)
}
@@ -2600,9 +2649,9 @@ func (f *Fs) About(ctx context.Context) (*fs.Usage, error) {
// Move src to this remote using server-side move operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -2947,12 +2996,12 @@ func (f *Fs) changeServiceAccountFile(ctx context.Context, file string) (err err
return fmt.Errorf("drive: failed when making oauth client: %w", err)
}
f.client = oAuthClient
- f.svc, err = drive.New(f.client)
+ f.svc, err = drive.NewService(context.Background(), option.WithHTTPClient(f.client))
if err != nil {
return fmt.Errorf("couldn't create Drive client: %w", err)
}
if f.opt.V2DownloadMinSize >= 0 {
- f.v2Svc, err = drive_v2.New(f.client)
+ f.v2Svc, err = drive_v2.NewService(context.Background(), option.WithHTTPClient(f.client))
if err != nil {
return fmt.Errorf("couldn't create Drive v2 client: %w", err)
}
@@ -3241,7 +3290,7 @@ This will return a JSON list of objects like this
With the -o config parameter it will output the list in a format
suitable for adding to a config file to make aliases for all the
-drives found.
+drives found and a combined drive.
[My Drive]
type = alias
@@ -3251,10 +3300,15 @@ drives found.
type = alias
remote = drive,team_drive=0ABCDEFabcdefghijkl,root_folder_id=:
-Adding this to the rclone config file will cause those team drives to
-be accessible with the aliases shown. This may require manual editing
-of the names.
+ [AllDrives]
+ type = combine
+ upstreams = "My Drive=My Drive:" "Test Drive=Test Drive:"
+Adding this to the rclone config file will cause those team drives to
+be accessible with the aliases shown. Any illegal characters will be
+substituted with "_" and duplicate names will have numbers suffixed.
+It will also add a remote called AllDrives which shows all the shared
+drives combined into one directory tree.
`,
}, {
Name: "untrash",
@@ -3302,6 +3356,12 @@ attempted if possible.
Use the -i flag to see what would be copied before copying.
`,
+}, {
+ Name: "exportformats",
+ Short: "Dump the export formats for debug purposes",
+}, {
+ Name: "importformats",
+ Short: "Dump the import formats for debug purposes",
}}
// Command the backend to run a named command
@@ -3321,7 +3381,7 @@ func (f *Fs) Command(ctx context.Context, name string, arg []string, opt map[str
out["service_account_file"] = f.opt.ServiceAccountFile
}
if _, ok := opt["chunk_size"]; ok {
- out["chunk_size"] = fmt.Sprintf("%s", f.opt.ChunkSize)
+ out["chunk_size"] = f.opt.ChunkSize.String()
}
return out, nil
case "set":
@@ -3338,11 +3398,11 @@ func (f *Fs) Command(ctx context.Context, name string, arg []string, opt map[str
}
if chunkSize, ok := opt["chunk_size"]; ok {
chunkSizeMap := make(map[string]string)
- chunkSizeMap["previous"] = fmt.Sprintf("%s", f.opt.ChunkSize)
+ chunkSizeMap["previous"] = f.opt.ChunkSize.String()
if err = f.changeChunkSize(chunkSize); err != nil {
return out, err
}
- chunkSizeString := fmt.Sprintf("%s", f.opt.ChunkSize)
+ chunkSizeString := f.opt.ChunkSize.String()
f.m.Set("chunk_size", chunkSizeString)
chunkSizeMap["current"] = chunkSizeString
out["chunk_size"] = chunkSizeMap
@@ -3372,12 +3432,27 @@ func (f *Fs) Command(ctx context.Context, name string, arg []string, opt map[str
}
if _, ok := opt["config"]; ok {
lines := []string{}
- for _, drive := range drives {
+ upstreams := []string{}
+ names := make(map[string]struct{}, len(drives))
+ for i, drive := range drives {
+ name := fspath.MakeConfigName(drive.Name)
+ for {
+ if _, found := names[name]; !found {
+ break
+ }
+ name += fmt.Sprintf("-%d", i)
+ }
+ names[name] = struct{}{}
lines = append(lines, "")
- lines = append(lines, fmt.Sprintf("[%s]", drive.Name))
- lines = append(lines, fmt.Sprintf("type = alias"))
+ lines = append(lines, fmt.Sprintf("[%s]", name))
+ lines = append(lines, "type = alias")
lines = append(lines, fmt.Sprintf("remote = %s,team_drive=%s,root_folder_id=:", f.name, drive.Id))
+ upstreams = append(upstreams, fmt.Sprintf(`"%s=%s:"`, name, name))
}
+ lines = append(lines, "")
+ lines = append(lines, "[AllDrives]")
+ lines = append(lines, "type = combine")
+ lines = append(lines, fmt.Sprintf("upstreams = %s", strings.Join(upstreams, " ")))
return lines, nil
}
return drives, nil
@@ -3400,6 +3475,10 @@ func (f *Fs) Command(ctx context.Context, name string, arg []string, opt map[str
}
}
return nil, nil
+ case "exportformats":
+ return f.exportFormats(ctx), nil
+ case "importformats":
+ return f.importFormats(ctx), nil
default:
return nil, fs.ErrorCommandNotFound
}
@@ -3449,12 +3528,6 @@ func (o *baseObject) Size() int64 {
return o.bytes
}
-// getRemoteInfo returns a drive.File for the remote
-func (f *Fs) getRemoteInfo(ctx context.Context, remote string) (info *drive.File, err error) {
- info, _, _, _, _, err = f.getRemoteInfoWithExport(ctx, remote)
- return
-}
-
// getRemoteInfoWithExport returns a drive.File and the export settings for the remote
func (f *Fs) getRemoteInfoWithExport(ctx context.Context, remote string) (
info *drive.File, extension, exportName, exportMimeType string, isDocument bool, err error) {
@@ -3495,7 +3568,6 @@ func (f *Fs) getRemoteInfoWithExport(ctx context.Context, remote string) (
// ModTime returns the modification time of the object
//
-//
// It attempts to read the objects mtime and if that isn't present the
// LastModified returned in the http headers
func (o *baseObject) ModTime(ctx context.Context) time.Time {
@@ -3639,7 +3711,7 @@ func (o *baseObject) open(ctx context.Context, url string, options ...fs.OpenOpt
url += "acknowledgeAbuse=true"
_, res, err = o.httpResponse(ctx, url, "GET", options)
} else {
- err = fmt.Errorf("Use the --drive-acknowledge-abuse flag to download this file: %w", err)
+ err = fmt.Errorf("use the --drive-acknowledge-abuse flag to download this file: %w", err)
}
}
if err != nil {
@@ -3726,7 +3798,7 @@ func (o *linkObject) Open(ctx context.Context, options ...fs.OpenOption) (in io.
data = data[:limit]
}
- return ioutil.NopCloser(bytes.NewReader(data)), nil
+ return io.NopCloser(bytes.NewReader(data)), nil
}
func (o *baseObject) update(ctx context.Context, updateInfo *drive.File, uploadMimeType string, in io.Reader,
@@ -3752,7 +3824,7 @@ func (o *baseObject) update(ctx context.Context, updateInfo *drive.File, uploadM
// Update the already existing object
//
-// Copy the reader into the object updating modTime and size
+// Copy the reader into the object updating modTime and size.
//
// The new object may have been created if an error is returned
func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) error {
diff --git a/backend/drive/drive_internal_test.go b/backend/drive/drive_internal_test.go
index 2a21fd5748e43..58bdb13138e4d 100644
--- a/backend/drive/drive_internal_test.go
+++ b/backend/drive/drive_internal_test.go
@@ -7,7 +7,6 @@ import (
"errors"
"fmt"
"io"
- "io/ioutil"
"mime"
"os"
"path"
@@ -19,6 +18,7 @@ import (
_ "github.com/rclone/rclone/backend/local"
"github.com/rclone/rclone/fs"
"github.com/rclone/rclone/fs/filter"
+ "github.com/rclone/rclone/fs/fserrors"
"github.com/rclone/rclone/fs/hash"
"github.com/rclone/rclone/fs/operations"
"github.com/rclone/rclone/fs/sync"
@@ -28,6 +28,7 @@ import (
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"google.golang.org/api/drive/v3"
+ "google.golang.org/api/googleapi"
)
func TestDriveScopes(t *testing.T) {
@@ -76,7 +77,7 @@ var additionalMimeTypes = map[string]string{
// Load the example export formats into exportFormats for testing
func TestInternalLoadExampleFormats(t *testing.T) {
fetchFormatsOnce.Do(func() {})
- buf, err := ioutil.ReadFile(filepath.FromSlash("test/about.json"))
+ buf, err := os.ReadFile(filepath.FromSlash("test/about.json"))
var about struct {
ExportFormats map[string][]string `json:"exportFormats,omitempty"`
ImportFormats map[string][]string `json:"importFormats,omitempty"`
@@ -190,6 +191,60 @@ func TestExtensionsForImportFormats(t *testing.T) {
}
}
+func (f *Fs) InternalTestShouldRetry(t *testing.T) {
+ ctx := context.Background()
+ gatewayTimeout := googleapi.Error{
+ Code: 503,
+ }
+ timeoutRetry, timeoutError := f.shouldRetry(ctx, &gatewayTimeout)
+ assert.True(t, timeoutRetry)
+ assert.Equal(t, &gatewayTimeout, timeoutError)
+ generic403 := googleapi.Error{
+ Code: 403,
+ }
+ rLEItem := googleapi.ErrorItem{
+ Reason: "rateLimitExceeded",
+ Message: "User rate limit exceeded.",
+ }
+ generic403.Errors = append(generic403.Errors, rLEItem)
+ oldStopUpload := f.opt.StopOnUploadLimit
+ oldStopDownload := f.opt.StopOnDownloadLimit
+ f.opt.StopOnUploadLimit = true
+ f.opt.StopOnDownloadLimit = true
+ defer func() {
+ f.opt.StopOnUploadLimit = oldStopUpload
+ f.opt.StopOnDownloadLimit = oldStopDownload
+ }()
+ expectedRLError := fserrors.FatalError(&generic403)
+ rateLimitRetry, rateLimitErr := f.shouldRetry(ctx, &generic403)
+ assert.False(t, rateLimitRetry)
+ assert.Equal(t, rateLimitErr, expectedRLError)
+ dQEItem := googleapi.ErrorItem{
+ Reason: "downloadQuotaExceeded",
+ }
+ generic403.Errors[0] = dQEItem
+ expectedDQError := fserrors.FatalError(&generic403)
+ downloadQuotaRetry, downloadQuotaError := f.shouldRetry(ctx, &generic403)
+ assert.False(t, downloadQuotaRetry)
+ assert.Equal(t, downloadQuotaError, expectedDQError)
+ tDFLEItem := googleapi.ErrorItem{
+ Reason: "teamDriveFileLimitExceeded",
+ }
+ generic403.Errors[0] = tDFLEItem
+ expectedTDFLError := fserrors.FatalError(&generic403)
+ teamDriveFileLimitRetry, teamDriveFileLimitError := f.shouldRetry(ctx, &generic403)
+ assert.False(t, teamDriveFileLimitRetry)
+ assert.Equal(t, teamDriveFileLimitError, expectedTDFLError)
+ qEItem := googleapi.ErrorItem{
+ Reason: "quotaExceeded",
+ }
+ generic403.Errors[0] = qEItem
+ expectedQuotaError := fserrors.FatalError(&generic403)
+ quotaExceededRetry, quotaExceededError := f.shouldRetry(ctx, &generic403)
+ assert.False(t, quotaExceededRetry)
+ assert.Equal(t, quotaExceededError, expectedQuotaError)
+}
+
func (f *Fs) InternalTestDocumentImport(t *testing.T) {
oldAllow := f.opt.AllowImportNameChange
f.opt.AllowImportNameChange = true
@@ -378,9 +433,9 @@ func (f *Fs) InternalTestUnTrash(t *testing.T) {
// Make some objects, one in a subdir
contents := random.String(100)
file1 := fstest.NewItem("trashDir/toBeTrashed", contents, time.Now())
- _, obj1 := fstests.PutTestContents(ctx, t, f, &file1, contents, false)
+ obj1 := fstests.PutTestContents(ctx, t, f, &file1, contents, false)
file2 := fstest.NewItem("trashDir/subdir/toBeTrashed", contents, time.Now())
- _, _ = fstests.PutTestContents(ctx, t, f, &file2, contents, false)
+ _ = fstests.PutTestContents(ctx, t, f, &file2, contents, false)
// Check objects
checkObjects := func() {
@@ -462,6 +517,9 @@ func (f *Fs) InternalTestCopyID(t *testing.T) {
// TestIntegration/FsMkdir/FsPutFiles/Internal/AgeQuery
func (f *Fs) InternalTestAgeQuery(t *testing.T) {
+ // Check set up for filtering
+ assert.True(t, f.Features().FilterAware)
+
opt := &filter.Opt{}
err := opt.MaxAge.Set("1h")
assert.NoError(t, err)
@@ -496,7 +554,7 @@ func (f *Fs) InternalTestAgeQuery(t *testing.T) {
require.NoError(t, err)
file1 := fstest.Item{ModTime: time.Now(), Path: "agequery.txt"}
- _, _ = fstests.PutTestContents(defCtx, t, tempFs1, &file1, "abcxyz", true)
+ _ = fstests.PutTestContents(defCtx, t, tempFs1, &file1, "abcxyz", true)
// validate sync/copy
const timeQuery = "(modifiedTime >= '"
@@ -545,6 +603,7 @@ func (f *Fs) InternalTest(t *testing.T) {
t.Run("UnTrash", f.InternalTestUnTrash)
t.Run("CopyID", f.InternalTestCopyID)
t.Run("AgeQuery", f.InternalTestAgeQuery)
+ t.Run("ShouldRetry", f.InternalTestShouldRetry)
}
var _ fstests.InternalTester = (*Fs)(nil)
diff --git a/backend/dropbox/batcher.go b/backend/dropbox/batcher.go
index ac87c71e0d4d8..82a4b5524d76e 100644
--- a/backend/dropbox/batcher.go
+++ b/backend/dropbox/batcher.go
@@ -304,9 +304,12 @@ outer:
//
// Can be called from atexit handler
func (b *batcher) Shutdown() {
+ if !b.Batching() {
+ return
+ }
b.shutOnce.Do(func() {
atexit.Unregister(b.atexit)
- fs.Infof(b.f, "Commiting uploads - please wait...")
+ fs.Infof(b.f, "Committing uploads - please wait...")
// show that batcher is shutting down
close(b.closed)
// quit the commitLoop by sending a quitRequest message
diff --git a/backend/dropbox/dropbox.go b/backend/dropbox/dropbox.go
index 000bfd5e42eeb..740bd76e34f1c 100644
--- a/backend/dropbox/dropbox.go
+++ b/backend/dropbox/dropbox.go
@@ -268,7 +268,7 @@ default based on the batch_mode in use.
Advanced: true,
}, {
Name: "batch_commit_timeout",
- Help: `Max time to wait for a batch to finish comitting`,
+ Help: `Max time to wait for a batch to finish committing`,
Default: fs.Duration(10 * time.Minute),
Advanced: true,
}, {
@@ -472,10 +472,12 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
args := team.NewMembersGetInfoArgs(members)
memberIds, err := f.team.MembersGetInfo(args)
-
if err != nil {
return nil, fmt.Errorf("invalid dropbox team member: %q: %w", opt.Impersonate, err)
}
+ if len(memberIds) == 0 || memberIds[0].MemberInfo == nil || memberIds[0].MemberInfo.Profile == nil {
+ return nil, fmt.Errorf("dropbox team member not found: %q", opt.Impersonate)
+ }
cfg.AsMemberID = memberIds[0].MemberInfo.Profile.MemberProfile.TeamMemberId
}
@@ -923,7 +925,7 @@ func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err e
// Put the object
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
@@ -1042,9 +1044,9 @@ func (f *Fs) Precision() time.Duration {
// Copy src to this remote using server-side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -1103,9 +1105,9 @@ func (f *Fs) Purge(ctx context.Context, dir string) (err error) {
// Move src to this remote using server-side move operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -1197,7 +1199,7 @@ func (f *Fs) PublicLink(ctx context.Context, remote string, expire fs.Duration,
return
}
if len(listRes.Links) == 0 {
- err = errors.New("Dropbox says the sharing link already exists, but list came back empty")
+ err = errors.New("sharing link already exists, but list came back empty")
return
}
linkRes = listRes.Links[0]
@@ -1209,7 +1211,7 @@ func (f *Fs) PublicLink(ctx context.Context, remote string, expire fs.Duration,
case *sharing.FolderLinkMetadata:
link = res.Url
default:
- err = fmt.Errorf("Don't know how to extract link, response has unknown format: %T", res)
+ err = fmt.Errorf("don't know how to extract link, response has unknown format: %T", res)
}
}
return
@@ -1433,7 +1435,7 @@ func (f *Fs) changeNotifyRunner(ctx context.Context, notifyFunc func(string, fs.
}
if entryPath != "" {
- notifyFunc(entryPath, entryType)
+ notifyFunc(f.opt.Enc.ToStandardPath(entryPath), entryType)
}
}
if !changeList.HasMore {
@@ -1667,7 +1669,7 @@ func (o *Object) uploadChunked(ctx context.Context, in0 io.Reader, commitInfo *f
correctOffset := uErr.EndpointError.IncorrectOffset.CorrectOffset
delta := int64(correctOffset) - int64(cursor.Offset)
skip += delta
- what := fmt.Sprintf("incorrect offset error receved: sent %d, need %d, skip %d", cursor.Offset, correctOffset, skip)
+ what := fmt.Sprintf("incorrect offset error received: sent %d, need %d, skip %d", cursor.Offset, correctOffset, skip)
if skip < 0 {
return false, fmt.Errorf("can't seek backwards to correct offset: %s", what)
} else if skip == chunkSize {
@@ -1695,6 +1697,9 @@ func (o *Object) uploadChunked(ctx context.Context, in0 io.Reader, commitInfo *f
if size > 0 {
// if size is known, check if next chunk is final
appendArg.Close = uint64(size)-in.BytesRead() <= uint64(chunkSize)
+ if in.BytesRead() > uint64(size) {
+ return nil, fmt.Errorf("expected %d bytes in input, but have read %d so far", size, in.BytesRead())
+ }
} else {
// if size is unknown, upload as long as we can read full chunks from the reader
appendArg.Close = in.BytesRead()-cursor.Offset < uint64(chunkSize)
@@ -1758,7 +1763,7 @@ func checkPathLength(name string) (err error) {
// Update the already existing object
//
-// Copy the reader into the object updating modTime and size
+// Copy the reader into the object updating modTime and size.
//
// The new object may have been created if an error is returned
func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) error {
diff --git a/backend/fichier/api.go b/backend/fichier/api.go
index 6a17462658dee..1ee812c47de5d 100644
--- a/backend/fichier/api.go
+++ b/backend/fichier/api.go
@@ -28,25 +28,44 @@ var retryErrorCodes = []int{
509, // Bandwidth Limit Exceeded
}
+var errorRegex = regexp.MustCompile(`#\d{1,3}`)
+
+func parseFichierError(err error) int {
+ matches := errorRegex.FindStringSubmatch(err.Error())
+ if len(matches) == 0 {
+ return 0
+ }
+ code, err := strconv.Atoi(matches[0])
+ if err != nil {
+ fs.Debugf(nil, "failed parsing fichier error: %v", err)
+ return 0
+ }
+ return code
+}
+
// shouldRetry returns a boolean as to whether this resp and err
// deserve to be retried. It returns the err as a convenience
func shouldRetry(ctx context.Context, resp *http.Response, err error) (bool, error) {
if fserrors.ContextError(ctx, &err) {
return false, err
}
- // Detect this error which the integration tests provoke
- // error HTTP error 403 (403 Forbidden) returned body: "{\"message\":\"Flood detected: IP Locked #374\",\"status\":\"KO\"}"
- //
- // https://1fichier.com/api.html
- //
- // file/ls.cgi is limited :
+ // 1Fichier uses HTTP error code 403 (Forbidden) for all kinds of errors with
+ // responses looking like this: "{\"message\":\"Flood detected: IP Locked #374\",\"status\":\"KO\"}"
//
- // Warning (can be changed in case of abuses) :
- // List all files of the account is limited to 1 request per hour.
- // List folders is limited to 5 000 results and 1 request per folder per 30s.
- if err != nil && strings.Contains(err.Error(), "Flood detected") {
- fs.Debugf(nil, "Sleeping for 30 seconds due to: %v", err)
- time.Sleep(30 * time.Second)
+ // We attempt to parse the actual 1Fichier error code from this body and handle it accordingly
+ // Most importantly #374 (Flood detected: IP locked) which the integration tests provoke
+ // The list below is far from complete and should be expanded if we see any more error codes.
+ if err != nil {
+ switch parseFichierError(err) {
+ case 93:
+ return false, err // No such user
+ case 186:
+ return false, err // IP blocked?
+ case 374:
+ fs.Debugf(nil, "Sleeping for 30 seconds due to: %v", err)
+ time.Sleep(30 * time.Second)
+ default:
+ }
}
return fserrors.ShouldRetry(err) || fserrors.ShouldRetryHTTP(resp, retryErrorCodes), err
}
@@ -468,7 +487,7 @@ func (f *Fs) uploadFile(ctx context.Context, in io.Reader, size int64, fileName,
fileName = f.opt.Enc.FromStandardName(fileName)
if len(uploadID) > 10 || !isAlphaNumeric(uploadID) {
- return nil, errors.New("Invalid UploadID")
+ return nil, errors.New("invalid UploadID")
}
opts := rest.Opts{
@@ -510,7 +529,7 @@ func (f *Fs) endUpload(ctx context.Context, uploadID string, nodeurl string) (re
// fs.Debugf(f, "Ending File Upload `%s`", uploadID)
if len(uploadID) > 10 || !isAlphaNumeric(uploadID) {
- return nil, errors.New("Invalid UploadID")
+ return nil, errors.New("invalid UploadID")
}
opts := rest.Opts{
diff --git a/backend/fichier/fichier.go b/backend/fichier/fichier.go
index 8548d00c2b7d3..e6c05305154ef 100644
--- a/backend/fichier/fichier.go
+++ b/backend/fichier/fichier.go
@@ -1,3 +1,4 @@
+// Package fichier provides an interface to the 1Fichier storage system.
package fichier
import (
@@ -294,7 +295,7 @@ func (f *Fs) NewObject(ctx context.Context, remote string) (fs.Object, error) {
path, ok := f.dirCache.GetInv(directoryID)
if !ok {
- return nil, errors.New("Cannot find dir in dircache")
+ return nil, errors.New("cannot find dir in dircache")
}
return f.newObjectFromFile(ctx, path, file), nil
diff --git a/backend/fichier/structs.go b/backend/fichier/structs.go
index 89673f7f32af0..02e50a632715e 100644
--- a/backend/fichier/structs.go
+++ b/backend/fichier/structs.go
@@ -84,7 +84,7 @@ type CopyFileResponse struct {
URLs []FileCopy `json:"urls"`
}
-// FileCopy is used in the the CopyFileResponse
+// FileCopy is used in the CopyFileResponse
type FileCopy struct {
FromURL string `json:"from_url"`
ToURL string `json:"to_url"`
diff --git a/backend/filefabric/api/types.go b/backend/filefabric/api/types.go
index 926ad82a6fd66..9f4fb59847747 100644
--- a/backend/filefabric/api/types.go
+++ b/backend/filefabric/api/types.go
@@ -19,7 +19,7 @@ const (
timeFormatJSON = `"` + timeFormatParameters + `"`
)
-// Time represents represents date and time information for the
+// Time represents date and time information for the
// filefabric API
type Time time.Time
@@ -95,7 +95,7 @@ type Status struct {
// Warning string `json:"warning"` // obsolete
}
-// Status statisfies the error interface
+// Status satisfies the error interface
func (e *Status) Error() string {
return fmt.Sprintf("%s (%s)", e.Message, e.Code)
}
diff --git a/backend/filefabric/filefabric.go b/backend/filefabric/filefabric.go
index 7f49579b479db..3d157f8fbbea0 100644
--- a/backend/filefabric/filefabric.go
+++ b/backend/filefabric/filefabric.go
@@ -20,7 +20,6 @@ import (
"errors"
"fmt"
"io"
- "io/ioutil"
"net/http"
"net/url"
"path"
@@ -150,7 +149,7 @@ type Fs struct {
opt Options // parsed options
features *fs.Features // optional features
m configmap.Mapper // to save config
- srv *rest.Client // the connection to the one drive server
+ srv *rest.Client // the connection to the server
dirCache *dircache.DirCache // Map of directory path to directory id
pacer *fs.Pacer // pacer for API calls
tokenMu sync.Mutex // hold when reading the token
@@ -373,7 +372,7 @@ type params map[string]interface{}
// rpc calls the rpc.php method of the SME file fabric
//
-// This is an entry point to all the method calls
+// This is an entry point to all the method calls.
//
// If result is nil then resp.Body will need closing
func (f *Fs) rpc(ctx context.Context, function string, p params, result api.OKError, options []fs.OpenOption) (resp *http.Response, err error) {
@@ -490,7 +489,7 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
// Root is a dir - cache its ID
f.dirCache.Put(f.root, info.ID)
}
- } else {
+ //} else {
// Root is not found so a directory
}
}
@@ -678,7 +677,7 @@ func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err e
// Creates from the parameters passed in a half finished Object which
// must have setMetaData called on it
//
-// Returns the object, leaf, directoryID and error
+// Returns the object, leaf, directoryID and error.
//
// Used to create new objects
func (f *Fs) createObject(ctx context.Context, remote string, modTime time.Time, size int64) (o *Object, leaf string, directoryID string, err error) {
@@ -697,7 +696,7 @@ func (f *Fs) createObject(ctx context.Context, remote string, modTime time.Time,
// Put the object
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
@@ -783,9 +782,9 @@ func (f *Fs) Precision() time.Duration {
// Copy src to this remote using server side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -843,7 +842,7 @@ func (f *Fs) Purge(ctx context.Context, dir string) error {
return f.purgeCheck(ctx, dir, false)
}
-// Wait for the the background task to complete if necessary
+// Wait for the background task to complete if necessary
func (f *Fs) waitForBackgroundTask(ctx context.Context, taskID api.String) (err error) {
if taskID == "" || taskID == "0" {
// No task to wait for
@@ -956,9 +955,9 @@ func (f *Fs) move(ctx context.Context, isDir bool, id, oldLeaf, newLeaf, oldDire
// Move src to this remote using server side move operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -1135,7 +1134,6 @@ func (o *Object) readMetaData(ctx context.Context) (err error) {
// ModTime returns the modification time of the object
//
-//
// It attempts to read the objects mtime and if that isn't present the
// LastModified returned in the http headers
func (o *Object) ModTime(ctx context.Context) time.Time {
@@ -1187,7 +1185,7 @@ func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (in io.Read
return nil, errors.New("can't download - no id")
}
if o.contentType == emptyMimeType {
- return ioutil.NopCloser(bytes.NewReader([]byte{})), nil
+ return io.NopCloser(bytes.NewReader([]byte{})), nil
}
fs.FixRangeOption(options, o.size)
resp, err := o.fs.rpc(ctx, "getFile", params{
@@ -1201,7 +1199,7 @@ func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (in io.Read
// Update the object with the contents of the io.Reader, modTime and size
//
-// If existing is set then it updates the object rather than creating a new one
+// If existing is set then it updates the object rather than creating a new one.
//
// The new object may have been created if an error is returned
func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (err error) {
diff --git a/backend/ftp/ftp.go b/backend/ftp/ftp.go
index c5b39b24c5771..01d686c8e204f 100644
--- a/backend/ftp/ftp.go
+++ b/backend/ftp/ftp.go
@@ -45,7 +45,7 @@ const (
func init() {
fs.Register(&fs.RegInfo{
Name: "ftp",
- Description: "FTP Connection",
+ Description: "FTP",
NewFs: NewFs,
Options: []fs.Option{{
Name: "host",
@@ -70,7 +70,7 @@ func init() {
When using implicit FTP over TLS the client connects using TLS
right from the start which breaks compatibility with
non-TLS-aware servers. This is usually served over port 990 rather
-than port 21. Cannot be used in combination with explicit FTP.`,
+than port 21. Cannot be used in combination with explicit FTPS.`,
Default: false,
}, {
Name: "explicit_tls",
@@ -78,11 +78,25 @@ than port 21. Cannot be used in combination with explicit FTP.`,
When using explicit FTP over TLS the client explicitly requests
security from the server in order to upgrade a plain text connection
-to an encrypted one. Cannot be used in combination with implicit FTP.`,
+to an encrypted one. Cannot be used in combination with implicit FTPS.`,
Default: false,
}, {
- Name: "concurrency",
- Help: "Maximum number of FTP simultaneous connections, 0 for unlimited.",
+ Name: "concurrency",
+ Help: strings.Replace(`Maximum number of FTP simultaneous connections, 0 for unlimited.
+
+Note that setting this is very likely to cause deadlocks so it should
+be used with care.
+
+If you are doing a sync or copy then make sure concurrency is one more
+than the sum of |--transfers| and |--checkers|.
+
+If you use |--check-first| then it just needs to be one more than the
+maximum of |--checkers| and |--transfers|.
+
+So for |concurrency 3| you'd use |--checkers 2 --transfers 2
+--check-first| or |--checkers 1 --transfers 1|.
+
+`, "|", "`", -1),
Default: 0,
Advanced: true,
}, {
@@ -110,6 +124,11 @@ to an encrypted one. Cannot be used in combination with implicit FTP.`,
Help: "Use MDTM to set modification time (VsFtpd quirk)",
Default: false,
Advanced: true,
+ }, {
+ Name: "force_list_hidden",
+ Help: "Use LIST -a to force listing of hidden files and folders. This will disable the use of MLSD.",
+ Default: false,
+ Advanced: true,
}, {
Name: "idle_timeout",
Default: fs.Duration(60 * time.Second),
@@ -191,6 +210,7 @@ type Options struct {
DisableMLSD bool `config:"disable_mlsd"`
DisableUTF8 bool `config:"disable_utf8"`
WritingMDTM bool `config:"writing_mdtm"`
+ ForceListHidden bool `config:"force_list_hidden"`
IdleTimeout fs.Duration `config:"idle_timeout"`
CloseTimeout fs.Duration `config:"close_timeout"`
ShutTimeout fs.Duration `config:"shut_timeout"`
@@ -316,14 +336,44 @@ func (f *Fs) ftpConnection(ctx context.Context) (c *ftp.ServerConn, err error) {
fs.Debugf(f, "Connecting to FTP server")
// Make ftp library dial with fshttp dialer optionally using TLS
+ initialConnection := true
dial := func(network, address string) (conn net.Conn, err error) {
+ fs.Debugf(f, "dial(%q,%q)", network, address)
+ defer func() {
+ fs.Debugf(f, "> dial: conn=%T, err=%v", conn, err)
+ }()
conn, err = fshttp.NewDialer(ctx).Dial(network, address)
- if f.tlsConf != nil && err == nil {
- conn = tls.Client(conn, f.tlsConf)
+ if err != nil {
+ return nil, err
}
- return
+ // Connect using cleartext only for non TLS
+ if f.tlsConf == nil {
+ return conn, nil
+ }
+ // Initial connection only needs to be cleartext for explicit TLS
+ if f.opt.ExplicitTLS && initialConnection {
+ initialConnection = false
+ return conn, nil
+ }
+ // Upgrade connection to TLS
+ tlsConn := tls.Client(conn, f.tlsConf)
+ // Do the initial handshake - tls.Client doesn't do it for us
+ // If we do this then connections to proftpd/pureftpd lock up
+ // See: https://github.com/rclone/rclone/issues/6426
+ // See: https://github.com/jlaffaye/ftp/issues/282
+ if false {
+ err = tlsConn.HandshakeContext(ctx)
+ if err != nil {
+ _ = conn.Close()
+ return nil, err
+ }
+ }
+ return tlsConn, nil
+ }
+ ftpConfig := []ftp.DialOption{
+ ftp.DialWithContext(ctx),
+ ftp.DialWithDialFunc(dial),
}
- ftpConfig := []ftp.DialOption{ftp.DialWithDialFunc(dial)}
if f.opt.TLS {
// Our dialer takes care of TLS but ftp library also needs tlsConf
@@ -331,12 +381,6 @@ func (f *Fs) ftpConnection(ctx context.Context) (c *ftp.ServerConn, err error) {
ftpConfig = append(ftpConfig, ftp.DialWithTLS(f.tlsConf))
} else if f.opt.ExplicitTLS {
ftpConfig = append(ftpConfig, ftp.DialWithExplicitTLS(f.tlsConf))
- // Initial connection needs to be cleartext for explicit TLS
- conn, err := fshttp.NewDialer(ctx).Dial("tcp", f.dialAddr)
- if err != nil {
- return nil, err
- }
- ftpConfig = append(ftpConfig, ftp.DialWithNetConn(conn))
}
if f.opt.DisableEPSV {
ftpConfig = append(ftpConfig, ftp.DialWithDisabledEPSV(true))
@@ -353,6 +397,9 @@ func (f *Fs) ftpConnection(ctx context.Context) (c *ftp.ServerConn, err error) {
if f.opt.WritingMDTM {
ftpConfig = append(ftpConfig, ftp.DialWithWritingMDTM(true))
}
+ if f.opt.ForceListHidden {
+ ftpConfig = append(ftpConfig, ftp.DialWithForceListHidden(true))
+ }
if f.ci.Dump&(fs.DumpHeaders|fs.DumpBodies|fs.DumpRequests|fs.DumpResponses) != 0 {
ftpConfig = append(ftpConfig, ftp.DialWithDebugOutput(&debugLog{auth: f.ci.Dump&fs.DumpAuth != 0}))
}
@@ -487,7 +534,7 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (ff fs.Fs
protocol = "ftps://"
}
if opt.TLS && opt.ExplicitTLS {
- return nil, errors.New("Implicit TLS and explicit TLS are mutually incompatible. Please revise your config")
+ return nil, errors.New("implicit TLS and explicit TLS are mutually incompatible, please revise your config")
}
var tlsConfig *tls.Config
if opt.TLS || opt.ExplicitTLS {
@@ -610,8 +657,7 @@ func (f *Fs) dirFromStandardPath(dir string) string {
// findItem finds a directory entry for the name in its parent directory
func (f *Fs) findItem(ctx context.Context, remote string) (entry *ftp.Entry, err error) {
// defer fs.Trace(remote, "")("o=%v, err=%v", &o, &err)
- fullPath := path.Join(f.root, remote)
- if fullPath == "" || fullPath == "." || fullPath == "/" {
+ if remote == "" || remote == "." || remote == "/" {
// if root, assume exists and synthesize an entry
return &ftp.Entry{
Name: "",
@@ -619,13 +665,32 @@ func (f *Fs) findItem(ctx context.Context, remote string) (entry *ftp.Entry, err
Time: time.Now(),
}, nil
}
- dir := path.Dir(fullPath)
- base := path.Base(fullPath)
c, err := f.getFtpConnection(ctx)
if err != nil {
return nil, fmt.Errorf("findItem: %w", err)
}
+
+ // returns TRUE if MLST is supported which is required to call GetEntry
+ if c.IsTimePreciseInList() {
+ entry, err := c.GetEntry(f.opt.Enc.FromStandardPath(remote))
+ f.putFtpConnection(&c, err)
+ if err != nil {
+ err = translateErrorFile(err)
+ if err == fs.ErrorObjectNotFound {
+ return nil, nil
+ }
+ return nil, err
+ }
+ if entry != nil {
+ f.entryToStandard(entry)
+ }
+ return entry, nil
+ }
+
+ dir := path.Dir(remote)
+ base := path.Base(remote)
+
files, err := c.List(f.dirFromStandardPath(dir))
f.putFtpConnection(&c, err)
if err != nil {
@@ -644,7 +709,7 @@ func (f *Fs) findItem(ctx context.Context, remote string) (entry *ftp.Entry, err
// it returns the error fs.ErrorObjectNotFound.
func (f *Fs) NewObject(ctx context.Context, remote string) (o fs.Object, err error) {
// defer fs.Trace(remote, "")("o=%v, err=%v", &o, &err)
- entry, err := f.findItem(ctx, remote)
+ entry, err := f.findItem(ctx, path.Join(f.root, remote))
if err != nil {
return nil, err
}
@@ -666,7 +731,7 @@ func (f *Fs) NewObject(ctx context.Context, remote string) (o fs.Object, err err
// dirExists checks the directory pointed to by remote exists or not
func (f *Fs) dirExists(ctx context.Context, remote string) (exists bool, err error) {
- entry, err := f.findItem(ctx, remote)
+ entry, err := f.findItem(ctx, path.Join(f.root, remote))
if err != nil {
return false, fmt.Errorf("dirExists: %w", err)
}
@@ -718,7 +783,7 @@ func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err e
case <-timer.C:
// if timer fired assume no error but connection dead
fs.Errorf(f, "Timeout when waiting for List")
- return nil, errors.New("Timeout when waiting for List")
+ return nil, errors.New("timeout when waiting for List")
}
// Annoyingly FTP returns success for a directory which
@@ -769,11 +834,12 @@ func (f *Fs) Hashes() hash.Set {
// Precision shows whether modified time is supported or not depending on the
// FTP server capabilities, namely whether FTP server:
-// - accepts the MDTM command to get file time (fGetTime)
-// or supports MLSD returning precise file time in the list (fLstTime)
-// - accepts the MFMT command to set file time (fSetTime)
-// or non-standard form of the MDTM command (fSetTime, too)
-// used by VsFtpd for the same purpose (WritingMDTM)
+// - accepts the MDTM command to get file time (fGetTime)
+// or supports MLSD returning precise file time in the list (fLstTime)
+// - accepts the MFMT command to set file time (fSetTime)
+// or non-standard form of the MDTM command (fSetTime, too)
+// used by VsFtpd for the same purpose (WritingMDTM)
+//
// See "mdtm_write" in https://security.appspot.com/vsftpd/vsftpd_conf.html
func (f *Fs) Precision() time.Duration {
if (f.fGetTime || f.fLstTime) && f.fSetTime {
@@ -809,32 +875,18 @@ func (f *Fs) PutStream(ctx context.Context, in io.Reader, src fs.ObjectInfo, opt
// getInfo reads the FileInfo for a path
func (f *Fs) getInfo(ctx context.Context, remote string) (fi *FileInfo, err error) {
// defer fs.Trace(remote, "")("fi=%v, err=%v", &fi, &err)
- dir := path.Dir(remote)
- base := path.Base(remote)
-
- c, err := f.getFtpConnection(ctx)
- if err != nil {
- return nil, fmt.Errorf("getInfo: %w", err)
- }
- files, err := c.List(f.dirFromStandardPath(dir))
- f.putFtpConnection(&c, err)
+ file, err := f.findItem(ctx, remote)
if err != nil {
- return nil, translateErrorFile(err)
- }
-
- for i := range files {
- file := files[i]
- f.entryToStandard(file)
- if file.Name == base {
- info := &FileInfo{
- Name: remote,
- Size: file.Size,
- ModTime: file.Time,
- precise: f.fLstTime,
- IsDir: file.Type == ftp.EntryTypeFolder,
- }
- return info, nil
+ return nil, err
+ } else if file != nil {
+ info := &FileInfo{
+ Name: remote,
+ Size: file.Size,
+ ModTime: file.Time,
+ precise: f.fLstTime,
+ IsDir: file.Type == ftp.EntryTypeFolder,
}
+ return info, nil
}
return nil, fs.ErrorObjectNotFound
}
@@ -1149,7 +1201,7 @@ func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (rc io.Read
// Update the already existing object
//
-// Copy the reader into the object updating modTime and size
+// Copy the reader into the object updating modTime and size.
//
// The new object may have been created if an error is returned
func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (err error) {
diff --git a/backend/ftp/ftp_internal_test.go b/backend/ftp/ftp_internal_test.go
index bd1d8c6773469..3e06bb9b4a8e3 100644
--- a/backend/ftp/ftp_internal_test.go
+++ b/backend/ftp/ftp_internal_test.go
@@ -34,9 +34,9 @@ func deriveFs(ctx context.Context, t *testing.T, f fs.Fs, opts settings) fs.Fs {
// test that big file uploads do not cause network i/o timeout
func (f *Fs) testUploadTimeout(t *testing.T) {
const (
- fileSize = 100000000 // 100 MiB
- idleTimeout = 40 * time.Millisecond // small because test server is local
- maxTime = 10 * time.Second // prevent test hangup
+ fileSize = 100000000 // 100 MiB
+ idleTimeout = 1 * time.Second // small because test server is local
+ maxTime = 10 * time.Second // prevent test hangup
)
if testing.Short() {
diff --git a/backend/googlecloudstorage/googlecloudstorage.go b/backend/googlecloudstorage/googlecloudstorage.go
index 2f8a8856278e5..f984fa79d14e3 100644
--- a/backend/googlecloudstorage/googlecloudstorage.go
+++ b/backend/googlecloudstorage/googlecloudstorage.go
@@ -19,8 +19,8 @@ import (
"errors"
"fmt"
"io"
- "io/ioutil"
"net/http"
+ "os"
"path"
"strconv"
"strings"
@@ -44,6 +44,7 @@ import (
"golang.org/x/oauth2"
"golang.org/x/oauth2/google"
"google.golang.org/api/googleapi"
+ option "google.golang.org/api/option"
// NOTE: This API is deprecated
storage "google.golang.org/api/storage/v1"
@@ -306,20 +307,22 @@ rclone does if you know the bucket exists already.
Default: false,
Advanced: true,
}, {
- Name: "download_compressed",
- Help: `If set this will download compressed objects as-is.
+ Name: "decompress",
+ Help: `If set this will decompress gzip encoded objects.
It is possible to upload objects to GCS with "Content-Encoding: gzip"
-set. Normally rclone will transparently decompress these files on
-download. This means that rclone can't check the hash or the size of
-the file as both of these refer to the compressed object.
+set. Normally rclone will download these files as compressed objects.
-If this flag is set then rclone will download files with
+If this flag is set then rclone will decompress these files with
"Content-Encoding: gzip" as they are received. This means that rclone
-can check the size and hash but the file contents will be compressed.
+can't check the size and hash but the file contents will be decompressed.
`,
Advanced: true,
Default: false,
+ }, {
+ Name: "endpoint",
+ Help: "Endpoint for the service.\n\nLeave blank normally.",
+ Advanced: true,
}, {
Name: config.ConfigEncoding,
Help: config.ConfigEncodingHelp,
@@ -343,7 +346,8 @@ type Options struct {
Location string `config:"location"`
StorageClass string `config:"storage_class"`
NoCheckBucket bool `config:"no_check_bucket"`
- DownloadCompressed bool `config:"download_compressed"`
+ Decompress bool `config:"decompress"`
+ Endpoint string `config:"endpoint"`
Enc encoder.MultiEncoder `config:"encoding"`
}
@@ -391,7 +395,7 @@ func (f *Fs) Root() string {
// String converts this Fs to a string
func (f *Fs) String() string {
if f.rootBucket == "" {
- return fmt.Sprintf("GCS root")
+ return "GCS root"
}
if f.rootDirectory == "" {
return fmt.Sprintf("GCS bucket %s", f.rootBucket)
@@ -483,7 +487,7 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
// try loading service account credentials from env variable, then from a file
if opt.ServiceAccountCredentials == "" && opt.ServiceAccountFile != "" {
- loadedCreds, err := ioutil.ReadFile(env.ShellExpand(opt.ServiceAccountFile))
+ loadedCreds, err := os.ReadFile(env.ShellExpand(opt.ServiceAccountFile))
if err != nil {
return nil, fmt.Errorf("error opening service account credentials file: %w", err)
}
@@ -524,7 +528,11 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
// Create a new authorized Drive client.
f.client = oAuthClient
- f.svc, err = storage.New(f.client)
+ gcsOpts := []option.ClientOption{option.WithHTTPClient(f.client)}
+ if opt.Endpoint != "" {
+ gcsOpts = append(gcsOpts, option.WithEndpoint(opt.Endpoint))
+ }
+ f.svc, err = storage.NewService(context.Background(), gcsOpts...)
if err != nil {
return nil, fmt.Errorf("couldn't create Google Cloud Storage client: %w", err)
}
@@ -581,7 +589,7 @@ type listFn func(remote string, object *storage.Object, isDirectory bool) error
//
// dir is the starting directory, "" for root
//
-// Set recurse to read sub directories
+// Set recurse to read sub directories.
//
// The remote has prefix removed from it and if addBucket is set
// then it adds the bucket to the start.
@@ -799,7 +807,7 @@ func (f *Fs) ListR(ctx context.Context, dir string, callback fs.ListRCallback) (
// Put the object into the bucket
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
@@ -901,9 +909,9 @@ func (f *Fs) Precision() time.Duration {
// Copy src to this remote using server-side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -1035,12 +1043,9 @@ func (o *Object) setMetaData(info *storage.Object) {
}
// If gunzipping then size and md5sum are unknown
- if o.gzipped && !o.fs.opt.DownloadCompressed {
+ if o.gzipped && o.fs.opt.Decompress {
o.bytes = -1
o.md5sum = ""
- o.fs.warnCompressed.Do(func() {
- fs.Logf(o.fs, "Decompressing 'Content-Encoding: gzip' compressed file. Use --gcs-download-compressed to override")
- })
}
}
@@ -1142,7 +1147,7 @@ func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (in io.Read
return nil, err
}
fs.FixRangeOption(options, o.bytes)
- if o.gzipped && o.fs.opt.DownloadCompressed {
+ if o.gzipped && !o.fs.opt.Decompress {
// Allow files which are stored on the cloud storage system
// compressed to be downloaded without being decompressed. Note
// that setting this here overrides the automatic decompression
@@ -1150,6 +1155,9 @@ func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (in io.Read
//
// See: https://cloud.google.com/storage/docs/transcoding
req.Header.Set("Accept-Encoding", "gzip")
+ o.fs.warnCompressed.Do(func() {
+ fs.Logf(o, "Not decompressing 'Content-Encoding: gzip' compressed file. Use --gcs-decompress to override")
+ })
}
fs.OpenOptionAddHTTPHeaders(req.Header, options)
var res *http.Response
diff --git a/backend/googlephotos/api/types.go b/backend/googlephotos/api/types.go
index d26cfc7149f65..9b7aa79f6e173 100644
--- a/backend/googlephotos/api/types.go
+++ b/backend/googlephotos/api/types.go
@@ -1,3 +1,4 @@
+// Package api provides types used by the Google Photos API.
package api
import (
diff --git a/backend/googlephotos/googlephotos.go b/backend/googlephotos/googlephotos.go
index 4e16d81d39e19..c743ddec4a806 100644
--- a/backend/googlephotos/googlephotos.go
+++ b/backend/googlephotos/googlephotos.go
@@ -178,7 +178,7 @@ type Fs struct {
opt Options // parsed options
features *fs.Features // optional features
unAuth *rest.Client // unauthenticated http client
- srv *rest.Client // the connection to the one drive server
+ srv *rest.Client // the connection to the server
ts *oauthutil.TokenSource // token source for oauth2
pacer *fs.Pacer // To pace the API calls
startTime time.Time // time Fs was started - used for datestamps
@@ -661,7 +661,7 @@ func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err e
// Put the object into the bucket
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
diff --git a/backend/googlephotos/googlephotos_test.go b/backend/googlephotos/googlephotos_test.go
index c65a02700e2d5..cd1e0943f8411 100644
--- a/backend/googlephotos/googlephotos_test.go
+++ b/backend/googlephotos/googlephotos_test.go
@@ -3,7 +3,7 @@ package googlephotos
import (
"context"
"fmt"
- "io/ioutil"
+ "io"
"net/http"
"path"
"testing"
@@ -12,7 +12,6 @@ import (
_ "github.com/rclone/rclone/backend/local"
"github.com/rclone/rclone/fs"
"github.com/rclone/rclone/fs/hash"
- "github.com/rclone/rclone/fs/operations"
"github.com/rclone/rclone/fstest"
"github.com/rclone/rclone/lib/random"
"github.com/stretchr/testify/assert"
@@ -37,7 +36,7 @@ func TestIntegration(t *testing.T) {
}
f, err := fs.NewFs(ctx, *fstest.RemoteName)
if err == fs.ErrorNotFoundInConfigFile {
- t.Skip(fmt.Sprintf("Couldn't create google photos backend - skipping tests: %v", err))
+ t.Skipf("Couldn't create google photos backend - skipping tests: %v", err)
}
require.NoError(t, err)
@@ -56,7 +55,7 @@ func TestIntegration(t *testing.T) {
require.NoError(t, err)
in, err := srcObj.Open(ctx)
require.NoError(t, err)
- dstObj, err := f.Put(ctx, in, operations.NewOverrideRemote(srcObj, remote))
+ dstObj, err := f.Put(ctx, in, fs.NewOverrideRemote(srcObj, remote))
require.NoError(t, err)
assert.Equal(t, remote, dstObj.Remote())
_ = in.Close()
@@ -99,7 +98,7 @@ func TestIntegration(t *testing.T) {
t.Run("ObjectOpen", func(t *testing.T) {
in, err := dstObj.Open(ctx)
require.NoError(t, err)
- buf, err := ioutil.ReadAll(in)
+ buf, err := io.ReadAll(in)
require.NoError(t, err)
require.NoError(t, in.Close())
assert.True(t, len(buf) > 1000)
@@ -221,7 +220,7 @@ func TestIntegration(t *testing.T) {
require.NoError(t, err)
in, err := srcObj.Open(ctx)
require.NoError(t, err)
- dstObj, err := f.Put(ctx, in, operations.NewOverrideRemote(srcObj, remote))
+ dstObj, err := f.Put(ctx, in, fs.NewOverrideRemote(srcObj, remote))
require.NoError(t, err)
assert.Equal(t, remote, dstObj.Remote())
_ = in.Close()
diff --git a/backend/googlephotos/pattern.go b/backend/googlephotos/pattern.go
index e2cbcbf724869..fc84f4a0e790e 100644
--- a/backend/googlephotos/pattern.go
+++ b/backend/googlephotos/pattern.go
@@ -315,7 +315,7 @@ func yearMonthDayFilter(ctx context.Context, f lister, match []string) (sf api.S
// featureFilter creates a filter for the Feature enum
//
-// The API only supports one feature, FAVORITES, so hardcode that feature
+// The API only supports one feature, FAVORITES, so hardcode that feature.
//
// https://developers.google.com/photos/library/reference/rest/v1/mediaItems/search#FeatureFilter
func featureFilter(ctx context.Context, f lister, match []string) (sf api.SearchFilter) {
diff --git a/backend/googlephotos/pattern_test.go b/backend/googlephotos/pattern_test.go
index 6d58e5475e036..b446615c22120 100644
--- a/backend/googlephotos/pattern_test.go
+++ b/backend/googlephotos/pattern_test.go
@@ -50,7 +50,7 @@ func (f *testLister) listAlbums(ctx context.Context, shared bool) (all *albums,
// mock listUploads for testing
func (f *testLister) listUploads(ctx context.Context, dir string) (entries fs.DirEntries, err error) {
- entries, _ = f.uploaded[dir]
+ entries = f.uploaded[dir]
return entries, nil
}
diff --git a/backend/hasher/hasher.go b/backend/hasher/hasher.go
index 1870983e043d8..e80daedee6a35 100644
--- a/backend/hasher/hasher.go
+++ b/backend/hasher/hasher.go
@@ -27,6 +27,9 @@ func init() {
Name: "hasher",
Description: "Better checksums for other remotes",
NewFs: NewFs,
+ MetadataInfo: &fs.MetadataInfo{
+ Help: `Any metadata supported by the underlying remote is read and written.`,
+ },
CommandHelp: commandHelp,
Options: []fs.Option{{
Name: "remote",
@@ -158,6 +161,11 @@ func NewFs(ctx context.Context, fsname, rpath string, cmap configmap.Mapper) (fs
IsLocal: true,
ReadMimeType: true,
WriteMimeType: true,
+ SetTier: true,
+ GetTier: true,
+ ReadMetadata: true,
+ WriteMetadata: true,
+ UserMetadata: true,
}
f.features = stubFeatures.Fill(ctx, f).Mask(ctx, f.Fs).WrapsFs(f, f.Fs)
@@ -485,6 +493,17 @@ func (o *Object) MimeType(ctx context.Context) string {
return ""
}
+// Metadata returns metadata for an object
+//
+// It should return nil if there is no Metadata
+func (o *Object) Metadata(ctx context.Context) (fs.Metadata, error) {
+ do, ok := o.Object.(fs.Metadataer)
+ if !ok {
+ return nil, nil
+ }
+ return do.Metadata(ctx)
+}
+
// Check the interfaces are satisfied
var (
_ fs.Fs = (*Fs)(nil)
@@ -507,10 +526,5 @@ var (
_ fs.UserInfoer = (*Fs)(nil)
_ fs.Disconnecter = (*Fs)(nil)
_ fs.Shutdowner = (*Fs)(nil)
- _ fs.Object = (*Object)(nil)
- _ fs.ObjectUnWrapper = (*Object)(nil)
- _ fs.IDer = (*Object)(nil)
- _ fs.SetTierer = (*Object)(nil)
- _ fs.GetTierer = (*Object)(nil)
- _ fs.MimeTyper = (*Object)(nil)
+ _ fs.FullObject = (*Object)(nil)
)
diff --git a/backend/hasher/hasher_internal_test.go b/backend/hasher/hasher_internal_test.go
index 3ec7a11f94eae..0ca418e20a965 100644
--- a/backend/hasher/hasher_internal_test.go
+++ b/backend/hasher/hasher_internal_test.go
@@ -19,7 +19,7 @@ import (
func putFile(ctx context.Context, t *testing.T, f fs.Fs, name, data string) fs.Object {
mtime1 := fstest.Time("2001-02-03T04:05:06.499999999Z")
item := fstest.Item{Path: name, ModTime: mtime1}
- _, o := fstests.PutTestContents(ctx, t, f, &item, data, true)
+ o := fstests.PutTestContents(ctx, t, f, &item, data, true)
require.NotNil(t, o)
return o
}
@@ -35,7 +35,7 @@ func (f *Fs) testUploadFromCrypt(t *testing.T) {
// make a temporary crypt remote
ctx := context.Background()
pass := obscure.MustObscure("crypt")
- remote := fmt.Sprintf(":crypt,remote=%s,password=%s:", tempRoot, pass)
+ remote := fmt.Sprintf(`:crypt,remote="%s",password="%s":`, tempRoot, pass)
cryptFs, err := fs.NewFs(ctx, remote)
require.NoError(t, err)
diff --git a/backend/hasher/hasher_test.go b/backend/hasher/hasher_test.go
index 09d60f33d71c4..23feb9b96ca7f 100644
--- a/backend/hasher/hasher_test.go
+++ b/backend/hasher/hasher_test.go
@@ -33,6 +33,7 @@ func TestIntegration(t *testing.T) {
{Name: "TestHasher", Key: "remote", Value: tempDir},
}
opt.RemoteName = "TestHasher:"
+ opt.QuickTestOK = true
}
fstests.Run(t, &opt)
}
diff --git a/backend/hasher/object.go b/backend/hasher/object.go
index 6b9a8e4d05d35..ef6349b0fe3c9 100644
--- a/backend/hasher/object.go
+++ b/backend/hasher/object.go
@@ -5,7 +5,6 @@ import (
"errors"
"fmt"
"io"
- "io/ioutil"
"path"
"time"
@@ -118,7 +117,7 @@ func (o *Object) updateHashes(ctx context.Context) error {
defer func() {
_ = r.Close()
}()
- if _, err = io.Copy(ioutil.Discard, r); err != nil {
+ if _, err = io.Copy(io.Discard, r); err != nil {
fs.Infof(o, "update failed (copy): %v", err)
return err
}
diff --git a/backend/hdfs/fs.go b/backend/hdfs/fs.go
index 8de9ddbacf03d..7d48ffed60ea5 100644
--- a/backend/hdfs/fs.go
+++ b/backend/hdfs/fs.go
@@ -92,7 +92,7 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
if opt.ServicePrincipalName != "" {
options.KerberosClient, err = getKerberosClient()
if err != nil {
- return nil, fmt.Errorf("Problem with kerberos authentication: %s", err)
+ return nil, fmt.Errorf("problem with kerberos authentication: %w", err)
}
options.KerberosServicePrincipleName = opt.ServicePrincipalName
@@ -265,9 +265,9 @@ func (f *Fs) Purge(ctx context.Context, dir string) error {
// Move src to this remote using server-side move operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
diff --git a/backend/hdfs/hdfs.go b/backend/hdfs/hdfs.go
index 234344eceeec0..c07c0d7e2bc89 100644
--- a/backend/hdfs/hdfs.go
+++ b/backend/hdfs/hdfs.go
@@ -1,6 +1,7 @@
//go:build !plan9
// +build !plan9
+// Package hdfs provides an interface to the HDFS storage system.
package hdfs
import (
diff --git a/backend/hdfs/object.go b/backend/hdfs/object.go
index d7b94afbd3bae..976bc7f02ea9c 100644
--- a/backend/hdfs/object.go
+++ b/backend/hdfs/object.go
@@ -115,7 +115,7 @@ func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, op
return err
}
- info, err := o.fs.client.Stat(realpath)
+ _, err = o.fs.client.Stat(realpath)
if err == nil {
err = o.fs.client.Remove(realpath)
if err != nil {
@@ -147,7 +147,7 @@ func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, op
return err
}
- info, err = o.fs.client.Stat(realpath)
+ info, err := o.fs.client.Stat(realpath)
if err != nil {
return err
}
diff --git a/backend/hidrive/api/queries.go b/backend/hidrive/api/queries.go
new file mode 100644
index 0000000000000..57a1477c1ebdb
--- /dev/null
+++ b/backend/hidrive/api/queries.go
@@ -0,0 +1,81 @@
+package api
+
+import (
+ "encoding/json"
+ "net/url"
+ "path"
+ "strings"
+ "time"
+)
+
+// Some presets for different amounts of information that can be requested for fields;
+// it is recommended to only request the information that is actually needed.
+var (
+ HiDriveObjectNoMetadataFields = []string{"name", "type"}
+ HiDriveObjectWithMetadataFields = append(HiDriveObjectNoMetadataFields, "id", "size", "mtime", "chash")
+ HiDriveObjectWithDirectoryMetadataFields = append(HiDriveObjectWithMetadataFields, "nmembers")
+ DirectoryContentFields = []string{"nmembers"}
+)
+
+// QueryParameters represents the parameters passed to an API-call.
+type QueryParameters struct {
+ url.Values
+}
+
+// NewQueryParameters initializes an instance of QueryParameters and
+// returns a pointer to it.
+func NewQueryParameters() *QueryParameters {
+ return &QueryParameters{url.Values{}}
+}
+
+// SetFileInDirectory sets the appropriate parameters
+// to specify a path to a file in a directory.
+// This is used by requests that work with paths for files that do not exist yet.
+// (For example when creating a file).
+// Most requests use the format produced by SetPath(...).
+func (p *QueryParameters) SetFileInDirectory(filePath string) {
+ directory, file := path.Split(path.Clean(filePath))
+ p.Set("dir", path.Clean(directory))
+ p.Set("name", file)
+ // NOTE: It would be possible to switch to pid-based requests
+ // by modifying this function.
+}
+
+// SetPath sets the appropriate parameters to access the given path.
+func (p *QueryParameters) SetPath(objectPath string) {
+ p.Set("path", path.Clean(objectPath))
+ // NOTE: It would be possible to switch to pid-based requests
+ // by modifying this function.
+}
+
+// SetTime sets the key to the time-value. It replaces any existing values.
+func (p *QueryParameters) SetTime(key string, value time.Time) error {
+ valueAPI := Time(value)
+ valueBytes, err := json.Marshal(&valueAPI)
+ if err != nil {
+ return err
+ }
+ p.Set(key, string(valueBytes))
+ return nil
+}
+
+// AddList adds the given values as a list
+// with each value separated by the separator.
+// It appends to any existing values associated with key.
+func (p *QueryParameters) AddList(key string, separator string, values ...string) {
+ original := p.Get(key)
+ p.Set(key, strings.Join(values, separator))
+ if original != "" {
+ p.Set(key, original+separator+p.Get(key))
+ }
+}
+
+// AddFields sets the appropriate parameter to access the given fields.
+// The given fields will be appended to any other existing fields.
+func (p *QueryParameters) AddFields(prefix string, fields ...string) {
+ modifiedFields := make([]string, len(fields))
+ for i, field := range fields {
+ modifiedFields[i] = prefix + field
+ }
+ p.AddList("fields", ",", modifiedFields...)
+}
diff --git a/backend/hidrive/api/types.go b/backend/hidrive/api/types.go
new file mode 100644
index 0000000000000..4cc912a7285bd
--- /dev/null
+++ b/backend/hidrive/api/types.go
@@ -0,0 +1,135 @@
+// Package api has type definitions and code related to API-calls for the HiDrive-API.
+package api
+
+import (
+ "encoding/json"
+ "fmt"
+ "net/url"
+ "strconv"
+ "time"
+)
+
+// Time represents date and time information for the API.
+type Time time.Time
+
+// MarshalJSON turns Time into JSON (in Unix-time/UTC).
+func (t *Time) MarshalJSON() ([]byte, error) {
+ secs := time.Time(*t).Unix()
+ return []byte(strconv.FormatInt(secs, 10)), nil
+}
+
+// UnmarshalJSON turns JSON into Time.
+func (t *Time) UnmarshalJSON(data []byte) error {
+ secs, err := strconv.ParseInt(string(data), 10, 64)
+ if err != nil {
+ return err
+ }
+ *t = Time(time.Unix(secs, 0))
+ return nil
+}
+
+// Error is returned from the API when things go wrong.
+type Error struct {
+ Code json.Number `json:"code"`
+ ContextInfo json.RawMessage
+ Message string `json:"msg"`
+}
+
+// Error returns a string for the error and satisfies the error interface.
+func (e *Error) Error() string {
+ out := fmt.Sprintf("Error %q", e.Code.String())
+ if e.Message != "" {
+ out += ": " + e.Message
+ }
+ if e.ContextInfo != nil {
+ out += fmt.Sprintf(" (%+v)", e.ContextInfo)
+ }
+ return out
+}
+
+// Check Error satisfies the error interface.
+var _ error = (*Error)(nil)
+
+// possible types for HiDriveObject
+const (
+ HiDriveObjectTypeDirectory = "dir"
+ HiDriveObjectTypeFile = "file"
+ HiDriveObjectTypeSymlink = "symlink"
+)
+
+// HiDriveObject describes a folder, a symlink or a file.
+// Depending on the type and content, not all fields are present.
+type HiDriveObject struct {
+ Type string `json:"type"`
+ ID string `json:"id"`
+ ParentID string `json:"parent_id"`
+ Name string `json:"name"`
+ Path string `json:"path"`
+ Size int64 `json:"size"`
+ MemberCount int64 `json:"nmembers"`
+ ModifiedAt Time `json:"mtime"`
+ ChangedAt Time `json:"ctime"`
+ MetaHash string `json:"mhash"`
+ MetaOnlyHash string `json:"mohash"`
+ NameHash string `json:"nhash"`
+ ContentHash string `json:"chash"`
+ IsTeamfolder bool `json:"teamfolder"`
+ Readable bool `json:"readable"`
+ Writable bool `json:"writable"`
+ Shareable bool `json:"shareable"`
+ MIMEType string `json:"mime_type"`
+}
+
+// ModTime returns the modification time of the HiDriveObject.
+func (i *HiDriveObject) ModTime() time.Time {
+ t := time.Time(i.ModifiedAt)
+ if t.IsZero() {
+ t = time.Time(i.ChangedAt)
+ }
+ return t
+}
+
+// UnmarshalJSON turns JSON into HiDriveObject and
+// introduces specific default-values where necessary.
+func (i *HiDriveObject) UnmarshalJSON(data []byte) error {
+ type objectAlias HiDriveObject
+ defaultObject := objectAlias{
+ Size: -1,
+ MemberCount: -1,
+ }
+
+ err := json.Unmarshal(data, &defaultObject)
+ if err != nil {
+ return err
+ }
+ name, err := url.PathUnescape(defaultObject.Name)
+ if err == nil {
+ defaultObject.Name = name
+ }
+
+ *i = HiDriveObject(defaultObject)
+ return nil
+}
+
+// DirectoryContent describes the content of a directory.
+type DirectoryContent struct {
+ TotalCount int64 `json:"nmembers"`
+ Entries []HiDriveObject `json:"members"`
+}
+
+// UnmarshalJSON turns JSON into DirectoryContent and
+// introduces specific default-values where necessary.
+func (d *DirectoryContent) UnmarshalJSON(data []byte) error {
+ type directoryContentAlias DirectoryContent
+ defaultDirectoryContent := directoryContentAlias{
+ TotalCount: -1,
+ }
+
+ err := json.Unmarshal(data, &defaultDirectoryContent)
+ if err != nil {
+ return err
+ }
+
+ *d = DirectoryContent(defaultDirectoryContent)
+ return nil
+}
diff --git a/backend/hidrive/helpers.go b/backend/hidrive/helpers.go
new file mode 100644
index 0000000000000..7b925e1b34722
--- /dev/null
+++ b/backend/hidrive/helpers.go
@@ -0,0 +1,888 @@
+package hidrive
+
+// This file is for helper-functions which may provide more general and
+// specialized functionality than the generic interfaces.
+// There are two sections:
+// 1. methods bound to Fs
+// 2. other functions independent from Fs used throughout the package
+
+// NOTE: Functions accessing paths expect any relative paths
+// to be resolved prior to execution with resolvePath(...).
+
+import (
+ "bytes"
+ "context"
+ "errors"
+ "io"
+ "net/http"
+ "path"
+ "strconv"
+ "sync"
+ "time"
+
+ "github.com/rclone/rclone/backend/hidrive/api"
+ "github.com/rclone/rclone/fs"
+ "github.com/rclone/rclone/fs/accounting"
+ "github.com/rclone/rclone/fs/fserrors"
+ "github.com/rclone/rclone/lib/ranges"
+ "github.com/rclone/rclone/lib/readers"
+ "github.com/rclone/rclone/lib/rest"
+ "golang.org/x/sync/errgroup"
+ "golang.org/x/sync/semaphore"
+)
+
+const (
+ // MaximumUploadBytes represents the maximum amount of bytes
+ // a single upload-operation will support.
+ MaximumUploadBytes = 2147483647 // = 2GiB - 1
+ // iterationChunkSize represents the chunk size used to iterate directory contents.
+ iterationChunkSize = 5000
+)
+
+var (
+ // retryErrorCodes is a slice of error codes that we will always retry.
+ retryErrorCodes = []int{
+ 429, // Too Many Requests
+ 500, // Internal Server Error
+ 502, // Bad Gateway
+ 503, // Service Unavailable
+ 504, // Gateway Timeout
+ 509, // Bandwidth Limit Exceeded
+ }
+ // ErrorFileExists is returned when a query tries to create a file
+ // that already exists.
+ ErrorFileExists = errors.New("destination file already exists")
+)
+
+// MemberType represents the possible types of entries a directory can contain.
+type MemberType string
+
+// possible values for MemberType
+const (
+ AllMembers MemberType = "all"
+ NoMembers MemberType = "none"
+ DirectoryMembers MemberType = api.HiDriveObjectTypeDirectory
+ FileMembers MemberType = api.HiDriveObjectTypeFile
+ SymlinkMembers MemberType = api.HiDriveObjectTypeSymlink
+)
+
+// SortByField represents possible fields to sort entries of a directory by.
+type SortByField string
+
+// possible values for SortByField
+const (
+ descendingSort string = "-"
+ SortByName SortByField = "name"
+ SortByModTime SortByField = "mtime"
+ SortByObjectType SortByField = "type"
+ SortBySize SortByField = "size"
+ SortByNameDescending SortByField = SortByField(descendingSort) + SortByName
+ SortByModTimeDescending SortByField = SortByField(descendingSort) + SortByModTime
+ SortByObjectTypeDescending SortByField = SortByField(descendingSort) + SortByObjectType
+ SortBySizeDescending SortByField = SortByField(descendingSort) + SortBySize
+)
+
+var (
+ // Unsorted disables sorting and can therefore not be combined with other values.
+ Unsorted = []SortByField{"none"}
+ // DefaultSorted does not specify how to sort and
+ // therefore implies the default sort order.
+ DefaultSorted = []SortByField{}
+)
+
+// CopyOrMoveOperationType represents the possible types of copy- and move-operations.
+type CopyOrMoveOperationType int
+
+// possible values for CopyOrMoveOperationType
+const (
+ MoveOriginal CopyOrMoveOperationType = iota
+ CopyOriginal
+ CopyOriginalPreserveModTime
+)
+
+// OnExistAction represents possible actions the API should take,
+// when a request tries to create a path that already exists.
+type OnExistAction string
+
+// possible values for OnExistAction
+const (
+ // IgnoreOnExist instructs the API not to execute
+ // the request in case of a conflict, but to return an error.
+ IgnoreOnExist OnExistAction = "ignore"
+ // AutoNameOnExist instructs the API to automatically rename
+ // any conflicting request-objects.
+ AutoNameOnExist OnExistAction = "autoname"
+ // OverwriteOnExist instructs the API to overwrite any conflicting files.
+ // This can only be used, if the request operates on files directly.
+ // (For example when moving/copying a file.)
+ // For most requests this action will simply be ignored.
+ OverwriteOnExist OnExistAction = "overwrite"
+)
+
+// shouldRetry returns a boolean as to whether this resp and err deserve to be retried.
+// It tries to expire/invalidate the token, if necessary.
+// It returns the err as a convenience.
+func (f *Fs) shouldRetry(ctx context.Context, resp *http.Response, err error) (bool, error) {
+ if fserrors.ContextError(ctx, &err) {
+ return false, err
+ }
+ if resp != nil && (resp.StatusCode == 401 || isHTTPError(err, 401)) && len(resp.Header["Www-Authenticate"]) > 0 {
+ fs.Debugf(f, "Token might be invalid: %v", err)
+ if f.tokenRenewer != nil {
+ iErr := f.tokenRenewer.Expire()
+ if iErr == nil {
+ return true, err
+ }
+ }
+ }
+ return fserrors.ShouldRetry(err) || fserrors.ShouldRetryHTTP(resp, retryErrorCodes), err
+}
+
+// resolvePath resolves the given (relative) path and
+// returns a path suitable for API-calls.
+// This will consider the root-path of the fs and any needed prefixes.
+//
+// Any relative paths passed to functions that access these paths should
+// be resolved with this first!
+func (f *Fs) resolvePath(objectPath string) string {
+ resolved := path.Join(f.opt.RootPrefix, f.root, f.opt.Enc.FromStandardPath(objectPath))
+ return resolved
+}
+
+// iterateOverDirectory calls the given function callback
+// on each item found in a given directory.
+//
+// If callback ever returns true then this exits early with found = true.
+func (f *Fs) iterateOverDirectory(ctx context.Context, directory string, searchOnly MemberType, callback func(*api.HiDriveObject) bool, fields []string, sortBy []SortByField) (found bool, err error) {
+ parameters := api.NewQueryParameters()
+ parameters.SetPath(directory)
+ parameters.AddFields("members.", fields...)
+ parameters.AddFields("", api.DirectoryContentFields...)
+ parameters.Set("members", string(searchOnly))
+ for _, v := range sortBy {
+ // The explicit conversion is necessary for each element.
+ parameters.AddList("sort", ",", string(v))
+ }
+
+ opts := rest.Opts{
+ Method: "GET",
+ Path: "/dir",
+ Parameters: parameters.Values,
+ }
+
+ iterateContent := func(result *api.DirectoryContent, err error) (bool, error) {
+ if err != nil {
+ return false, err
+ }
+ for _, item := range result.Entries {
+ item.Name = f.opt.Enc.ToStandardName(item.Name)
+ if callback(&item) {
+ return true, nil
+ }
+ }
+ return false, nil
+ }
+ return f.paginateDirectoryAccess(ctx, &opts, iterationChunkSize, 0, iterateContent)
+}
+
+// paginateDirectoryAccess executes requests specified via ctx and opts
+// which should produce api.DirectoryContent.
+// This will paginate the requests using limit starting at the given offset.
+//
+// The given function callback is called on each api.DirectoryContent found
+// along with any errors that occurred.
+// If callback ever returns true then this exits early with found = true.
+// If callback ever returns an error then this exits early with that error.
+func (f *Fs) paginateDirectoryAccess(ctx context.Context, opts *rest.Opts, limit int64, offset int64, callback func(*api.DirectoryContent, error) (bool, error)) (found bool, err error) {
+ for {
+ opts.Parameters.Set("limit", strconv.FormatInt(offset, 10)+","+strconv.FormatInt(limit, 10))
+
+ var result api.DirectoryContent
+ var resp *http.Response
+ err = f.pacer.Call(func() (bool, error) {
+ resp, err = f.srv.CallJSON(ctx, opts, nil, &result)
+ return f.shouldRetry(ctx, resp, err)
+ })
+
+ found, err = callback(&result, err)
+ if found || err != nil {
+ return found, err
+ }
+
+ offset += int64(len(result.Entries))
+ if offset >= result.TotalCount || limit > int64(len(result.Entries)) {
+ break
+ }
+ }
+ return false, nil
+}
+
+// fetchMetadataForPath reads the metadata from the path.
+func (f *Fs) fetchMetadataForPath(ctx context.Context, path string, fields []string) (*api.HiDriveObject, error) {
+ parameters := api.NewQueryParameters()
+ parameters.SetPath(path)
+ parameters.AddFields("", fields...)
+
+ opts := rest.Opts{
+ Method: "GET",
+ Path: "/meta",
+ Parameters: parameters.Values,
+ }
+
+ var result api.HiDriveObject
+ var resp *http.Response
+ var err error
+ err = f.pacer.Call(func() (bool, error) {
+ resp, err = f.srv.CallJSON(ctx, &opts, nil, &result)
+ return f.shouldRetry(ctx, resp, err)
+ })
+ if err != nil {
+ return nil, err
+ }
+ return &result, nil
+}
+
+// copyOrMove copies or moves a directory or file
+// from the source-path to the destination-path.
+//
+// The operation will only be successful
+// if the parent-directory of the destination-path exists.
+//
+// NOTE: Use the explicit methods instead of directly invoking this method.
+// (Those are: copyDirectory, moveDirectory, copyFile, moveFile.)
+func (f *Fs) copyOrMove(ctx context.Context, isDirectory bool, operationType CopyOrMoveOperationType, source string, destination string, onExist OnExistAction) (*api.HiDriveObject, error) {
+ parameters := api.NewQueryParameters()
+ parameters.Set("src", source)
+ parameters.Set("dst", destination)
+ if onExist == AutoNameOnExist ||
+ (onExist == OverwriteOnExist && !isDirectory) {
+ parameters.Set("on_exist", string(onExist))
+ }
+
+ endpoint := "/"
+ if isDirectory {
+ endpoint += "dir"
+ } else {
+ endpoint += "file"
+ }
+ switch operationType {
+ case MoveOriginal:
+ endpoint += "/move"
+ case CopyOriginalPreserveModTime:
+ parameters.Set("preserve_mtime", strconv.FormatBool(true))
+ fallthrough
+ case CopyOriginal:
+ endpoint += "/copy"
+ }
+
+ opts := rest.Opts{
+ Method: "POST",
+ Path: endpoint,
+ Parameters: parameters.Values,
+ }
+
+ var result api.HiDriveObject
+ var resp *http.Response
+ var err error
+ err = f.pacer.Call(func() (bool, error) {
+ resp, err = f.srv.CallJSON(ctx, &opts, nil, &result)
+ return f.shouldRetry(ctx, resp, err)
+ })
+ if err != nil {
+ return nil, err
+ }
+ return &result, nil
+}
+
+// copyDirectory moves the directory at the source-path to the destination-path and
+// returns the resulting api-object if successful.
+//
+// The operation will only be successful
+// if the parent-directory of the destination-path exists.
+func (f *Fs) copyDirectory(ctx context.Context, source string, destination string, onExist OnExistAction) (*api.HiDriveObject, error) {
+ return f.copyOrMove(ctx, true, CopyOriginalPreserveModTime, source, destination, onExist)
+}
+
+// moveDirectory moves the directory at the source-path to the destination-path and
+// returns the resulting api-object if successful.
+//
+// The operation will only be successful
+// if the parent-directory of the destination-path exists.
+func (f *Fs) moveDirectory(ctx context.Context, source string, destination string, onExist OnExistAction) (*api.HiDriveObject, error) {
+ return f.copyOrMove(ctx, true, MoveOriginal, source, destination, onExist)
+}
+
+// copyFile copies the file at the source-path to the destination-path and
+// returns the resulting api-object if successful.
+//
+// The operation will only be successful
+// if the parent-directory of the destination-path exists.
+//
+// NOTE: This operation will expand sparse areas in the content of the source-file
+// to blocks of 0-bytes in the destination-file.
+func (f *Fs) copyFile(ctx context.Context, source string, destination string, onExist OnExistAction) (*api.HiDriveObject, error) {
+ return f.copyOrMove(ctx, false, CopyOriginalPreserveModTime, source, destination, onExist)
+}
+
+// moveFile moves the file at the source-path to the destination-path and
+// returns the resulting api-object if successful.
+//
+// The operation will only be successful
+// if the parent-directory of the destination-path exists.
+//
+// NOTE: This operation may expand sparse areas in the content of the source-file
+// to blocks of 0-bytes in the destination-file.
+func (f *Fs) moveFile(ctx context.Context, source string, destination string, onExist OnExistAction) (*api.HiDriveObject, error) {
+ return f.copyOrMove(ctx, false, MoveOriginal, source, destination, onExist)
+}
+
+// createDirectory creates the directory at the given path and
+// returns the resulting api-object if successful.
+//
+// The directory will only be created if its parent-directory exists.
+// This returns fs.ErrorDirNotFound if the parent-directory is not found.
+// This returns fs.ErrorDirExists if the directory already exists.
+func (f *Fs) createDirectory(ctx context.Context, directory string, onExist OnExistAction) (*api.HiDriveObject, error) {
+ parameters := api.NewQueryParameters()
+ parameters.SetPath(directory)
+ if onExist == AutoNameOnExist {
+ parameters.Set("on_exist", string(onExist))
+ }
+
+ opts := rest.Opts{
+ Method: "POST",
+ Path: "/dir",
+ Parameters: parameters.Values,
+ }
+
+ var result api.HiDriveObject
+ var resp *http.Response
+ var err error
+ err = f.pacer.Call(func() (bool, error) {
+ resp, err = f.srv.CallJSON(ctx, &opts, nil, &result)
+ return f.shouldRetry(ctx, resp, err)
+ })
+
+ switch {
+ case err == nil:
+ return &result, nil
+ case isHTTPError(err, 404):
+ return nil, fs.ErrorDirNotFound
+ case isHTTPError(err, 409):
+ return nil, fs.ErrorDirExists
+ }
+ return nil, err
+}
+
+// createDirectories creates the directory at the given path
+// along with any missing parent directories and
+// returns the resulting api-object (of the created directory) if successful.
+//
+// This returns fs.ErrorDirExists if the directory already exists.
+//
+// If an error occurs while the parent directories are being created,
+// any directories already created will NOT be deleted again.
+func (f *Fs) createDirectories(ctx context.Context, directory string, onExist OnExistAction) (*api.HiDriveObject, error) {
+ result, err := f.createDirectory(ctx, directory, onExist)
+ if err == nil {
+ return result, nil
+ }
+ if err != fs.ErrorDirNotFound {
+ return nil, err
+ }
+ parentDirectory := path.Dir(directory)
+ _, err = f.createDirectories(ctx, parentDirectory, onExist)
+ if err != nil && err != fs.ErrorDirExists {
+ return nil, err
+ }
+ // NOTE: Ignoring fs.ErrorDirExists does no harm,
+ // since it does not mean the child directory cannot be created.
+ return f.createDirectory(ctx, directory, onExist)
+}
+
+// deleteDirectory deletes the directory at the given path.
+//
+// If recursive is false, the directory will only be deleted if it is empty.
+// If recursive is true, the directory will be deleted regardless of its content.
+// This returns fs.ErrorDirNotFound if the directory is not found.
+// This returns fs.ErrorDirectoryNotEmpty if the directory is not empty and
+// recursive is false.
+func (f *Fs) deleteDirectory(ctx context.Context, directory string, recursive bool) error {
+ parameters := api.NewQueryParameters()
+ parameters.SetPath(directory)
+ parameters.Set("recursive", strconv.FormatBool(recursive))
+
+ opts := rest.Opts{
+ Method: "DELETE",
+ Path: "/dir",
+ Parameters: parameters.Values,
+ NoResponse: true,
+ }
+
+ var resp *http.Response
+ var err error
+ err = f.pacer.Call(func() (bool, error) {
+ resp, err = f.srv.Call(ctx, &opts)
+ return f.shouldRetry(ctx, resp, err)
+ })
+
+ switch {
+ case isHTTPError(err, 404):
+ return fs.ErrorDirNotFound
+ case isHTTPError(err, 409):
+ return fs.ErrorDirectoryNotEmpty
+ }
+ return err
+}
+
+// deleteObject deletes the object/file at the given path.
+//
+// This returns fs.ErrorObjectNotFound if the object is not found.
+func (f *Fs) deleteObject(ctx context.Context, path string) error {
+ parameters := api.NewQueryParameters()
+ parameters.SetPath(path)
+
+ opts := rest.Opts{
+ Method: "DELETE",
+ Path: "/file",
+ Parameters: parameters.Values,
+ NoResponse: true,
+ }
+
+ var resp *http.Response
+ var err error
+ err = f.pacer.Call(func() (bool, error) {
+ resp, err = f.srv.Call(ctx, &opts)
+ return f.shouldRetry(ctx, resp, err)
+ })
+
+ if isHTTPError(err, 404) {
+ return fs.ErrorObjectNotFound
+ }
+ return err
+}
+
+// createFile creates a file at the given path
+// with the content of the io.ReadSeeker.
+// This guarantees that existing files will not be overwritten.
+// The maximum size of the content is limited by MaximumUploadBytes.
+// The io.ReadSeeker should be resettable by seeking to its start.
+// If modTime is not the zero time instant,
+// it will be set as the file's modification time after the operation.
+//
+// This returns fs.ErrorDirNotFound
+// if the parent directory of the file is not found.
+// This returns ErrorFileExists if a file already exists at the specified path.
+func (f *Fs) createFile(ctx context.Context, path string, content io.ReadSeeker, modTime time.Time, onExist OnExistAction) (*api.HiDriveObject, error) {
+ parameters := api.NewQueryParameters()
+ parameters.SetFileInDirectory(path)
+ if onExist == AutoNameOnExist {
+ parameters.Set("on_exist", string(onExist))
+ }
+
+ var err error
+ if !modTime.IsZero() {
+ err = parameters.SetTime("mtime", modTime)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ opts := rest.Opts{
+ Method: "POST",
+ Path: "/file",
+ Body: content,
+ ContentType: "application/octet-stream",
+ Parameters: parameters.Values,
+ }
+
+ var result api.HiDriveObject
+ var resp *http.Response
+ err = f.pacer.Call(func() (bool, error) {
+ // Reset the reading index (in case this is a retry).
+ if _, err = content.Seek(0, io.SeekStart); err != nil {
+ return false, err
+ }
+ resp, err = f.srv.CallJSON(ctx, &opts, nil, &result)
+ return f.shouldRetry(ctx, resp, err)
+ })
+
+ switch {
+ case err == nil:
+ return &result, nil
+ case isHTTPError(err, 404):
+ return nil, fs.ErrorDirNotFound
+ case isHTTPError(err, 409):
+ return nil, ErrorFileExists
+ }
+ return nil, err
+}
+
+// overwriteFile updates the content of the file at the given path
+// with the content of the io.ReadSeeker.
+// If the file does not exist it will be created.
+// The maximum size of the content is limited by MaximumUploadBytes.
+// The io.ReadSeeker should be resettable by seeking to its start.
+// If modTime is not the zero time instant,
+// it will be set as the file's modification time after the operation.
+//
+// This returns fs.ErrorDirNotFound
+// if the parent directory of the file is not found.
+func (f *Fs) overwriteFile(ctx context.Context, path string, content io.ReadSeeker, modTime time.Time) (*api.HiDriveObject, error) {
+ parameters := api.NewQueryParameters()
+ parameters.SetFileInDirectory(path)
+
+ var err error
+ if !modTime.IsZero() {
+ err = parameters.SetTime("mtime", modTime)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ opts := rest.Opts{
+ Method: "PUT",
+ Path: "/file",
+ Body: content,
+ ContentType: "application/octet-stream",
+ Parameters: parameters.Values,
+ }
+
+ var result api.HiDriveObject
+ var resp *http.Response
+ err = f.pacer.Call(func() (bool, error) {
+ // Reset the reading index (in case this is a retry).
+ if _, err = content.Seek(0, io.SeekStart); err != nil {
+ return false, err
+ }
+ resp, err = f.srv.CallJSON(ctx, &opts, nil, &result)
+ return f.shouldRetry(ctx, resp, err)
+ })
+
+ switch {
+ case err == nil:
+ return &result, nil
+ case isHTTPError(err, 404):
+ return nil, fs.ErrorDirNotFound
+ }
+ return nil, err
+}
+
+// uploadFileChunked updates the content of the existing file at the given path
+// with the content of the io.Reader.
+// Returns the position of the last successfully written byte, stopping before the first failed write.
+// If nothing was written this will be 0.
+// Returns the resulting api-object if successful.
+//
+// Replaces the file contents by uploading multiple chunks of the given size in parallel.
+// Therefore this can and be used to upload files of any size efficiently.
+// The number of parallel transfers is limited by transferLimit which should larger than 0.
+// If modTime is not the zero time instant,
+// it will be set as the file's modification time after the operation.
+//
+// NOTE: This method uses updateFileChunked and may create sparse files,
+// if the upload of a chunk fails unexpectedly.
+// See note about sparse files in patchFile.
+// If any of the uploads fail, the process will be aborted and
+// the first error that occurred will be returned.
+// This is not an atomic operation,
+// therefore if the upload fails the file may be partially modified.
+//
+// This returns fs.ErrorObjectNotFound if the object is not found.
+func (f *Fs) uploadFileChunked(ctx context.Context, path string, content io.Reader, modTime time.Time, chunkSize int, transferLimit int64) (okSize uint64, info *api.HiDriveObject, err error) {
+ okSize, err = f.updateFileChunked(ctx, path, content, 0, chunkSize, transferLimit)
+
+ if err == nil {
+ info, err = f.resizeFile(ctx, path, okSize, modTime)
+ }
+ return okSize, info, err
+}
+
+// updateFileChunked updates the content of the existing file at the given path
+// starting at the given offset.
+// Returns the position of the last successfully written byte, stopping before the first failed write.
+// If nothing was written this will be 0.
+//
+// Replaces the file contents starting from the given byte offset
+// with the content of the io.Reader.
+// If the offset is beyond the file end, the file is extended up to the offset.
+//
+// The upload is done multiple chunks of the given size in parallel.
+// Therefore this can and be used to upload files of any size efficiently.
+// The number of parallel transfers is limited by transferLimit which should larger than 0.
+//
+// NOTE: Because it is inefficient to set the modification time with every chunk,
+// setting it to a specific value must be done in a separate request
+// after this operation finishes.
+//
+// NOTE: This method uses patchFile and may create sparse files,
+// especially if the upload of a chunk fails unexpectedly.
+// See note about sparse files in patchFile.
+// If any of the uploads fail, the process will be aborted and
+// the first error that occurred will be returned.
+// This is not an atomic operation,
+// therefore if the upload fails the file may be partially modified.
+//
+// This returns fs.ErrorObjectNotFound if the object is not found.
+func (f *Fs) updateFileChunked(ctx context.Context, path string, content io.Reader, offset uint64, chunkSize int, transferLimit int64) (okSize uint64, err error) {
+ var (
+ okChunksMu sync.Mutex // protects the variables below
+ okChunks []ranges.Range
+ )
+ g, gCtx := errgroup.WithContext(ctx)
+ transferSemaphore := semaphore.NewWeighted(transferLimit)
+
+ var readErr error
+ startMoreTransfers := true
+ zeroTime := time.Time{}
+ for chunk := uint64(0); startMoreTransfers; chunk++ {
+ // Acquire semaphore to limit number of transfers in parallel.
+ readErr = transferSemaphore.Acquire(gCtx, 1)
+ if readErr != nil {
+ break
+ }
+
+ // Read a chunk of data.
+ chunkReader, bytesRead, readErr := readerForChunk(content, chunkSize)
+ if bytesRead < chunkSize {
+ startMoreTransfers = false
+ }
+ if readErr != nil || bytesRead <= 0 {
+ break
+ }
+
+ // Transfer the chunk.
+ chunkOffset := uint64(chunkSize)*chunk + offset
+ g.Go(func() error {
+ // After this upload is done,
+ // signal that another transfer can be started.
+ defer transferSemaphore.Release(1)
+ uploadErr := f.patchFile(gCtx, path, cachedReader(chunkReader), chunkOffset, zeroTime)
+ if uploadErr == nil {
+ // Remember successfully written chunks.
+ okChunksMu.Lock()
+ okChunks = append(okChunks, ranges.Range{Pos: int64(chunkOffset), Size: int64(bytesRead)})
+ okChunksMu.Unlock()
+ fs.Debugf(f, "Done uploading chunk of size %v at offset %v.", bytesRead, chunkOffset)
+ } else {
+ fs.Infof(f, "Error while uploading chunk at offset %v. Error is %v.", chunkOffset, uploadErr)
+ }
+ return uploadErr
+ })
+ }
+
+ if readErr != nil {
+ // Log the error in case it is later ignored because of an upload-error.
+ fs.Infof(f, "Error while reading/preparing to upload a chunk. Error is %v.", readErr)
+ }
+
+ err = g.Wait()
+
+ // Compute the first continuous range of the file content,
+ // which does not contain any failed chunks.
+ // Do not forget to add the file content up to the starting offset,
+ // which is presumed to be already correct.
+ rs := ranges.Ranges{}
+ rs.Insert(ranges.Range{Pos: 0, Size: int64(offset)})
+ for _, chunkRange := range okChunks {
+ rs.Insert(chunkRange)
+ }
+ if len(rs) > 0 && rs[0].Pos == 0 {
+ okSize = uint64(rs[0].Size)
+ }
+
+ if err != nil {
+ return okSize, err
+ }
+ if readErr != nil {
+ return okSize, readErr
+ }
+
+ return okSize, nil
+}
+
+// patchFile updates the content of the existing file at the given path
+// starting at the given offset.
+//
+// Replaces the file contents starting from the given byte offset
+// with the content of the io.ReadSeeker.
+// If the offset is beyond the file end, the file is extended up to the offset.
+// The maximum size of the update is limited by MaximumUploadBytes.
+// The io.ReadSeeker should be resettable by seeking to its start.
+// If modTime is not the zero time instant,
+// it will be set as the file's modification time after the operation.
+//
+// NOTE: By extending the file up to the offset this may create sparse files,
+// which allocate less space on the file system than their apparent size indicates,
+// since holes between data chunks are "real" holes
+// and not regions made up of consecutive 0-bytes.
+// Subsequent operations (such as copying data)
+// usually expand the holes into regions of 0-bytes.
+//
+// This returns fs.ErrorObjectNotFound if the object is not found.
+func (f *Fs) patchFile(ctx context.Context, path string, content io.ReadSeeker, offset uint64, modTime time.Time) error {
+ parameters := api.NewQueryParameters()
+ parameters.SetPath(path)
+ parameters.Set("offset", strconv.FormatUint(offset, 10))
+
+ if !modTime.IsZero() {
+ err := parameters.SetTime("mtime", modTime)
+ if err != nil {
+ return err
+ }
+ }
+
+ opts := rest.Opts{
+ Method: "PATCH",
+ Path: "/file",
+ Body: content,
+ ContentType: "application/octet-stream",
+ Parameters: parameters.Values,
+ NoResponse: true,
+ }
+
+ var resp *http.Response
+ var err error
+ err = f.pacer.Call(func() (bool, error) {
+ // Reset the reading index (in case this is a retry).
+ _, err = content.Seek(0, io.SeekStart)
+ if err != nil {
+ return false, err
+ }
+ resp, err = f.srv.Call(ctx, &opts)
+ if isHTTPError(err, 423) {
+ return true, err
+ }
+ return f.shouldRetry(ctx, resp, err)
+ })
+
+ if isHTTPError(err, 404) {
+ return fs.ErrorObjectNotFound
+ }
+ return err
+}
+
+// resizeFile updates the existing file at the given path to be of the given size
+// and returns the resulting api-object if successful.
+//
+// If the given size is smaller than the current filesize,
+// the file is cut/truncated at that position.
+// If the given size is larger, the file is extended up to that position.
+// If modTime is not the zero time instant,
+// it will be set as the file's modification time after the operation.
+//
+// NOTE: By extending the file this may create sparse files,
+// which allocate less space on the file system than their apparent size indicates,
+// since holes between data chunks are "real" holes
+// and not regions made up of consecutive 0-bytes.
+// Subsequent operations (such as copying data)
+// usually expand the holes into regions of 0-bytes.
+//
+// This returns fs.ErrorObjectNotFound if the object is not found.
+func (f *Fs) resizeFile(ctx context.Context, path string, size uint64, modTime time.Time) (*api.HiDriveObject, error) {
+ parameters := api.NewQueryParameters()
+ parameters.SetPath(path)
+ parameters.Set("size", strconv.FormatUint(size, 10))
+
+ if !modTime.IsZero() {
+ err := parameters.SetTime("mtime", modTime)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ opts := rest.Opts{
+ Method: "POST",
+ Path: "/file/truncate",
+ Parameters: parameters.Values,
+ }
+
+ var result api.HiDriveObject
+ var resp *http.Response
+ var err error
+ err = f.pacer.Call(func() (bool, error) {
+ resp, err = f.srv.CallJSON(ctx, &opts, nil, &result)
+ return f.shouldRetry(ctx, resp, err)
+ })
+
+ switch {
+ case err == nil:
+ return &result, nil
+ case isHTTPError(err, 404):
+ return nil, fs.ErrorObjectNotFound
+ }
+ return nil, err
+}
+
+// ------------------------------------------------------------
+
+// isHTTPError compares the numerical status code
+// of an api.Error to the given HTTP status.
+//
+// If the given error is not an api.Error or
+// a numerical status code could not be determined, this returns false.
+// Otherwise this returns whether the status code of the error is equal to the given status.
+func isHTTPError(err error, status int64) bool {
+ if apiErr, ok := err.(*api.Error); ok {
+ errStatus, decodeErr := apiErr.Code.Int64()
+ if decodeErr == nil && errStatus == status {
+ return true
+ }
+ }
+ return false
+}
+
+// createHiDriveScopes creates oauth-scopes
+// from the given user-role and access-permissions.
+//
+// If the arguments are empty, they will not be included in the result.
+func createHiDriveScopes(role string, access string) []string {
+ switch {
+ case role != "" && access != "":
+ return []string{access + "," + role}
+ case role != "":
+ return []string{role}
+ case access != "":
+ return []string{access}
+ }
+ return []string{}
+}
+
+// cachedReader returns a version of the reader that caches its contents and
+// can therefore be reset using Seek.
+func cachedReader(reader io.Reader) io.ReadSeeker {
+ bytesReader, ok := reader.(*bytes.Reader)
+ if ok {
+ return bytesReader
+ }
+
+ repeatableReader, ok := reader.(*readers.RepeatableReader)
+ if ok {
+ return repeatableReader
+ }
+
+ return readers.NewRepeatableReader(reader)
+}
+
+// readerForChunk reads a chunk of bytes from reader (after handling any accounting).
+// Returns a new io.Reader (chunkReader) for that chunk
+// and the number of bytes that have been read from reader.
+func readerForChunk(reader io.Reader, length int) (chunkReader io.Reader, bytesRead int, err error) {
+ // Unwrap any accounting from the input if present.
+ reader, wrap := accounting.UnWrap(reader)
+
+ // Read a chunk of data.
+ buffer := make([]byte, length)
+ bytesRead, err = io.ReadFull(reader, buffer)
+ if err == io.EOF || err == io.ErrUnexpectedEOF {
+ err = nil
+ }
+ if err != nil {
+ return nil, bytesRead, err
+ }
+ // Truncate unused capacity.
+ buffer = buffer[:bytesRead]
+
+ // Use wrap to put any accounting back for chunkReader.
+ return wrap(bytes.NewReader(buffer)), bytesRead, nil
+}
diff --git a/backend/hidrive/hidrive.go b/backend/hidrive/hidrive.go
new file mode 100644
index 0000000000000..5004b81910a9e
--- /dev/null
+++ b/backend/hidrive/hidrive.go
@@ -0,0 +1,1002 @@
+// Package hidrive provides an interface to the HiDrive object storage system.
+package hidrive
+
+// FIXME HiDrive only supports file or folder names of 255 characters or less.
+// Operations that create files oder folder with longer names will throw a HTTP error:
+// - 422 Unprocessable Entity
+// A more graceful way for rclone to handle this may be desirable.
+
+import (
+ "context"
+ "encoding/json"
+ "errors"
+ "fmt"
+ "io"
+ "net/http"
+ "path"
+ "strconv"
+ "time"
+
+ "github.com/rclone/rclone/lib/encoder"
+
+ "github.com/rclone/rclone/backend/hidrive/api"
+ "github.com/rclone/rclone/backend/hidrive/hidrivehash"
+ "github.com/rclone/rclone/fs"
+ "github.com/rclone/rclone/fs/config"
+ "github.com/rclone/rclone/fs/config/configmap"
+ "github.com/rclone/rclone/fs/config/configstruct"
+ "github.com/rclone/rclone/fs/config/obscure"
+ "github.com/rclone/rclone/fs/fserrors"
+ "github.com/rclone/rclone/fs/hash"
+ "github.com/rclone/rclone/lib/oauthutil"
+ "github.com/rclone/rclone/lib/pacer"
+ "github.com/rclone/rclone/lib/rest"
+ "golang.org/x/oauth2"
+)
+
+const (
+ rcloneClientID = "6b0258fdda630d34db68a3ce3cbf19ae"
+ rcloneEncryptedClientSecret = "GC7UDZ3Ra4jLcmfQSagKCDJ1JEy-mU6pBBhFrS3tDEHILrK7j3TQHUrglkO5SgZ_"
+ minSleep = 10 * time.Millisecond
+ maxSleep = 2 * time.Second
+ decayConstant = 2 // bigger for slower decay, exponential
+ defaultUploadChunkSize = 48 * fs.Mebi
+ defaultUploadCutoff = 2 * defaultUploadChunkSize
+ defaultUploadConcurrency = 4
+)
+
+// Globals
+var (
+ // Description of how to auth for this app.
+ oauthConfig = &oauth2.Config{
+ Endpoint: oauth2.Endpoint{
+ AuthURL: "https://my.hidrive.com/client/authorize",
+ TokenURL: "https://my.hidrive.com/oauth2/token",
+ },
+ ClientID: rcloneClientID,
+ ClientSecret: obscure.MustReveal(rcloneEncryptedClientSecret),
+ RedirectURL: oauthutil.TitleBarRedirectURL,
+ }
+ // hidrivehashType is the hash.Type for HiDrive hashes.
+ hidrivehashType hash.Type
+)
+
+// Register the backend with Fs.
+func init() {
+ hidrivehashType = hash.RegisterHash("hidrive", "HiDriveHash", 40, hidrivehash.New)
+ fs.Register(&fs.RegInfo{
+ Name: "hidrive",
+ Description: "HiDrive",
+ NewFs: NewFs,
+ Config: func(ctx context.Context, name string, m configmap.Mapper, config fs.ConfigIn) (*fs.ConfigOut, error) {
+ // Parse config into Options struct
+ opt := new(Options)
+ err := configstruct.Set(m, opt)
+ if err != nil {
+ return nil, fmt.Errorf("couldn't parse config into struct: %w", err)
+ }
+
+ //fs.Debugf(nil, "hidrive: configuring oauth-token.")
+ oauthConfig.Scopes = createHiDriveScopes(opt.ScopeRole, opt.ScopeAccess)
+ return oauthutil.ConfigOut("", &oauthutil.Options{
+ OAuth2Config: oauthConfig,
+ })
+ },
+ Options: append(oauthutil.SharedOptions, []fs.Option{{
+ Name: "scope_access",
+ Help: "Access permissions that rclone should use when requesting access from HiDrive.",
+ Default: "rw",
+ Examples: []fs.OptionExample{{
+ Value: "rw",
+ Help: "Read and write access to resources.",
+ }, {
+ Value: "ro",
+ Help: "Read-only access to resources.",
+ }},
+ }, {
+ Name: "scope_role",
+ Help: "User-level that rclone should use when requesting access from HiDrive.",
+ Default: "user",
+ Examples: []fs.OptionExample{{
+ Value: "user",
+ Help: `User-level access to management permissions.
+This will be sufficient in most cases.`,
+ }, {
+ Value: "admin",
+ Help: "Extensive access to management permissions.",
+ }, {
+ Value: "owner",
+ Help: "Full access to management permissions.",
+ }},
+ Advanced: true,
+ }, {
+ Name: "root_prefix",
+ Help: `The root/parent folder for all paths.
+
+Fill in to use the specified folder as the parent for all paths given to the remote.
+This way rclone can use any folder as its starting point.`,
+ Default: "/",
+ Examples: []fs.OptionExample{{
+ Value: "/",
+ Help: `The topmost directory accessible by rclone.
+This will be equivalent with "root" if rclone uses a regular HiDrive user account.`,
+ }, {
+ Value: "root",
+ Help: `The topmost directory of the HiDrive user account`,
+ }, {
+ Value: "",
+ Help: `This specifies that there is no root-prefix for your paths.
+When using this you will always need to specify paths to this remote with a valid parent e.g. "remote:/path/to/dir" or "remote:root/path/to/dir".`,
+ }},
+ Advanced: true,
+ }, {
+ Name: "endpoint",
+ Help: `Endpoint for the service.
+
+This is the URL that API-calls will be made to.`,
+ Default: "https://api.hidrive.strato.com/2.1",
+ Advanced: true,
+ }, {
+ Name: "disable_fetching_member_count",
+ Help: `Do not fetch number of objects in directories unless it is absolutely necessary.
+
+Requests may be faster if the number of objects in subdirectories is not fetched.`,
+ Default: false,
+ Advanced: true,
+ }, {
+ Name: "chunk_size",
+ Help: fmt.Sprintf(`Chunksize for chunked uploads.
+
+Any files larger than the configured cutoff (or files of unknown size) will be uploaded in chunks of this size.
+
+The upper limit for this is %v bytes (about %v).
+That is the maximum amount of bytes a single upload-operation will support.
+Setting this above the upper limit or to a negative value will cause uploads to fail.
+
+Setting this to larger values may increase the upload speed at the cost of using more memory.
+It can be set to smaller values smaller to save on memory.`, MaximumUploadBytes, fs.SizeSuffix(MaximumUploadBytes)),
+ Default: defaultUploadChunkSize,
+ Advanced: true,
+ }, {
+ Name: "upload_cutoff",
+ Help: fmt.Sprintf(`Cutoff/Threshold for chunked uploads.
+
+Any files larger than this will be uploaded in chunks of the configured chunksize.
+
+The upper limit for this is %v bytes (about %v).
+That is the maximum amount of bytes a single upload-operation will support.
+Setting this above the upper limit will cause uploads to fail.`, MaximumUploadBytes, fs.SizeSuffix(MaximumUploadBytes)),
+ Default: defaultUploadCutoff,
+ Advanced: true,
+ }, {
+ Name: "upload_concurrency",
+ Help: `Concurrency for chunked uploads.
+
+This is the upper limit for how many transfers for the same file are running concurrently.
+Setting this above to a value smaller than 1 will cause uploads to deadlock.
+
+If you are uploading small numbers of large files over high-speed links
+and these uploads do not fully utilize your bandwidth, then increasing
+this may help to speed up the transfers.`,
+ Default: defaultUploadConcurrency,
+ Advanced: true,
+ }, {
+ Name: config.ConfigEncoding,
+ Help: config.ConfigEncodingHelp,
+ Advanced: true,
+ // HiDrive only supports file or folder names of 255 characters or less.
+ // Names containing "/" are not supported.
+ // The special names "." and ".." are not supported.
+ Default: (encoder.EncodeZero |
+ encoder.EncodeSlash |
+ encoder.EncodeDot),
+ }}...),
+ })
+}
+
+// Options defines the configuration for this backend.
+type Options struct {
+ EndpointAPI string `config:"endpoint"`
+ OptionalMemberCountDisabled bool `config:"disable_fetching_member_count"`
+ UploadChunkSize fs.SizeSuffix `config:"chunk_size"`
+ UploadCutoff fs.SizeSuffix `config:"upload_cutoff"`
+ UploadConcurrency int64 `config:"upload_concurrency"`
+ Enc encoder.MultiEncoder `config:"encoding"`
+ RootPrefix string `config:"root_prefix"`
+ ScopeAccess string `config:"scope_access"`
+ ScopeRole string `config:"scope_role"`
+}
+
+// Fs represents a remote hidrive.
+type Fs struct {
+ name string // name of this remote
+ root string // the path we are working on
+ opt Options // parsed options
+ features *fs.Features // optional features
+ srv *rest.Client // the connection to the server
+ pacer *fs.Pacer // pacer for API calls
+ // retryOnce is NOT intended as a pacer for API calls.
+ // The intended use case is to repeat an action that failed because
+ // some preconditions were not previously fulfilled.
+ // Code using this should then establish these preconditions
+ // and let the pacer retry the operation.
+ retryOnce *pacer.Pacer // pacer with no delays to retry certain operations once
+ tokenRenewer *oauthutil.Renew // renew the token on expiry
+}
+
+// Object describes a hidrive object.
+//
+// Will definitely have the remote-path but may lack meta-information.
+type Object struct {
+ fs *Fs // what this object is part of
+ remote string // The remote path
+ hasMetadata bool // whether info below has been set
+ size int64 // size of the object
+ modTime time.Time // modification time of the object
+ id string // ID of the object
+ hash string // content-hash of the object
+}
+
+// ------------------------------------------------------------
+
+// Name returns the name of the remote (as passed into NewFs).
+func (f *Fs) Name() string {
+ return f.name
+}
+
+// Root returns the name of the remote (as passed into NewFs).
+func (f *Fs) Root() string {
+ return f.root
+}
+
+// String returns a string-representation of this Fs.
+func (f *Fs) String() string {
+ return fmt.Sprintf("HiDrive root '%s'", f.root)
+}
+
+// Precision returns the precision of this Fs.
+func (f *Fs) Precision() time.Duration {
+ return time.Second
+}
+
+// Hashes returns the supported hash sets.
+func (f *Fs) Hashes() hash.Set {
+ return hash.Set(hidrivehashType)
+}
+
+// Features returns the optional features of this Fs.
+func (f *Fs) Features() *fs.Features {
+ return f.features
+}
+
+// errorHandler parses a non 2xx error response into an error.
+func errorHandler(resp *http.Response) error {
+ // Decode error response.
+ errResponse := new(api.Error)
+ err := rest.DecodeJSON(resp, &errResponse)
+ if err != nil {
+ fs.Debugf(nil, "Couldn't decode error response: %v", err)
+ }
+ _, err = errResponse.Code.Int64()
+ if err != nil {
+ errResponse.Code = json.Number(strconv.Itoa(resp.StatusCode))
+ }
+ return errResponse
+}
+
+// NewFs creates a new file system from the path.
+func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, error) {
+ //fs.Debugf(nil, "hidrive: creating new Fs.")
+ // Parse config into Options struct.
+ opt := new(Options)
+ err := configstruct.Set(m, opt)
+ if err != nil {
+ return nil, err
+ }
+
+ // Clean root-prefix and root-path.
+ // NOTE: With the default-encoding "." and ".." will be encoded,
+ // but with custom encodings without encoder.EncodeDot
+ // "." and ".." will be interpreted as paths.
+ if opt.RootPrefix != "" {
+ opt.RootPrefix = path.Clean(opt.Enc.FromStandardPath(opt.RootPrefix))
+ }
+ root = path.Clean(opt.Enc.FromStandardPath(root))
+
+ client, ts, err := oauthutil.NewClient(ctx, name, m, oauthConfig)
+ if err != nil {
+ return nil, fmt.Errorf("failed to configure HiDrive: %w", err)
+ }
+
+ f := &Fs{
+ name: name,
+ root: root,
+ opt: *opt,
+ srv: rest.NewClient(client).SetRoot(opt.EndpointAPI),
+ pacer: fs.NewPacer(ctx, pacer.NewDefault(pacer.MinSleep(minSleep), pacer.MaxSleep(maxSleep), pacer.DecayConstant(decayConstant))),
+ retryOnce: pacer.New(pacer.RetriesOption(2), pacer.MaxConnectionsOption(-1), pacer.CalculatorOption(&pacer.ZeroDelayCalculator{})),
+ }
+ f.features = (&fs.Features{
+ CanHaveEmptyDirectories: true,
+ }).Fill(ctx, f)
+ f.srv.SetErrorHandler(errorHandler)
+
+ if ts != nil {
+ transaction := func() error {
+ resolvedRoot := f.resolvePath("")
+ _, err := f.fetchMetadataForPath(ctx, resolvedRoot, api.HiDriveObjectNoMetadataFields)
+ return err
+ }
+ f.tokenRenewer = oauthutil.NewRenew(f.String(), ts, transaction)
+ }
+
+ // Do not allow the root-prefix to be nonexistent nor a directory,
+ // but it can be empty.
+ if f.opt.RootPrefix != "" {
+ item, err := f.fetchMetadataForPath(ctx, f.opt.RootPrefix, api.HiDriveObjectNoMetadataFields)
+ if err != nil {
+ return nil, fmt.Errorf("could not access root-prefix: %w", err)
+ }
+ if item.Type != api.HiDriveObjectTypeDirectory {
+ return nil, errors.New("The root-prefix needs to point to a valid directory or be empty")
+ }
+ }
+
+ resolvedRoot := f.resolvePath("")
+ item, err := f.fetchMetadataForPath(ctx, resolvedRoot, api.HiDriveObjectNoMetadataFields)
+ if err != nil {
+ if isHTTPError(err, 404) {
+ // NOTE: NewFs needs to work with paths that do not exist,
+ // in case they will be created later (see mkdir).
+ return f, nil
+ }
+ return nil, fmt.Errorf("could not access root-path: %w", err)
+ }
+ if item.Type != api.HiDriveObjectTypeDirectory {
+ fs.Debugf(f, "The root is not a directory. Setting its parent-directory as the new root.")
+ // NOTE: There is no need to check
+ // if the parent-directory is inside the root-prefix:
+ // If the parent-directory was outside,
+ // then the resolved path would be the root-prefix,
+ // therefore the root-prefix would point to a file,
+ // which has already been checked for.
+ // In case the root-prefix is empty, this needs not be checked,
+ // because top-level files cannot exist.
+ f.root = path.Dir(f.root)
+ return f, fs.ErrorIsFile
+ }
+
+ return f, nil
+}
+
+// newObject constructs an Object by calling the given function metaFiller
+// on an Object with no metadata.
+//
+// metaFiller should set the metadata of the object or
+// return an appropriate error.
+func (f *Fs) newObject(remote string, metaFiller func(*Object) error) (fs.Object, error) {
+ o := &Object{
+ fs: f,
+ remote: remote,
+ }
+ var err error
+ if metaFiller != nil {
+ err = metaFiller(o)
+ }
+ if err != nil {
+ return nil, err
+ }
+ return o, nil
+}
+
+// newObjectFromHiDriveObject constructs an Object from the given api.HiDriveObject.
+func (f *Fs) newObjectFromHiDriveObject(remote string, info *api.HiDriveObject) (fs.Object, error) {
+ metaFiller := func(o *Object) error {
+ return o.setMetadata(info)
+ }
+ return f.newObject(remote, metaFiller)
+}
+
+// NewObject finds the Object at remote.
+//
+// If remote points to a directory then it returns fs.ErrorIsDir.
+// If it can not be found it returns the error fs.ErrorObjectNotFound.
+func (f *Fs) NewObject(ctx context.Context, remote string) (fs.Object, error) {
+ //fs.Debugf(f, "executing NewObject(%s).", remote)
+ metaFiller := func(o *Object) error {
+ return o.readMetadata(ctx)
+ }
+ return f.newObject(remote, metaFiller)
+}
+
+// List the objects and directories in dir into entries.
+// The entries can be returned in any order,
+// but should be for a complete directory.
+//
+// dir should be "" to list the root, and should not have trailing slashes.
+//
+// This returns fs.ErrorDirNotFound if the directory is not found.
+func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err error) {
+ //fs.Debugf(f, "executing List(%s).", dir)
+ var iErr error
+ addEntry := func(info *api.HiDriveObject) bool {
+ fs.Debugf(f, "found directory-element with name %s", info.Name)
+ remote := path.Join(dir, info.Name)
+ if info.Type == api.HiDriveObjectTypeDirectory {
+ d := fs.NewDir(remote, info.ModTime())
+ d.SetID(info.ID)
+ d.SetSize(info.Size)
+ d.SetItems(info.MemberCount)
+ entries = append(entries, d)
+ } else if info.Type == api.HiDriveObjectTypeFile {
+ o, err := f.newObjectFromHiDriveObject(remote, info)
+ if err != nil {
+ iErr = err
+ return true
+ }
+ entries = append(entries, o)
+ }
+ return false
+ }
+
+ var fields []string
+ if f.opt.OptionalMemberCountDisabled {
+ fields = api.HiDriveObjectWithMetadataFields
+ } else {
+ fields = api.HiDriveObjectWithDirectoryMetadataFields
+ }
+ resolvedDir := f.resolvePath(dir)
+ _, err = f.iterateOverDirectory(ctx, resolvedDir, AllMembers, addEntry, fields, Unsorted)
+
+ if err != nil {
+ if isHTTPError(err, 404) {
+ return nil, fs.ErrorDirNotFound
+ }
+ return nil, err
+ }
+ if iErr != nil {
+ return nil, iErr
+ }
+ return entries, nil
+}
+
+// Put the contents of the io.Reader into the remote path
+// with the modTime given of the given size.
+// The existing or new object is returned.
+//
+// A new object may have been created or
+// an existing one accessed even if an error is returned,
+// in which case both the object and the error will be returned.
+func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
+ remote := src.Remote()
+ //fs.Debugf(f, "executing Put(%s, %v).", remote, options)
+
+ existingObj, err := f.NewObject(ctx, remote)
+ switch err {
+ case nil:
+ return existingObj, existingObj.Update(ctx, in, src, options...)
+ case fs.ErrorObjectNotFound:
+ // Object was not found, so create a new one.
+ return f.PutUnchecked(ctx, in, src, options...)
+ }
+ return nil, err
+}
+
+// PutStream uploads the contents of the io.Reader to the remote path
+// with the modTime given of indeterminate size.
+// The existing or new object is returned.
+//
+// A new object may have been created or
+// an existing one accessed even if an error is returned,
+// in which case both the object and the error will be returned.
+func (f *Fs) PutStream(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
+ //fs.Debugf(f, "executing PutStream(%s, %v).", src.Remote(), options)
+
+ return f.Put(ctx, in, src, options...)
+}
+
+// PutUnchecked the contents of the io.Reader into the remote path
+// with the modTime given of the given size.
+// This guarantees that existing objects will not be overwritten.
+// The new object is returned.
+//
+// This will produce an error if an object already exists at that path.
+//
+// In case the upload fails and an object has been created,
+// this will try to delete the object at that path.
+// In case the failed upload could not be deleted,
+// both the object and the (upload-)error will be returned.
+func (f *Fs) PutUnchecked(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
+ remote := src.Remote()
+ modTime := src.ModTime(ctx)
+ //fs.Debugf(f, "executing PutUnchecked(%s, %v).", remote, options)
+ resolvedPath := f.resolvePath(remote)
+
+ // NOTE: The file creation operation is a single atomic operation.
+ // Thus uploading as much content as is reasonable
+ // (i.e. everything up to the cutoff) in the first request,
+ // avoids files being created on upload failure for small files.
+ // (As opposed to creating an empty file and then uploading the content.)
+ tmpReader, bytesRead, err := readerForChunk(in, int(f.opt.UploadCutoff))
+ cutoffReader := cachedReader(tmpReader)
+ if err != nil {
+ return nil, err
+ }
+
+ var info *api.HiDriveObject
+ err = f.retryOnce.Call(func() (bool, error) {
+ var createErr error
+ // Reset the reading index (in case this is a retry).
+ if _, createErr = cutoffReader.Seek(0, io.SeekStart); createErr != nil {
+ return false, createErr
+ }
+ info, createErr = f.createFile(ctx, resolvedPath, cutoffReader, modTime, IgnoreOnExist)
+
+ if createErr == fs.ErrorDirNotFound {
+ // Create the parent-directory for the object and repeat request.
+ _, parentErr := f.createDirectories(ctx, path.Dir(resolvedPath), IgnoreOnExist)
+ if parentErr != nil && parentErr != fs.ErrorDirExists {
+ fs.Errorf(f, "Tried to create parent-directory for '%s', but failed.", resolvedPath)
+ return false, parentErr
+ }
+ return true, createErr
+ }
+ return false, createErr
+ })
+
+ if err != nil {
+ return nil, err
+ }
+
+ o, err := f.newObjectFromHiDriveObject(remote, info)
+
+ if err != nil {
+ return nil, err
+ }
+
+ if fs.SizeSuffix(bytesRead) < f.opt.UploadCutoff {
+ return o, nil
+ }
+ // If there is more left to write, o.Update needs to skip ahead.
+ // Use a fs.SeekOption with the current offset to do this.
+ options = append(options, &fs.SeekOption{Offset: int64(bytesRead)})
+ err = o.Update(ctx, in, src, options...)
+
+ if err == nil {
+ return o, nil
+ }
+
+ // Try to remove object at path after the its content could not be uploaded.
+ deleteErr := f.pacer.Call(func() (bool, error) {
+ deleteErr := o.Remove(ctx)
+ return deleteErr == fs.ErrorObjectNotFound, deleteErr
+ })
+
+ if deleteErr == nil {
+ return nil, err
+ }
+
+ fs.Errorf(f, "Tried to delete failed upload at path '%s', but failed: %v", resolvedPath, deleteErr)
+ return o, err
+}
+
+// Mkdir creates the directory if it does not exist.
+//
+// This will create any missing parent directories.
+//
+// NOTE: If an error occurs while the parent directories are being created,
+// any directories already created will NOT be deleted again.
+func (f *Fs) Mkdir(ctx context.Context, dir string) error {
+ //fs.Debugf(f, "executing Mkdir(%s).", dir)
+ resolvedDir := f.resolvePath(dir)
+ _, err := f.createDirectories(ctx, resolvedDir, IgnoreOnExist)
+
+ if err == fs.ErrorDirExists {
+ // NOTE: The conflict is caused by the directory already existing,
+ // which should be ignored here.
+ return nil
+ }
+
+ return err
+}
+
+// Rmdir removes the directory if empty.
+//
+// This returns fs.ErrorDirNotFound if the directory is not found.
+// This returns fs.ErrorDirectoryNotEmpty if the directory is not empty.
+func (f *Fs) Rmdir(ctx context.Context, dir string) error {
+ //fs.Debugf(f, "executing Rmdir(%s).", dir)
+ resolvedDir := f.resolvePath(dir)
+ return f.deleteDirectory(ctx, resolvedDir, false)
+}
+
+// Purge removes the directory and all of its contents.
+//
+// This returns fs.ErrorDirectoryNotEmpty if the directory is not empty.
+func (f *Fs) Purge(ctx context.Context, dir string) error {
+ //fs.Debugf(f, "executing Purge(%s).", dir)
+ resolvedDir := f.resolvePath(dir)
+ return f.deleteDirectory(ctx, resolvedDir, true)
+}
+
+// shouldRetryAndCreateParents returns a boolean as to whether the operation
+// should be retried after the parent-directories of the destination have been created.
+// If so, it will create the parent-directories.
+//
+// If any errors arise while finding the source or
+// creating the parent-directory those will be returned.
+// Otherwise returns the originalError.
+func (f *Fs) shouldRetryAndCreateParents(ctx context.Context, destinationPath string, sourcePath string, originalError error) (bool, error) {
+ if fserrors.ContextError(ctx, &originalError) {
+ return false, originalError
+ }
+ if isHTTPError(originalError, 404) {
+ // Check if source is missing.
+ _, srcErr := f.fetchMetadataForPath(ctx, sourcePath, api.HiDriveObjectNoMetadataFields)
+ if srcErr != nil {
+ return false, srcErr
+ }
+ // Source exists, so the parent of the destination must have been missing.
+ // Create the parent-directory and repeat request.
+ _, parentErr := f.createDirectories(ctx, path.Dir(destinationPath), IgnoreOnExist)
+ if parentErr != nil && parentErr != fs.ErrorDirExists {
+ fs.Errorf(f, "Tried to create parent-directory for '%s', but failed.", destinationPath)
+ return false, parentErr
+ }
+ return true, originalError
+ }
+ return false, originalError
+}
+
+// Copy src to this remote using server-side copy operations.
+//
+// It returns the destination Object and a possible error.
+//
+// This returns fs.ErrorCantCopy if the operation cannot be performed.
+//
+// NOTE: If an error occurs when copying the Object,
+// any parent-directories already created will NOT be deleted again.
+//
+// NOTE: This operation will expand sparse areas in the content of the source-Object
+// to blocks of 0-bytes in the destination-Object.
+func (f *Fs) Copy(ctx context.Context, src fs.Object, remote string) (fs.Object, error) {
+ srcObj, ok := src.(*Object)
+ if !ok {
+ fs.Debugf(src, "Can't copy - not same remote type")
+ return nil, fs.ErrorCantCopy
+ }
+ // Get the absolute path to the source.
+ srcPath := srcObj.fs.resolvePath(srcObj.Remote())
+ //fs.Debugf(f, "executing Copy(%s, %s).", srcPath, remote)
+ dstPath := f.resolvePath(remote)
+
+ var info *api.HiDriveObject
+ err := f.retryOnce.Call(func() (bool, error) {
+ var copyErr error
+ info, copyErr = f.copyFile(ctx, srcPath, dstPath, OverwriteOnExist)
+ return f.shouldRetryAndCreateParents(ctx, dstPath, srcPath, copyErr)
+ })
+
+ if err != nil {
+ return nil, err
+ }
+ dstObj, err := f.newObjectFromHiDriveObject(remote, info)
+ if err != nil {
+ return nil, err
+ }
+ return dstObj, nil
+}
+
+// Move src to this remote using server-side move operations.
+//
+// It returns the destination Object and a possible error.
+//
+// This returns fs.ErrorCantMove if the operation cannot be performed.
+//
+// NOTE: If an error occurs when moving the Object,
+// any parent-directories already created will NOT be deleted again.
+//
+// NOTE: This operation will expand sparse areas in the content of the source-Object
+// to blocks of 0-bytes in the destination-Object.
+func (f *Fs) Move(ctx context.Context, src fs.Object, remote string) (fs.Object, error) {
+ srcObj, ok := src.(*Object)
+ if !ok {
+ fs.Debugf(src, "Can't move - not same remote type")
+ return nil, fs.ErrorCantMove
+ }
+ // Get the absolute path to the source.
+ srcPath := srcObj.fs.resolvePath(srcObj.Remote())
+ //fs.Debugf(f, "executing Move(%s, %s).", srcPath, remote)
+ dstPath := f.resolvePath(remote)
+
+ var info *api.HiDriveObject
+ err := f.retryOnce.Call(func() (bool, error) {
+ var moveErr error
+ info, moveErr = f.moveFile(ctx, srcPath, dstPath, OverwriteOnExist)
+ return f.shouldRetryAndCreateParents(ctx, dstPath, srcPath, moveErr)
+ })
+
+ if err != nil {
+ return nil, err
+ }
+ dstObj, err := f.newObjectFromHiDriveObject(remote, info)
+ if err != nil {
+ return nil, err
+ }
+ return dstObj, nil
+
+}
+
+// DirMove moves from src at srcRemote to this remote at dstRemote
+// using server-side move operations.
+//
+// This returns fs.ErrorCantCopy if the operation cannot be performed.
+// This returns fs.ErrorDirExists if the destination already exists.
+//
+// NOTE: If an error occurs when moving the directory,
+// any parent-directories already created will NOT be deleted again.
+func (f *Fs) DirMove(ctx context.Context, src fs.Fs, srcRemote, dstRemote string) error {
+ srcFs, ok := src.(*Fs)
+ if !ok {
+ fs.Debugf(srcFs, "Can't move directory - not same remote type")
+ return fs.ErrorCantDirMove
+ }
+
+ // Get the absolute path to the source.
+ srcPath := srcFs.resolvePath(srcRemote)
+ //fs.Debugf(f, "executing DirMove(%s, %s).", srcPath, dstRemote)
+ dstPath := f.resolvePath(dstRemote)
+
+ err := f.retryOnce.Call(func() (bool, error) {
+ var moveErr error
+ _, moveErr = f.moveDirectory(ctx, srcPath, dstPath, IgnoreOnExist)
+ return f.shouldRetryAndCreateParents(ctx, dstPath, srcPath, moveErr)
+ })
+
+ if err != nil {
+ if isHTTPError(err, 409) {
+ return fs.ErrorDirExists
+ }
+ return err
+ }
+ return nil
+}
+
+// ------------------------------------------------------------
+
+// Fs returns the parent Fs.
+func (o *Object) Fs() fs.Info {
+ return o.fs
+}
+
+// String returns a string-representation of this Object.
+func (o *Object) String() string {
+ if o == nil {
+ return ""
+ }
+ return o.remote
+}
+
+// Remote returns the remote path.
+func (o *Object) Remote() string {
+ return o.remote
+}
+
+// ID returns the ID of the Object if known, or "" if not.
+func (o *Object) ID() string {
+ err := o.readMetadata(context.TODO())
+ if err != nil {
+ fs.Logf(o, "Failed to read metadata: %v", err)
+ return ""
+ }
+ return o.id
+}
+
+// Hash returns the selected checksum of the file.
+// If no checksum is available it returns "".
+func (o *Object) Hash(ctx context.Context, t hash.Type) (string, error) {
+ err := o.readMetadata(ctx)
+ if err != nil {
+ return "", fmt.Errorf("failed to read hash from metadata: %w", err)
+ }
+ switch t {
+ case hidrivehashType:
+ return o.hash, nil
+ default:
+ return "", hash.ErrUnsupported
+ }
+}
+
+// Size returns the size of an object in bytes.
+func (o *Object) Size() int64 {
+ err := o.readMetadata(context.TODO())
+ if err != nil {
+ fs.Logf(o, "Failed to read metadata: %v", err)
+ return -1
+ }
+ return o.size
+}
+
+// setMetadata sets the metadata from info.
+func (o *Object) setMetadata(info *api.HiDriveObject) error {
+ if info.Type == api.HiDriveObjectTypeDirectory {
+ return fs.ErrorIsDir
+ }
+ if info.Type != api.HiDriveObjectTypeFile {
+ return fmt.Errorf("%q is %q: %w", o.remote, info.Type, fs.ErrorNotAFile)
+ }
+ o.hasMetadata = true
+ o.size = info.Size
+ o.modTime = info.ModTime()
+ o.id = info.ID
+ o.hash = info.ContentHash
+ return nil
+}
+
+// readMetadata fetches the metadata if it has not already been fetched.
+func (o *Object) readMetadata(ctx context.Context) error {
+ if o.hasMetadata {
+ return nil
+ }
+ resolvedPath := o.fs.resolvePath(o.remote)
+ info, err := o.fs.fetchMetadataForPath(ctx, resolvedPath, api.HiDriveObjectWithMetadataFields)
+ if err != nil {
+ if isHTTPError(err, 404) {
+ return fs.ErrorObjectNotFound
+ }
+ return err
+ }
+ return o.setMetadata(info)
+}
+
+// ModTime returns the modification time of the object.
+func (o *Object) ModTime(ctx context.Context) time.Time {
+ err := o.readMetadata(ctx)
+ if err != nil {
+ fs.Logf(o, "Failed to read metadata: %v", err)
+ return time.Now()
+ }
+ return o.modTime
+}
+
+// SetModTime sets the metadata on the object to set the modification date.
+func (o *Object) SetModTime(ctx context.Context, modTime time.Time) error {
+ parameters := api.NewQueryParameters()
+ resolvedPath := o.fs.resolvePath(o.remote)
+ parameters.SetPath(resolvedPath)
+ err := parameters.SetTime("mtime", modTime)
+
+ if err != nil {
+ return err
+ }
+
+ opts := rest.Opts{
+ Method: "PATCH",
+ Path: "/meta",
+ Parameters: parameters.Values,
+ NoResponse: true,
+ }
+
+ var resp *http.Response
+ err = o.fs.pacer.Call(func() (bool, error) {
+ resp, err = o.fs.srv.Call(ctx, &opts)
+ return o.fs.shouldRetry(ctx, resp, err)
+ })
+ if err != nil {
+ return err
+ }
+ o.modTime = modTime
+ return nil
+}
+
+// Storable says whether this object can be stored.
+func (o *Object) Storable() bool {
+ return true
+}
+
+// Open an object for reading.
+func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (io.ReadCloser, error) {
+ parameters := api.NewQueryParameters()
+ resolvedPath := o.fs.resolvePath(o.remote)
+ parameters.SetPath(resolvedPath)
+
+ fs.FixRangeOption(options, o.Size())
+ opts := rest.Opts{
+ Method: "GET",
+ Path: "/file",
+ Parameters: parameters.Values,
+ Options: options,
+ }
+ var resp *http.Response
+ var err error
+ err = o.fs.pacer.Call(func() (bool, error) {
+ resp, err = o.fs.srv.Call(ctx, &opts)
+ return o.fs.shouldRetry(ctx, resp, err)
+ })
+ if err != nil {
+ return nil, err
+ }
+ return resp.Body, err
+}
+
+// Update the existing object
+// with the contents of the io.Reader, modTime and size.
+//
+// For unknown-sized contents (indicated by src.Size() == -1)
+// this will try to properly upload it in multiple chunks.
+func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) error {
+ //fs.Debugf(o.fs, "executing Update(%s, %v).", o.remote, options)
+ modTime := src.ModTime(ctx)
+ resolvedPath := o.fs.resolvePath(o.remote)
+
+ if o.fs.tokenRenewer != nil {
+ o.fs.tokenRenewer.Start()
+ defer o.fs.tokenRenewer.Stop()
+ }
+
+ // PutUnchecked can pass a valid SeekOption to skip ahead.
+ var offset uint64
+ for _, option := range options {
+ if seekoption, ok := option.(*fs.SeekOption); ok {
+ offset = uint64(seekoption.Offset)
+ break
+ }
+ }
+
+ var info *api.HiDriveObject
+ var err, metaErr error
+ if offset > 0 || src.Size() == -1 || src.Size() >= int64(o.fs.opt.UploadCutoff) {
+ fs.Debugf(o.fs, "Uploading with chunks of size %v and %v transfers in parallel at path '%s'.", int(o.fs.opt.UploadChunkSize), o.fs.opt.UploadConcurrency, resolvedPath)
+ // NOTE: o.fs.opt.UploadChunkSize should always
+ // be between 0 and MaximumUploadBytes,
+ // so the conversion to an int does not cause problems for valid inputs.
+ if offset > 0 {
+ // NOTE: The offset is only set
+ // when the file was newly created,
+ // therefore the file does not need truncating.
+ _, err = o.fs.updateFileChunked(ctx, resolvedPath, in, offset, int(o.fs.opt.UploadChunkSize), o.fs.opt.UploadConcurrency)
+ if err == nil {
+ err = o.SetModTime(ctx, modTime)
+ }
+ } else {
+ _, _, err = o.fs.uploadFileChunked(ctx, resolvedPath, in, modTime, int(o.fs.opt.UploadChunkSize), o.fs.opt.UploadConcurrency)
+ }
+ // Try to check if object was updated, either way.
+ // Metadata should be updated even if the upload fails.
+ info, metaErr = o.fs.fetchMetadataForPath(ctx, resolvedPath, api.HiDriveObjectWithMetadataFields)
+ } else {
+ info, err = o.fs.overwriteFile(ctx, resolvedPath, cachedReader(in), modTime)
+ metaErr = err
+ }
+
+ // Update metadata of this object,
+ // if there was no error with getting the metadata.
+ if metaErr == nil {
+ metaErr = o.setMetadata(info)
+ }
+
+ // Errors with the upload-process are more relevant, return those first.
+ if err != nil {
+ return err
+ }
+ return metaErr
+}
+
+// Remove an object.
+func (o *Object) Remove(ctx context.Context) error {
+ resolvedPath := o.fs.resolvePath(o.remote)
+ return o.fs.deleteObject(ctx, resolvedPath)
+}
+
+// Check the interfaces are satisfied.
+var (
+ _ fs.Fs = (*Fs)(nil)
+ _ fs.Purger = (*Fs)(nil)
+ _ fs.PutStreamer = (*Fs)(nil)
+ _ fs.PutUncheckeder = (*Fs)(nil)
+ _ fs.Copier = (*Fs)(nil)
+ _ fs.Mover = (*Fs)(nil)
+ _ fs.DirMover = (*Fs)(nil)
+ _ fs.Object = (*Object)(nil)
+ _ fs.IDer = (*Object)(nil)
+)
diff --git a/backend/hidrive/hidrive_test.go b/backend/hidrive/hidrive_test.go
new file mode 100644
index 0000000000000..30e1ef2f1c2be
--- /dev/null
+++ b/backend/hidrive/hidrive_test.go
@@ -0,0 +1,45 @@
+// Test HiDrive filesystem interface
+package hidrive
+
+import (
+ "testing"
+
+ "github.com/rclone/rclone/fs"
+ "github.com/rclone/rclone/fstest/fstests"
+)
+
+// TestIntegration runs integration tests against the remote.
+func TestIntegration(t *testing.T) {
+ name := "TestHiDrive"
+ fstests.Run(t, &fstests.Opt{
+ RemoteName: name + ":",
+ NilObject: (*Object)(nil),
+ ChunkedUpload: fstests.ChunkedUploadConfig{
+ MinChunkSize: 1,
+ MaxChunkSize: MaximumUploadBytes,
+ CeilChunkSize: nil,
+ NeedMultipleChunks: false,
+ },
+ })
+}
+
+// Change the configured UploadChunkSize.
+// Will only be called while no transfer is in progress.
+func (f *Fs) SetUploadChunkSize(chunksize fs.SizeSuffix) (fs.SizeSuffix, error) {
+ var old fs.SizeSuffix
+ old, f.opt.UploadChunkSize = f.opt.UploadChunkSize, chunksize
+ return old, nil
+}
+
+// Change the configured UploadCutoff.
+// Will only be called while no transfer is in progress.
+func (f *Fs) SetUploadCutoff(cutoff fs.SizeSuffix) (fs.SizeSuffix, error) {
+ var old fs.SizeSuffix
+ old, f.opt.UploadCutoff = f.opt.UploadCutoff, cutoff
+ return old, nil
+}
+
+var (
+ _ fstests.SetUploadChunkSizer = (*Fs)(nil)
+ _ fstests.SetUploadCutoffer = (*Fs)(nil)
+)
diff --git a/backend/hidrive/hidrivehash/hidrivehash.go b/backend/hidrive/hidrivehash/hidrivehash.go
new file mode 100644
index 0000000000000..092663d4229e5
--- /dev/null
+++ b/backend/hidrive/hidrivehash/hidrivehash.go
@@ -0,0 +1,410 @@
+// Package hidrivehash implements the HiDrive hashing algorithm which combines SHA-1 hashes hierarchically to a single top-level hash.
+//
+// Note: This implementation does not grant access to any partial hashes generated.
+//
+// See: https://developer.hidrive.com/wp-content/uploads/2021/07/HiDrive_Synchronization-v3.3-rev28.pdf
+// (link to newest version: https://static.hidrive.com/dev/0001)
+package hidrivehash
+
+import (
+ "bytes"
+ "crypto/sha1"
+ "encoding"
+ "encoding/binary"
+ "errors"
+ "fmt"
+ "hash"
+ "io"
+
+ "github.com/rclone/rclone/backend/hidrive/hidrivehash/internal"
+)
+
+const (
+ // BlockSize of the checksum in bytes.
+ BlockSize = 4096
+ // Size of the checksum in bytes.
+ Size = sha1.Size
+ // sumsPerLevel is the number of checksums
+ sumsPerLevel = 256
+)
+
+var (
+ // zeroSum is a special hash consisting of 20 null-bytes.
+ // This will be the hash of any empty file (or ones containing only null-bytes).
+ zeroSum = [Size]byte{}
+ // ErrorInvalidEncoding is returned when a hash should be decoded from a binary form that is invalid.
+ ErrorInvalidEncoding = errors.New("encoded binary form is invalid for this hash")
+ // ErrorHashFull is returned when a hash reached its capacity and cannot accept any more input.
+ ErrorHashFull = errors.New("hash reached its capacity")
+)
+
+// writeByBlock writes len(p) bytes from p to the io.Writer in blocks of size blockSize.
+// It returns the number of bytes written from p (0 <= n <= len(p))
+// and any error encountered that caused the write to stop early.
+//
+// A pointer bytesInBlock to a counter needs to be supplied,
+// that is used to keep track how many bytes have been written to the writer already.
+// A pointer onlyNullBytesInBlock to a boolean needs to be supplied,
+// that is used to keep track whether the block so far only consists of null-bytes.
+// The callback onBlockWritten is called whenever a full block has been written to the writer
+// and is given as input the number of bytes that still need to be written.
+func writeByBlock(p []byte, writer io.Writer, blockSize uint32, bytesInBlock *uint32, onlyNullBytesInBlock *bool, onBlockWritten func(remaining int) error) (n int, err error) {
+ total := len(p)
+ nullBytes := make([]byte, blockSize)
+ for len(p) > 0 {
+ toWrite := int(blockSize - *bytesInBlock)
+ if toWrite > len(p) {
+ toWrite = len(p)
+ }
+ c, err := writer.Write(p[:toWrite])
+ *bytesInBlock += uint32(c)
+ *onlyNullBytesInBlock = *onlyNullBytesInBlock && bytes.Equal(nullBytes[:toWrite], p[:toWrite])
+ // Discard data written through a reslice
+ p = p[c:]
+ if err != nil {
+ return total - len(p), err
+ }
+ if *bytesInBlock == blockSize {
+ err = onBlockWritten(len(p))
+ if err != nil {
+ return total - len(p), err
+ }
+ *bytesInBlock = 0
+ *onlyNullBytesInBlock = true
+ }
+ }
+ return total, nil
+}
+
+// level is a hash.Hash that is used to aggregate the checksums produced by the level hierarchically beneath it.
+// It is used to represent any level-n hash, except for level-0.
+type level struct {
+ checksum [Size]byte // aggregated checksum of this level
+ sumCount uint32 // number of sums contained in this level so far
+ bytesInHasher uint32 // number of bytes written into hasher so far
+ onlyNullBytesInHasher bool // whether the hasher only contains null-bytes so far
+ hasher hash.Hash
+}
+
+// NewLevel returns a new hash.Hash computing any level-n hash, except level-0.
+func NewLevel() hash.Hash {
+ l := &level{}
+ l.Reset()
+ return l
+}
+
+// Add takes a position-embedded SHA-1 checksum and adds it to the level.
+func (l *level) Add(sha1sum []byte) {
+ var tmp uint
+ var carry bool
+ for i := Size - 1; i >= 0; i-- {
+ tmp = uint(sha1sum[i]) + uint(l.checksum[i])
+ if carry {
+ tmp++
+ }
+ carry = tmp > 255
+ l.checksum[i] = byte(tmp)
+ }
+}
+
+// IsFull returns whether the number of checksums added to this level reached its capacity.
+func (l *level) IsFull() bool {
+ return l.sumCount >= sumsPerLevel
+}
+
+// Write (via the embedded io.Writer interface) adds more data to the running hash.
+// Contrary to the specification from hash.Hash, this DOES return an error,
+// specifically ErrorHashFull if and only if IsFull() returns true.
+func (l *level) Write(p []byte) (n int, err error) {
+ if l.IsFull() {
+ return 0, ErrorHashFull
+ }
+ onBlockWritten := func(remaining int) error {
+ if !l.onlyNullBytesInHasher {
+ c, err := l.hasher.Write([]byte{byte(l.sumCount)})
+ l.bytesInHasher += uint32(c)
+ if err != nil {
+ return err
+ }
+ l.Add(l.hasher.Sum(nil))
+ }
+ l.sumCount++
+ l.hasher.Reset()
+ if remaining > 0 && l.IsFull() {
+ return ErrorHashFull
+ }
+ return nil
+ }
+ return writeByBlock(p, l.hasher, uint32(l.BlockSize()), &l.bytesInHasher, &l.onlyNullBytesInHasher, onBlockWritten)
+}
+
+// Sum appends the current hash to b and returns the resulting slice.
+// It does not change the underlying hash state.
+func (l *level) Sum(b []byte) []byte {
+ return append(b, l.checksum[:]...)
+}
+
+// Reset resets the Hash to its initial state.
+func (l *level) Reset() {
+ l.checksum = zeroSum // clear the current checksum
+ l.sumCount = 0
+ l.bytesInHasher = 0
+ l.onlyNullBytesInHasher = true
+ l.hasher = sha1.New()
+}
+
+// Size returns the number of bytes Sum will return.
+func (l *level) Size() int {
+ return Size
+}
+
+// BlockSize returns the hash's underlying block size.
+// The Write method must be able to accept any amount
+// of data, but it may operate more efficiently if all writes
+// are a multiple of the block size.
+func (l *level) BlockSize() int {
+ return Size
+}
+
+// MarshalBinary encodes the hash into a binary form and returns the result.
+func (l *level) MarshalBinary() ([]byte, error) {
+ b := make([]byte, Size+4+4+1)
+ copy(b, l.checksum[:])
+ binary.BigEndian.PutUint32(b[Size:], l.sumCount)
+ binary.BigEndian.PutUint32(b[Size+4:], l.bytesInHasher)
+ if l.onlyNullBytesInHasher {
+ b[Size+4+4] = 1
+ }
+ encodedHasher, err := l.hasher.(encoding.BinaryMarshaler).MarshalBinary()
+ if err != nil {
+ return nil, err
+ }
+ b = append(b, encodedHasher...)
+ return b, nil
+}
+
+// UnmarshalBinary decodes the binary form generated by MarshalBinary.
+// The hash will replace its internal state accordingly.
+func (l *level) UnmarshalBinary(b []byte) error {
+ if len(b) < Size+4+4+1 {
+ return ErrorInvalidEncoding
+ }
+ copy(l.checksum[:], b)
+ l.sumCount = binary.BigEndian.Uint32(b[Size:])
+ l.bytesInHasher = binary.BigEndian.Uint32(b[Size+4:])
+ switch b[Size+4+4] {
+ case 0:
+ l.onlyNullBytesInHasher = false
+ case 1:
+ l.onlyNullBytesInHasher = true
+ default:
+ return ErrorInvalidEncoding
+ }
+ err := l.hasher.(encoding.BinaryUnmarshaler).UnmarshalBinary(b[Size+4+4+1:])
+ return err
+}
+
+// hidriveHash is the hash computing the actual checksum used by HiDrive by combining multiple level-hashes.
+type hidriveHash struct {
+ levels []*level // collection of level-hashes, one for each level starting at level-1
+ lastSumWritten [Size]byte // the last checksum written to any of the levels
+ bytesInBlock uint32 // bytes written into blockHash so far
+ onlyNullBytesInBlock bool // whether the hasher only contains null-bytes so far
+ blockHash hash.Hash
+}
+
+// New returns a new hash.Hash computing the HiDrive checksum.
+func New() hash.Hash {
+ h := &hidriveHash{}
+ h.Reset()
+ return h
+}
+
+// aggregateToLevel writes the checksum to the level at the given index
+// and if necessary propagates any changes to levels above.
+func (h *hidriveHash) aggregateToLevel(index int, sum []byte) {
+ for i := index; ; i++ {
+ if i >= len(h.levels) {
+ h.levels = append(h.levels, NewLevel().(*level))
+ }
+ _, err := h.levels[i].Write(sum)
+ copy(h.lastSumWritten[:], sum)
+ if err != nil {
+ panic(fmt.Errorf("level-hash should not have produced an error: %w", err))
+ }
+ if !h.levels[i].IsFull() {
+ break
+ }
+ sum = h.levels[i].Sum(nil)
+ h.levels[i].Reset()
+ }
+}
+
+// Write (via the embedded io.Writer interface) adds more data to the running hash.
+// It never returns an error.
+func (h *hidriveHash) Write(p []byte) (n int, err error) {
+ onBlockWritten := func(remaining int) error {
+ var sum []byte
+ if h.onlyNullBytesInBlock {
+ sum = zeroSum[:]
+ } else {
+ sum = h.blockHash.Sum(nil)
+ }
+ h.blockHash.Reset()
+ h.aggregateToLevel(0, sum)
+ return nil
+ }
+ return writeByBlock(p, h.blockHash, uint32(BlockSize), &h.bytesInBlock, &h.onlyNullBytesInBlock, onBlockWritten)
+}
+
+// Sum appends the current hash to b and returns the resulting slice.
+// It does not change the underlying hash state.
+func (h *hidriveHash) Sum(b []byte) []byte {
+ // Save internal state.
+ state, err := h.MarshalBinary()
+ if err != nil {
+ panic(fmt.Errorf("saving the internal state should not have produced an error: %w", err))
+ }
+
+ if h.bytesInBlock > 0 {
+ // Fill remainder of block with null-bytes.
+ filler := make([]byte, h.BlockSize()-int(h.bytesInBlock))
+ _, err = h.Write(filler)
+ if err != nil {
+ panic(fmt.Errorf("filling with null-bytes should not have an error: %w", err))
+ }
+ }
+
+ checksum := zeroSum
+ for i := 0; i < len(h.levels); i++ {
+ level := h.levels[i]
+ if i < len(h.levels)-1 {
+ // Aggregate non-empty non-final levels.
+ if level.sumCount >= 1 {
+ h.aggregateToLevel(i+1, level.Sum(nil))
+ level.Reset()
+ }
+ } else {
+ // Determine sum of final level.
+ if level.sumCount > 1 {
+ copy(checksum[:], level.Sum(nil))
+ } else {
+ // This is needed, otherwise there is no way to return
+ // the non-position-embedded checksum.
+ checksum = h.lastSumWritten
+ }
+ }
+ }
+
+ // Restore internal state.
+ err = h.UnmarshalBinary(state)
+ if err != nil {
+ panic(fmt.Errorf("restoring the internal state should not have produced an error: %w", err))
+ }
+
+ return append(b, checksum[:]...)
+}
+
+// Reset resets the Hash to its initial state.
+func (h *hidriveHash) Reset() {
+ h.levels = nil
+ h.lastSumWritten = zeroSum // clear the last written checksum
+ h.bytesInBlock = 0
+ h.onlyNullBytesInBlock = true
+ h.blockHash = sha1.New()
+}
+
+// Size returns the number of bytes Sum will return.
+func (h *hidriveHash) Size() int {
+ return Size
+}
+
+// BlockSize returns the hash's underlying block size.
+// The Write method must be able to accept any amount
+// of data, but it may operate more efficiently if all writes
+// are a multiple of the block size.
+func (h *hidriveHash) BlockSize() int {
+ return BlockSize
+}
+
+// MarshalBinary encodes the hash into a binary form and returns the result.
+func (h *hidriveHash) MarshalBinary() ([]byte, error) {
+ b := make([]byte, Size+4+1+8)
+ copy(b, h.lastSumWritten[:])
+ binary.BigEndian.PutUint32(b[Size:], h.bytesInBlock)
+ if h.onlyNullBytesInBlock {
+ b[Size+4] = 1
+ }
+
+ binary.BigEndian.PutUint64(b[Size+4+1:], uint64(len(h.levels)))
+ for _, level := range h.levels {
+ encodedLevel, err := level.MarshalBinary()
+ if err != nil {
+ return nil, err
+ }
+ encodedLength := make([]byte, 8)
+ binary.BigEndian.PutUint64(encodedLength, uint64(len(encodedLevel)))
+ b = append(b, encodedLength...)
+ b = append(b, encodedLevel...)
+ }
+ encodedBlockHash, err := h.blockHash.(encoding.BinaryMarshaler).MarshalBinary()
+ if err != nil {
+ return nil, err
+ }
+ b = append(b, encodedBlockHash...)
+ return b, nil
+}
+
+// UnmarshalBinary decodes the binary form generated by MarshalBinary.
+// The hash will replace its internal state accordingly.
+func (h *hidriveHash) UnmarshalBinary(b []byte) error {
+ if len(b) < Size+4+1+8 {
+ return ErrorInvalidEncoding
+ }
+ copy(h.lastSumWritten[:], b)
+ h.bytesInBlock = binary.BigEndian.Uint32(b[Size:])
+ switch b[Size+4] {
+ case 0:
+ h.onlyNullBytesInBlock = false
+ case 1:
+ h.onlyNullBytesInBlock = true
+ default:
+ return ErrorInvalidEncoding
+ }
+
+ amount := binary.BigEndian.Uint64(b[Size+4+1:])
+ h.levels = make([]*level, int(amount))
+ offset := Size + 4 + 1 + 8
+ for i := range h.levels {
+ length := int(binary.BigEndian.Uint64(b[offset:]))
+ offset += 8
+ h.levels[i] = NewLevel().(*level)
+ err := h.levels[i].UnmarshalBinary(b[offset : offset+length])
+ if err != nil {
+ return err
+ }
+ offset += length
+ }
+ err := h.blockHash.(encoding.BinaryUnmarshaler).UnmarshalBinary(b[offset:])
+ return err
+}
+
+// Sum returns the HiDrive checksum of the data.
+func Sum(data []byte) [Size]byte {
+ h := New().(*hidriveHash)
+ _, _ = h.Write(data)
+ var result [Size]byte
+ copy(result[:], h.Sum(nil))
+ return result
+}
+
+// Check the interfaces are satisfied.
+var (
+ _ hash.Hash = (*level)(nil)
+ _ encoding.BinaryMarshaler = (*level)(nil)
+ _ encoding.BinaryUnmarshaler = (*level)(nil)
+ _ internal.LevelHash = (*level)(nil)
+ _ hash.Hash = (*hidriveHash)(nil)
+ _ encoding.BinaryMarshaler = (*hidriveHash)(nil)
+ _ encoding.BinaryUnmarshaler = (*hidriveHash)(nil)
+)
diff --git a/backend/hidrive/hidrivehash/hidrivehash_test.go b/backend/hidrive/hidrivehash/hidrivehash_test.go
new file mode 100644
index 0000000000000..07f2435b46b86
--- /dev/null
+++ b/backend/hidrive/hidrivehash/hidrivehash_test.go
@@ -0,0 +1,395 @@
+package hidrivehash_test
+
+import (
+ "crypto/sha1"
+ "encoding"
+ "encoding/hex"
+ "fmt"
+ "io"
+ "testing"
+
+ "github.com/rclone/rclone/backend/hidrive/hidrivehash"
+ "github.com/rclone/rclone/backend/hidrive/hidrivehash/internal"
+ "github.com/stretchr/testify/assert"
+)
+
+// helper functions to set up test-tables
+
+func sha1ArrayAsSlice(sum [sha1.Size]byte) []byte {
+ return sum[:]
+}
+
+func mustDecode(hexstring string) []byte {
+ result, err := hex.DecodeString(hexstring)
+ if err != nil {
+ panic(err)
+ }
+ return result
+}
+
+// ------------------------------------------------------------
+
+var testTableLevelPositionEmbedded = []struct {
+ ins [][]byte
+ outs [][]byte
+ name string
+}{
+ {
+ [][]byte{
+ sha1ArrayAsSlice([20]byte{245, 202, 195, 223, 121, 198, 189, 112, 138, 202, 222, 2, 146, 156, 127, 16, 208, 233, 98, 88}),
+ sha1ArrayAsSlice([20]byte{78, 188, 156, 219, 173, 54, 81, 55, 47, 220, 222, 207, 201, 21, 57, 252, 255, 239, 251, 186}),
+ },
+ [][]byte{
+ sha1ArrayAsSlice([20]byte{245, 202, 195, 223, 121, 198, 189, 112, 138, 202, 222, 2, 146, 156, 127, 16, 208, 233, 98, 88}),
+ sha1ArrayAsSlice([20]byte{68, 135, 96, 187, 38, 253, 14, 167, 186, 167, 188, 210, 91, 177, 185, 13, 208, 217, 94, 18}),
+ },
+ "documentation-v3.2rev27-example L0 (position-embedded)",
+ },
+ {
+ [][]byte{
+ sha1ArrayAsSlice([20]byte{68, 254, 92, 166, 52, 37, 104, 180, 22, 123, 249, 144, 182, 78, 64, 74, 57, 117, 225, 195}),
+ sha1ArrayAsSlice([20]byte{75, 211, 153, 190, 125, 179, 67, 49, 60, 149, 98, 246, 142, 20, 11, 254, 159, 162, 129, 237}),
+ sha1ArrayAsSlice([20]byte{150, 2, 9, 153, 97, 153, 189, 104, 147, 14, 77, 203, 244, 243, 25, 212, 67, 48, 111, 107}),
+ },
+ [][]byte{
+ sha1ArrayAsSlice([20]byte{68, 254, 92, 166, 52, 37, 104, 180, 22, 123, 249, 144, 182, 78, 64, 74, 57, 117, 225, 195}),
+ sha1ArrayAsSlice([20]byte{144, 209, 246, 100, 177, 216, 171, 229, 83, 17, 92, 135, 68, 98, 76, 72, 217, 24, 99, 176}),
+ sha1ArrayAsSlice([20]byte{38, 211, 255, 254, 19, 114, 105, 77, 230, 31, 170, 83, 57, 85, 102, 29, 28, 72, 211, 27}),
+ },
+ "documentation-example L0 (position-embedded)",
+ },
+ {
+ [][]byte{
+ sha1ArrayAsSlice([20]byte{173, 123, 132, 245, 176, 172, 43, 183, 121, 40, 66, 252, 101, 249, 188, 193, 160, 189, 2, 116}),
+ sha1ArrayAsSlice([20]byte{40, 34, 8, 238, 37, 5, 237, 184, 79, 105, 10, 167, 171, 254, 13, 229, 132, 112, 254, 8}),
+ sha1ArrayAsSlice([20]byte{39, 112, 26, 86, 190, 35, 100, 101, 28, 131, 122, 191, 254, 144, 239, 107, 253, 124, 104, 203}),
+ },
+ [][]byte{
+ sha1ArrayAsSlice([20]byte{173, 123, 132, 245, 176, 172, 43, 183, 121, 40, 66, 252, 101, 249, 188, 193, 160, 189, 2, 116}),
+ sha1ArrayAsSlice([20]byte{213, 157, 141, 227, 213, 178, 25, 111, 200, 145, 77, 164, 17, 247, 202, 167, 37, 46, 0, 124}),
+ sha1ArrayAsSlice([20]byte{253, 13, 168, 58, 147, 213, 125, 212, 229, 20, 200, 100, 16, 136, 186, 19, 34, 170, 105, 71}),
+ },
+ "documentation-example L1 (position-embedded)",
+ },
+}
+
+var testTableLevel = []struct {
+ ins [][]byte
+ outs [][]byte
+ name string
+}{
+ {
+ [][]byte{
+ mustDecode("09f077820a8a41f34a639f2172f1133b1eafe4e6"),
+ mustDecode("09f077820a8a41f34a639f2172f1133b1eafe4e6"),
+ mustDecode("09f077820a8a41f34a639f2172f1133b1eafe4e6"),
+ },
+ [][]byte{
+ mustDecode("44fe5ca6342568b4167bf990b64e404a3975e1c3"),
+ mustDecode("90d1f664b1d8abe553115c8744624c48d91863b0"),
+ mustDecode("26d3fffe1372694de61faa533955661d1c48d31b"),
+ },
+ "documentation-example L0",
+ },
+ {
+ [][]byte{
+ mustDecode("75a9f88fb219ef1dd31adf41c93e2efaac8d0245"),
+ mustDecode("daedc425199501b1e86b5eaba5649cbde205e6ae"),
+ mustDecode("286ac5283f99c4e0f11683900a3e39661c375dd6"),
+ },
+ [][]byte{
+ mustDecode("ad7b84f5b0ac2bb7792842fc65f9bcc1a0bd0274"),
+ mustDecode("d59d8de3d5b2196fc8914da411f7caa7252e007c"),
+ mustDecode("fd0da83a93d57dd4e514c8641088ba1322aa6947"),
+ },
+ "documentation-example L1",
+ },
+ {
+ [][]byte{
+ mustDecode("0000000000000000000000000000000000000000"),
+ mustDecode("0000000000000000000000000000000000000000"),
+ mustDecode("75a9f88fb219ef1dd31adf41c93e2efaac8d0245"),
+ mustDecode("0000000000000000000000000000000000000000"),
+ mustDecode("daedc425199501b1e86b5eaba5649cbde205e6ae"),
+ mustDecode("0000000000000000000000000000000000000000"),
+ mustDecode("0000000000000000000000000000000000000000"),
+ mustDecode("0000000000000000000000000000000000000000"),
+ mustDecode("286ac5283f99c4e0f11683900a3e39661c375dd6"),
+ mustDecode("0000000000000000000000000000000000000000"),
+ },
+ [][]byte{
+ mustDecode("0000000000000000000000000000000000000000"),
+ mustDecode("0000000000000000000000000000000000000000"),
+ mustDecode("a197464ec19f2b2b2bc6b21f6c939c7e57772843"),
+ mustDecode("a197464ec19f2b2b2bc6b21f6c939c7e57772843"),
+ mustDecode("b04769357aa4eb4b52cd5bec6935bc8f977fa3a1"),
+ mustDecode("b04769357aa4eb4b52cd5bec6935bc8f977fa3a1"),
+ mustDecode("b04769357aa4eb4b52cd5bec6935bc8f977fa3a1"),
+ mustDecode("b04769357aa4eb4b52cd5bec6935bc8f977fa3a1"),
+ mustDecode("8f56351897b4e1d100646fa122c924347721b2f5"),
+ mustDecode("8f56351897b4e1d100646fa122c924347721b2f5"),
+ },
+ "mixed-with-empties",
+ },
+}
+
+var testTable = []struct {
+ data []byte
+ // pattern describes how to use data to construct the hash-input.
+ // For every entry n at even indices this repeats the data n times.
+ // For every entry m at odd indices this repeats a null-byte m times.
+ // The input-data is constructed by concatenating the results in order.
+ pattern []int64
+ out []byte
+ name string
+}{
+ {
+ []byte("#ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz\n"),
+ []int64{64},
+ mustDecode("09f077820a8a41f34a639f2172f1133b1eafe4e6"),
+ "documentation-example L0",
+ },
+ {
+ []byte("#ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz\n"),
+ []int64{64 * 256},
+ mustDecode("75a9f88fb219ef1dd31adf41c93e2efaac8d0245"),
+ "documentation-example L1",
+ },
+ {
+ []byte("#ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz\n"),
+ []int64{64 * 256, 0, 64 * 128, 4096 * 128, 64*2 + 32},
+ mustDecode("fd0da83a93d57dd4e514c8641088ba1322aa6947"),
+ "documentation-example L2",
+ },
+ {
+ []byte("hello rclone\n"),
+ []int64{316},
+ mustDecode("72370f9c18a2c20b31d71f3f4cee7a3cd2703737"),
+ "not-block-aligned",
+ },
+ {
+ []byte("hello rclone\n"),
+ []int64{13, 4096 * 3, 4},
+ mustDecode("a6990b81791f0d2db750b38f046df321c975aa60"),
+ "not-block-aligned-with-null-bytes",
+ },
+ {
+ []byte{},
+ []int64{},
+ mustDecode("0000000000000000000000000000000000000000"),
+ "empty",
+ },
+ {
+ []byte{},
+ []int64{0, 4096 * 256 * 256},
+ mustDecode("0000000000000000000000000000000000000000"),
+ "null-bytes",
+ },
+}
+
+// ------------------------------------------------------------
+
+func TestLevelAdd(t *testing.T) {
+ for _, test := range testTableLevelPositionEmbedded {
+ l := hidrivehash.NewLevel().(internal.LevelHash)
+ t.Run(test.name, func(t *testing.T) {
+ for i := range test.ins {
+ l.Add(test.ins[i])
+ assert.Equal(t, test.outs[i], l.Sum(nil))
+ }
+ })
+ }
+}
+
+func TestLevelWrite(t *testing.T) {
+ for _, test := range testTableLevel {
+ l := hidrivehash.NewLevel()
+ t.Run(test.name, func(t *testing.T) {
+ for i := range test.ins {
+ l.Write(test.ins[i])
+ assert.Equal(t, test.outs[i], l.Sum(nil))
+ }
+ })
+ }
+}
+
+func TestLevelIsFull(t *testing.T) {
+ content := [hidrivehash.Size]byte{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19}
+ l := hidrivehash.NewLevel()
+ for i := 0; i < 256; i++ {
+ assert.False(t, l.(internal.LevelHash).IsFull())
+ written, err := l.Write(content[:])
+ assert.Equal(t, len(content), written)
+ if !assert.NoError(t, err) {
+ t.FailNow()
+ }
+ }
+ assert.True(t, l.(internal.LevelHash).IsFull())
+ written, err := l.Write(content[:])
+ assert.True(t, l.(internal.LevelHash).IsFull())
+ assert.Equal(t, 0, written)
+ assert.ErrorIs(t, err, hidrivehash.ErrorHashFull)
+}
+
+func TestLevelReset(t *testing.T) {
+ l := hidrivehash.NewLevel()
+ zeroHash := l.Sum(nil)
+ _, err := l.Write([]byte{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19})
+ if assert.NoError(t, err) {
+ assert.NotEqual(t, zeroHash, l.Sum(nil))
+ l.Reset()
+ assert.Equal(t, zeroHash, l.Sum(nil))
+ }
+}
+
+func TestLevelSize(t *testing.T) {
+ l := hidrivehash.NewLevel()
+ assert.Equal(t, 20, l.Size())
+}
+
+func TestLevelBlockSize(t *testing.T) {
+ l := hidrivehash.NewLevel()
+ assert.Equal(t, 20, l.BlockSize())
+}
+
+func TestLevelBinaryMarshaler(t *testing.T) {
+ content := []byte{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19}
+ l := hidrivehash.NewLevel().(internal.LevelHash)
+ l.Write(content[:10])
+ encoded, err := l.MarshalBinary()
+ if assert.NoError(t, err) {
+ d := hidrivehash.NewLevel().(internal.LevelHash)
+ err = d.UnmarshalBinary(encoded)
+ if assert.NoError(t, err) {
+ assert.Equal(t, l.Sum(nil), d.Sum(nil))
+ l.Write(content[10:])
+ d.Write(content[10:])
+ assert.Equal(t, l.Sum(nil), d.Sum(nil))
+ }
+ }
+}
+
+func TestLevelInvalidEncoding(t *testing.T) {
+ l := hidrivehash.NewLevel().(internal.LevelHash)
+ err := l.UnmarshalBinary([]byte{})
+ assert.ErrorIs(t, err, hidrivehash.ErrorInvalidEncoding)
+}
+
+// ------------------------------------------------------------
+
+type infiniteReader struct {
+ source []byte
+ offset int
+}
+
+func (m *infiniteReader) Read(b []byte) (int, error) {
+ count := copy(b, m.source[m.offset:])
+ m.offset += count
+ m.offset %= len(m.source)
+ return count, nil
+}
+
+func writeInChunks(writer io.Writer, chunkSize int64, data []byte, pattern []int64) error {
+ readers := make([]io.Reader, len(pattern))
+ nullBytes := [4096]byte{}
+ for i, n := range pattern {
+ if i%2 == 0 {
+ readers[i] = io.LimitReader(&infiniteReader{data, 0}, n*int64(len(data)))
+ } else {
+ readers[i] = io.LimitReader(&infiniteReader{nullBytes[:], 0}, n)
+ }
+ }
+ reader := io.MultiReader(readers...)
+ for {
+ _, err := io.CopyN(writer, reader, chunkSize)
+ if err != nil {
+ if err == io.EOF {
+ err = nil
+ }
+ return err
+ }
+ }
+}
+
+func TestWrite(t *testing.T) {
+ for _, test := range testTable {
+ t.Run(test.name, func(t *testing.T) {
+ h := hidrivehash.New()
+ err := writeInChunks(h, int64(h.BlockSize()), test.data, test.pattern)
+ if assert.NoError(t, err) {
+ normalSum := h.Sum(nil)
+ assert.Equal(t, test.out, normalSum)
+ // Test if different block-sizes produce differing results.
+ for _, blockSize := range []int64{397, 512, 4091, 8192, 10000} {
+ t.Run(fmt.Sprintf("block-size %v", blockSize), func(t *testing.T) {
+ h := hidrivehash.New()
+ err := writeInChunks(h, blockSize, test.data, test.pattern)
+ if assert.NoError(t, err) {
+ assert.Equal(t, normalSum, h.Sum(nil))
+ }
+ })
+ }
+ }
+ })
+ }
+}
+
+func TestReset(t *testing.T) {
+ h := hidrivehash.New()
+ zeroHash := h.Sum(nil)
+ _, err := h.Write([]byte{1})
+ if assert.NoError(t, err) {
+ assert.NotEqual(t, zeroHash, h.Sum(nil))
+ h.Reset()
+ assert.Equal(t, zeroHash, h.Sum(nil))
+ }
+}
+
+func TestSize(t *testing.T) {
+ h := hidrivehash.New()
+ assert.Equal(t, 20, h.Size())
+}
+
+func TestBlockSize(t *testing.T) {
+ h := hidrivehash.New()
+ assert.Equal(t, 4096, h.BlockSize())
+}
+
+func TestBinaryMarshaler(t *testing.T) {
+ for _, test := range testTable {
+ h := hidrivehash.New()
+ d := hidrivehash.New()
+ half := len(test.pattern) / 2
+ t.Run(test.name, func(t *testing.T) {
+ err := writeInChunks(h, int64(h.BlockSize()), test.data, test.pattern[:half])
+ assert.NoError(t, err)
+ encoded, err := h.(encoding.BinaryMarshaler).MarshalBinary()
+ if assert.NoError(t, err) {
+ err = d.(encoding.BinaryUnmarshaler).UnmarshalBinary(encoded)
+ if assert.NoError(t, err) {
+ assert.Equal(t, h.Sum(nil), d.Sum(nil))
+ err = writeInChunks(h, int64(h.BlockSize()), test.data, test.pattern[half:])
+ assert.NoError(t, err)
+ err = writeInChunks(d, int64(d.BlockSize()), test.data, test.pattern[half:])
+ assert.NoError(t, err)
+ assert.Equal(t, h.Sum(nil), d.Sum(nil))
+ }
+ }
+ })
+ }
+}
+
+func TestInvalidEncoding(t *testing.T) {
+ h := hidrivehash.New()
+ err := h.(encoding.BinaryUnmarshaler).UnmarshalBinary([]byte{})
+ assert.ErrorIs(t, err, hidrivehash.ErrorInvalidEncoding)
+}
+
+func TestSum(t *testing.T) {
+ assert.Equal(t, [hidrivehash.Size]byte{}, hidrivehash.Sum([]byte{}))
+ content := []byte{1}
+ h := hidrivehash.New()
+ h.Write(content)
+ sum := hidrivehash.Sum(content)
+ assert.Equal(t, h.Sum(nil), sum[:])
+}
diff --git a/backend/hidrive/hidrivehash/internal/internal.go b/backend/hidrive/hidrivehash/internal/internal.go
new file mode 100644
index 0000000000000..261233c0dc46e
--- /dev/null
+++ b/backend/hidrive/hidrivehash/internal/internal.go
@@ -0,0 +1,18 @@
+// Package internal provides utilities for HiDrive.
+package internal
+
+import (
+ "encoding"
+ "hash"
+)
+
+// LevelHash is an internal interface for level-hashes.
+type LevelHash interface {
+ encoding.BinaryMarshaler
+ encoding.BinaryUnmarshaler
+ hash.Hash
+ // Add takes a position-embedded checksum and adds it to the level.
+ Add(sum []byte)
+ // IsFull returns whether the number of checksums added to this level reached its capacity.
+ IsFull() bool
+}
diff --git a/backend/http/http.go b/backend/http/http.go
index e2a993a448aca..518ea411cd8d7 100644
--- a/backend/http/http.go
+++ b/backend/http/http.go
@@ -13,7 +13,6 @@ import (
"net/http"
"net/url"
"path"
- "strconv"
"strings"
"sync"
"time"
@@ -35,11 +34,11 @@ var (
func init() {
fsi := &fs.RegInfo{
Name: "http",
- Description: "http Connection",
+ Description: "HTTP",
NewFs: NewFs,
Options: []fs.Option{{
Name: "url",
- Help: "URL of http host to connect to.\n\nE.g. \"https://example.com\", or \"https://user:pass@example.com\" to use a username and password.",
+ Help: "URL of HTTP host to connect to.\n\nE.g. \"https://example.com\", or \"https://user:pass@example.com\" to use a username and password.",
Required: true,
}, {
Name: "headers",
@@ -305,7 +304,7 @@ func (f *Fs) NewObject(ctx context.Context, remote string) (fs.Object, error) {
fs: f,
remote: remote,
}
- err := o.stat(ctx)
+ err := o.head(ctx)
if err != nil {
return nil, err
}
@@ -317,15 +316,6 @@ func (f *Fs) url(remote string) string {
return f.endpointURL + rest.URLPathEscape(remote)
}
-// parse s into an int64, on failure return def
-func parseInt64(s string, def int64) int64 {
- n, e := strconv.ParseInt(s, 10, 64)
- if e != nil {
- return def
- }
- return n
-}
-
// Errors returned by parseName
var (
errURLJoinFailed = errors.New("URLJoin failed")
@@ -500,7 +490,7 @@ func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err e
fs: f,
remote: remote,
}
- switch err := file.stat(ctx); err {
+ switch err := file.head(ctx); err {
case nil:
add(file)
case fs.ErrorNotAFile:
@@ -579,8 +569,8 @@ func (o *Object) url() string {
return o.fs.url(o.remote)
}
-// stat updates the info field in the Object
-func (o *Object) stat(ctx context.Context) error {
+// head sends a HEAD request to update info fields in the Object
+func (o *Object) head(ctx context.Context) error {
if o.fs.opt.NoHead {
o.size = -1
o.modTime = timeUnset
@@ -601,13 +591,19 @@ func (o *Object) stat(ctx context.Context) error {
if err != nil {
return fmt.Errorf("failed to stat: %w", err)
}
+ return o.decodeMetadata(ctx, res)
+}
+
+// decodeMetadata updates info fields in the Object according to HTTP response headers
+func (o *Object) decodeMetadata(ctx context.Context, res *http.Response) error {
t, err := http.ParseTime(res.Header.Get("Last-Modified"))
if err != nil {
t = timeUnset
}
- o.size = parseInt64(res.Header.Get("Content-Length"), -1)
o.modTime = t
o.contentType = res.Header.Get("Content-Type")
+ o.size = rest.ParseSizeFromHeaders(res.Header)
+
// If NoSlash is set then check ContentType to see if it is a directory
if o.fs.opt.NoSlash {
mediaType, _, err := mime.ParseMediaType(o.contentType)
@@ -653,6 +649,9 @@ func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (in io.Read
if err != nil {
return nil, fmt.Errorf("Open failed: %w", err)
}
+ if err = o.decodeMetadata(ctx, res); err != nil {
+ return nil, fmt.Errorf("decodeMetadata failed: %w", err)
+ }
return res.Body, nil
}
diff --git a/backend/http/http_internal_test.go b/backend/http/http_internal_test.go
index 17c58737c0c2f..307bbc559f67a 100644
--- a/backend/http/http_internal_test.go
+++ b/backend/http/http_internal_test.go
@@ -3,7 +3,7 @@ package http
import (
"context"
"fmt"
- "io/ioutil"
+ "io"
"net/http"
"net/http/httptest"
"net/url"
@@ -33,20 +33,21 @@ var (
lineEndSize = 1
)
-// prepareServer the test server and return a function to tidy it up afterwards
-func prepareServer(t *testing.T) (configmap.Simple, func()) {
+// prepareServer prepares the test server and shuts it down automatically
+// when the test completes.
+func prepareServer(t *testing.T) configmap.Simple {
// file server for test/files
fileServer := http.FileServer(http.Dir(filesPath))
// verify the file path is correct, and also check which line endings
// are used to get sizes right ("\n" except on Windows, but even there
// we may have "\n" or "\r\n" depending on git crlf setting)
- fileList, err := ioutil.ReadDir(filesPath)
+ fileList, err := os.ReadDir(filesPath)
require.NoError(t, err)
require.Greater(t, len(fileList), 0)
for _, file := range fileList {
if !file.IsDir() {
- data, _ := ioutil.ReadFile(filepath.Join(filesPath, file.Name()))
+ data, _ := os.ReadFile(filepath.Join(filesPath, file.Name()))
if strings.HasSuffix(string(data), "\r\n") {
lineEndSize = 2
}
@@ -78,20 +79,21 @@ func prepareServer(t *testing.T) (configmap.Simple, func()) {
"url": ts.URL,
"headers": strings.Join(headers, ","),
}
+ t.Cleanup(ts.Close)
- // return a function to tidy up
- return m, ts.Close
+ return m
}
-// prepare the test server and return a function to tidy it up afterwards
-func prepare(t *testing.T) (fs.Fs, func()) {
- m, tidy := prepareServer(t)
+// prepare prepares the test server and shuts it down automatically
+// when the test completes.
+func prepare(t *testing.T) fs.Fs {
+ m := prepareServer(t)
// Instantiate it
f, err := NewFs(context.Background(), remoteName, "", m)
require.NoError(t, err)
- return f, tidy
+ return f
}
func testListRoot(t *testing.T, f fs.Fs, noSlash bool) {
@@ -134,22 +136,19 @@ func testListRoot(t *testing.T, f fs.Fs, noSlash bool) {
}
func TestListRoot(t *testing.T) {
- f, tidy := prepare(t)
- defer tidy()
+ f := prepare(t)
testListRoot(t, f, false)
}
func TestListRootNoSlash(t *testing.T) {
- f, tidy := prepare(t)
+ f := prepare(t)
f.(*Fs).opt.NoSlash = true
- defer tidy()
testListRoot(t, f, true)
}
func TestListSubDir(t *testing.T) {
- f, tidy := prepare(t)
- defer tidy()
+ f := prepare(t)
entries, err := f.List(context.Background(), "three")
require.NoError(t, err)
@@ -166,8 +165,7 @@ func TestListSubDir(t *testing.T) {
}
func TestNewObject(t *testing.T) {
- f, tidy := prepare(t)
- defer tidy()
+ f := prepare(t)
o, err := f.NewObject(context.Background(), "four/under four.txt")
require.NoError(t, err)
@@ -194,36 +192,69 @@ func TestNewObject(t *testing.T) {
}
func TestOpen(t *testing.T) {
- f, tidy := prepare(t)
- defer tidy()
+ m := prepareServer(t)
- o, err := f.NewObject(context.Background(), "four/under four.txt")
- require.NoError(t, err)
+ for _, head := range []bool{false, true} {
+ if !head {
+ m.Set("no_head", "true")
+ }
+ f, err := NewFs(context.Background(), remoteName, "", m)
+ require.NoError(t, err)
- // Test normal read
- fd, err := o.Open(context.Background())
- require.NoError(t, err)
- data, err := ioutil.ReadAll(fd)
- require.NoError(t, err)
- require.NoError(t, fd.Close())
- if lineEndSize == 2 {
- assert.Equal(t, "beetroot\r\n", string(data))
- } else {
- assert.Equal(t, "beetroot\n", string(data))
- }
+ for _, rangeRead := range []bool{false, true} {
+ o, err := f.NewObject(context.Background(), "four/under four.txt")
+ require.NoError(t, err)
- // Test with range request
- fd, err = o.Open(context.Background(), &fs.RangeOption{Start: 1, End: 5})
- require.NoError(t, err)
- data, err = ioutil.ReadAll(fd)
- require.NoError(t, err)
- require.NoError(t, fd.Close())
- assert.Equal(t, "eetro", string(data))
+ if !head {
+ // Test mod time is still indeterminate
+ tObj := o.ModTime(context.Background())
+ assert.Equal(t, time.Duration(0), time.Unix(0, 0).Sub(tObj))
+
+ // Test file size is still indeterminate
+ assert.Equal(t, int64(-1), o.Size())
+ }
+
+ var data []byte
+ if !rangeRead {
+ // Test normal read
+ fd, err := o.Open(context.Background())
+ require.NoError(t, err)
+ data, err = io.ReadAll(fd)
+ require.NoError(t, err)
+ require.NoError(t, fd.Close())
+ if lineEndSize == 2 {
+ assert.Equal(t, "beetroot\r\n", string(data))
+ } else {
+ assert.Equal(t, "beetroot\n", string(data))
+ }
+ } else {
+ // Test with range request
+ fd, err := o.Open(context.Background(), &fs.RangeOption{Start: 1, End: 5})
+ require.NoError(t, err)
+ data, err = io.ReadAll(fd)
+ require.NoError(t, err)
+ require.NoError(t, fd.Close())
+ assert.Equal(t, "eetro", string(data))
+ }
+
+ fi, err := os.Stat(filepath.Join(filesPath, "four", "under four.txt"))
+ require.NoError(t, err)
+ tFile := fi.ModTime()
+
+ // Test the time is always correct on the object after file open
+ tObj := o.ModTime(context.Background())
+ fstest.AssertTimeEqualWithPrecision(t, o.Remote(), tFile, tObj, time.Second)
+
+ if !rangeRead {
+ // Test the file size
+ assert.Equal(t, int64(len(data)), o.Size())
+ }
+ }
+ }
}
func TestMimeType(t *testing.T) {
- f, tidy := prepare(t)
- defer tidy()
+ f := prepare(t)
o, err := f.NewObject(context.Background(), "four/under four.txt")
require.NoError(t, err)
@@ -234,8 +265,7 @@ func TestMimeType(t *testing.T) {
}
func TestIsAFileRoot(t *testing.T) {
- m, tidy := prepareServer(t)
- defer tidy()
+ m := prepareServer(t)
f, err := NewFs(context.Background(), remoteName, "one%.txt", m)
assert.Equal(t, err, fs.ErrorIsFile)
@@ -244,8 +274,7 @@ func TestIsAFileRoot(t *testing.T) {
}
func TestIsAFileSubDir(t *testing.T) {
- m, tidy := prepareServer(t)
- defer tidy()
+ m := prepareServer(t)
f, err := NewFs(context.Background(), remoteName, "three/underthree.txt", m)
assert.Equal(t, err, fs.ErrorIsFile)
diff --git a/backend/hubic/auth.go b/backend/hubic/auth.go
deleted file mode 100644
index b1bbac80e79ca..0000000000000
--- a/backend/hubic/auth.go
+++ /dev/null
@@ -1,62 +0,0 @@
-package hubic
-
-import (
- "context"
- "net/http"
- "time"
-
- "github.com/ncw/swift/v2"
- "github.com/rclone/rclone/fs"
-)
-
-// auth is an authenticator for swift
-type auth struct {
- f *Fs
-}
-
-// newAuth creates a swift authenticator
-func newAuth(f *Fs) *auth {
- return &auth{
- f: f,
- }
-}
-
-// Request constructs an http.Request for authentication
-//
-// returns nil for not needed
-func (a *auth) Request(ctx context.Context, c *swift.Connection) (r *http.Request, err error) {
- const retries = 10
- for try := 1; try <= retries; try++ {
- err = a.f.getCredentials(context.TODO())
- if err == nil {
- break
- }
- time.Sleep(100 * time.Millisecond)
- fs.Debugf(a.f, "retrying auth request %d/%d: %v", try, retries, err)
- }
- return nil, err
-}
-
-// Response parses the result of an http request
-func (a *auth) Response(ctx context.Context, resp *http.Response) error {
- return nil
-}
-
-// The public storage URL - set Internal to true to read
-// internal/service net URL
-func (a *auth) StorageUrl(Internal bool) string { // nolint
- return a.f.credentials.Endpoint
-}
-
-// The access token
-func (a *auth) Token() string {
- return a.f.credentials.Token
-}
-
-// The CDN url if available
-func (a *auth) CdnUrl() string { // nolint
- return ""
-}
-
-// Check the interfaces are satisfied
-var _ swift.Authenticator = (*auth)(nil)
diff --git a/backend/hubic/hubic.go b/backend/hubic/hubic.go
deleted file mode 100644
index c655c038efa4d..0000000000000
--- a/backend/hubic/hubic.go
+++ /dev/null
@@ -1,200 +0,0 @@
-// Package hubic provides an interface to the Hubic object storage
-// system.
-package hubic
-
-// This uses the normal swift mechanism to update the credentials and
-// ignores the expires field returned by the Hubic API. This may need
-// to be revisited after some actual experience.
-
-import (
- "context"
- "encoding/json"
- "errors"
- "fmt"
- "io/ioutil"
- "net/http"
- "strings"
- "time"
-
- swiftLib "github.com/ncw/swift/v2"
- "github.com/rclone/rclone/backend/swift"
- "github.com/rclone/rclone/fs"
- "github.com/rclone/rclone/fs/config/configmap"
- "github.com/rclone/rclone/fs/config/configstruct"
- "github.com/rclone/rclone/fs/config/obscure"
- "github.com/rclone/rclone/fs/fshttp"
- "github.com/rclone/rclone/lib/oauthutil"
- "golang.org/x/oauth2"
-)
-
-const (
- rcloneClientID = "api_hubic_svWP970PvSWbw5G3PzrAqZ6X2uHeZBPI"
- rcloneEncryptedClientSecret = "leZKCcqy9movLhDWLVXX8cSLp_FzoiAPeEJOIOMRw1A5RuC4iLEPDYPWVF46adC_MVonnLdVEOTHVstfBOZ_lY4WNp8CK_YWlpRZ9diT5YI"
-)
-
-// Globals
-var (
- // Description of how to auth for this app
- oauthConfig = &oauth2.Config{
- Scopes: []string{
- "credentials.r", // Read OpenStack credentials
- },
- Endpoint: oauth2.Endpoint{
- AuthURL: "https://api.hubic.com/oauth/auth/",
- TokenURL: "https://api.hubic.com/oauth/token/",
- },
- ClientID: rcloneClientID,
- ClientSecret: obscure.MustReveal(rcloneEncryptedClientSecret),
- RedirectURL: oauthutil.RedirectLocalhostURL,
- }
-)
-
-// Register with Fs
-func init() {
- fs.Register(&fs.RegInfo{
- Name: "hubic",
- Description: "Hubic",
- NewFs: NewFs,
- Config: func(ctx context.Context, name string, m configmap.Mapper, config fs.ConfigIn) (*fs.ConfigOut, error) {
- return oauthutil.ConfigOut("", &oauthutil.Options{
- OAuth2Config: oauthConfig,
- })
- },
- Options: append(oauthutil.SharedOptions, swift.SharedOptions...),
- })
-}
-
-// credentials is the JSON returned from the Hubic API to read the
-// OpenStack credentials
-type credentials struct {
- Token string `json:"token"` // OpenStack token
- Endpoint string `json:"endpoint"` // OpenStack endpoint
- Expires string `json:"expires"` // Expires date - e.g. "2015-11-09T14:24:56+01:00"
-}
-
-// Fs represents a remote hubic
-type Fs struct {
- fs.Fs // wrapped Fs
- features *fs.Features // optional features
- client *http.Client // client for oauth api
- credentials credentials // returned from the Hubic API
- expires time.Time // time credentials expire
-}
-
-// Object describes a swift object
-type Object struct {
- *swift.Object
-}
-
-// Return a string version
-func (o *Object) String() string {
- if o == nil {
- return ""
- }
- return o.Object.String()
-}
-
-// ------------------------------------------------------------
-
-// String converts this Fs to a string
-func (f *Fs) String() string {
- if f.Fs == nil {
- return "Hubic"
- }
- return fmt.Sprintf("Hubic %s", f.Fs.String())
-}
-
-// getCredentials reads the OpenStack Credentials using the Hubic API
-//
-// The credentials are read into the Fs
-func (f *Fs) getCredentials(ctx context.Context) (err error) {
- req, err := http.NewRequestWithContext(ctx, "GET", "https://api.hubic.com/1.0/account/credentials", nil)
- if err != nil {
- return err
- }
- resp, err := f.client.Do(req)
- if err != nil {
- return err
- }
- defer fs.CheckClose(resp.Body, &err)
- if resp.StatusCode < 200 || resp.StatusCode > 299 {
- body, _ := ioutil.ReadAll(resp.Body)
- bodyStr := strings.TrimSpace(strings.ReplaceAll(string(body), "\n", " "))
- return fmt.Errorf("failed to get credentials: %s: %s", resp.Status, bodyStr)
- }
- decoder := json.NewDecoder(resp.Body)
- var result credentials
- err = decoder.Decode(&result)
- if err != nil {
- return err
- }
- // fs.Debugf(f, "Got credentials %+v", result)
- if result.Token == "" || result.Endpoint == "" || result.Expires == "" {
- return errors.New("couldn't read token, result and expired from credentials")
- }
- f.credentials = result
- expires, err := time.Parse(time.RFC3339, result.Expires)
- if err != nil {
- return err
- }
- f.expires = expires
- fs.Debugf(f, "Got swift credentials (expiry %v in %v)", f.expires, f.expires.Sub(time.Now()))
- return nil
-}
-
-// NewFs constructs an Fs from the path, container:path
-func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, error) {
- client, _, err := oauthutil.NewClient(ctx, name, m, oauthConfig)
- if err != nil {
- return nil, fmt.Errorf("failed to configure Hubic: %w", err)
- }
-
- f := &Fs{
- client: client,
- }
-
- // Make the swift Connection
- ci := fs.GetConfig(ctx)
- c := &swiftLib.Connection{
- Auth: newAuth(f),
- ConnectTimeout: 10 * ci.ConnectTimeout, // Use the timeouts in the transport
- Timeout: 10 * ci.Timeout, // Use the timeouts in the transport
- Transport: fshttp.NewTransport(ctx),
- }
- err = c.Authenticate(ctx)
- if err != nil {
- return nil, fmt.Errorf("error authenticating swift connection: %w", err)
- }
-
- // Parse config into swift.Options struct
- opt := new(swift.Options)
- err = configstruct.Set(m, opt)
- if err != nil {
- return nil, err
- }
-
- // Make inner swift Fs from the connection
- swiftFs, err := swift.NewFsWithConnection(ctx, opt, name, root, c, true)
- if err != nil && err != fs.ErrorIsFile {
- return nil, err
- }
- f.Fs = swiftFs
- f.features = f.Fs.Features().Wrap(f)
- return f, err
-}
-
-// Features returns the optional features of this Fs
-func (f *Fs) Features() *fs.Features {
- return f.features
-}
-
-// UnWrap returns the Fs that this Fs is wrapping
-func (f *Fs) UnWrap() fs.Fs {
- return f.Fs
-}
-
-// Check the interfaces are satisfied
-var (
- _ fs.Fs = (*Fs)(nil)
- _ fs.UnWrapper = (*Fs)(nil)
-)
diff --git a/backend/hubic/hubic_test.go b/backend/hubic/hubic_test.go
deleted file mode 100644
index 08d6f122dd382..0000000000000
--- a/backend/hubic/hubic_test.go
+++ /dev/null
@@ -1,19 +0,0 @@
-// Test Hubic filesystem interface
-package hubic_test
-
-import (
- "testing"
-
- "github.com/rclone/rclone/backend/hubic"
- "github.com/rclone/rclone/fstest/fstests"
-)
-
-// TestIntegration runs integration tests against the remote
-func TestIntegration(t *testing.T) {
- fstests.Run(t, &fstests.Opt{
- RemoteName: "TestHubic:",
- NilObject: (*hubic.Object)(nil),
- SkipFsCheckWrap: true,
- SkipObjectCheckWrap: true,
- })
-}
diff --git a/backend/internetarchive/internetarchive.go b/backend/internetarchive/internetarchive.go
index ce021e35f54a6..4c1dc7f829a43 100644
--- a/backend/internetarchive/internetarchive.go
+++ b/backend/internetarchive/internetarchive.go
@@ -38,6 +38,100 @@ func init() {
Name: "internetarchive",
Description: "Internet Archive",
NewFs: NewFs,
+
+ MetadataInfo: &fs.MetadataInfo{
+ System: map[string]fs.MetadataHelp{
+ "name": {
+ Help: "Full file path, without the bucket part",
+ Type: "filename",
+ Example: "backend/internetarchive/internetarchive.go",
+ ReadOnly: true,
+ },
+ "source": {
+ Help: "The source of the file",
+ Type: "string",
+ Example: "original",
+ ReadOnly: true,
+ },
+ "mtime": {
+ Help: "Time of last modification, managed by Rclone",
+ Type: "RFC 3339",
+ Example: "2006-01-02T15:04:05.999999999Z",
+ ReadOnly: true,
+ },
+ "size": {
+ Help: "File size in bytes",
+ Type: "decimal number",
+ Example: "123456",
+ ReadOnly: true,
+ },
+ "md5": {
+ Help: "MD5 hash calculated by Internet Archive",
+ Type: "string",
+ Example: "01234567012345670123456701234567",
+ ReadOnly: true,
+ },
+ "crc32": {
+ Help: "CRC32 calculated by Internet Archive",
+ Type: "string",
+ Example: "01234567",
+ ReadOnly: true,
+ },
+ "sha1": {
+ Help: "SHA1 hash calculated by Internet Archive",
+ Type: "string",
+ Example: "0123456701234567012345670123456701234567",
+ ReadOnly: true,
+ },
+ "format": {
+ Help: "Name of format identified by Internet Archive",
+ Type: "string",
+ Example: "Comma-Separated Values",
+ ReadOnly: true,
+ },
+ "old_version": {
+ Help: "Whether the file was replaced and moved by keep-old-version flag",
+ Type: "boolean",
+ Example: "true",
+ ReadOnly: true,
+ },
+ "viruscheck": {
+ Help: "The last time viruscheck process was run for the file (?)",
+ Type: "unixtime",
+ Example: "1654191352",
+ ReadOnly: true,
+ },
+ "summation": {
+ Help: "Check https://forum.rclone.org/t/31922 for how it is used",
+ Type: "string",
+ Example: "md5",
+ ReadOnly: true,
+ },
+
+ "rclone-ia-mtime": {
+ Help: "Time of last modification, managed by Internet Archive",
+ Type: "RFC 3339",
+ Example: "2006-01-02T15:04:05.999999999Z",
+ },
+ "rclone-mtime": {
+ Help: "Time of last modification, managed by Rclone",
+ Type: "RFC 3339",
+ Example: "2006-01-02T15:04:05.999999999Z",
+ },
+ "rclone-update-track": {
+ Help: "Random value used by Rclone for tracking changes inside Internet Archive",
+ Type: "string",
+ Example: "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+ },
+ },
+ Help: `Metadata fields provided by Internet Archive.
+If there are multiple values for a key, only the first one is returned.
+This is a limitation of Rclone, that supports one value per one key.
+
+Owner is able to add custom keys. Metadata feature grabs all the keys including them.
+`,
+ },
+
Options: []fs.Option{{
Name: "access_key_id",
Help: "IAS3 Access Key.\n\nLeave blank for anonymous access.\nYou can find one here: https://archive.org/account/s3.php",
@@ -90,6 +184,14 @@ Only enable if you need to be guaranteed to be reflected after write operations.
// maximum size of an item. this is constant across all items
const iaItemMaxSize int64 = 1099511627776
+// metadata keys that are not writeable
+var roMetadataKey = map[string]interface{}{
+ // do not add mtime here, it's a documented exception
+ "name": nil, "source": nil, "size": nil, "md5": nil,
+ "crc32": nil, "sha1": nil, "format": nil, "old_version": nil,
+ "viruscheck": nil, "summation": nil,
+}
+
// Options defines the configuration for this backend
type Options struct {
AccessKeyID string `config:"access_key_id"`
@@ -122,9 +224,10 @@ type Object struct {
md5 string // md5 hash of the file presented by the server
sha1 string // sha1 hash of the file presented by the server
crc32 string // crc32 of the file presented by the server
+ rawData json.RawMessage
}
-// IAFile reprensents a subset of object in MetadataResponse.Files
+// IAFile represents a subset of object in MetadataResponse.Files
type IAFile struct {
Name string `json:"name"`
// Source string `json:"source"`
@@ -135,14 +238,23 @@ type IAFile struct {
Md5 string `json:"md5"`
Crc32 string `json:"crc32"`
Sha1 string `json:"sha1"`
+ Summation string `json:"summation"`
+
+ rawData json.RawMessage
}
-// MetadataResponse reprensents subset of the JSON object returned by (frontend)/metadata/
+// MetadataResponse represents subset of the JSON object returned by (frontend)/metadata/
type MetadataResponse struct {
Files []IAFile `json:"files"`
ItemSize int64 `json:"item_size"`
}
+// MetadataResponseRaw is the form of MetadataResponse to deal with metadata
+type MetadataResponseRaw struct {
+ Files []json.RawMessage `json:"files"`
+ ItemSize int64 `json:"item_size"`
+}
+
// ModMetadataResponse represents response for amending metadata
type ModMetadataResponse struct {
// https://archive.org/services/docs/api/md-write.html#example
@@ -226,7 +338,10 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
}
f.setRoot(root)
f.features = (&fs.Features{
- BucketBased: true,
+ BucketBased: true,
+ ReadMetadata: true,
+ WriteMetadata: true,
+ UserMetadata: true,
}).Fill(ctx, f)
f.srv = rest.NewClient(fshttp.NewClient(ctx))
@@ -307,18 +422,17 @@ func (o *Object) SetModTime(ctx context.Context, t time.Time) (err error) {
}
// https://archive.org/services/docs/api/md-write.html
- var patch = []interface{}{
+ // the following code might be useful for modifying metadata of an uploaded file
+ patch := []map[string]string{
// we should drop it first to clear all rclone-provided mtimes
- struct {
- Op string `json:"op"`
- Path string `json:"path"`
- }{"remove", "/rclone-mtime"},
- struct {
- Op string `json:"op"`
- Path string `json:"path"`
- Value string `json:"value"`
- }{"add", "/rclone-mtime", t.Format(time.RFC3339Nano)},
- }
+ {
+ "op": "remove",
+ "path": "/rclone-mtime",
+ }, {
+ "op": "add",
+ "path": "/rclone-mtime",
+ "value": t.Format(time.RFC3339Nano),
+ }}
res, err := json.Marshal(patch)
if err != nil {
return err
@@ -458,14 +572,14 @@ func (f *Fs) PublicLink(ctx context.Context, remote string, expire fs.Duration,
return "", err
}
bucket, bucketPath := f.split(remote)
- return path.Join(f.opt.FrontEndpoint, "/download/", bucket, bucketPath), nil
+ return path.Join(f.opt.FrontEndpoint, "/download/", bucket, quotePath(bucketPath)), nil
}
// Copy src to this remote using server-side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -646,7 +760,7 @@ func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (in io.Read
// make a GET request to (frontend)/download/:item/:path
opts := rest.Opts{
Method: "GET",
- Path: path.Join("/download/", o.fs.root, o.fs.opt.Enc.FromStandardPath(o.remote)),
+ Path: path.Join("/download/", o.fs.root, quotePath(o.fs.opt.Enc.FromStandardPath(o.remote))),
Options: optionsFixed,
}
err = o.fs.pacer.Call(func() (bool, error) {
@@ -685,6 +799,23 @@ func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, op
headers["Content-Length"] = fmt.Sprintf("%d", size)
headers["x-archive-size-hint"] = fmt.Sprintf("%d", size)
}
+ var mdata fs.Metadata
+ mdata, err = fs.GetMetadataOptions(ctx, src, options)
+ if err == nil && mdata != nil {
+ for mk, mv := range mdata {
+ mk = strings.ToLower(mk)
+ if strings.HasPrefix(mk, "rclone-") {
+ fs.LogPrintf(fs.LogLevelWarning, o, "reserved metadata key %s is about to set", mk)
+ } else if _, ok := roMetadataKey[mk]; ok {
+ fs.LogPrintf(fs.LogLevelWarning, o, "setting or modifying read-only key %s is requested, skipping", mk)
+ continue
+ } else if mk == "mtime" {
+ // redirect to make it work
+ mk = "rclone-mtime"
+ }
+ headers[fmt.Sprintf("x-amz-filemeta-%s", mk)] = mv
+ }
+ }
// read the md5sum if available
var md5sumHex string
@@ -762,6 +893,34 @@ func (o *Object) String() string {
return o.remote
}
+// Metadata returns all file metadata provided by Internet Archive
+func (o *Object) Metadata(ctx context.Context) (m fs.Metadata, err error) {
+ if o.rawData == nil {
+ return nil, nil
+ }
+ raw := make(map[string]json.RawMessage)
+ err = json.Unmarshal(o.rawData, &raw)
+ if err != nil {
+ // fatal: json parsing failed
+ return
+ }
+ for k, v := range raw {
+ items, err := listOrString(v)
+ if len(items) == 0 || err != nil {
+ // skip: an entry failed to parse
+ continue
+ }
+ m.Set(k, items[0])
+ }
+ // move the old mtime to an another key
+ if v, ok := m["mtime"]; ok {
+ m["rclone-ia-mtime"] = v
+ }
+ // overwrite with a correct mtime
+ m["mtime"] = o.modTime.Format(time.RFC3339Nano)
+ return
+}
+
func (f *Fs) shouldRetry(resp *http.Response, err error) (bool, error) {
if resp != nil {
for _, e := range retryErrorCodes {
@@ -788,7 +947,7 @@ func (o *Object) split() (bucket, bucketPath string) {
return o.fs.split(o.remote)
}
-func (f *Fs) requestMetadata(ctx context.Context, bucket string) (result MetadataResponse, err error) {
+func (f *Fs) requestMetadata(ctx context.Context, bucket string) (result *MetadataResponse, err error) {
var resp *http.Response
// make a GET request to (frontend)/metadata/:item/
opts := rest.Opts{
@@ -796,12 +955,15 @@ func (f *Fs) requestMetadata(ctx context.Context, bucket string) (result Metadat
Path: path.Join("/metadata/", bucket),
}
+ var temp MetadataResponseRaw
err = f.pacer.Call(func() (bool, error) {
- resp, err = f.front.CallJSON(ctx, &opts, nil, &result)
+ resp, err = f.front.CallJSON(ctx, &opts, nil, &temp)
return f.shouldRetry(resp, err)
})
-
- return result, err
+ if err != nil {
+ return
+ }
+ return temp.unraw()
}
// list up all files/directories without any filters
@@ -990,15 +1152,21 @@ func (f *Fs) waitDelete(ctx context.Context, bucket, bucketPath string) (err err
}
func makeValidObject(f *Fs, remote string, file IAFile, mtime time.Time, size int64) *Object {
- return &Object{
+ ret := &Object{
fs: f,
remote: remote,
modTime: mtime,
size: size,
- md5: file.Md5,
- crc32: file.Crc32,
- sha1: file.Sha1,
+ rawData: file.rawData,
+ }
+ // hashes from _files.xml (where summation != "") is different from one in other files
+ // https://forum.rclone.org/t/internet-archive-md5-tag-in-id-files-xml-interpreted-incorrectly/31922
+ if file.Summation == "" {
+ ret.md5 = file.Md5
+ ret.crc32 = file.Crc32
+ ret.sha1 = file.Sha1
}
+ return ret
}
func makeValidObject2(f *Fs, file IAFile, bucket string) *Object {
@@ -1045,6 +1213,23 @@ func (file IAFile) parseMtime() (mtime time.Time) {
return mtime
}
+func (mrr *MetadataResponseRaw) unraw() (_ *MetadataResponse, err error) {
+ var files []IAFile
+ for _, raw := range mrr.Files {
+ var parsed IAFile
+ err = json.Unmarshal(raw, &parsed)
+ if err != nil {
+ return nil, err
+ }
+ parsed.rawData = raw
+ files = append(files, parsed)
+ }
+ return &MetadataResponse{
+ Files: files,
+ ItemSize: mrr.ItemSize,
+ }, nil
+}
+
func compareSize(a, b int64) bool {
if a < 0 || b < 0 {
// we won't compare if any of them is not known
@@ -1088,7 +1273,7 @@ func trimPathPrefix(s, prefix string, enc encoder.MultiEncoder) string {
return enc.ToStandardPath(strings.TrimPrefix(s, prefix+"/"))
}
-// mimicks urllib.parse.quote() on Python; exclude / from url.PathEscape
+// mimics urllib.parse.quote() on Python; exclude / from url.PathEscape
func quotePath(s string) string {
seg := strings.Split(s, "/")
newValues := []string{}
@@ -1106,4 +1291,5 @@ var (
_ fs.PublicLinker = &Fs{}
_ fs.Abouter = &Fs{}
_ fs.Object = &Object{}
+ _ fs.Metadataer = &Object{}
)
diff --git a/backend/jottacloud/api/types.go b/backend/jottacloud/api/types.go
index 91e0c30957668..8daf0f7ad35b4 100644
--- a/backend/jottacloud/api/types.go
+++ b/backend/jottacloud/api/types.go
@@ -1,3 +1,4 @@
+// Package api provides types used by the Jottacloud API.
package api
import (
diff --git a/backend/jottacloud/jottacloud.go b/backend/jottacloud/jottacloud.go
index c75774d93f643..6eb76d1ef00f5 100644
--- a/backend/jottacloud/jottacloud.go
+++ b/backend/jottacloud/jottacloud.go
@@ -1,3 +1,4 @@
+// Package jottacloud provides an interface to the Jottacloud storage system.
package jottacloud
import (
@@ -11,7 +12,6 @@ import (
"errors"
"fmt"
"io"
- "io/ioutil"
"math/rand"
"net/http"
"net/url"
@@ -46,9 +46,9 @@ const (
decayConstant = 2 // bigger for slower decay, exponential
defaultDevice = "Jotta"
defaultMountpoint = "Archive"
- rootURL = "https://jfs.jottacloud.com/jfs/"
+ jfsURL = "https://jfs.jottacloud.com/jfs/"
apiURL = "https://api.jottacloud.com/"
- baseURL = "https://www.jottacloud.com/"
+ wwwURL = "https://www.jottacloud.com/"
cachePrefix = "rclone-jcmd5-"
configDevice = "device"
configMountpoint = "mountpoint"
@@ -127,7 +127,7 @@ func init() {
func Config(ctx context.Context, name string, m configmap.Mapper, config fs.ConfigIn) (*fs.ConfigOut, error) {
switch config.State {
case "":
- return fs.ConfigChooseFixed("auth_type_done", "config_type", `Authentication type.`, []fs.OptionExample{{
+ return fs.ConfigChooseExclusiveFixed("auth_type_done", "config_type", `Select authentication type.`, []fs.OptionExample{{
Value: "standard",
Help: "Standard authentication.\nUse this if you're a normal Jottacloud user.",
}, {
@@ -145,7 +145,7 @@ func Config(ctx context.Context, name string, m configmap.Mapper, config fs.Conf
return fs.ConfigGoto(config.Result)
case "standard": // configure a jottacloud backend using the modern JottaCli token based authentication
m.Set("configVersion", fmt.Sprint(configVersion))
- return fs.ConfigInput("standard_token", "config_login_token", "Personal login token.\n\nGenerate here: https://www.jottacloud.com/web/secure")
+ return fs.ConfigInput("standard_token", "config_login_token", "Personal login token.\nGenerate here: https://www.jottacloud.com/web/secure")
case "standard_token":
loginToken := config.Result
m.Set(configClientID, defaultClientID)
@@ -262,7 +262,11 @@ machines.`)
},
})
case "choose_device":
- return fs.ConfigConfirm("choose_device_query", false, "config_non_standard", "Use a non standard device/mountpoint e.g. for accessing files uploaded using the official Jottacloud client?")
+ return fs.ConfigConfirm("choose_device_query", false, "config_non_standard", `Use a non-standard device/mountpoint?
+Choosing no, the default, will let you access the storage used for the archive
+section of the official Jottacloud client. If you instead want to access the
+sync or the backup section, for example, you must choose yes.`)
+
case "choose_device_query":
if config.Result != "true" {
m.Set(configDevice, "")
@@ -273,43 +277,139 @@ machines.`)
if err != nil {
return nil, err
}
- srv := rest.NewClient(oAuthClient).SetRoot(rootURL)
+ jfsSrv := rest.NewClient(oAuthClient).SetRoot(jfsURL)
apiSrv := rest.NewClient(oAuthClient).SetRoot(apiURL)
cust, err := getCustomerInfo(ctx, apiSrv)
if err != nil {
return nil, err
}
- m.Set(configUsername, cust.Username)
- acc, err := getDriveInfo(ctx, srv, cust.Username)
+ acc, err := getDriveInfo(ctx, jfsSrv, cust.Username)
if err != nil {
return nil, err
}
- return fs.ConfigChoose("choose_device_result", "config_device", `Please select the device to use. Normally this will be Jotta`, len(acc.Devices), func(i int) (string, string) {
- return acc.Devices[i].Name, ""
+
+ deviceNames := make([]string, len(acc.Devices))
+ for i, dev := range acc.Devices {
+ if i > 0 && dev.Name == defaultDevice {
+ // Insert the special Jotta device as first entry, making it the default choice.
+ copy(deviceNames[1:i+1], deviceNames[0:i])
+ deviceNames[0] = dev.Name
+ } else {
+ deviceNames[i] = dev.Name
+ }
+ }
+
+ help := fmt.Sprintf(`The device to use. In standard setup the built-in %s device is used,
+which contains predefined mountpoints for archive, sync etc. All other devices
+are treated as backup devices by the official Jottacloud client. You may create
+a new by entering a unique name.`, defaultDevice)
+ return fs.ConfigChoose("choose_device_result", "config_device", help, len(deviceNames), func(i int) (string, string) {
+ return deviceNames[i], ""
})
case "choose_device_result":
device := config.Result
- m.Set(configDevice, device)
oAuthClient, _, err := getOAuthClient(ctx, name, m)
if err != nil {
return nil, err
}
- srv := rest.NewClient(oAuthClient).SetRoot(rootURL)
+ jfsSrv := rest.NewClient(oAuthClient).SetRoot(jfsURL)
+ apiSrv := rest.NewClient(oAuthClient).SetRoot(apiURL)
- username, _ := m.Get(configUsername)
- dev, err := getDeviceInfo(ctx, srv, path.Join(username, device))
+ cust, err := getCustomerInfo(ctx, apiSrv)
+ if err != nil {
+ return nil, err
+ }
+
+ acc, err := getDriveInfo(ctx, jfsSrv, cust.Username)
if err != nil {
return nil, err
}
- return fs.ConfigChoose("choose_device_mountpoint", "config_mountpoint", `Please select the mountpoint to use. Normally this will be Archive.`, len(dev.MountPoints), func(i int) (string, string) {
+ isNew := true
+ for _, dev := range acc.Devices {
+ if strings.EqualFold(dev.Name, device) { // If device name exists with different casing we prefer the existing (not sure if and how the api handles the opposite)
+ device = dev.Name // Prefer same casing as existing, e.g. if user entered "jotta" we use the standard casing "Jotta" instead
+ isNew = false
+ break
+ }
+ }
+ var dev *api.JottaDevice
+ if isNew {
+ fs.Debugf(nil, "Creating new device: %s", device)
+ dev, err = createDevice(ctx, jfsSrv, path.Join(cust.Username, device))
+ if err != nil {
+ return nil, err
+ }
+ }
+ m.Set(configDevice, device)
+
+ if !isNew {
+ dev, err = getDeviceInfo(ctx, jfsSrv, path.Join(cust.Username, device))
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ var help string
+ if device == defaultDevice {
+ // With built-in Jotta device the mountpoint choice is exclusive,
+ // we do not want to risk any problems by creating new mountpoints on it.
+ help = fmt.Sprintf(`The mountpoint to use on the built-in device %s.
+The standard setup is to use the %s mountpoint. Most other mountpoints
+have very limited support in rclone and should generally be avoided.`, defaultDevice, defaultMountpoint)
+ return fs.ConfigChooseExclusive("choose_device_mountpoint", "config_mountpoint", help, len(dev.MountPoints), func(i int) (string, string) {
+ return dev.MountPoints[i].Name, ""
+ })
+ }
+ help = fmt.Sprintf(`The mountpoint to use on the non-standard device %s.
+You may create a new by entering a unique name.`, device)
+ return fs.ConfigChoose("choose_device_mountpoint", "config_mountpoint", help, len(dev.MountPoints), func(i int) (string, string) {
return dev.MountPoints[i].Name, ""
})
case "choose_device_mountpoint":
mountpoint := config.Result
+
+ oAuthClient, _, err := getOAuthClient(ctx, name, m)
+ if err != nil {
+ return nil, err
+ }
+ jfsSrv := rest.NewClient(oAuthClient).SetRoot(jfsURL)
+ apiSrv := rest.NewClient(oAuthClient).SetRoot(apiURL)
+
+ cust, err := getCustomerInfo(ctx, apiSrv)
+ if err != nil {
+ return nil, err
+ }
+
+ device, _ := m.Get(configDevice)
+
+ dev, err := getDeviceInfo(ctx, jfsSrv, path.Join(cust.Username, device))
+ if err != nil {
+ return nil, err
+ }
+ isNew := true
+ for _, mnt := range dev.MountPoints {
+ if strings.EqualFold(mnt.Name, mountpoint) {
+ mountpoint = mnt.Name
+ isNew = false
+ break
+ }
+ }
+
+ if isNew {
+ if device == defaultDevice {
+ return nil, fmt.Errorf("custom mountpoints not supported on built-in %s device: %w", defaultDevice, err)
+ }
+ fs.Debugf(nil, "Creating new mountpoint: %s", mountpoint)
+ _, err := createMountPoint(ctx, jfsSrv, path.Join(cust.Username, device, mountpoint))
+ if err != nil {
+ return nil, err
+ }
+ }
m.Set(configMountpoint, mountpoint)
+
return fs.ConfigGoto("end")
case "end":
// All the config flows end up here in case we need to carry on with something
@@ -332,16 +432,17 @@ type Options struct {
// Fs represents a remote jottacloud
type Fs struct {
- name string
- root string
- user string
- opt Options
- features *fs.Features
- endpointURL string
- srv *rest.Client
- apiSrv *rest.Client
- pacer *fs.Pacer
- tokenRenewer *oauthutil.Renew // renew the token on expiry
+ name string
+ root string
+ user string
+ opt Options
+ features *fs.Features
+ fileEndpoint string
+ allocateEndpoint string
+ jfsSrv *rest.Client
+ apiSrv *rest.Client
+ pacer *fs.Pacer
+ tokenRenewer *oauthutil.Renew // renew the token on expiry
}
// Object describes a jottacloud object
@@ -588,15 +689,47 @@ func getDeviceInfo(ctx context.Context, srv *rest.Client, path string) (info *ap
return info, nil
}
-// setEndpointURL generates the API endpoint URL
-func (f *Fs) setEndpointURL() {
+// createDevice makes a device
+func createDevice(ctx context.Context, srv *rest.Client, path string) (info *api.JottaDevice, err error) {
+ opts := rest.Opts{
+ Method: "POST",
+ Path: urlPathEscape(path),
+ Parameters: url.Values{},
+ }
+
+ opts.Parameters.Set("type", "WORKSTATION")
+
+ _, err = srv.CallXML(ctx, &opts, nil, &info)
+ if err != nil {
+ return nil, fmt.Errorf("couldn't create device: %w", err)
+ }
+ return info, nil
+}
+
+// createMountPoint makes a mount point
+func createMountPoint(ctx context.Context, srv *rest.Client, path string) (info *api.JottaMountPoint, err error) {
+ opts := rest.Opts{
+ Method: "POST",
+ Path: urlPathEscape(path),
+ }
+
+ _, err = srv.CallXML(ctx, &opts, nil, &info)
+ if err != nil {
+ return nil, fmt.Errorf("couldn't create mountpoint: %w", err)
+ }
+ return info, nil
+}
+
+// setEndpoints generates the API endpoints
+func (f *Fs) setEndpoints() {
if f.opt.Device == "" {
f.opt.Device = defaultDevice
}
if f.opt.Mountpoint == "" {
f.opt.Mountpoint = defaultMountpoint
}
- f.endpointURL = path.Join(f.user, f.opt.Device, f.opt.Mountpoint)
+ f.fileEndpoint = path.Join(f.user, f.opt.Device, f.opt.Mountpoint)
+ f.allocateEndpoint = path.Join("/jfs", f.opt.Device, f.opt.Mountpoint)
}
// readMetaDataForPath reads the metadata from the path
@@ -608,7 +741,7 @@ func (f *Fs) readMetaDataForPath(ctx context.Context, path string) (info *api.Jo
var result api.JottaFile
var resp *http.Response
err = f.pacer.Call(func() (bool, error) {
- resp, err = f.srv.CallXML(ctx, &opts, nil, &result)
+ resp, err = f.jfsSrv.CallXML(ctx, &opts, nil, &result)
return shouldRetry(ctx, resp, err)
})
@@ -653,13 +786,30 @@ func urlPathEscape(in string) string {
}
// filePathRaw returns an unescaped file path (f.root, file)
-func (f *Fs) filePathRaw(file string) string {
- return path.Join(f.endpointURL, f.opt.Enc.FromStandardPath(path.Join(f.root, file)))
+// Optionally made absolute by prefixing with "/", typically required when used
+// as request parameter instead of the path (which is relative to some root url).
+func (f *Fs) filePathRaw(file string, absolute bool) string {
+ prefix := ""
+ if absolute {
+ prefix = "/"
+ }
+ return path.Join(prefix, f.fileEndpoint, f.opt.Enc.FromStandardPath(path.Join(f.root, file)))
}
// filePath returns an escaped file path (f.root, file)
func (f *Fs) filePath(file string) string {
- return urlPathEscape(f.filePathRaw(file))
+ return urlPathEscape(f.filePathRaw(file, false))
+}
+
+// allocatePathRaw returns an unescaped allocate file path (f.root, file)
+// Optionally made absolute by prefixing with "/", typically required when used
+// as request parameter instead of the path (which is relative to some root url).
+func (f *Fs) allocatePathRaw(file string, absolute bool) string {
+ prefix := ""
+ if absolute {
+ prefix = "/"
+ }
+ return path.Join(prefix, f.allocateEndpoint, f.opt.Enc.FromStandardPath(path.Join(f.root, file)))
}
// Jottacloud requires the grant_type 'refresh_token' string
@@ -671,7 +821,7 @@ func (f *Fs) filePath(file string) string {
func grantTypeFilter(req *http.Request) {
if legacyTokenURL == req.URL.String() {
// read the entire body
- refreshBody, err := ioutil.ReadAll(req.Body)
+ refreshBody, err := io.ReadAll(req.Body)
if err != nil {
return
}
@@ -681,7 +831,7 @@ func grantTypeFilter(req *http.Request) {
refreshBody = []byte(strings.Replace(string(refreshBody), "grant_type=refresh_token", "grant_type=REFRESH_TOKEN", 1))
// set the new ReadCloser (with a dummy Close())
- req.Body = ioutil.NopCloser(bytes.NewReader(refreshBody))
+ req.Body = io.NopCloser(bytes.NewReader(refreshBody))
}
}
@@ -692,12 +842,12 @@ func getOAuthClient(ctx context.Context, name string, m configmap.Mapper) (oAuth
if ok {
ver, err = strconv.Atoi(version)
if err != nil {
- return nil, nil, errors.New("Failed to parse config version")
+ return nil, nil, errors.New("failed to parse config version")
}
ok = (ver == configVersion) || (ver == legacyConfigVersion)
}
if !ok {
- return nil, nil, errors.New("Outdated config - please reconfigure this backend")
+ return nil, nil, errors.New("outdated config - please reconfigure this backend")
}
baseClient := fshttp.NewClient(ctx)
@@ -743,7 +893,7 @@ func getOAuthClient(ctx context.Context, name string, m configmap.Mapper) (oAuth
// Create OAuth Client
oAuthClient, ts, err = oauthutil.NewClientWithBaseClient(ctx, name, m, oauthConfig, baseClient)
if err != nil {
- return nil, nil, fmt.Errorf("Failed to configure Jottacloud oauth client: %w", err)
+ return nil, nil, fmt.Errorf("failed to configure Jottacloud oauth client: %w", err)
}
return oAuthClient, ts, nil
}
@@ -769,7 +919,7 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
name: name,
root: root,
opt: *opt,
- srv: rest.NewClient(oAuthClient).SetRoot(rootURL),
+ jfsSrv: rest.NewClient(oAuthClient).SetRoot(jfsURL),
apiSrv: rest.NewClient(oAuthClient).SetRoot(apiURL),
pacer: fs.NewPacer(ctx, pacer.NewDefault(pacer.MinSleep(minSleep), pacer.MaxSleep(maxSleep), pacer.DecayConstant(decayConstant))),
}
@@ -779,7 +929,7 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
ReadMimeType: true,
WriteMimeType: false,
}).Fill(ctx, f)
- f.srv.SetErrorHandler(errorHandler)
+ f.jfsSrv.SetErrorHandler(errorHandler)
if opt.TrashedOnly { // we cannot support showing Trashed Files when using ListR right now
f.features.ListR = nil
}
@@ -798,7 +948,7 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
return nil, err
}
f.user = cust.Username
- f.setEndpointURL()
+ f.setEndpoints()
if root != "" && !rootIsDir {
// Check to see if the root actually an existing file
@@ -864,7 +1014,7 @@ func (f *Fs) CreateDir(ctx context.Context, path string) (jf *api.JottaFolder, e
opts.Parameters.Set("mkDir", "true")
err = f.pacer.Call(func() (bool, error) {
- resp, err = f.srv.CallXML(ctx, &opts, nil, &jf)
+ resp, err = f.jfsSrv.CallXML(ctx, &opts, nil, &jf)
return shouldRetry(ctx, resp, err)
})
if err != nil {
@@ -893,7 +1043,7 @@ func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err e
var resp *http.Response
var result api.JottaFolder
err = f.pacer.Call(func() (bool, error) {
- resp, err = f.srv.CallXML(ctx, &opts, nil, &result)
+ resp, err = f.jfsSrv.CallXML(ctx, &opts, nil, &result)
return shouldRetry(ctx, resp, err)
})
@@ -1030,7 +1180,7 @@ func parseListRStream(ctx context.Context, r io.Reader, filesystem *Fs, callback
if expected.Folders != actual.Folders ||
expected.Files != actual.Files {
- return fmt.Errorf("Invalid result from listStream: expected[%#v] != actual[%#v]", expected, actual)
+ return fmt.Errorf("invalid result from listStream: expected[%#v] != actual[%#v]", expected, actual)
}
return nil
}
@@ -1051,7 +1201,7 @@ func (f *Fs) ListR(ctx context.Context, dir string, callback fs.ListRCallback) (
var resp *http.Response
err = f.pacer.Call(func() (bool, error) {
- resp, err = f.srv.Call(ctx, &opts)
+ resp, err = f.jfsSrv.Call(ctx, &opts)
if err != nil {
return shouldRetry(ctx, resp, err)
}
@@ -1097,13 +1247,10 @@ func (f *Fs) createObject(remote string, modTime time.Time, size int64) (o *Obje
// Put the object
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
- if f.opt.Device != "Jotta" {
- return nil, errors.New("upload not supported for devices other than Jotta")
- }
o := f.createObject(src.Remote(), src.ModTime(ctx), src.Size())
return o, o.Update(ctx, in, src, options...)
}
@@ -1113,10 +1260,7 @@ func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options .
func (f *Fs) mkParentDir(ctx context.Context, dirPath string) error {
// defer log.Trace(dirPath, "")("")
// chop off trailing / if it exists
- if strings.HasSuffix(dirPath, "/") {
- dirPath = dirPath[:len(dirPath)-1]
- }
- parent := path.Dir(dirPath)
+ parent := path.Dir(strings.TrimSuffix(dirPath, "/"))
if parent == "." {
parent = ""
}
@@ -1164,7 +1308,7 @@ func (f *Fs) purgeCheck(ctx context.Context, dir string, check bool) (err error)
var resp *http.Response
err = f.pacer.Call(func() (bool, error) {
- resp, err = f.srv.Call(ctx, &opts)
+ resp, err = f.jfsSrv.Call(ctx, &opts)
return shouldRetry(ctx, resp, err)
})
if err != nil {
@@ -1217,7 +1361,7 @@ func (f *Fs) createOrUpdate(ctx context.Context, file string, modTime time.Time,
var resp *http.Response
err = f.pacer.Call(func() (bool, error) {
- resp, err = f.srv.CallXML(ctx, &opts, nil, &info)
+ resp, err = f.jfsSrv.CallXML(ctx, &opts, nil, &info)
return shouldRetry(ctx, resp, err)
})
@@ -1238,11 +1382,11 @@ func (f *Fs) copyOrMove(ctx context.Context, method, src, dest string) (info *ap
Parameters: url.Values{},
}
- opts.Parameters.Set(method, "/"+path.Join(f.endpointURL, f.opt.Enc.FromStandardPath(path.Join(f.root, dest))))
+ opts.Parameters.Set(method, f.filePathRaw(dest, true))
var resp *http.Response
err = f.pacer.Call(func() (bool, error) {
- resp, err = f.srv.CallXML(ctx, &opts, nil, &info)
+ resp, err = f.jfsSrv.CallXML(ctx, &opts, nil, &info)
return shouldRetry(ctx, resp, err)
})
if err != nil {
@@ -1253,9 +1397,9 @@ func (f *Fs) copyOrMove(ctx context.Context, method, src, dest string) (info *ap
// Copy src to this remote using server-side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -1273,7 +1417,7 @@ func (f *Fs) Copy(ctx context.Context, src fs.Object, remote string) (fs.Object,
}
info, err := f.copyOrMove(ctx, "cp", srcObj.filePath(), remote)
- // if destination was a trashed file then after a successfull copy the copied file is still in trash (bug in api?)
+ // if destination was a trashed file then after a successful copy the copied file is still in trash (bug in api?)
if err == nil && bool(info.Deleted) && !f.opt.TrashedOnly && info.State == "COMPLETED" {
fs.Debugf(src, "Server-side copied to trashed destination, restoring")
info, err = f.createOrUpdate(ctx, remote, srcObj.modTime, srcObj.size, srcObj.md5)
@@ -1289,9 +1433,9 @@ func (f *Fs) Copy(ctx context.Context, src fs.Object, remote string) (fs.Object,
// Move src to this remote using server-side move operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -1351,7 +1495,7 @@ func (f *Fs) DirMove(ctx context.Context, src fs.Fs, srcRemote, dstRemote string
return fs.ErrorDirExists
}
- _, err = f.copyOrMove(ctx, "mvDir", path.Join(f.endpointURL, f.opt.Enc.FromStandardPath(srcPath))+"/", dstRemote)
+ _, err = f.copyOrMove(ctx, "mvDir", path.Join(f.fileEndpoint, f.opt.Enc.FromStandardPath(srcPath))+"/", dstRemote)
if err != nil {
return fmt.Errorf("couldn't move directory: %w", err)
@@ -1376,7 +1520,7 @@ func (f *Fs) PublicLink(ctx context.Context, remote string, expire fs.Duration,
var resp *http.Response
var result api.JottaFile
err = f.pacer.Call(func() (bool, error) {
- resp, err = f.srv.CallXML(ctx, &opts, nil, &result)
+ resp, err = f.jfsSrv.CallXML(ctx, &opts, nil, &result)
return shouldRetry(ctx, resp, err)
})
@@ -1402,19 +1546,19 @@ func (f *Fs) PublicLink(ctx context.Context, remote string, expire fs.Duration,
return "", errors.New("couldn't create public link - no uri received")
}
if result.PublicSharePath != "" {
- webLink := joinPath(baseURL, result.PublicSharePath)
+ webLink := joinPath(wwwURL, result.PublicSharePath)
fs.Debugf(nil, "Web link: %s", webLink)
} else {
fs.Debugf(nil, "No web link received")
}
- directLink := joinPath(baseURL, fmt.Sprintf("opin/io/downloadPublic/%s/%s", f.user, result.PublicURI))
+ directLink := joinPath(wwwURL, fmt.Sprintf("opin/io/downloadPublic/%s/%s", f.user, result.PublicURI))
fs.Debugf(nil, "Direct link: %s", directLink)
return directLink, nil
}
// About gets quota information
func (f *Fs) About(ctx context.Context) (*fs.Usage, error) {
- info, err := getDriveInfo(ctx, f.srv, f.user)
+ info, err := getDriveInfo(ctx, f.jfsSrv, f.user)
if err != nil {
return nil, err
}
@@ -1617,7 +1761,7 @@ func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (in io.Read
opts.Parameters.Set("mode", "bin")
err = o.fs.pacer.Call(func() (bool, error) {
- resp, err = o.fs.srv.Call(ctx, &opts)
+ resp, err = o.fs.jfsSrv.Call(ctx, &opts)
return shouldRetry(ctx, resp, err)
})
if err != nil {
@@ -1644,7 +1788,7 @@ func readMD5(in io.Reader, size, threshold int64) (md5sum string, out io.Reader,
var tempFile *os.File
// create the cache file
- tempFile, err = ioutil.TempFile("", cachePrefix)
+ tempFile, err = os.CreateTemp("", cachePrefix)
if err != nil {
return
}
@@ -1672,7 +1816,7 @@ func readMD5(in io.Reader, size, threshold int64) (md5sum string, out io.Reader,
} else {
// that's a small file, just read it into memory
var inData []byte
- inData, err = ioutil.ReadAll(teeReader)
+ inData, err = io.ReadAll(teeReader)
if err != nil {
return
}
@@ -1685,7 +1829,7 @@ func readMD5(in io.Reader, size, threshold int64) (md5sum string, out io.Reader,
// Update the object with the contents of the io.Reader, modTime and size
//
-// If existing is set then it updates the object rather than creating a new one
+// If existing is set then it updates the object rather than creating a new one.
//
// The new object may have been created if an error is returned
func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (err error) {
@@ -1738,7 +1882,7 @@ func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, op
Created: fileDate,
Modified: fileDate,
Md5: md5String,
- Path: path.Join(o.fs.opt.Mountpoint, o.fs.opt.Enc.FromStandardPath(path.Join(o.fs.root, o.remote))),
+ Path: o.fs.allocatePathRaw(o.remote, true),
}
// send it
@@ -1769,7 +1913,7 @@ func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, op
// copy the already uploaded bytes into the trash :)
var result api.UploadResponse
- _, err = io.CopyN(ioutil.Discard, in, response.ResumePos)
+ _, err = io.CopyN(io.Discard, in, response.ResumePos)
if err != nil {
return err
}
@@ -1808,7 +1952,7 @@ func (o *Object) remove(ctx context.Context, hard bool) error {
}
return o.fs.pacer.Call(func() (bool, error) {
- resp, err := o.fs.srv.CallXML(ctx, &opts, nil, nil)
+ resp, err := o.fs.jfsSrv.CallXML(ctx, &opts, nil, nil)
return shouldRetry(ctx, resp, err)
})
}
diff --git a/backend/koofr/koofr.go b/backend/koofr/koofr.go
index f77ae019ff9df..54513f0c1da48 100644
--- a/backend/koofr/koofr.go
+++ b/backend/koofr/koofr.go
@@ -1,3 +1,4 @@
+// Package koofr provides an interface to the Koofr storage system.
package koofr
import (
@@ -351,9 +352,9 @@ func NewFsFromOptions(ctx context.Context, name, root string, opt *Options) (ff
}
if f.mountID == "" {
if opt.MountID == "" {
- return nil, errors.New("Failed to find primary mount")
+ return nil, errors.New("failed to find primary mount")
}
- return nil, errors.New("Failed to find mount " + opt.MountID)
+ return nil, errors.New("failed to find mount " + opt.MountID)
}
rootFile, err := f.client.FilesInfo(f.mountID, f.opt.Enc.FromStandardPath("/"+f.root))
if err == nil && rootFile.Type != "dir" {
@@ -667,7 +668,7 @@ func (f *Fs) PublicLink(ctx context.Context, remote string, expire fs.Duration,
//
// https://app.koofr.net/content/links/39a6cc01-3b23-477a-8059-c0fb3b0f15de/files/get?path=%2F
//
- // I am not sure about meaning of "path" parameter; in my expriments
+ // I am not sure about meaning of "path" parameter; in my experiments
// it is always "%2F", and omitting it or putting any other value
// results in 404.
//
diff --git a/backend/local/about_windows.go b/backend/local/about_windows.go
index d8daed7644fa2..f4fba6195a1ad 100644
--- a/backend/local/about_windows.go
+++ b/backend/local/about_windows.go
@@ -17,8 +17,12 @@ var getFreeDiskSpace = syscall.NewLazyDLL("kernel32.dll").NewProc("GetDiskFreeSp
// About gets quota information
func (f *Fs) About(ctx context.Context) (*fs.Usage, error) {
var available, total, free int64
+ root, e := syscall.UTF16PtrFromString(f.root)
+ if e != nil {
+ return nil, fmt.Errorf("failed to read disk usage: %w", e)
+ }
_, _, e1 := getFreeDiskSpace.Call(
- uintptr(unsafe.Pointer(syscall.StringToUTF16Ptr(f.root))),
+ uintptr(unsafe.Pointer(root)),
uintptr(unsafe.Pointer(&available)), // lpFreeBytesAvailable - for this user
uintptr(unsafe.Pointer(&total)), // lpTotalNumberOfBytes
uintptr(unsafe.Pointer(&free)), // lpTotalNumberOfFreeBytes
diff --git a/backend/local/local.go b/backend/local/local.go
index 3c00d53892d9c..25ff7fce5f08b 100644
--- a/backend/local/local.go
+++ b/backend/local/local.go
@@ -7,7 +7,6 @@ import (
"errors"
"fmt"
"io"
- "io/ioutil"
"os"
"path"
"path/filepath"
@@ -22,6 +21,7 @@ import (
"github.com/rclone/rclone/fs/config"
"github.com/rclone/rclone/fs/config/configmap"
"github.com/rclone/rclone/fs/config/configstruct"
+ "github.com/rclone/rclone/fs/filter"
"github.com/rclone/rclone/fs/fserrors"
"github.com/rclone/rclone/fs/hash"
"github.com/rclone/rclone/lib/encoder"
@@ -42,9 +42,22 @@ func init() {
Description: "Local Disk",
NewFs: NewFs,
CommandHelp: commandHelp,
+ MetadataInfo: &fs.MetadataInfo{
+ System: systemMetadataInfo,
+ Help: `Depending on which OS is in use the local backend may return only some
+of the system metadata. Setting system metadata is supported on all
+OSes but setting user metadata is only supported on linux, freebsd,
+netbsd, macOS and Solaris. It is **not** supported on Windows yet
+([see pkg/attrs#47](https://github.com/pkg/xattr/issues/47)).
+
+User metadata is stored as extended attributes (which may not be
+supported by all file systems) under the "user.*" prefix.
+`,
+ },
Options: []fs.Option{{
Name: "nounc",
Help: "Disable UNC (long path names) conversion on Windows.",
+ Default: false,
Advanced: runtime.GOOS != "windows",
Examples: []fs.OptionExample{{
Value: "true",
@@ -110,8 +123,8 @@ routine so this flag shouldn't normally be used.`,
Help: `Don't check to see if the files change during upload.
Normally rclone checks the size and modification time of files as they
-are being uploaded and aborts with a message which starts "can't copy
-- source file is being updated" if the file changes during upload.
+are being uploaded and aborts with a message which starts "can't copy -
+source file is being updated" if the file changes during upload.
However on some file systems this modification time check may fail (e.g.
[Glusterfs #2206](https://github.com/rclone/rclone/issues/2206)) so this
@@ -221,15 +234,16 @@ type Options struct {
// Fs represents a local filesystem rooted at root
type Fs struct {
- name string // the name of the remote
- root string // The root directory (OS path)
- opt Options // parsed config options
- features *fs.Features // optional features
- dev uint64 // device number of root node
- precisionOk sync.Once // Whether we need to read the precision
- precision time.Duration // precision of local filesystem
- warnedMu sync.Mutex // used for locking access to 'warned'.
- warned map[string]struct{} // whether we have warned about this string
+ name string // the name of the remote
+ root string // The root directory (OS path)
+ opt Options // parsed config options
+ features *fs.Features // optional features
+ dev uint64 // device number of root node
+ precisionOk sync.Once // Whether we need to read the precision
+ precision time.Duration // precision of local filesystem
+ warnedMu sync.Mutex // used for locking access to 'warned'.
+ warned map[string]struct{} // whether we have warned about this string
+ xattrSupported int32 // whether xattrs are supported (atomic access)
// do os.Lstat or os.Stat
lstat func(name string) (os.FileInfo, error)
@@ -273,12 +287,19 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
dev: devUnset,
lstat: os.Lstat,
}
+ if xattrSupported {
+ f.xattrSupported = 1
+ }
f.root = cleanRootPath(root, f.opt.NoUNC, f.opt.Enc)
f.features = (&fs.Features{
CaseInsensitive: f.caseInsensitive(),
CanHaveEmptyDirectories: true,
IsLocal: true,
SlowHash: true,
+ ReadMetadata: true,
+ WriteMetadata: true,
+ UserMetadata: xattrSupported, // can only R/W general purpose metadata if xattrs are supported
+ FilterAware: true,
}).Fill(ctx, f)
if opt.FollowSymlinks {
f.lstat = os.Stat
@@ -423,6 +444,8 @@ func (f *Fs) NewObject(ctx context.Context, remote string) (fs.Object, error) {
// This should return ErrDirNotFound if the directory isn't
// found.
func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err error) {
+ filter, useFilter := filter.GetConfig(ctx), filter.GetUseFilter(ctx)
+
fsDirPath := f.localPath(dir)
_, err = os.Stat(fsDirPath)
if err != nil {
@@ -473,7 +496,14 @@ func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err e
continue
}
if fierr != nil {
- err = fmt.Errorf("failed to read directory %q: %w", namepath, err)
+ // Don't report errors on any file names that are excluded
+ if useFilter {
+ newRemote := f.cleanRemote(dir, name)
+ if !filter.IncludeRemote(newRemote) {
+ continue
+ }
+ }
+ err = fmt.Errorf("failed to read directory %q: %w", namepath, fierr)
fs.Errorf(dir, "%v", fierr)
_ = accounting.Stats(ctx).Error(fserrors.NoRetryError(fierr)) // fail the sync
continue
@@ -506,6 +536,11 @@ func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err e
}
mode = fi.Mode()
}
+ // Don't include non directory if not included
+ // we leave directory filtering to the layer above
+ if useFilter && !fi.IsDir() && !filter.IncludeRemote(newRemote) {
+ continue
+ }
if fi.IsDir() {
// Ignore directories which are symlinks. These are junction points under windows which
// are kind of a souped up symlink. Unix doesn't have directories which are symlinks.
@@ -610,7 +645,7 @@ func (f *Fs) readPrecision() (precision time.Duration) {
precision = time.Second
// Create temporary file and test it
- fd, err := ioutil.TempFile("", "rclone")
+ fd, err := os.CreateTemp("", "rclone")
if err != nil {
// If failed return 1s
// fmt.Println("Failed to create temp file", err)
@@ -679,9 +714,9 @@ func (f *Fs) Purge(ctx context.Context, dir string) error {
// Move src to this remote using server-side move operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -903,7 +938,7 @@ func (o *Object) Hash(ctx context.Context, r hash.Type) (string, error) {
return "", fmt.Errorf("hash: failed to open: %w", err)
}
var hashes map[hash.Type]string
- hashes, err = hash.StreamTypes(in, hash.NewHashSet(r))
+ hashes, err = hash.StreamTypes(readers.NewContextReader(ctx, in), hash.NewHashSet(r))
closeErr := in.Close()
if err != nil {
return "", fmt.Errorf("hash: failed to read: %w", err)
@@ -937,17 +972,22 @@ func (o *Object) ModTime(ctx context.Context) time.Time {
return o.modTime
}
+// Set the atime and ltime of the object
+func (o *Object) setTimes(atime, mtime time.Time) (err error) {
+ if o.translatedLink {
+ err = lChtimes(o.path, atime, mtime)
+ } else {
+ err = os.Chtimes(o.path, atime, mtime)
+ }
+ return err
+}
+
// SetModTime sets the modification time of the local fs object
func (o *Object) SetModTime(ctx context.Context, modTime time.Time) error {
if o.fs.opt.NoSetModTime {
return nil
}
- var err error
- if o.translatedLink {
- err = lChtimes(o.path, modTime, modTime)
- } else {
- err = os.Chtimes(o.path, modTime, modTime)
- }
+ err := o.setTimes(modTime, modTime)
if err != nil {
return err
}
@@ -1032,7 +1072,7 @@ func (o *Object) openTranslatedLink(offset, limit int64) (lrc io.ReadCloser, err
if err != nil {
return nil, err
}
- return readers.NewLimitedReadCloser(ioutil.NopCloser(strings.NewReader(linkdst[offset:])), limit), nil
+ return readers.NewLimitedReadCloser(io.NopCloser(strings.NewReader(linkdst[offset:])), limit), nil
}
// Open an object for read
@@ -1222,6 +1262,16 @@ func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, op
return err
}
+ // Fetch and set metadata if --metadata is in use
+ meta, err := fs.GetMetadataOptions(ctx, src, options)
+ if err != nil {
+ return fmt.Errorf("failed to read metadata from source object: %w", err)
+ }
+ err = o.writeMetadata(meta)
+ if err != nil {
+ return fmt.Errorf("failed to set metadata: %w", err)
+ }
+
// ReRead info now that we have finished
return o.lstat()
}
@@ -1320,31 +1370,56 @@ func (o *Object) Remove(ctx context.Context) error {
return remove(o.path)
}
+// Metadata returns metadata for an object
+//
+// It should return nil if there is no Metadata
+func (o *Object) Metadata(ctx context.Context) (metadata fs.Metadata, err error) {
+ metadata, err = o.getXattr()
+ if err != nil {
+ return nil, err
+ }
+ err = o.readMetadataFromFile(&metadata)
+ if err != nil {
+ return nil, err
+ }
+ return metadata, nil
+}
+
+// Write the metadata on the object
+func (o *Object) writeMetadata(metadata fs.Metadata) (err error) {
+ err = o.setXattr(metadata)
+ if err != nil {
+ return err
+ }
+ err = o.writeMetadataToFile(metadata)
+ if err != nil {
+ return err
+ }
+ return err
+}
+
func cleanRootPath(s string, noUNC bool, enc encoder.MultiEncoder) string {
- if runtime.GOOS == "windows" {
- if !filepath.IsAbs(s) && !strings.HasPrefix(s, "\\") {
+ if runtime.GOOS != "windows" || !strings.HasPrefix(s, "\\") {
+ if !filepath.IsAbs(s) {
s2, err := filepath.Abs(s)
if err == nil {
s = s2
}
+ } else {
+ s = filepath.Clean(s)
}
+ }
+ if runtime.GOOS == "windows" {
s = filepath.ToSlash(s)
vol := filepath.VolumeName(s)
s = vol + enc.FromStandardPath(s[len(vol):])
s = filepath.FromSlash(s)
-
if !noUNC {
// Convert to UNC
s = file.UNCPath(s)
}
return s
}
- if !filepath.IsAbs(s) {
- s2, err := filepath.Abs(s)
- if err == nil {
- s = s2
- }
- }
s = enc.FromStandardPath(s)
return s
}
@@ -1359,4 +1434,5 @@ var (
_ fs.Commander = &Fs{}
_ fs.OpenWriterAter = &Fs{}
_ fs.Object = &Object{}
+ _ fs.Metadataer = &Object{}
)
diff --git a/backend/local/local_internal_test.go b/backend/local/local_internal_test.go
index 2957dcd1cfd55..0b5d124809f2a 100644
--- a/backend/local/local_internal_test.go
+++ b/backend/local/local_internal_test.go
@@ -3,15 +3,19 @@ package local
import (
"bytes"
"context"
- "io/ioutil"
+ "fmt"
+ "io"
"os"
"path"
"path/filepath"
+ "runtime"
+ "sort"
"testing"
"time"
"github.com/rclone/rclone/fs"
"github.com/rclone/rclone/fs/config/configmap"
+ "github.com/rclone/rclone/fs/filter"
"github.com/rclone/rclone/fs/hash"
"github.com/rclone/rclone/fs/object"
"github.com/rclone/rclone/fstest"
@@ -29,7 +33,6 @@ func TestMain(m *testing.M) {
// Test copy with source file that's updating
func TestUpdatingCheck(t *testing.T) {
r := fstest.NewRun(t)
- defer r.Finalise()
filePath := "sub dir/local test"
r.WriteFile(filePath, "content", time.Now())
@@ -74,7 +77,6 @@ func TestUpdatingCheck(t *testing.T) {
func TestSymlink(t *testing.T) {
ctx := context.Background()
r := fstest.NewRun(t)
- defer r.Finalise()
f := r.Flocal.(*Fs)
dir := f.root
@@ -146,7 +148,7 @@ func TestSymlink(t *testing.T) {
// Check reading the object
in, err := o.Open(ctx)
require.NoError(t, err)
- contents, err := ioutil.ReadAll(in)
+ contents, err := io.ReadAll(in)
require.NoError(t, err)
require.Equal(t, "file.txt", string(contents))
require.NoError(t, in.Close())
@@ -154,7 +156,7 @@ func TestSymlink(t *testing.T) {
// Check reading the object with range
in, err = o.Open(ctx, &fs.RangeOption{Start: 2, End: 5})
require.NoError(t, err)
- contents, err = ioutil.ReadAll(in)
+ contents, err = io.ReadAll(in)
require.NoError(t, err)
require.Equal(t, "file.txt"[2:5+1], string(contents))
require.NoError(t, in.Close())
@@ -173,7 +175,6 @@ func TestSymlinkError(t *testing.T) {
func TestHashOnUpdate(t *testing.T) {
ctx := context.Background()
r := fstest.NewRun(t)
- defer r.Finalise()
const filePath = "file.txt"
when := time.Now()
r.WriteFile(filePath, "content", when)
@@ -188,7 +189,7 @@ func TestHashOnUpdate(t *testing.T) {
require.NoError(t, err)
assert.Equal(t, "9a0364b9e99bb480dd25e1f0284c8555", md5)
- // Reupload it with diferent contents but same size and timestamp
+ // Reupload it with different contents but same size and timestamp
var b = bytes.NewBufferString("CONTENT")
src := object.NewStaticObjectInfo(filePath, when, int64(b.Len()), true, nil, f)
err = o.Update(ctx, b, src)
@@ -204,7 +205,6 @@ func TestHashOnUpdate(t *testing.T) {
func TestHashOnDelete(t *testing.T) {
ctx := context.Background()
r := fstest.NewRun(t)
- defer r.Finalise()
const filePath = "file.txt"
when := time.Now()
r.WriteFile(filePath, "content", when)
@@ -229,3 +229,169 @@ func TestHashOnDelete(t *testing.T) {
_, err = o.Hash(ctx, hash.MD5)
require.Error(t, err)
}
+
+func TestMetadata(t *testing.T) {
+ ctx := context.Background()
+ r := fstest.NewRun(t)
+ const filePath = "metafile.txt"
+ when := time.Now()
+ const dayLength = len("2001-01-01")
+ whenRFC := when.Format(time.RFC3339Nano)
+ r.WriteFile(filePath, "metadata file contents", when)
+ f := r.Flocal.(*Fs)
+
+ // Get the object
+ obj, err := f.NewObject(ctx, filePath)
+ require.NoError(t, err)
+ o := obj.(*Object)
+
+ features := f.Features()
+
+ var hasXID, hasAtime, hasBtime bool
+ switch runtime.GOOS {
+ case "darwin", "freebsd", "netbsd", "linux":
+ hasXID, hasAtime, hasBtime = true, true, true
+ case "openbsd", "solaris":
+ hasXID, hasAtime = true, true
+ case "windows":
+ hasAtime, hasBtime = true, true
+ case "plan9", "js":
+ // nada
+ default:
+ t.Errorf("No test cases for OS %q", runtime.GOOS)
+ }
+
+ assert.True(t, features.ReadMetadata)
+ assert.True(t, features.WriteMetadata)
+ assert.Equal(t, xattrSupported, features.UserMetadata)
+
+ t.Run("Xattr", func(t *testing.T) {
+ if !xattrSupported {
+ t.Skip()
+ }
+ m, err := o.getXattr()
+ require.NoError(t, err)
+ assert.Nil(t, m)
+
+ inM := fs.Metadata{
+ "potato": "chips",
+ "cabbage": "soup",
+ }
+ err = o.setXattr(inM)
+ require.NoError(t, err)
+
+ m, err = o.getXattr()
+ require.NoError(t, err)
+ assert.NotNil(t, m)
+ assert.Equal(t, inM, m)
+ })
+
+ checkTime := func(m fs.Metadata, key string, when time.Time) {
+ mt, ok := o.parseMetadataTime(m, key)
+ assert.True(t, ok)
+ dt := mt.Sub(when)
+ precision := time.Second
+ assert.True(t, dt >= -precision && dt <= precision, fmt.Sprintf("%s: dt %v outside +/- precision %v", key, dt, precision))
+ }
+
+ checkInt := func(m fs.Metadata, key string, base int) int {
+ value, ok := o.parseMetadataInt(m, key, base)
+ assert.True(t, ok)
+ return value
+ }
+ t.Run("Read", func(t *testing.T) {
+ m, err := o.Metadata(ctx)
+ require.NoError(t, err)
+ assert.NotNil(t, m)
+
+ // All OSes have these
+ checkInt(m, "mode", 8)
+ checkTime(m, "mtime", when)
+
+ assert.Equal(t, len(whenRFC), len(m["mtime"]))
+ assert.Equal(t, whenRFC[:dayLength], m["mtime"][:dayLength])
+
+ if hasAtime {
+ checkTime(m, "atime", when)
+ }
+ if hasBtime {
+ checkTime(m, "btime", when)
+ }
+ if hasXID {
+ checkInt(m, "uid", 10)
+ checkInt(m, "gid", 10)
+ }
+ })
+
+ t.Run("Write", func(t *testing.T) {
+ newAtimeString := "2011-12-13T14:15:16.999999999Z"
+ newAtime := fstest.Time(newAtimeString)
+ newMtimeString := "2011-12-12T14:15:16.999999999Z"
+ newMtime := fstest.Time(newMtimeString)
+ newBtimeString := "2011-12-11T14:15:16.999999999Z"
+ newBtime := fstest.Time(newBtimeString)
+ newM := fs.Metadata{
+ "mtime": newMtimeString,
+ "atime": newAtimeString,
+ "btime": newBtimeString,
+ // Can't test uid, gid without being root
+ "mode": "0767",
+ "potato": "wedges",
+ }
+ err := o.writeMetadata(newM)
+ require.NoError(t, err)
+
+ m, err := o.Metadata(ctx)
+ require.NoError(t, err)
+ assert.NotNil(t, m)
+
+ mode := checkInt(m, "mode", 8)
+ if runtime.GOOS != "windows" {
+ assert.Equal(t, 0767, mode&0777, fmt.Sprintf("mode wrong - expecting 0767 got 0%o", mode&0777))
+ }
+
+ checkTime(m, "mtime", newMtime)
+ if hasAtime {
+ checkTime(m, "atime", newAtime)
+ }
+ if haveSetBTime {
+ checkTime(m, "btime", newBtime)
+ }
+ if xattrSupported {
+ assert.Equal(t, "wedges", m["potato"])
+ }
+ })
+
+}
+
+func TestFilter(t *testing.T) {
+ ctx := context.Background()
+ r := fstest.NewRun(t)
+ when := time.Now()
+ r.WriteFile("included", "included file", when)
+ r.WriteFile("excluded", "excluded file", when)
+ f := r.Flocal.(*Fs)
+
+ // Check set up for filtering
+ assert.True(t, f.Features().FilterAware)
+
+ // Add a filter
+ ctx, fi := filter.AddConfig(ctx)
+ require.NoError(t, fi.AddRule("+ included"))
+ require.NoError(t, fi.AddRule("- *"))
+
+ // Check listing without use filter flag
+ entries, err := f.List(ctx, "")
+ require.NoError(t, err)
+ sort.Sort(entries)
+ require.Equal(t, "[excluded included]", fmt.Sprint(entries))
+
+ // Add user filter flag
+ ctx = filter.SetUseFilter(ctx, true)
+
+ // Check listing with use filter flag
+ entries, err = f.List(ctx, "")
+ require.NoError(t, err)
+ sort.Sort(entries)
+ require.Equal(t, "[included]", fmt.Sprint(entries))
+}
diff --git a/backend/local/local_test.go b/backend/local/local_test.go
index 8ecab2dbdc3d0..d0d54ec26c4c1 100644
--- a/backend/local/local_test.go
+++ b/backend/local/local_test.go
@@ -11,7 +11,8 @@ import (
// TestIntegration runs integration tests against the remote
func TestIntegration(t *testing.T) {
fstests.Run(t, &fstests.Opt{
- RemoteName: "",
- NilObject: (*local.Object)(nil),
+ RemoteName: "",
+ NilObject: (*local.Object)(nil),
+ QuickTestOK: true,
})
}
diff --git a/backend/local/metadata.go b/backend/local/metadata.go
new file mode 100644
index 0000000000000..097abedf18ffc
--- /dev/null
+++ b/backend/local/metadata.go
@@ -0,0 +1,138 @@
+package local
+
+import (
+ "fmt"
+ "os"
+ "runtime"
+ "strconv"
+ "time"
+
+ "github.com/rclone/rclone/fs"
+)
+
+const metadataTimeFormat = time.RFC3339Nano
+
+// system metadata keys which this backend owns
+//
+// not all values supported on all OSes
+var systemMetadataInfo = map[string]fs.MetadataHelp{
+ "mode": {
+ Help: "File type and mode",
+ Type: "octal, unix style",
+ Example: "0100664",
+ },
+ "uid": {
+ Help: "User ID of owner",
+ Type: "decimal number",
+ Example: "500",
+ },
+ "gid": {
+ Help: "Group ID of owner",
+ Type: "decimal number",
+ Example: "500",
+ },
+ "rdev": {
+ Help: "Device ID (if special file)",
+ Type: "hexadecimal",
+ Example: "1abc",
+ },
+ "atime": {
+ Help: "Time of last access",
+ Type: "RFC 3339",
+ Example: "2006-01-02T15:04:05.999999999Z07:00",
+ },
+ "mtime": {
+ Help: "Time of last modification",
+ Type: "RFC 3339",
+ Example: "2006-01-02T15:04:05.999999999Z07:00",
+ },
+ "btime": {
+ Help: "Time of file birth (creation)",
+ Type: "RFC 3339",
+ Example: "2006-01-02T15:04:05.999999999Z07:00",
+ },
+}
+
+// parse a time string from metadata with key
+func (o *Object) parseMetadataTime(m fs.Metadata, key string) (t time.Time, ok bool) {
+ value, ok := m[key]
+ if ok {
+ var err error
+ t, err = time.Parse(metadataTimeFormat, value)
+ if err != nil {
+ fs.Debugf(o, "failed to parse metadata %s: %q: %v", key, value, err)
+ ok = false
+ }
+ }
+ return t, ok
+}
+
+// parse am int from metadata with key and base
+func (o *Object) parseMetadataInt(m fs.Metadata, key string, base int) (result int, ok bool) {
+ value, ok := m[key]
+ if ok {
+ var err error
+ result64, err := strconv.ParseInt(value, base, 64)
+ if err != nil {
+ fs.Debugf(o, "failed to parse metadata %s: %q: %v", key, value, err)
+ ok = false
+ }
+ result = int(result64)
+ }
+ return result, ok
+}
+
+// Write the metadata into the file
+//
+// It isn't possible to set the ctime and btime under Unix
+func (o *Object) writeMetadataToFile(m fs.Metadata) (outErr error) {
+ var err error
+ atime, atimeOK := o.parseMetadataTime(m, "atime")
+ mtime, mtimeOK := o.parseMetadataTime(m, "mtime")
+ btime, btimeOK := o.parseMetadataTime(m, "btime")
+ if atimeOK || mtimeOK {
+ if atimeOK && !mtimeOK {
+ mtime = atime
+ }
+ if !atimeOK && mtimeOK {
+ atime = mtime
+ }
+ err = o.setTimes(atime, mtime)
+ if err != nil {
+ outErr = fmt.Errorf("failed to set times: %w", err)
+ }
+ }
+ if haveSetBTime {
+ if btimeOK {
+ err = setBTime(o.path, btime)
+ if err != nil {
+ outErr = fmt.Errorf("failed to set birth (creation) time: %w", err)
+ }
+ }
+ }
+ uid, hasUID := o.parseMetadataInt(m, "uid", 10)
+ gid, hasGID := o.parseMetadataInt(m, "gid", 10)
+ if hasUID {
+ // FIXME should read UID and GID of current user and only attempt to set it if different
+ if !hasGID {
+ gid = uid
+ }
+ if runtime.GOOS == "windows" || runtime.GOOS == "plan9" {
+ fs.Debugf(o, "Ignoring request to set ownership %o.%o on this OS", gid, uid)
+ } else {
+ err = os.Chown(o.path, uid, gid)
+ if err != nil {
+ outErr = fmt.Errorf("failed to change ownership: %w", err)
+ }
+ }
+ }
+ mode, hasMode := o.parseMetadataInt(m, "mode", 8)
+ if hasMode {
+ err = os.Chmod(o.path, os.FileMode(mode))
+ if err != nil {
+ outErr = fmt.Errorf("failed to change permissions: %w", err)
+ }
+ }
+ // FIXME not parsing rdev yet
+ return outErr
+}
diff --git a/backend/local/metadata_bsd.go b/backend/local/metadata_bsd.go
new file mode 100644
index 0000000000000..c4c90d2266221
--- /dev/null
+++ b/backend/local/metadata_bsd.go
@@ -0,0 +1,38 @@
+//go:build darwin || freebsd || netbsd
+// +build darwin freebsd netbsd
+
+package local
+
+import (
+ "fmt"
+ "syscall"
+ "time"
+
+ "github.com/rclone/rclone/fs"
+)
+
+// Read the metadata from the file into metadata where possible
+func (o *Object) readMetadataFromFile(m *fs.Metadata) (err error) {
+ info, err := o.fs.lstat(o.path)
+ if err != nil {
+ return err
+ }
+ stat, ok := info.Sys().(*syscall.Stat_t)
+ if !ok {
+ fs.Debugf(o, "didn't return Stat_t as expected")
+ return nil
+ }
+ m.Set("mode", fmt.Sprintf("%0o", stat.Mode))
+ m.Set("uid", fmt.Sprintf("%d", stat.Uid))
+ m.Set("gid", fmt.Sprintf("%d", stat.Gid))
+ if stat.Rdev != 0 {
+ m.Set("rdev", fmt.Sprintf("%x", stat.Rdev))
+ }
+ setTime := func(key string, t syscall.Timespec) {
+ m.Set(key, time.Unix(t.Unix()).Format(metadataTimeFormat))
+ }
+ setTime("atime", stat.Atimespec)
+ setTime("mtime", stat.Mtimespec)
+ setTime("btime", stat.Birthtimespec)
+ return nil
+}
diff --git a/backend/local/metadata_linux.go b/backend/local/metadata_linux.go
new file mode 100644
index 0000000000000..b274148e713c5
--- /dev/null
+++ b/backend/local/metadata_linux.go
@@ -0,0 +1,102 @@
+//go:build linux
+// +build linux
+
+package local
+
+import (
+ "fmt"
+ "sync"
+ "time"
+
+ "github.com/rclone/rclone/fs"
+ "golang.org/x/sys/unix"
+)
+
+var (
+ statxCheckOnce sync.Once
+ readMetadataFromFileFn func(o *Object, m *fs.Metadata) (err error)
+)
+
+// Read the metadata from the file into metadata where possible
+func (o *Object) readMetadataFromFile(m *fs.Metadata) (err error) {
+ statxCheckOnce.Do(func() {
+ // Check statx() is available as it was only introduced in kernel 4.11
+ // If not, fall back to fstatat() which was introduced in 2.6.16 which is guaranteed for all Go versions
+ var stat unix.Statx_t
+ if unix.Statx(unix.AT_FDCWD, ".", 0, unix.STATX_ALL, &stat) != unix.ENOSYS {
+ readMetadataFromFileFn = readMetadataFromFileStatx
+ } else {
+ readMetadataFromFileFn = readMetadataFromFileFstatat
+ }
+ })
+ return readMetadataFromFileFn(o, m)
+}
+
+// Read the metadata from the file into metadata where possible
+func readMetadataFromFileStatx(o *Object, m *fs.Metadata) (err error) {
+ flags := unix.AT_SYMLINK_NOFOLLOW
+ if o.fs.opt.FollowSymlinks {
+ flags = 0
+ }
+ var stat unix.Statx_t
+ // statx() was added to Linux in kernel 4.11
+ err = unix.Statx(unix.AT_FDCWD, o.path, flags, (0 |
+ unix.STATX_TYPE | // Want stx_mode & S_IFMT
+ unix.STATX_MODE | // Want stx_mode & ~S_IFMT
+ unix.STATX_UID | // Want stx_uid
+ unix.STATX_GID | // Want stx_gid
+ unix.STATX_ATIME | // Want stx_atime
+ unix.STATX_MTIME | // Want stx_mtime
+ unix.STATX_CTIME | // Want stx_ctime
+ unix.STATX_BTIME), // Want stx_btime
+ &stat)
+ if err != nil {
+ return err
+ }
+ m.Set("mode", fmt.Sprintf("%0o", stat.Mode))
+ m.Set("uid", fmt.Sprintf("%d", stat.Uid))
+ m.Set("gid", fmt.Sprintf("%d", stat.Gid))
+ if stat.Rdev_major != 0 || stat.Rdev_minor != 0 {
+ m.Set("rdev", fmt.Sprintf("%x", uint64(stat.Rdev_major)<<32|uint64(stat.Rdev_minor)))
+ }
+ setTime := func(key string, t unix.StatxTimestamp) {
+ m.Set(key, time.Unix(t.Sec, int64(t.Nsec)).Format(metadataTimeFormat))
+ }
+ setTime("atime", stat.Atime)
+ setTime("mtime", stat.Mtime)
+ setTime("btime", stat.Btime)
+ return nil
+}
+
+// Read the metadata from the file into metadata where possible
+func readMetadataFromFileFstatat(o *Object, m *fs.Metadata) (err error) {
+ flags := unix.AT_SYMLINK_NOFOLLOW
+ if o.fs.opt.FollowSymlinks {
+ flags = 0
+ }
+ var stat unix.Stat_t
+ // fstatat() was added to Linux in kernel 2.6.16
+ // Go only supports 2.6.32 or later
+ err = unix.Fstatat(unix.AT_FDCWD, o.path, &stat, flags)
+ if err != nil {
+ return err
+ }
+ m.Set("mode", fmt.Sprintf("%0o", stat.Mode))
+ m.Set("uid", fmt.Sprintf("%d", stat.Uid))
+ m.Set("gid", fmt.Sprintf("%d", stat.Gid))
+ if stat.Rdev != 0 {
+ m.Set("rdev", fmt.Sprintf("%x", stat.Rdev))
+ }
+ setTime := func(key string, t unix.Timespec) {
+ // The types of t.Sec and t.Nsec vary from int32 to int64 on
+ // different Linux architectures so we need to cast them to
+ // int64 here and hence need to quiet the linter about
+ // unecessary casts.
+ //
+ // nolint: unconvert
+ m.Set(key, time.Unix(int64(t.Sec), int64(t.Nsec)).Format(metadataTimeFormat))
+ }
+ setTime("atime", stat.Atim)
+ setTime("mtime", stat.Mtim)
+ return nil
+}
diff --git a/backend/local/metadata_other.go b/backend/local/metadata_other.go
new file mode 100644
index 0000000000000..f2ce80956f6a6
--- /dev/null
+++ b/backend/local/metadata_other.go
@@ -0,0 +1,21 @@
+//go:build plan9 || js
+// +build plan9 js
+
+package local
+
+import (
+ "fmt"
+
+ "github.com/rclone/rclone/fs"
+)
+
+// Read the metadata from the file into metadata where possible
+func (o *Object) readMetadataFromFile(m *fs.Metadata) (err error) {
+ info, err := o.fs.lstat(o.path)
+ if err != nil {
+ return err
+ }
+ m.Set("mode", fmt.Sprintf("%0o", info.Mode()))
+ m.Set("mtime", info.ModTime().Format(metadataTimeFormat))
+ return nil
+}
diff --git a/backend/local/metadata_unix.go b/backend/local/metadata_unix.go
new file mode 100644
index 0000000000000..48bf7faa36a3f
--- /dev/null
+++ b/backend/local/metadata_unix.go
@@ -0,0 +1,37 @@
+//go:build openbsd || solaris
+// +build openbsd solaris
+
+package local
+
+import (
+ "fmt"
+ "syscall"
+ "time"
+
+ "github.com/rclone/rclone/fs"
+)
+
+// Read the metadata from the file into metadata where possible
+func (o *Object) readMetadataFromFile(m *fs.Metadata) (err error) {
+ info, err := o.fs.lstat(o.path)
+ if err != nil {
+ return err
+ }
+ stat, ok := info.Sys().(*syscall.Stat_t)
+ if !ok {
+ fs.Debugf(o, "didn't return Stat_t as expected")
+ return nil
+ }
+ m.Set("mode", fmt.Sprintf("%0o", stat.Mode))
+ m.Set("uid", fmt.Sprintf("%d", stat.Uid))
+ m.Set("gid", fmt.Sprintf("%d", stat.Gid))
+ if stat.Rdev != 0 {
+ m.Set("rdev", fmt.Sprintf("%x", stat.Rdev))
+ }
+ setTime := func(key string, t syscall.Timespec) {
+ m.Set(key, time.Unix(t.Unix()).Format(metadataTimeFormat))
+ }
+ setTime("atime", stat.Atim)
+ setTime("mtime", stat.Mtim)
+ return nil
+}
diff --git a/backend/local/metadata_windows.go b/backend/local/metadata_windows.go
new file mode 100644
index 0000000000000..b2588953e95a9
--- /dev/null
+++ b/backend/local/metadata_windows.go
@@ -0,0 +1,34 @@
+//go:build windows
+// +build windows
+
+package local
+
+import (
+ "fmt"
+ "syscall"
+ "time"
+
+ "github.com/rclone/rclone/fs"
+)
+
+// Read the metadata from the file into metadata where possible
+func (o *Object) readMetadataFromFile(m *fs.Metadata) (err error) {
+ info, err := o.fs.lstat(o.path)
+ if err != nil {
+ return err
+ }
+ stat, ok := info.Sys().(*syscall.Win32FileAttributeData)
+ if !ok {
+ fs.Debugf(o, "didn't return Win32FileAttributeData as expected")
+ return nil
+ }
+ // FIXME do something with stat.FileAttributes ?
+ m.Set("mode", fmt.Sprintf("%0o", info.Mode()))
+ setTime := func(key string, t syscall.Filetime) {
+ m.Set(key, time.Unix(0, t.Nanoseconds()).Format(metadataTimeFormat))
+ }
+ setTime("atime", stat.LastAccessTime)
+ setTime("mtime", stat.LastWriteTime)
+ setTime("btime", stat.CreationTime)
+ return nil
+}
diff --git a/backend/local/remove_test.go b/backend/local/remove_test.go
index b2e34cdc818c7..a8007500014b0 100644
--- a/backend/local/remove_test.go
+++ b/backend/local/remove_test.go
@@ -1,7 +1,6 @@
package local
import (
- "io/ioutil"
"os"
"sync"
"testing"
@@ -13,7 +12,7 @@ import (
// Check we can remove an open file
func TestRemove(t *testing.T) {
- fd, err := ioutil.TempFile("", "rclone-remove-test")
+ fd, err := os.CreateTemp("", "rclone-remove-test")
require.NoError(t, err)
name := fd.Name()
defer func() {
diff --git a/backend/local/setbtime.go b/backend/local/setbtime.go
new file mode 100644
index 0000000000000..5d2c462eefab8
--- /dev/null
+++ b/backend/local/setbtime.go
@@ -0,0 +1,16 @@
+//go:build !windows
+// +build !windows
+
+package local
+
+import (
+ "time"
+)
+
+const haveSetBTime = false
+
+// setBTime changes the birth time of the file passed in
+func setBTime(name string, btime time.Time) error {
+ // Does nothing
+ return nil
+}
diff --git a/backend/local/setbtime_windows.go b/backend/local/setbtime_windows.go
new file mode 100644
index 0000000000000..adb9efa3a0c00
--- /dev/null
+++ b/backend/local/setbtime_windows.go
@@ -0,0 +1,28 @@
+//go:build windows
+// +build windows
+
+package local
+
+import (
+ "os"
+ "syscall"
+ "time"
+)
+
+const haveSetBTime = true
+
+// setBTime sets the birth time of the file passed in
+func setBTime(name string, btime time.Time) (err error) {
+ h, err := syscall.Open(name, os.O_RDWR, 0755)
+ if err != nil {
+ return err
+ }
+ defer func() {
+ closeErr := syscall.Close(h)
+ if err == nil {
+ err = closeErr
+ }
+ }()
+ bFileTime := syscall.NsecToFiletime(btime.UnixNano())
+ return syscall.SetFileTime(h, &bFileTime, nil, nil)
+}
diff --git a/backend/local/xattr.go b/backend/local/xattr.go
new file mode 100644
index 0000000000000..81e86d8a569f0
--- /dev/null
+++ b/backend/local/xattr.go
@@ -0,0 +1,116 @@
+//go:build !openbsd && !plan9
+// +build !openbsd,!plan9
+
+package local
+
+import (
+ "fmt"
+ "strings"
+ "sync/atomic"
+ "syscall"
+
+ "github.com/pkg/xattr"
+ "github.com/rclone/rclone/fs"
+)
+
+const (
+ xattrPrefix = "user." // FIXME is this correct for all unixes?
+ xattrSupported = xattr.XATTR_SUPPORTED
+)
+
+// Check to see if the error supplied is a not supported error, and if
+// so, disable xattrs
+func (f *Fs) xattrIsNotSupported(err error) bool {
+ xattrErr, ok := err.(*xattr.Error)
+ if !ok {
+ return false
+ }
+ // Xattrs not supported can be ENOTSUP or ENOATTR or EINVAL (on Solaris)
+ if xattrErr.Err == syscall.EINVAL || xattrErr.Err == syscall.ENOTSUP || xattrErr.Err == xattr.ENOATTR {
+ // Show xattrs not supported
+ if atomic.CompareAndSwapInt32(&f.xattrSupported, 1, 0) {
+ fs.Errorf(f, "xattrs not supported - disabling: %v", err)
+ }
+ return true
+ }
+ return false
+}
+
+// getXattr returns the extended attributes for an object
+//
+// It doesn't return any attributes owned by this backend in
+// metadataKeys
+func (o *Object) getXattr() (metadata fs.Metadata, err error) {
+ if !xattrSupported || atomic.LoadInt32(&o.fs.xattrSupported) == 0 {
+ return nil, nil
+ }
+ var list []string
+ if o.fs.opt.FollowSymlinks {
+ list, err = xattr.List(o.path)
+ } else {
+ list, err = xattr.LList(o.path)
+ }
+ if err != nil {
+ if o.fs.xattrIsNotSupported(err) {
+ return nil, nil
+ }
+ return nil, fmt.Errorf("failed to read xattr: %w", err)
+ }
+ if len(list) == 0 {
+ return nil, nil
+ }
+ metadata = make(fs.Metadata, len(list))
+ for _, k := range list {
+ var v []byte
+ if o.fs.opt.FollowSymlinks {
+ v, err = xattr.Get(o.path, k)
+ } else {
+ v, err = xattr.LGet(o.path, k)
+ }
+ if err != nil {
+ if o.fs.xattrIsNotSupported(err) {
+ return nil, nil
+ }
+ return nil, fmt.Errorf("failed to read xattr key %q: %w", k, err)
+ }
+ k = strings.ToLower(k)
+ if !strings.HasPrefix(k, xattrPrefix) {
+ continue
+ }
+ k = k[len(xattrPrefix):]
+ if _, found := systemMetadataInfo[k]; found {
+ continue
+ }
+ metadata[k] = string(v)
+ }
+ return metadata, nil
+}
+
+// setXattr sets the metadata on the file Xattrs
+//
+// It doesn't set any attributes owned by this backend in metadataKeys
+func (o *Object) setXattr(metadata fs.Metadata) (err error) {
+ if !xattrSupported || atomic.LoadInt32(&o.fs.xattrSupported) == 0 {
+ return nil
+ }
+ for k, value := range metadata {
+ k = strings.ToLower(k)
+ if _, found := systemMetadataInfo[k]; found {
+ continue
+ }
+ k = xattrPrefix + k
+ v := []byte(value)
+ if o.fs.opt.FollowSymlinks {
+ err = xattr.Set(o.path, k, v)
+ } else {
+ err = xattr.LSet(o.path, k, v)
+ }
+ if err != nil {
+ if o.fs.xattrIsNotSupported(err) {
+ return nil
+ }
+ return fmt.Errorf("failed to set xattr key %q: %w", k, err)
+ }
+ }
+ return nil
+}
diff --git a/backend/local/xattr_unsupported.go b/backend/local/xattr_unsupported.go
new file mode 100644
index 0000000000000..88455939a2281
--- /dev/null
+++ b/backend/local/xattr_unsupported.go
@@ -0,0 +1,21 @@
+//go:build openbsd || plan9
+// +build openbsd plan9
+
+// The pkg/xattr module doesn't compile for openbsd or plan9
+package local
+
+import "github.com/rclone/rclone/fs"
+
+const (
+ xattrSupported = false
+)
+
+// getXattr returns the extended attributes for an object
+func (o *Object) getXattr() (metadata fs.Metadata, err error) {
+ return nil, nil
+}
+
+// setXattr sets the metadata on the file Xattrs
+func (o *Object) setXattr(metadata fs.Metadata) (err error) {
+ return nil
+}
diff --git a/backend/mailru/api/helpers.go b/backend/mailru/api/helpers.go
index 1b43eb182a8f2..6ac2b5d9cb65a 100644
--- a/backend/mailru/api/helpers.go
+++ b/backend/mailru/api/helpers.go
@@ -16,9 +16,9 @@ import (
// protocol errors
var (
- ErrorPrematureEOF = errors.New("Premature EOF")
- ErrorInvalidLength = errors.New("Invalid length")
- ErrorZeroTerminate = errors.New("String must end with zero")
+ ErrorPrematureEOF = errors.New("premature EOF")
+ ErrorInvalidLength = errors.New("invalid length")
+ ErrorZeroTerminate = errors.New("string must end with zero")
)
// BinWriter is a binary protocol writer
@@ -69,6 +69,11 @@ func (w *BinWriter) WritePu64(val int64) {
w.b.Write(w.a[:binary.PutUvarint(w.a, uint64(val))])
}
+// WriteP64 writes an signed long as unsigned varint
+func (w *BinWriter) WriteP64(val int64) {
+ w.b.Write(w.a[:binary.PutUvarint(w.a, uint64(val))])
+}
+
// WriteString writes a zero-terminated string
func (w *BinWriter) WriteString(str string) {
buf := []byte(str)
diff --git a/backend/mailru/api/m1.go b/backend/mailru/api/m1.go
index 039b1e10465f1..c9d3e9c9ff250 100644
--- a/backend/mailru/api/m1.go
+++ b/backend/mailru/api/m1.go
@@ -1,3 +1,4 @@
+// Package api provides types used by the Mail.ru API.
package api
import (
diff --git a/backend/mailru/mailru.go b/backend/mailru/mailru.go
index c1a51cf4af1f7..28fafe7021da9 100644
--- a/backend/mailru/mailru.go
+++ b/backend/mailru/mailru.go
@@ -1,3 +1,4 @@
+// Package mailru provides an interface to the Mail.ru Cloud storage system.
package mailru
import (
@@ -17,7 +18,6 @@ import (
"encoding/hex"
"encoding/json"
- "io/ioutil"
"net/http"
"net/url"
@@ -90,8 +90,13 @@ func init() {
Help: "User name (usually email).",
Required: true,
}, {
- Name: "pass",
- Help: "Password.",
+ Name: "pass",
+ Help: `Password.
+
+This must be an app password - rclone will not work with your normal
+password. See the Configuration section in the docs for how to make an
+app password.
+`,
Required: true,
IsPassword: true,
}, {
@@ -435,10 +440,10 @@ func (f *Fs) authorize(ctx context.Context, force bool) (err error) {
t, err = oauthConfig.PasswordCredentialsToken(ctx, f.opt.Username, f.opt.Password)
}
if err == nil && !tokenIsValid(t) {
- err = errors.New("Invalid token")
+ err = errors.New("invalid token")
}
if err != nil {
- return fmt.Errorf("Failed to authorize: %w", err)
+ return fmt.Errorf("failed to authorize: %w", err)
}
if err = oauthutil.PutToken(f.name, f.m, t, false); err != nil {
@@ -580,7 +585,7 @@ func readBodyWord(res *http.Response) (word string, err error) {
word = strings.Split(line, " ")[0]
}
if word == "" {
- return "", errors.New("Empty reply from dispatcher")
+ return "", errors.New("empty reply from dispatcher")
}
return word, nil
}
@@ -630,21 +635,17 @@ func (f *Fs) readItemMetaData(ctx context.Context, path string) (entry fs.DirEnt
// itemToEntry converts API item to rclone directory entry
// The dirSize return value is:
-// <0 - for a file or in case of error
-// =0 - for an empty directory
-// >0 - for a non-empty directory
+//
+// <0 - for a file or in case of error
+// =0 - for an empty directory
+// >0 - for a non-empty directory
func (f *Fs) itemToDirEntry(ctx context.Context, item *api.ListItem) (entry fs.DirEntry, dirSize int, err error) {
remote, err := f.relPath(f.opt.Enc.ToStandardPath(item.Home))
if err != nil {
return nil, -1, err
}
- mTime := int64(item.Mtime)
- if mTime < 0 {
- fs.Debugf(f, "Fixing invalid timestamp %d on mailru file %q", mTime, remote)
- mTime = 0
- }
- modTime := time.Unix(mTime, 0)
+ modTime := time.Unix(int64(item.Mtime), 0)
isDir, err := f.isDir(item.Kind, remote)
if err != nil {
@@ -1658,7 +1659,7 @@ func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, op
// Attempt to put by calculating hash in memory
if trySpeedup && size <= int64(o.fs.opt.SpeedupMaxMem) {
- fileBuf, err = ioutil.ReadAll(in)
+ fileBuf, err = io.ReadAll(in)
if err != nil {
return err
}
@@ -1684,7 +1685,7 @@ func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, op
spoolFile, mrHash, err := makeTempFile(ctx, tmpFs, wrapIn, src)
if err != nil {
- return fmt.Errorf("Failed to create spool file: %w", err)
+ return fmt.Errorf("failed to create spool file: %w", err)
}
if o.putByHash(ctx, mrHash, src, "spool") {
// If put by hash is successful, ignore transitive error
@@ -1701,7 +1702,7 @@ func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, op
if size <= mrhash.Size {
// Optimize upload: skip extra request if data fits in the hash buffer.
if fileBuf == nil {
- fileBuf, err = ioutil.ReadAll(wrapIn)
+ fileBuf, err = io.ReadAll(wrapIn)
}
if fileHash == nil && err == nil {
fileHash = mrhash.Sum(fileBuf)
@@ -1723,7 +1724,7 @@ func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, op
return err
}
- if bytes.Compare(fileHash, newHash) != 0 {
+ if !bytes.Equal(fileHash, newHash) {
if o.fs.opt.CheckHash {
return mrhash.ErrorInvalidHash
}
@@ -1966,7 +1967,7 @@ func (o *Object) readMetaData(ctx context.Context, force bool) error {
return fs.ErrorIsDir
}
if newObj.remote != o.remote {
- return fmt.Errorf("File %q path has changed to %q", o.remote, newObj.remote)
+ return fmt.Errorf("file %q path has changed to %q", o.remote, newObj.remote)
}
o.hasMetaData = true
o.size = newObj.size
@@ -2056,7 +2057,7 @@ func (o *Object) addFileMetaData(ctx context.Context, overwrite bool) error {
req.WritePu16(0) // revision
req.WriteString(o.fs.opt.Enc.FromStandardPath(o.absPath()))
req.WritePu64(o.size)
- req.WritePu64(o.modTime.Unix())
+ req.WriteP64(o.modTime.Unix())
req.WritePu32(0)
req.Write(o.mrHash)
@@ -2212,7 +2213,7 @@ func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (in io.Read
fs.Debugf(o, "Server returned full content instead of range")
if start > 0 {
// Discard the beginning of the data
- _, err = io.CopyN(ioutil.Discard, wrapStream, start)
+ _, err = io.CopyN(io.Discard, wrapStream, start)
if err != nil {
closeBody(res)
return nil, err
@@ -2262,7 +2263,7 @@ func (e *endHandler) handle(err error) error {
}
newHash := e.hasher.Sum(nil)
- if bytes.Compare(o.mrHash, newHash) == 0 {
+ if bytes.Equal(o.mrHash, newHash) {
return io.EOF
}
if o.fs.opt.CheckHash {
@@ -2277,7 +2278,7 @@ type serverPool struct {
pool pendingServerMap
mu sync.Mutex
path string
- expirySec time.Duration
+ expirySec int
fs *Fs
}
@@ -2318,7 +2319,7 @@ func (p *serverPool) Dispatch(ctx context.Context, current string) (string, erro
})
if err != nil || url == "" {
closeBody(res)
- return "", fmt.Errorf("Failed to request file server: %w", err)
+ return "", fmt.Errorf("failed to request file server: %w", err)
}
p.addServer(url, now)
@@ -2384,7 +2385,7 @@ func (p *serverPool) addServer(url string, now time.Time) {
p.mu.Lock()
defer p.mu.Unlock()
- expiry := now.Add(p.expirySec * time.Second)
+ expiry := now.Add(time.Duration(p.expirySec) * time.Second)
expiryStr := []byte("-")
if p.fs.ci.LogLevel >= fs.LogLevelInfo {
diff --git a/backend/mega/mega.go b/backend/mega/mega.go
index 7e154fe2d99f9..92176c795f7ca 100644
--- a/backend/mega/mega.go
+++ b/backend/mega/mega.go
@@ -118,7 +118,7 @@ type Fs struct {
// Object describes a mega object
//
-// Will definitely have info but maybe not meta
+// Will definitely have info but maybe not meta.
//
// Normally rclone would just store an ID here but go-mega and mega.nz
// expect you to build an entire tree of all the objects in memory.
@@ -347,7 +347,7 @@ func (f *Fs) mkdir(ctx context.Context, rootNode *mega.Node, dir string) (node *
}
}
if err != nil {
- return nil, fmt.Errorf("internal error: mkdir called with non-existent root node: %w", err)
+ return nil, fmt.Errorf("internal error: mkdir called with nonexistent root node: %w", err)
}
// i is number of directories to create (may be 0)
// node is directory to create them from
@@ -387,7 +387,7 @@ func (f *Fs) findRoot(ctx context.Context, create bool) (*mega.Node, error) {
return f._rootNode, nil
}
- // Check for pre-existing root
+ // Check for preexisting root
absRoot := f.srv.FS.GetRoot()
node, err := f.findDir(absRoot, f.root)
//log.Printf("findRoot findDir %p %v", node, err)
@@ -536,7 +536,7 @@ func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err e
// Creates from the parameters passed in a half finished Object which
// must have setMetaData called on it
//
-// Returns the dirNode, object, leaf and error
+// Returns the dirNode, object, leaf and error.
//
// Used to create new objects
func (f *Fs) createObject(ctx context.Context, remote string, modTime time.Time, size int64) (o *Object, dirNode *mega.Node, leaf string, err error) {
@@ -554,7 +554,7 @@ func (f *Fs) createObject(ctx context.Context, remote string, modTime time.Time,
// Put the object
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
// PutUnchecked uploads the object
@@ -576,7 +576,7 @@ func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options .
// PutUnchecked the object
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
// PutUnchecked uploads the object
@@ -749,9 +749,9 @@ func (f *Fs) move(ctx context.Context, dstRemote string, srcFs *Fs, srcRemote st
// Move src to this remote using server-side move operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -979,7 +979,6 @@ func (o *Object) readMetaData(ctx context.Context) (err error) {
// ModTime returns the modification time of the object
//
-//
// It attempts to read the objects mtime and if that isn't present the
// LastModified returned in the http headers
func (o *Object) ModTime(ctx context.Context) time.Time {
@@ -1115,7 +1114,7 @@ func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (in io.Read
// Update the object with the contents of the io.Reader, modTime and size
//
-// If existing is set then it updates the object rather than creating a new one
+// If existing is set then it updates the object rather than creating a new one.
//
// The new object may have been created if an error is returned
func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (err error) {
diff --git a/backend/memory/memory.go b/backend/memory/memory.go
index 9675abcd38fc9..80fc321f97b39 100644
--- a/backend/memory/memory.go
+++ b/backend/memory/memory.go
@@ -8,7 +8,6 @@ import (
"encoding/hex"
"fmt"
"io"
- "io/ioutil"
"path"
"strings"
"sync"
@@ -418,7 +417,7 @@ func (f *Fs) ListR(ctx context.Context, dir string, callback fs.ListRCallback) (
// Put the object into the bucket
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
@@ -463,9 +462,9 @@ func (f *Fs) Precision() time.Duration {
// Copy src to this remote using server-side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -575,7 +574,7 @@ func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (in io.Read
}
data = data[:limit]
}
- return ioutil.NopCloser(bytes.NewBuffer(data)), nil
+ return io.NopCloser(bytes.NewBuffer(data)), nil
}
// Update the object with the contents of the io.Reader, modTime and size
@@ -583,7 +582,7 @@ func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (in io.Read
// The new object may have been created if an error is returned
func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (err error) {
bucket, bucketPath := o.split()
- data, err := ioutil.ReadAll(in)
+ data, err := io.ReadAll(in)
if err != nil {
return fmt.Errorf("failed to update memory object: %w", err)
}
diff --git a/backend/memory/memory_test.go b/backend/memory/memory_test.go
index 3d768fec0efbe..9989bc60de2df 100644
--- a/backend/memory/memory_test.go
+++ b/backend/memory/memory_test.go
@@ -10,7 +10,8 @@ import (
// TestIntegration runs integration tests against the remote
func TestIntegration(t *testing.T) {
fstests.Run(t, &fstests.Opt{
- RemoteName: ":memory:",
- NilObject: (*Object)(nil),
+ RemoteName: ":memory:",
+ NilObject: (*Object)(nil),
+ QuickTestOK: true,
})
}
diff --git a/backend/netstorage/netstorage.go b/backend/netstorage/netstorage.go
index cbb2b04888b77..20a6401ab7d2a 100755
--- a/backend/netstorage/netstorage.go
+++ b/backend/netstorage/netstorage.go
@@ -12,7 +12,6 @@ import (
"fmt"
gohash "hash"
"io"
- "io/ioutil"
"math/rand"
"net/http"
"net/url"
@@ -118,7 +117,7 @@ type Fs struct {
filetype string // dir, file or symlink
dirscreated map[string]bool // if implicit dir has been created already
dirscreatedMutex sync.Mutex // mutex to protect dirscreated
- statcache map[string][]File // cache successfull stat requests
+ statcache map[string][]File // cache successful stat requests
statcacheMutex sync.RWMutex // RWMutex to protect statcache
}
@@ -424,7 +423,7 @@ func (f *Fs) getFileName(file *File) string {
func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err error) {
if f.filetype == "" {
// This happens in two scenarios.
- // 1. NewFs is done on a non-existent object, then later rclone attempts to List/ListR this NewFs.
+ // 1. NewFs is done on a nonexistent object, then later rclone attempts to List/ListR this NewFs.
// 2. List/ListR is called from the context of test_all and not the regular rclone binary.
err := f.initFs(ctx, dir)
if err != nil {
@@ -488,7 +487,7 @@ func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err e
func (f *Fs) ListR(ctx context.Context, dir string, callback fs.ListRCallback) (err error) {
if f.filetype == "" {
// This happens in two scenarios.
- // 1. NewFs is done on a non-existent object, then later rclone attempts to List/ListR this NewFs.
+ // 1. NewFs is done on a nonexistent object, then later rclone attempts to List/ListR this NewFs.
// 2. List/ListR is called from the context of test_all and not the regular rclone binary.
err := f.initFs(ctx, dir)
if err != nil {
@@ -903,22 +902,20 @@ func (f *Fs) netStorageStatRequest(ctx context.Context, URL string, directory bo
files = statResp.Files
f.setStatCache(URL, files)
}
- if files != nil {
- // Multiple objects can be returned with the "slash=both" option,
- // when file/symlink/directory has the same name
- for i := range files {
- if files[i].Type == "symlink" {
- // Add .rclonelink suffix to allow local backend code to convert to a symlink.
- files[i].Name += ".rclonelink"
- fs.Infof(nil, "Converting a symlink to the rclonelink on the stat request %s", files[i].Name)
- }
- entrywanted := (directory && files[i].Type == "dir") ||
- (!directory && files[i].Type != "dir")
- if entrywanted {
- filestamp := files[0]
- files[0] = files[i]
- files[i] = filestamp
- }
+ // Multiple objects can be returned with the "slash=both" option,
+ // when file/symlink/directory has the same name
+ for i := range files {
+ if files[i].Type == "symlink" {
+ // Add .rclonelink suffix to allow local backend code to convert to a symlink.
+ files[i].Name += ".rclonelink"
+ fs.Infof(nil, "Converting a symlink to the rclonelink on the stat request %s", files[i].Name)
+ }
+ entrywanted := (directory && files[i].Type == "dir") ||
+ (!directory && files[i].Type != "dir")
+ if entrywanted {
+ filestamp := files[0]
+ files[0] = files[i]
+ files[i] = filestamp
}
}
return files, nil
@@ -974,7 +971,7 @@ func (o *Object) netStorageUploadRequest(ctx context.Context, in io.Reader, src
URL = o.fs.url(src.Remote())
}
if strings.HasSuffix(URL, ".rclonelink") {
- bits, err := ioutil.ReadAll(in)
+ bits, err := io.ReadAll(in)
if err != nil {
return err
}
@@ -1060,7 +1057,7 @@ func (o *Object) netStorageDownloadRequest(ctx context.Context, options []fs.Ope
if strings.HasSuffix(URL, ".rclonelink") && o.target != "" {
fs.Infof(nil, "Converting a symlink to the rclonelink file on download %q", URL)
reader := strings.NewReader(o.target)
- readcloser := ioutil.NopCloser(reader)
+ readcloser := io.NopCloser(reader)
return readcloser, nil
}
diff --git a/backend/onedrive/api/types.go b/backend/onedrive/api/types.go
index 394403b0e58ac..ca56268589fd5 100644
--- a/backend/onedrive/api/types.go
+++ b/backend/onedrive/api/types.go
@@ -1,5 +1,4 @@
-// Types passed and returned to and from the API
-
+// Package api provides types used by the OneDrive API.
package api
import (
@@ -14,7 +13,7 @@ const (
PackageTypeOneNote = "oneNote"
)
-// Error is returned from one drive when things go wrong
+// Error is returned from OneDrive when things go wrong
type Error struct {
ErrorInfo struct {
Code string `json:"code"`
@@ -71,7 +70,7 @@ type Drive struct {
Quota Quota `json:"quota"`
}
-// Timestamp represents represents date and time information for the
+// Timestamp represents date and time information for the
// OneDrive API, by using ISO 8601 and is always in UTC time.
type Timestamp time.Time
@@ -250,8 +249,8 @@ type MoveItemRequest struct {
FileSystemInfo *FileSystemInfoFacet `json:"fileSystemInfo,omitempty"` // File system information on client. Read-write.
}
-//CreateShareLinkRequest is the request to create a sharing link
-//Always Type:view and Scope:anonymous for public sharing
+// CreateShareLinkRequest is the request to create a sharing link
+// Always Type:view and Scope:anonymous for public sharing
type CreateShareLinkRequest struct {
Type string `json:"type"` // Link type in View, Edit or Embed
Scope string `json:"scope,omitempty"` // Scope in anonymous, organization
@@ -259,7 +258,7 @@ type CreateShareLinkRequest struct {
Expiry *time.Time `json:"expirationDateTime,omitempty"` // A String with format of yyyy-MM-ddTHH:mm:ssZ of DateTime indicates the expiration time of the permission.
}
-//CreateShareLinkResponse is the response from CreateShareLinkRequest
+// CreateShareLinkResponse is the response from CreateShareLinkRequest
type CreateShareLinkResponse struct {
ID string `json:"id"`
Roles []string `json:"roles"`
@@ -292,7 +291,7 @@ type AsyncOperationStatus struct {
func (i *Item) GetID() string {
if i.IsRemote() && i.RemoteItem.ID != "" {
return i.RemoteItem.ParentReference.DriveID + "#" + i.RemoteItem.ID
- } else if i.ParentReference != nil && strings.Index(i.ID, "#") == -1 {
+ } else if i.ParentReference != nil && !strings.Contains(i.ID, "#") {
return i.ParentReference.DriveID + "#" + i.ID
}
return i.ID
diff --git a/backend/onedrive/onedrive.go b/backend/onedrive/onedrive.go
index 80bf340c607e3..e7674c019935b 100644
--- a/backend/onedrive/onedrive.go
+++ b/backend/onedrive/onedrive.go
@@ -65,12 +65,12 @@ var (
authPath = "/common/oauth2/v2.0/authorize"
tokenPath = "/common/oauth2/v2.0/token"
- scopesWithSitePermission = []string{"Files.Read", "Files.ReadWrite", "Files.Read.All", "Files.ReadWrite.All", "offline_access", "Sites.Read.All"}
- scopesWithoutSitePermission = []string{"Files.Read", "Files.ReadWrite", "Files.Read.All", "Files.ReadWrite.All", "offline_access"}
+ scopeAccess = fs.SpaceSepList{"Files.Read", "Files.ReadWrite", "Files.Read.All", "Files.ReadWrite.All", "Sites.Read.All", "offline_access"}
+ scopeAccessWithoutSites = fs.SpaceSepList{"Files.Read", "Files.ReadWrite", "Files.Read.All", "Files.ReadWrite.All", "offline_access"}
// Description of how to auth for this app for a business account
oauthConfig = &oauth2.Config{
- Scopes: scopesWithSitePermission,
+ Scopes: scopeAccess,
ClientID: rcloneClientID,
ClientSecret: obscure.MustReveal(rcloneEncryptedClientSecret),
RedirectURL: oauthutil.RedirectLocalhostURL,
@@ -118,7 +118,7 @@ func init() {
Help: "Microsoft Cloud Germany",
}, {
Value: regionCN,
- Help: "Azure and Office 365 operated by 21Vianet in China",
+ Help: "Azure and Office 365 operated by Vnet Group in China",
},
},
}, {
@@ -150,6 +150,27 @@ there through a path traversal.
`,
Advanced: true,
}, {
+ Name: "access_scopes",
+ Help: `Set scopes to be requested by rclone.
+
+Choose or manually enter a custom space separated list with all scopes, that rclone should request.
+`,
+ Default: scopeAccess,
+ Advanced: true,
+ Examples: []fs.OptionExample{
+ {
+ Value: "Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All Sites.Read.All offline_access",
+ Help: "Read and write access to all resources",
+ },
+ {
+ Value: "Files.Read Files.Read.All Sites.Read.All offline_access",
+ Help: "Read only access to all resources",
+ },
+ {
+ Value: "Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All offline_access",
+ Help: "Read and write access to all resources, without the ability to browse SharePoint sites. \nSame as if disable_site_permission was set to true",
+ },
+ }}, {
Name: "disable_site_permission",
Help: `Disable the request for Sites.Read.All permission.
@@ -160,6 +181,7 @@ application, and your organization disallows users to consent app permission
request on their own.`,
Default: false,
Advanced: true,
+ Hide: fs.OptionHideBoth,
}, {
Name: "expose_onenote_files",
Help: `Set to make OneNote files show up in directory listings.
@@ -401,11 +423,16 @@ func Config(ctx context.Context, name string, m configmap.Mapper, config fs.Conf
region, graphURL := getRegionURL(m)
if config.State == "" {
+ var accessScopes fs.SpaceSepList
+ accessScopesString, _ := m.Get("access_scopes")
+ err := accessScopes.Set(accessScopesString)
+ if err != nil {
+ return nil, fmt.Errorf("failed to parse access_scopes: %w", err)
+ }
+ oauthConfig.Scopes = []string(accessScopes)
disableSitePermission, _ := m.Get("disable_site_permission")
if disableSitePermission == "true" {
- oauthConfig.Scopes = scopesWithoutSitePermission
- } else {
- oauthConfig.Scopes = scopesWithSitePermission
+ oauthConfig.Scopes = scopeAccessWithoutSites
}
oauthConfig.Endpoint = oauth2.Endpoint{
AuthURL: authEndpoint[region] + authPath,
@@ -424,7 +451,7 @@ func Config(ctx context.Context, name string, m configmap.Mapper, config fs.Conf
switch config.State {
case "choose_type":
- return fs.ConfigChooseFixed("choose_type_done", "config_type", "Type of connection", []fs.OptionExample{{
+ return fs.ConfigChooseExclusiveFixed("choose_type_done", "config_type", "Type of connection", []fs.OptionExample{{
Value: "onedrive",
Help: "OneDrive Personal or Business",
}, {
@@ -562,6 +589,7 @@ type Options struct {
DriveType string `config:"drive_type"`
RootFolderID string `config:"root_folder_id"`
DisableSitePermission bool `config:"disable_site_permission"`
+ AccessScopes fs.SpaceSepList `config:"access_scopes"`
ExposeOneNoteFiles bool `config:"expose_onenote_files"`
ServerSideAcrossConfigs bool `config:"server_side_across_configs"`
ListChunk int64 `config:"list_chunk"`
@@ -572,14 +600,14 @@ type Options struct {
Enc encoder.MultiEncoder `config:"encoding"`
}
-// Fs represents a remote one drive
+// Fs represents a remote OneDrive
type Fs struct {
name string // name of this remote
root string // the path we are working on
opt Options // parsed options
ci *fs.ConfigInfo // global config
features *fs.Features // optional features
- srv *rest.Client // the connection to the one drive server
+ srv *rest.Client // the connection to the OneDrive server
dirCache *dircache.DirCache // Map of directory path to directory id
pacer *fs.Pacer // pacer for API calls
tokenRenewer *oauthutil.Renew // renew the token on expiry
@@ -587,7 +615,7 @@ type Fs struct {
driveType string // https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/resources/drive
}
-// Object describes a one drive object
+// Object describes a OneDrive object
//
// Will definitely have info but maybe not meta
type Object struct {
@@ -617,7 +645,7 @@ func (f *Fs) Root() string {
// String converts this Fs to a string
func (f *Fs) String() string {
- return fmt.Sprintf("One drive root '%s'", f.root)
+ return fmt.Sprintf("OneDrive root '%s'", f.root)
}
// Features returns the optional features of this Fs
@@ -625,7 +653,7 @@ func (f *Fs) Features() *fs.Features {
return f.features
}
-// parsePath parses a one drive 'url'
+// parsePath parses a OneDrive 'url'
func parsePath(path string) (root string) {
root = strings.Trim(path, "/")
return
@@ -660,7 +688,7 @@ func shouldRetry(ctx context.Context, resp *http.Response, err error) (bool, err
}
}
case 401:
- if len(resp.Header["Www-Authenticate"]) == 1 && strings.Index(resp.Header["Www-Authenticate"][0], "expired_token") >= 0 {
+ if len(resp.Header["Www-Authenticate"]) == 1 && strings.Contains(resp.Header["Www-Authenticate"][0], "expired_token") {
retry = true
fs.Debugf(nil, "Should retry: %v", err)
} else if err != nil && strings.Contains(err.Error(), "Unable to initialize RPS") {
@@ -699,7 +727,7 @@ func shouldRetry(ctx context.Context, resp *http.Response, err error) (bool, err
// "shared with me" folders in OneDrive Personal (See #2536, #2778)
// This path pattern comes from https://github.com/OneDrive/onedrive-api-docs/issues/908#issuecomment-417488480
//
-// If `relPath` == '', do not append the slash (See #3664)
+// If `relPath` == ”, do not append the slash (See #3664)
func (f *Fs) readMetaDataForPathRelativeToID(ctx context.Context, normalizedID string, relPath string) (info *api.Item, resp *http.Response, err error) {
opts, _ := f.newOptsCallWithIDPath(normalizedID, relPath, true, "GET", "")
@@ -716,8 +744,7 @@ func (f *Fs) readMetaDataForPath(ctx context.Context, path string) (info *api.It
firstSlashIndex := strings.IndexRune(path, '/')
if f.driveType != driveTypePersonal || firstSlashIndex == -1 {
- var opts rest.Opts
- opts = f.newOptsCallWithPath(ctx, path, "GET", "")
+ opts := f.newOptsCallWithPath(ctx, path, "GET", "")
opts.Path = strings.TrimSuffix(opts.Path, ":")
err = f.pacer.Call(func() (bool, error) {
resp, err = f.srv.CallJSON(ctx, &opts, nil, &info)
@@ -830,10 +857,9 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
}
rootURL := graphAPIEndpoint[opt.Region] + "/v1.0" + "/drives/" + opt.DriveID
+ oauthConfig.Scopes = opt.AccessScopes
if opt.DisableSitePermission {
- oauthConfig.Scopes = scopesWithoutSitePermission
- } else {
- oauthConfig.Scopes = scopesWithSitePermission
+ oauthConfig.Scopes = scopeAccessWithoutSites
}
oauthConfig.Endpoint = oauth2.Endpoint{
AuthURL: authEndpoint[opt.Region] + authPath,
@@ -865,6 +891,12 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
}).Fill(ctx, f)
f.srv.SetErrorHandler(errorHandler)
+ // Disable change polling in China region
+ // See: https://github.com/rclone/rclone/issues/6444
+ if f.opt.Region == regionCN {
+ f.features.ChangeNotify = nil
+ }
+
// Renew the token in the background
f.tokenRenewer = oauthutil.NewRenew(f.String(), ts, func() error {
_, _, err := f.readMetaDataForPath(ctx, "")
@@ -1111,7 +1143,7 @@ func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err e
// Creates from the parameters passed in a half finished Object which
// must have setMetaData called on it
//
-// Returns the object, leaf, directoryID and error
+// Returns the object, leaf, directoryID and error.
//
// Used to create new objects
func (f *Fs) createObject(ctx context.Context, remote string, modTime time.Time, size int64) (o *Object, leaf string, directoryID string, err error) {
@@ -1130,7 +1162,7 @@ func (f *Fs) createObject(ctx context.Context, remote string, modTime time.Time,
// Put the object into the container
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
@@ -1254,9 +1286,9 @@ func (f *Fs) waitForJob(ctx context.Context, location string, o *Object) error {
// Copy src to this remote using server-side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -1287,7 +1319,7 @@ func (f *Fs) Copy(ctx context.Context, src fs.Object, remote string) (fs.Object,
if srcObj.fs == f {
srcPath := srcObj.rootPath()
dstPath := f.rootPath(remote)
- if strings.ToLower(srcPath) == strings.ToLower(dstPath) {
+ if strings.EqualFold(srcPath, dstPath) {
return nil, fmt.Errorf("can't copy %q -> %q as are same name when lowercase", srcPath, dstPath)
}
}
@@ -1361,9 +1393,9 @@ func (f *Fs) Purge(ctx context.Context, dir string) error {
// Move src to this remote using server-side move operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -1734,16 +1766,6 @@ func (o *Object) rootPath() string {
return o.fs.rootPath(o.remote)
}
-// srvPath returns a path for use in server given a remote
-func (f *Fs) srvPath(remote string) string {
- return f.opt.Enc.FromStandardPath(f.rootSlash() + remote)
-}
-
-// srvPath returns a path for use in server
-func (o *Object) srvPath() string {
- return o.fs.srvPath(o.remote)
-}
-
// Hash returns the SHA-1 of an object returning a lowercase hex string
func (o *Object) Hash(ctx context.Context, t hash.Type) (string, error) {
if o.fs.driveType == driveTypePersonal {
@@ -1827,7 +1849,6 @@ func (o *Object) readMetaData(ctx context.Context) (err error) {
// ModTime returns the modification time of the object
//
-//
// It attempts to read the objects mtime and if that isn't present the
// LastModified returned in the http headers
func (o *Object) ModTime(ctx context.Context) time.Time {
@@ -2168,7 +2189,7 @@ func (o *Object) ID() string {
* 3. To avoid region-related issues, please don't manually build rest.Opts from scratch.
* Instead, use these helper function, and customize the URL afterwards if needed.
*
- * currently, the 21ViaNet's API differs in the following places:
+ * currently, the Vnet Group's API differs in the following places:
* - https://{Endpoint}/drives/{driveID}/items/{leaf}:/{route}
* - this API doesn't work (gives invalid request)
* - can be replaced with the following API:
@@ -2185,7 +2206,7 @@ func (o *Object) ID() string {
// Such a normalized ID can come from (*Item).GetID()
func (f *Fs) parseNormalizedID(ID string) (string, string, string) {
rootURL := graphAPIEndpoint[f.opt.Region] + "/v1.0/drives"
- if strings.Index(ID, "#") >= 0 {
+ if strings.Contains(ID, "#") {
s := strings.Split(ID, "#")
return s[1], s[0], rootURL
}
@@ -2217,7 +2238,7 @@ func escapeSingleQuote(str string) string {
// newOptsCallWithIDPath build the rest.Opts structure with *a normalizedID (driveID#fileID, or simply fileID) and leaf*
// using url template https://{Endpoint}/drives/{driveID}/items/{leaf}:/{route} (for international OneDrive)
// or https://{Endpoint}/drives/{driveID}/items/children('{leaf}')/{route}
-// and https://{Endpoint}/drives/{driveID}/items/children('@a1')/{route}?@a1=URLEncode("'{leaf}'") (for 21ViaNet)
+// and https://{Endpoint}/drives/{driveID}/items/children('@a1')/{route}?@a1=URLEncode("'{leaf}'") (for Vnet Group)
// if isPath is false, this function will only work when the leaf is "" or a child name (i.e. it doesn't accept multi-level leaf)
// if isPath is true, multi-level leaf like a/b/c can be passed
func (f *Fs) newOptsCallWithIDPath(normalizedID string, leaf string, isPath bool, method string, route string) (opts rest.Opts, ok bool) {
@@ -2359,6 +2380,9 @@ func (f *Fs) ChangeNotify(ctx context.Context, notifyFunc func(string, fs.EntryT
func (f *Fs) changeNotifyStartPageToken(ctx context.Context) (nextDeltaToken string, err error) {
delta, err := f.changeNotifyNextChange(ctx, "latest")
+ if err != nil {
+ return
+ }
parsedURL, err := url.Parse(delta.DeltaLink)
if err != nil {
return
@@ -2388,6 +2412,9 @@ func (f *Fs) buildDriveDeltaOpts(token string) rest.Opts {
func (f *Fs) changeNotifyRunner(ctx context.Context, notifyFunc func(string, fs.EntryType), deltaToken string) (nextDeltaToken string, err error) {
delta, err := f.changeNotifyNextChange(ctx, deltaToken)
+ if err != nil {
+ return
+ }
parsedURL, err := url.Parse(delta.DeltaLink)
if err != nil {
return
diff --git a/backend/opendrive/opendrive.go b/backend/opendrive/opendrive.go
index 96f29aa33de43..037372e1357ed 100644
--- a/backend/opendrive/opendrive.go
+++ b/backend/opendrive/opendrive.go
@@ -1,3 +1,4 @@
+// Package opendrive provides an interface to the OpenDrive storage system.
package opendrive
import (
@@ -340,9 +341,9 @@ func (f *Fs) Precision() time.Duration {
// Copy src to this remote using server-side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -361,8 +362,8 @@ func (f *Fs) Copy(ctx context.Context, src fs.Object, remote string) (fs.Object,
srcPath := srcObj.fs.rootSlash() + srcObj.remote
dstPath := f.rootSlash() + remote
- if strings.ToLower(srcPath) == strings.ToLower(dstPath) {
- return nil, fmt.Errorf("Can't copy %q -> %q as are same name when lowercase", srcPath, dstPath)
+ if strings.EqualFold(srcPath, dstPath) {
+ return nil, fmt.Errorf("can't copy %q -> %q as are same name when lowercase", srcPath, dstPath)
}
// Create temporary object
@@ -404,9 +405,9 @@ func (f *Fs) Copy(ctx context.Context, src fs.Object, remote string) (fs.Object,
// Move src to this remote using server-side move operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -429,6 +430,12 @@ func (f *Fs) Move(ctx context.Context, src fs.Object, remote string) (fs.Object,
return nil, err
}
+ // move_copy will silently truncate new filenames
+ if len(leaf) > 255 {
+ fs.Debugf(src, "Can't move file: name (%q) exceeds 255 char", leaf)
+ return nil, fs.ErrorFileNameTooLong
+ }
+
// Copy the object
var resp *http.Response
response := moveCopyFileResponse{}
@@ -556,7 +563,7 @@ func (f *Fs) NewObject(ctx context.Context, remote string) (fs.Object, error) {
// Creates from the parameters passed in a half finished Object which
// must have setMetaData called on it
//
-// Returns the object, leaf, directoryID and error
+// Returns the object, leaf, directoryID and error.
//
// Used to create new objects
func (f *Fs) createObject(ctx context.Context, remote string, modTime time.Time, size int64) (o *Object, leaf string, directoryID string, err error) {
@@ -588,15 +595,12 @@ func (f *Fs) readMetaDataForFolderID(ctx context.Context, id string) (info *Fold
if err != nil {
return nil, err
}
- if resp != nil {
- }
-
return info, err
}
// Put the object into the bucket
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
@@ -611,13 +615,13 @@ func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options .
return nil, err
}
- if "" == o.id {
+ if o.id == "" {
// Attempt to read ID, ignore error
// FIXME is this correct?
_ = o.readMetaData(ctx)
}
- if "" == o.id {
+ if o.id == "" {
// We need to create an ID for this file
var resp *http.Response
response := createFileResponse{}
@@ -826,7 +830,6 @@ func (o *Object) Size() int64 {
// ModTime returns the modification time of the object
//
-//
// It attempts to read the objects mtime and if that isn't present the
// LastModified returned in the http headers
func (o *Object) ModTime(ctx context.Context) time.Time {
@@ -1027,30 +1030,52 @@ func (o *Object) readMetaData(ctx context.Context) (err error) {
return err
}
var resp *http.Response
- folderList := FolderList{}
- err = o.fs.pacer.Call(func() (bool, error) {
+ fileInfo := File{}
+
+ // If we know the object id perform a direct lookup
+ // because the /folder/itembyname.json endpoint is unreliable:
+ // newly created objects take an arbitrary amount of time to show up
+ if o.id != "" {
opts := rest.Opts{
Method: "GET",
- Path: fmt.Sprintf("/folder/itembyname.json/%s/%s?name=%s",
- o.fs.session.SessionID, directoryID, url.QueryEscape(o.fs.opt.Enc.FromStandardName(leaf))),
+ Path: fmt.Sprintf("/file/info.json/%s?session_id=%s",
+ o.id, o.fs.session.SessionID),
}
+ err = o.fs.pacer.Call(func() (bool, error) {
+ resp, err = o.fs.srv.CallJSON(ctx, &opts, nil, &fileInfo)
+ return o.fs.shouldRetry(ctx, resp, err)
+ })
+ if err != nil {
+ return fmt.Errorf("failed to get fileinfo: %w", err)
+ }
+
+ o.id = fileInfo.FileID
+ o.modTime = time.Unix(fileInfo.DateModified, 0)
+ o.md5 = fileInfo.FileHash
+ o.size = fileInfo.Size
+ return nil
+ }
+ folderList := FolderList{}
+ opts := rest.Opts{
+ Method: "GET",
+ Path: fmt.Sprintf("/folder/itembyname.json/%s/%s?name=%s",
+ o.fs.session.SessionID, directoryID, url.QueryEscape(o.fs.opt.Enc.FromStandardName(leaf))),
+ }
+ err = o.fs.pacer.Call(func() (bool, error) {
resp, err = o.fs.srv.CallJSON(ctx, &opts, nil, &folderList)
return o.fs.shouldRetry(ctx, resp, err)
})
if err != nil {
return fmt.Errorf("failed to get folder list: %w", err)
}
-
if len(folderList.Files) == 0 {
return fs.ErrorObjectNotFound
}
-
- leafFile := folderList.Files[0]
- o.id = leafFile.FileID
- o.modTime = time.Unix(leafFile.DateModified, 0)
- o.md5 = leafFile.FileHash
- o.size = leafFile.Size
-
+ fileInfo = folderList.Files[0]
+ o.id = fileInfo.FileID
+ o.modTime = time.Unix(fileInfo.DateModified, 0)
+ o.md5 = fileInfo.FileHash
+ o.size = fileInfo.Size
return nil
}
diff --git a/backend/oracleobjectstorage/client.go b/backend/oracleobjectstorage/client.go
new file mode 100644
index 0000000000000..b5dee80f41667
--- /dev/null
+++ b/backend/oracleobjectstorage/client.go
@@ -0,0 +1,158 @@
+//go:build !plan9 && !solaris && !js
+// +build !plan9,!solaris,!js
+
+package oracleobjectstorage
+
+import (
+ "context"
+ "crypto/rsa"
+ "errors"
+ "net/http"
+ "os"
+
+ "github.com/oracle/oci-go-sdk/v65/common"
+ "github.com/oracle/oci-go-sdk/v65/common/auth"
+ "github.com/oracle/oci-go-sdk/v65/objectstorage"
+ "github.com/rclone/rclone/fs"
+ "github.com/rclone/rclone/fs/fserrors"
+ "github.com/rclone/rclone/fs/fshttp"
+)
+
+func getConfigurationProvider(opt *Options) (common.ConfigurationProvider, error) {
+ switch opt.Provider {
+ case instancePrincipal:
+ return auth.InstancePrincipalConfigurationProvider()
+ case userPrincipal:
+ if opt.ConfigFile != "" && !fileExists(opt.ConfigFile) {
+ fs.Errorf(userPrincipal, "oci config file doesn't exist at %v", opt.ConfigFile)
+ }
+ return common.CustomProfileConfigProvider(opt.ConfigFile, opt.ConfigProfile), nil
+ case resourcePrincipal:
+ return auth.ResourcePrincipalConfigurationProvider()
+ case noAuth:
+ fs.Infof("client", "using no auth provider")
+ return getNoAuthConfiguration()
+ default:
+ }
+ return common.DefaultConfigProvider(), nil
+}
+
+func newObjectStorageClient(ctx context.Context, opt *Options) (*objectstorage.ObjectStorageClient, error) {
+ p, err := getConfigurationProvider(opt)
+ if err != nil {
+ return nil, err
+ }
+ client, err := objectstorage.NewObjectStorageClientWithConfigurationProvider(p)
+ if err != nil {
+ fs.Errorf(opt.Provider, "failed to create object storage client, %v", err)
+ return nil, err
+ }
+ if opt.Region != "" {
+ client.SetRegion(opt.Region)
+ }
+ modifyClient(ctx, opt, &client.BaseClient)
+ return &client, err
+}
+
+func fileExists(filePath string) bool {
+ if _, err := os.Stat(filePath); errors.Is(err, os.ErrNotExist) {
+ return false
+ }
+ return true
+}
+
+func modifyClient(ctx context.Context, opt *Options, client *common.BaseClient) {
+ client.HTTPClient = getHTTPClient(ctx)
+ if opt.Provider == noAuth {
+ client.Signer = getNoAuthSigner()
+ }
+}
+
+// getClient makes http client according to the global options
+// this has rclone specific options support like dump headers, body etc.
+func getHTTPClient(ctx context.Context) *http.Client {
+ return fshttp.NewClient(ctx)
+}
+
+var retryErrorCodes = []int{
+ 408, // Request Timeout
+ 429, // Rate exceeded.
+ 500, // Get occasional 500 Internal Server Error
+ 503, // Service Unavailable
+ 504, // Gateway Time-out
+}
+
+func shouldRetry(ctx context.Context, resp *http.Response, err error) (bool, error) {
+ if fserrors.ContextError(ctx, &err) {
+ return false, err
+ }
+ // If this is an ocierr object, try and extract more useful information to determine if we should retry
+ if ociError, ok := err.(common.ServiceError); ok {
+ // Simple case, check the original embedded error in case it's generically retryable
+ if fserrors.ShouldRetry(err) {
+ return true, err
+ }
+ // If it is a timeout then we want to retry that
+ if ociError.GetCode() == "RequestTimeout" {
+ return true, err
+ }
+ }
+ // Ok, not an oci error, check for generic failure conditions
+ return fserrors.ShouldRetry(err) || fserrors.ShouldRetryHTTP(resp, retryErrorCodes), err
+}
+
+func getNoAuthConfiguration() (common.ConfigurationProvider, error) {
+ return &noAuthConfigurator{}, nil
+}
+
+func getNoAuthSigner() common.HTTPRequestSigner {
+ return &noAuthSigner{}
+}
+
+type noAuthConfigurator struct {
+}
+
+type noAuthSigner struct {
+}
+
+func (n *noAuthSigner) Sign(*http.Request) error {
+ return nil
+}
+
+func (n *noAuthConfigurator) PrivateRSAKey() (*rsa.PrivateKey, error) {
+ return nil, nil
+}
+
+func (n *noAuthConfigurator) KeyID() (string, error) {
+ return "", nil
+}
+
+func (n *noAuthConfigurator) TenancyOCID() (string, error) {
+ return "", nil
+}
+
+func (n *noAuthConfigurator) UserOCID() (string, error) {
+ return "", nil
+}
+
+func (n *noAuthConfigurator) KeyFingerprint() (string, error) {
+ return "", nil
+}
+
+func (n *noAuthConfigurator) Region() (string, error) {
+ return "", nil
+}
+
+func (n *noAuthConfigurator) AuthType() (common.AuthConfig, error) {
+ return common.AuthConfig{
+ AuthType: common.UnknownAuthenticationType,
+ IsFromConfigFile: false,
+ OboToken: nil,
+ }, nil
+}
+
+// Check the interfaces are satisfied
+var (
+ _ common.ConfigurationProvider = &noAuthConfigurator{}
+ _ common.HTTPRequestSigner = &noAuthSigner{}
+)
diff --git a/backend/oracleobjectstorage/command.go b/backend/oracleobjectstorage/command.go
new file mode 100644
index 0000000000000..6e0c7e11501bd
--- /dev/null
+++ b/backend/oracleobjectstorage/command.go
@@ -0,0 +1,228 @@
+//go:build !plan9 && !solaris && !js
+// +build !plan9,!solaris,!js
+
+package oracleobjectstorage
+
+import (
+ "context"
+ "fmt"
+ "strings"
+ "time"
+
+ "github.com/oracle/oci-go-sdk/v65/common"
+ "github.com/oracle/oci-go-sdk/v65/objectstorage"
+ "github.com/rclone/rclone/fs"
+)
+
+// ------------------------------------------------------------
+// Command Interface Implementation
+// ------------------------------------------------------------
+
+const (
+ operationRename = "rename"
+ operationListMultiPart = "list-multipart-uploads"
+ operationCleanup = "cleanup"
+)
+
+var commandHelp = []fs.CommandHelp{{
+ Name: operationRename,
+ Short: "change the name of an object",
+ Long: `This command can be used to rename a object.
+
+Usage Examples:
+
+ rclone backend rename oos:bucket relative-object-path-under-bucket object-new-name
+`,
+ Opts: nil,
+}, {
+ Name: operationListMultiPart,
+ Short: "List the unfinished multipart uploads",
+ Long: `This command lists the unfinished multipart uploads in JSON format.
+
+ rclone backend list-multipart-uploads oos:bucket/path/to/object
+
+It returns a dictionary of buckets with values as lists of unfinished
+multipart uploads.
+
+You can call it with no bucket in which case it lists all bucket, with
+a bucket or with a bucket and path.
+
+ {
+ "test-bucket": [
+ {
+ "namespace": "test-namespace",
+ "bucket": "test-bucket",
+ "object": "600m.bin",
+ "uploadId": "51dd8114-52a4-b2f2-c42f-5291f05eb3c8",
+ "timeCreated": "2022-07-29T06:21:16.595Z",
+ "storageTier": "Standard"
+ }
+ ]
+`,
+}, {
+ Name: operationCleanup,
+ Short: "Remove unfinished multipart uploads.",
+ Long: `This command removes unfinished multipart uploads of age greater than
+max-age which defaults to 24 hours.
+
+Note that you can use -i/--dry-run with this command to see what it
+would do.
+
+ rclone backend cleanup oos:bucket/path/to/object
+ rclone backend cleanup -o max-age=7w oos:bucket/path/to/object
+
+Durations are parsed as per the rest of rclone, 2h, 7d, 7w etc.
+`,
+ Opts: map[string]string{
+ "max-age": "Max age of upload to delete",
+ },
+},
+}
+
+/*
+Command the backend to run a named command
+
+The command run is name
+args may be used to read arguments from
+opts may be used to read optional arguments from
+
+The result should be capable of being JSON encoded
+If it is a string or a []string it will be shown to the user
+otherwise it will be JSON encoded and shown to the user like that
+*/
+func (f *Fs) Command(ctx context.Context, commandName string, args []string,
+ opt map[string]string) (result interface{}, err error) {
+ // fs.Debugf(f, "command %v, args: %v, opts:%v", commandName, args, opt)
+ switch commandName {
+ case operationRename:
+ if len(args) < 2 {
+ return nil, fmt.Errorf("path to object or its new name to rename is empty")
+ }
+ remote := args[0]
+ newName := args[1]
+ return f.rename(ctx, remote, newName)
+ case operationListMultiPart:
+ return f.listMultipartUploadsAll(ctx)
+ case operationCleanup:
+ maxAge := 24 * time.Hour
+ if opt["max-age"] != "" {
+ maxAge, err = fs.ParseDuration(opt["max-age"])
+ if err != nil {
+ return nil, fmt.Errorf("bad max-age: %w", err)
+ }
+ }
+ return nil, f.cleanUp(ctx, maxAge)
+ default:
+ return nil, fs.ErrorCommandNotFound
+ }
+}
+
+func (f *Fs) rename(ctx context.Context, remote, newName string) (interface{}, error) {
+ if remote == "" {
+ return nil, fmt.Errorf("path to object file cannot be empty")
+ }
+ if newName == "" {
+ return nil, fmt.Errorf("the object's new name cannot be empty")
+ }
+ o := &Object{
+ fs: f,
+ remote: remote,
+ }
+ bucketName, objectPath := o.split()
+ err := o.readMetaData(ctx)
+ if err != nil {
+ fs.Errorf(f, "failed to read object:%v %v ", objectPath, err)
+ if strings.HasPrefix(objectPath, bucketName) {
+ fs.Errorf(f, "warn: ensure object path: %v is relative to bucket:%v and doesn't include the bucket name",
+ objectPath, bucketName)
+ }
+ return nil, fs.ErrorNotAFile
+ }
+ details := objectstorage.RenameObjectDetails{
+ SourceName: common.String(objectPath),
+ NewName: common.String(newName),
+ }
+ request := objectstorage.RenameObjectRequest{
+ NamespaceName: common.String(f.opt.Namespace),
+ BucketName: common.String(bucketName),
+ RenameObjectDetails: details,
+ OpcClientRequestId: nil,
+ RequestMetadata: common.RequestMetadata{},
+ }
+ var response objectstorage.RenameObjectResponse
+ err = f.pacer.Call(func() (bool, error) {
+ response, err = f.srv.RenameObject(ctx, request)
+ return shouldRetry(ctx, response.HTTPResponse(), err)
+ })
+ if err != nil {
+ return nil, err
+ }
+ fs.Infof(f, "success: renamed object-path: %v to %v", objectPath, newName)
+ return "renamed successfully", nil
+}
+
+func (f *Fs) listMultipartUploadsAll(ctx context.Context) (uploadsMap map[string][]*objectstorage.MultipartUpload,
+ err error) {
+ uploadsMap = make(map[string][]*objectstorage.MultipartUpload)
+ bucket, directory := f.split("")
+ if bucket != "" {
+ uploads, err := f.listMultipartUploads(ctx, bucket, directory)
+ if err != nil {
+ return uploadsMap, err
+ }
+ uploadsMap[bucket] = uploads
+ return uploadsMap, nil
+ }
+ entries, err := f.listBuckets(ctx)
+ if err != nil {
+ return uploadsMap, err
+ }
+ for _, entry := range entries {
+ bucket := entry.Remote()
+ uploads, listErr := f.listMultipartUploads(ctx, bucket, "")
+ if listErr != nil {
+ err = listErr
+ fs.Errorf(f, "%v", err)
+ }
+ uploadsMap[bucket] = uploads
+ }
+ return uploadsMap, err
+}
+
+// listMultipartUploads lists all outstanding multipart uploads for (bucket, key)
+//
+// Note that rather lazily we treat key as a prefix, so it matches
+// directories and objects. This could surprise the user if they ask
+// for "dir" and it returns "dirKey"
+func (f *Fs) listMultipartUploads(ctx context.Context, bucketName, directory string) (
+ uploads []*objectstorage.MultipartUpload, err error) {
+
+ uploads = []*objectstorage.MultipartUpload{}
+ req := objectstorage.ListMultipartUploadsRequest{
+ NamespaceName: common.String(f.opt.Namespace),
+ BucketName: common.String(bucketName),
+ }
+
+ var response objectstorage.ListMultipartUploadsResponse
+ for {
+ err = f.pacer.Call(func() (bool, error) {
+ response, err = f.srv.ListMultipartUploads(ctx, req)
+ return shouldRetry(ctx, response.HTTPResponse(), err)
+ })
+ if err != nil {
+ // fs.Debugf(f, "failed to list multi part uploads %v", err)
+ return uploads, err
+ }
+ for index, item := range response.Items {
+ if directory != "" && item.Object != nil && !strings.HasPrefix(*item.Object, directory) {
+ continue
+ }
+ uploads = append(uploads, &response.Items[index])
+ }
+ if response.OpcNextPage == nil {
+ break
+ }
+ req.Page = response.OpcNextPage
+ }
+ return uploads, nil
+}
diff --git a/backend/oracleobjectstorage/copy.go b/backend/oracleobjectstorage/copy.go
new file mode 100644
index 0000000000000..9ed0b768e80f7
--- /dev/null
+++ b/backend/oracleobjectstorage/copy.go
@@ -0,0 +1,155 @@
+//go:build !plan9 && !solaris && !js
+// +build !plan9,!solaris,!js
+
+package oracleobjectstorage
+
+import (
+ "context"
+ "fmt"
+ "strings"
+ "time"
+
+ "github.com/oracle/oci-go-sdk/v65/common"
+ "github.com/oracle/oci-go-sdk/v65/objectstorage"
+ "github.com/rclone/rclone/fs"
+)
+
+// ------------------------------------------------------------
+// Implement Copier is an optional interfaces for Fs
+//------------------------------------------------------------
+
+// Copy src to this remote using server-side copy operations.
+// This is stored with the remote path given
+// It returns the destination Object and a possible error
+// Will only be called if src.Fs().Name() == f.Name()
+// If it isn't possible then return fs.ErrorCantCopy
+func (f *Fs) Copy(ctx context.Context, src fs.Object, remote string) (fs.Object, error) {
+ // fs.Debugf(f, "copying %v to %v", src.Remote(), remote)
+ srcObj, ok := src.(*Object)
+ if !ok {
+ // fs.Debugf(src, "Can't copy - not same remote type")
+ return nil, fs.ErrorCantCopy
+ }
+ // Temporary Object under construction
+ dstObj := &Object{
+ fs: f,
+ remote: remote,
+ }
+ err := f.copy(ctx, dstObj, srcObj)
+ if err != nil {
+ return nil, err
+ }
+ return f.NewObject(ctx, remote)
+}
+
+// copy does a server-side copy from dstObj <- srcObj
+//
+// If newInfo is nil then the metadata will be copied otherwise it
+// will be replaced with newInfo
+func (f *Fs) copy(ctx context.Context, dstObj *Object, srcObj *Object) (err error) {
+ srcBucket, srcPath := srcObj.split()
+ dstBucket, dstPath := dstObj.split()
+ if dstBucket != srcBucket {
+ exists, err := f.bucketExists(ctx, dstBucket)
+ if err != nil {
+ return err
+ }
+ if !exists {
+ err = f.makeBucket(ctx, dstBucket)
+ if err != nil {
+ return err
+ }
+ }
+ }
+ copyObjectDetails := objectstorage.CopyObjectDetails{
+ SourceObjectName: common.String(srcPath),
+ DestinationRegion: common.String(dstObj.fs.opt.Region),
+ DestinationNamespace: common.String(dstObj.fs.opt.Namespace),
+ DestinationBucket: common.String(dstBucket),
+ DestinationObjectName: common.String(dstPath),
+ DestinationObjectMetadata: metadataWithOpcPrefix(srcObj.meta),
+ }
+ req := objectstorage.CopyObjectRequest{
+ NamespaceName: common.String(srcObj.fs.opt.Namespace),
+ BucketName: common.String(srcBucket),
+ CopyObjectDetails: copyObjectDetails,
+ }
+ var resp objectstorage.CopyObjectResponse
+ err = f.pacer.Call(func() (bool, error) {
+ resp, err = f.srv.CopyObject(ctx, req)
+ return shouldRetry(ctx, resp.HTTPResponse(), err)
+ })
+ if err != nil {
+ return err
+ }
+ workRequestID := resp.OpcWorkRequestId
+ timeout := time.Duration(f.opt.CopyTimeout)
+ dstName := dstObj.String()
+ // https://docs.oracle.com/en-us/iaas/Content/Object/Tasks/copyingobjects.htm
+ // To enable server side copy object, customers will have to
+ // grant policy to objectstorage service to manage object-family
+ // Allow service objectstorage- to manage object-family in tenancy
+ // Another option to avoid the policy is to download and reupload the file.
+ // This download upload will work for maximum file size limit of 5GB
+ err = copyObjectWaitForWorkRequest(ctx, workRequestID, dstName, timeout, f.srv)
+ if err != nil {
+ return err
+ }
+ return err
+}
+
+func copyObjectWaitForWorkRequest(ctx context.Context, wID *string, entityType string, timeout time.Duration,
+ client *objectstorage.ObjectStorageClient) error {
+
+ stateConf := &StateChangeConf{
+ Pending: []string{
+ string(objectstorage.WorkRequestStatusAccepted),
+ string(objectstorage.WorkRequestStatusInProgress),
+ string(objectstorage.WorkRequestStatusCanceling),
+ },
+ Target: []string{
+ string(objectstorage.WorkRequestSummaryStatusCompleted),
+ string(objectstorage.WorkRequestSummaryStatusCanceled),
+ string(objectstorage.WorkRequestStatusFailed),
+ },
+ Refresh: func() (interface{}, string, error) {
+ getWorkRequestRequest := objectstorage.GetWorkRequestRequest{}
+ getWorkRequestRequest.WorkRequestId = wID
+ workRequestResponse, err := client.GetWorkRequest(context.Background(), getWorkRequestRequest)
+ wr := &workRequestResponse.WorkRequest
+ return workRequestResponse, string(wr.Status), err
+ },
+ Timeout: timeout,
+ }
+
+ wrr, e := stateConf.WaitForStateContext(ctx, entityType)
+ if e != nil {
+ return fmt.Errorf("work request did not succeed, workId: %s, entity: %s. Message: %s", *wID, entityType, e)
+ }
+
+ wr := wrr.(objectstorage.GetWorkRequestResponse).WorkRequest
+ if wr.Status == objectstorage.WorkRequestStatusFailed {
+ errorMessage, _ := getObjectStorageErrorFromWorkRequest(ctx, wID, client)
+ return fmt.Errorf("work request did not succeed, workId: %s, entity: %s. Message: %s", *wID, entityType, errorMessage)
+ }
+
+ return nil
+}
+
+func getObjectStorageErrorFromWorkRequest(ctx context.Context, workRequestID *string, client *objectstorage.ObjectStorageClient) (string, error) {
+ req := objectstorage.ListWorkRequestErrorsRequest{}
+ req.WorkRequestId = workRequestID
+ res, err := client.ListWorkRequestErrors(ctx, req)
+
+ if err != nil {
+ return "", err
+ }
+
+ allErrs := make([]string, 0)
+ for _, errs := range res.Items {
+ allErrs = append(allErrs, *errs.Message)
+ }
+
+ errorMessage := strings.Join(allErrs, "\n")
+ return errorMessage, nil
+}
diff --git a/backend/oracleobjectstorage/object.go b/backend/oracleobjectstorage/object.go
new file mode 100644
index 0000000000000..d9f84792334c0
--- /dev/null
+++ b/backend/oracleobjectstorage/object.go
@@ -0,0 +1,621 @@
+//go:build !plan9 && !solaris && !js
+// +build !plan9,!solaris,!js
+
+package oracleobjectstorage
+
+import (
+ "context"
+ "encoding/base64"
+ "encoding/hex"
+ "fmt"
+ "io"
+ "net/http"
+ "regexp"
+ "strconv"
+ "strings"
+ "time"
+
+ "github.com/ncw/swift/v2"
+ "github.com/oracle/oci-go-sdk/v65/common"
+ "github.com/oracle/oci-go-sdk/v65/objectstorage"
+ "github.com/oracle/oci-go-sdk/v65/objectstorage/transfer"
+ "github.com/rclone/rclone/fs"
+ "github.com/rclone/rclone/fs/hash"
+ "github.com/rclone/rclone/lib/atexit"
+)
+
+// ------------------------------------------------------------
+// Object Interface Implementation
+// ------------------------------------------------------------
+
+const (
+ metaMtime = "mtime" // the meta key to store mtime in - e.g. X-Amz-Meta-Mtime
+ metaMD5Hash = "md5chksum" // the meta key to store md5hash in
+ // StandardTier object storage tier
+ ociMetaPrefix = "opc-meta-"
+)
+
+var archive = "archive"
+var infrequentAccess = "infrequentaccess"
+var standard = "standard"
+
+var storageTierMap = map[string]*string{
+ archive: &archive,
+ infrequentAccess: &infrequentAccess,
+ standard: &standard,
+}
+
+var matchMd5 = regexp.MustCompile(`^[0-9a-f]{32}$`)
+
+// Object describes a oci bucket object
+type Object struct {
+ fs *Fs // what this object is part of
+ remote string // The remote path
+ md5 string // MD5 hash if known
+ bytes int64 // Size of the object
+ lastModified time.Time // The modified time of the object if known
+ meta map[string]string // The object metadata if known - may be nil
+ mimeType string // Content-Type of the object
+
+ // Metadata as pointers to strings as they often won't be present
+ storageTier *string // e.g. Standard
+}
+
+// split returns bucket and bucketPath from the object
+func (o *Object) split() (bucket, bucketPath string) {
+ return o.fs.split(o.remote)
+}
+
+// readMetaData gets the metadata if it hasn't already been fetched
+func (o *Object) readMetaData(ctx context.Context) (err error) {
+ fs.Debugf(o, "trying to read metadata %v", o.remote)
+ if o.meta != nil {
+ return nil
+ }
+ info, err := o.headObject(ctx)
+ if err != nil {
+ return err
+ }
+ return o.decodeMetaDataHead(info)
+}
+
+// headObject gets the metadata from the object unconditionally
+func (o *Object) headObject(ctx context.Context) (info *objectstorage.HeadObjectResponse, err error) {
+ bucketName, objectPath := o.split()
+ req := objectstorage.HeadObjectRequest{
+ NamespaceName: common.String(o.fs.opt.Namespace),
+ BucketName: common.String(bucketName),
+ ObjectName: common.String(objectPath),
+ }
+ var response objectstorage.HeadObjectResponse
+ err = o.fs.pacer.Call(func() (bool, error) {
+ var err error
+ response, err = o.fs.srv.HeadObject(ctx, req)
+ return shouldRetry(ctx, response.HTTPResponse(), err)
+ })
+ if err != nil {
+ if svcErr, ok := err.(common.ServiceError); ok {
+ if svcErr.GetHTTPStatusCode() == http.StatusNotFound {
+ return nil, fs.ErrorObjectNotFound
+ }
+ }
+ return nil, err
+ }
+ o.fs.cache.MarkOK(bucketName)
+ return &response, err
+}
+
+func (o *Object) decodeMetaDataHead(info *objectstorage.HeadObjectResponse) (err error) {
+ return o.setMetaData(
+ info.ContentLength,
+ info.ContentMd5,
+ info.ContentType,
+ info.LastModified,
+ info.StorageTier,
+ info.OpcMeta)
+}
+
+func (o *Object) decodeMetaDataObject(info *objectstorage.GetObjectResponse) (err error) {
+ return o.setMetaData(
+ info.ContentLength,
+ info.ContentMd5,
+ info.ContentType,
+ info.LastModified,
+ info.StorageTier,
+ info.OpcMeta)
+}
+
+func (o *Object) setMetaData(
+ contentLength *int64,
+ contentMd5 *string,
+ contentType *string,
+ lastModified *common.SDKTime,
+ storageTier interface{},
+ meta map[string]string) error {
+
+ if contentLength != nil {
+ o.bytes = *contentLength
+ }
+ if contentMd5 != nil {
+ md5, err := o.base64ToMd5(*contentMd5)
+ if err == nil {
+ o.md5 = md5
+ }
+ }
+ o.meta = meta
+ if o.meta == nil {
+ o.meta = map[string]string{}
+ }
+ // Read MD5 from metadata if present
+ if md5sumBase64, ok := o.meta[metaMD5Hash]; ok {
+ md5, err := o.base64ToMd5(md5sumBase64)
+ if err != nil {
+ o.md5 = md5
+ }
+ }
+ if lastModified == nil {
+ o.lastModified = time.Now()
+ fs.Logf(o, "Failed to read last modified")
+ } else {
+ o.lastModified = lastModified.Time
+ }
+ if contentType != nil {
+ o.mimeType = *contentType
+ }
+ if storageTier == nil || storageTier == "" {
+ o.storageTier = storageTierMap[standard]
+ } else {
+ tier := strings.ToLower(fmt.Sprintf("%v", storageTier))
+ o.storageTier = storageTierMap[tier]
+ }
+ return nil
+}
+
+func (o *Object) base64ToMd5(md5sumBase64 string) (md5 string, err error) {
+ md5sumBytes, err := base64.StdEncoding.DecodeString(md5sumBase64)
+ if err != nil {
+ fs.Debugf(o, "Failed to read md5sum from metadata %q: %v", md5sumBase64, err)
+ return "", err
+ } else if len(md5sumBytes) != 16 {
+ fs.Debugf(o, "failed to read md5sum from metadata %q: wrong length", md5sumBase64)
+ return "", fmt.Errorf("failed to read md5sum from metadata %q: wrong length", md5sumBase64)
+ }
+ return hex.EncodeToString(md5sumBytes), nil
+}
+
+// Fs returns the parent Fs
+func (o *Object) Fs() fs.Info {
+ return o.fs
+}
+
+// Remote returns the remote path
+func (o *Object) Remote() string {
+ return o.remote
+}
+
+// Return a string version
+func (o *Object) String() string {
+ if o == nil {
+ return ""
+ }
+ return o.remote
+}
+
+// Size returns the size of an object in bytes
+func (o *Object) Size() int64 {
+ return o.bytes
+}
+
+// GetTier returns storage class as string
+func (o *Object) GetTier() string {
+ if o.storageTier == nil || *o.storageTier == "" {
+ return standard
+ }
+ return *o.storageTier
+}
+
+// SetTier performs changing storage class
+func (o *Object) SetTier(tier string) (err error) {
+ ctx := context.TODO()
+ tier = strings.ToLower(tier)
+ bucketName, bucketPath := o.split()
+ tierEnum, ok := objectstorage.GetMappingStorageTierEnum(tier)
+ if !ok {
+ return fmt.Errorf("not a valid storage tier %v ", tier)
+ }
+
+ req := objectstorage.UpdateObjectStorageTierRequest{
+ NamespaceName: common.String(o.fs.opt.Namespace),
+ BucketName: common.String(bucketName),
+ UpdateObjectStorageTierDetails: objectstorage.UpdateObjectStorageTierDetails{
+ ObjectName: common.String(bucketPath),
+ StorageTier: tierEnum,
+ },
+ }
+ _, err = o.fs.srv.UpdateObjectStorageTier(ctx, req)
+ if err != nil {
+ return err
+ }
+ o.storageTier = storageTierMap[tier]
+ return err
+}
+
+// MimeType of an Object if known, "" otherwise
+func (o *Object) MimeType(ctx context.Context) string {
+ err := o.readMetaData(ctx)
+ if err != nil {
+ fs.Logf(o, "Failed to read metadata: %v", err)
+ return ""
+ }
+ return o.mimeType
+}
+
+// Hash returns the MD5 of an object returning a lowercase hex string
+func (o *Object) Hash(ctx context.Context, t hash.Type) (string, error) {
+ if t != hash.MD5 {
+ return "", hash.ErrUnsupported
+ }
+ // Convert base64 encoded md5 into lower case hex
+ if o.md5 == "" {
+ err := o.readMetaData(ctx)
+ if err != nil {
+ return "", err
+ }
+ }
+ return o.md5, nil
+}
+
+// ModTime returns the modification time of the object
+//
+// It attempts to read the objects mtime and if that isn't present the
+// LastModified returned to the http headers
+func (o *Object) ModTime(ctx context.Context) (result time.Time) {
+ if o.fs.ci.UseServerModTime {
+ return o.lastModified
+ }
+ err := o.readMetaData(ctx)
+ if err != nil {
+ fs.Logf(o, "Failed to read metadata: %v", err)
+ return time.Now()
+ }
+ // read mtime out of metadata if available
+ d, ok := o.meta[metaMtime]
+ if !ok || d == "" {
+ return o.lastModified
+ }
+ modTime, err := swift.FloatStringToTime(d)
+ if err != nil {
+ fs.Logf(o, "Failed to read mtime from object: %v", err)
+ return o.lastModified
+ }
+ return modTime
+}
+
+// SetModTime sets the modification time of the local fs object
+func (o *Object) SetModTime(ctx context.Context, modTime time.Time) error {
+ err := o.readMetaData(ctx)
+ if err != nil {
+ return err
+ }
+ o.meta[metaMtime] = swift.TimeToFloatString(modTime)
+ _, err = o.fs.Copy(ctx, o, o.remote)
+ return err
+}
+
+// Storable returns if this object is storable
+func (o *Object) Storable() bool {
+ return true
+}
+
+// Remove an object
+func (o *Object) Remove(ctx context.Context) error {
+ bucketName, bucketPath := o.split()
+ req := objectstorage.DeleteObjectRequest{
+ NamespaceName: common.String(o.fs.opt.Namespace),
+ BucketName: common.String(bucketName),
+ ObjectName: common.String(bucketPath),
+ }
+ err := o.fs.pacer.Call(func() (bool, error) {
+ resp, err := o.fs.srv.DeleteObject(ctx, req)
+ return shouldRetry(ctx, resp.HTTPResponse(), err)
+ })
+ return err
+}
+
+// Open object file
+func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (io.ReadCloser, error) {
+ bucketName, bucketPath := o.split()
+ req := objectstorage.GetObjectRequest{
+ NamespaceName: common.String(o.fs.opt.Namespace),
+ BucketName: common.String(bucketName),
+ ObjectName: common.String(bucketPath),
+ }
+ o.applyGetObjectOptions(&req, options...)
+
+ var resp objectstorage.GetObjectResponse
+ err := o.fs.pacer.Call(func() (bool, error) {
+ var err error
+ resp, err = o.fs.srv.GetObject(ctx, req)
+ return shouldRetry(ctx, resp.HTTPResponse(), err)
+ })
+ if err != nil {
+ return nil, err
+ }
+ // read size from ContentLength or ContentRange
+ bytes := resp.ContentLength
+ if resp.ContentRange != nil {
+ var contentRange = *resp.ContentRange
+ slash := strings.IndexRune(contentRange, '/')
+ if slash >= 0 {
+ i, err := strconv.ParseInt(contentRange[slash+1:], 10, 64)
+ if err == nil {
+ bytes = &i
+ } else {
+ fs.Debugf(o, "Failed to find parse integer from in %q: %v", contentRange, err)
+ }
+ } else {
+ fs.Debugf(o, "Failed to find length in %q", contentRange)
+ }
+ }
+ err = o.decodeMetaDataObject(&resp)
+ if err != nil {
+ return nil, err
+ }
+ o.bytes = *bytes
+ return resp.HTTPResponse().Body, nil
+}
+
+// Update an object if it has changed
+func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (err error) {
+ bucketName, bucketPath := o.split()
+ err = o.fs.makeBucket(ctx, bucketName)
+ if err != nil {
+ return err
+ }
+
+ // determine if we like upload single or multipart.
+ size := src.Size()
+ multipart := size >= int64(o.fs.opt.UploadCutoff)
+
+ // Set the mtime in the metadata
+ modTime := src.ModTime(ctx)
+ metadata := map[string]string{
+ metaMtime: swift.TimeToFloatString(modTime),
+ }
+
+ // read the md5sum if available
+ // - for non-multipart
+ // - so we can add a ContentMD5
+ // - so we can add the md5sum in the metadata as metaMD5Hash if using SSE/SSE-C
+ // - for multipart provided checksums aren't disabled
+ // - so we can add the md5sum in the metadata as metaMD5Hash
+ var md5sumBase64 string
+ var md5sumHex string
+ if !multipart || !o.fs.opt.DisableChecksum {
+ md5sumHex, err = src.Hash(ctx, hash.MD5)
+ if err == nil && matchMd5.MatchString(md5sumHex) {
+ hashBytes, err := hex.DecodeString(md5sumHex)
+ if err == nil {
+ md5sumBase64 = base64.StdEncoding.EncodeToString(hashBytes)
+ if multipart && !o.fs.opt.DisableChecksum {
+ // Set the md5sum as metadata on the object if
+ // - a multipart upload
+ // - the ETag is not an MD5, e.g. when using SSE/SSE-C
+ // provided checksums aren't disabled
+ metadata[metaMD5Hash] = md5sumBase64
+ }
+ }
+ }
+ }
+ // Guess the content type
+ mimeType := fs.MimeType(ctx, src)
+
+ if multipart {
+ chunkSize := int64(o.fs.opt.ChunkSize)
+ uploadRequest := transfer.UploadRequest{
+ NamespaceName: common.String(o.fs.opt.Namespace),
+ BucketName: common.String(bucketName),
+ ObjectName: common.String(bucketPath),
+ ContentType: common.String(mimeType),
+ PartSize: common.Int64(chunkSize),
+ AllowMultipartUploads: common.Bool(true),
+ AllowParrallelUploads: common.Bool(true),
+ ObjectStorageClient: o.fs.srv,
+ EnableMultipartChecksumVerification: common.Bool(!o.fs.opt.DisableChecksum),
+ NumberOfGoroutines: common.Int(o.fs.opt.UploadConcurrency),
+ Metadata: metadataWithOpcPrefix(metadata),
+ }
+ if o.fs.opt.StorageTier != "" {
+ storageTier, ok := objectstorage.GetMappingPutObjectStorageTierEnum(o.fs.opt.StorageTier)
+ if !ok {
+ return fmt.Errorf("not a valid storage tier: %v", o.fs.opt.StorageTier)
+ }
+ uploadRequest.StorageTier = storageTier
+ }
+ o.applyMultiPutOptions(&uploadRequest, options...)
+ uploadStreamRequest := transfer.UploadStreamRequest{
+ UploadRequest: uploadRequest,
+ StreamReader: in,
+ }
+ uploadMgr := transfer.NewUploadManager()
+ var uploadID = ""
+
+ defer atexit.OnError(&err, func() {
+ if uploadID == "" {
+ return
+ }
+ if o.fs.opt.LeavePartsOnError {
+ return
+ }
+ fs.Debugf(o, "Cancelling multipart upload")
+ errCancel := o.fs.abortMultiPartUpload(
+ context.Background(),
+ bucketName,
+ bucketPath,
+ uploadID)
+ if errCancel != nil {
+ fs.Debugf(o, "Failed to cancel multipart upload: %v", errCancel)
+ }
+ })()
+
+ err = o.fs.pacer.Call(func() (bool, error) {
+ uploadResponse, err := uploadMgr.UploadStream(ctx, uploadStreamRequest)
+ var httpResponse *http.Response
+ if err == nil {
+ if uploadResponse.Type == transfer.MultipartUpload {
+ if uploadResponse.MultipartUploadResponse != nil {
+ httpResponse = uploadResponse.MultipartUploadResponse.HTTPResponse()
+ }
+ } else {
+ if uploadResponse.SinglepartUploadResponse != nil {
+ httpResponse = uploadResponse.SinglepartUploadResponse.HTTPResponse()
+ }
+ }
+ }
+ if err != nil {
+ uploadID := ""
+ if uploadResponse.MultipartUploadResponse != nil && uploadResponse.MultipartUploadResponse.UploadID != nil {
+ uploadID = *uploadResponse.MultipartUploadResponse.UploadID
+ fs.Debugf(o, "multipart streaming upload failed, aborting uploadID: %v, may retry", uploadID)
+ _ = o.fs.abortMultiPartUpload(ctx, bucketName, bucketPath, uploadID)
+ }
+ }
+ return shouldRetry(ctx, httpResponse, err)
+ })
+ if err != nil {
+ fs.Errorf(o, "multipart streaming upload failed %v", err)
+ return err
+ }
+ } else {
+ req := objectstorage.PutObjectRequest{
+ NamespaceName: common.String(o.fs.opt.Namespace),
+ BucketName: common.String(bucketName),
+ ObjectName: common.String(bucketPath),
+ ContentType: common.String(mimeType),
+ PutObjectBody: io.NopCloser(in),
+ OpcMeta: metadata,
+ }
+ if size >= 0 {
+ req.ContentLength = common.Int64(size)
+ }
+ if o.fs.opt.StorageTier != "" {
+ storageTier, ok := objectstorage.GetMappingPutObjectStorageTierEnum(o.fs.opt.StorageTier)
+ if !ok {
+ return fmt.Errorf("not a valid storage tier: %v", o.fs.opt.StorageTier)
+ }
+ req.StorageTier = storageTier
+ }
+ o.applyPutOptions(&req, options...)
+ err = o.fs.pacer.Call(func() (bool, error) {
+ resp, err := o.fs.srv.PutObject(ctx, req)
+ return shouldRetry(ctx, resp.HTTPResponse(), err)
+ })
+ if err != nil {
+ fs.Errorf(o, "put object failed %v", err)
+ return err
+ }
+ }
+ // Read the metadata from the newly created object
+ o.meta = nil // wipe old metadata
+ return o.readMetaData(ctx)
+}
+
+func (o *Object) applyPutOptions(req *objectstorage.PutObjectRequest, options ...fs.OpenOption) {
+ // Apply upload options
+ for _, option := range options {
+ key, value := option.Header()
+ lowerKey := strings.ToLower(key)
+ switch lowerKey {
+ case "":
+ // ignore
+ case "cache-control":
+ req.CacheControl = common.String(value)
+ case "content-disposition":
+ req.ContentDisposition = common.String(value)
+ case "content-encoding":
+ req.ContentEncoding = common.String(value)
+ case "content-language":
+ req.ContentLanguage = common.String(value)
+ case "content-type":
+ req.ContentType = common.String(value)
+ default:
+ if strings.HasPrefix(lowerKey, ociMetaPrefix) {
+ req.OpcMeta[lowerKey] = value
+ } else {
+ fs.Errorf(o, "Don't know how to set key %q on upload", key)
+ }
+ }
+ }
+}
+
+func (o *Object) applyGetObjectOptions(req *objectstorage.GetObjectRequest, options ...fs.OpenOption) {
+ fs.FixRangeOption(options, o.bytes)
+ for _, option := range options {
+ switch option.(type) {
+ case *fs.RangeOption, *fs.SeekOption:
+ _, value := option.Header()
+ req.Range = &value
+ default:
+ if option.Mandatory() {
+ fs.Logf(o, "Unsupported mandatory option: %v", option)
+ }
+ }
+ }
+ // Apply upload options
+ for _, option := range options {
+ key, value := option.Header()
+ lowerKey := strings.ToLower(key)
+ switch lowerKey {
+ case "":
+ // ignore
+ case "cache-control":
+ req.HttpResponseCacheControl = common.String(value)
+ case "content-disposition":
+ req.HttpResponseContentDisposition = common.String(value)
+ case "content-encoding":
+ req.HttpResponseContentEncoding = common.String(value)
+ case "content-language":
+ req.HttpResponseContentLanguage = common.String(value)
+ case "content-type":
+ req.HttpResponseContentType = common.String(value)
+ case "range":
+ // do nothing
+ default:
+ fs.Errorf(o, "Don't know how to set key %q on upload", key)
+ }
+ }
+}
+
+func (o *Object) applyMultiPutOptions(req *transfer.UploadRequest, options ...fs.OpenOption) {
+ // Apply upload options
+ for _, option := range options {
+ key, value := option.Header()
+ lowerKey := strings.ToLower(key)
+ switch lowerKey {
+ case "":
+ // ignore
+ case "content-encoding":
+ req.ContentEncoding = common.String(value)
+ case "content-language":
+ req.ContentLanguage = common.String(value)
+ case "content-type":
+ req.ContentType = common.String(value)
+ default:
+ if strings.HasPrefix(lowerKey, ociMetaPrefix) {
+ req.Metadata[lowerKey] = value
+ } else {
+ fs.Errorf(o, "Don't know how to set key %q on upload", key)
+ }
+ }
+ }
+}
+
+func metadataWithOpcPrefix(src map[string]string) map[string]string {
+ dst := make(map[string]string)
+ for lowerKey, value := range src {
+ if !strings.HasPrefix(lowerKey, ociMetaPrefix) {
+ dst[ociMetaPrefix+lowerKey] = value
+ }
+ }
+ return dst
+}
diff --git a/backend/oracleobjectstorage/options.go b/backend/oracleobjectstorage/options.go
new file mode 100644
index 0000000000000..2916157be6a46
--- /dev/null
+++ b/backend/oracleobjectstorage/options.go
@@ -0,0 +1,258 @@
+//go:build !plan9 && !solaris && !js
+// +build !plan9,!solaris,!js
+
+package oracleobjectstorage
+
+import (
+ "time"
+
+ "github.com/rclone/rclone/fs"
+ "github.com/rclone/rclone/fs/config"
+ "github.com/rclone/rclone/lib/encoder"
+)
+
+const (
+ maxSizeForCopy = 4768 * 1024 * 1024
+ minChunkSize = fs.SizeSuffix(1024 * 1024 * 5)
+ defaultUploadCutoff = fs.SizeSuffix(200 * 1024 * 1024)
+ defaultUploadConcurrency = 10
+ maxUploadCutoff = fs.SizeSuffix(5 * 1024 * 1024 * 1024)
+ minSleep = 100 * time.Millisecond
+ maxSleep = 5 * time.Minute
+ decayConstant = 1 // bigger for slower decay, exponential
+ defaultCopyTimeoutDuration = fs.Duration(time.Minute)
+)
+
+const (
+ userPrincipal = "user_principal_auth"
+ instancePrincipal = "instance_principal_auth"
+ resourcePrincipal = "resource_principal_auth"
+ environmentAuth = "env_auth"
+ noAuth = "no_auth"
+
+ userPrincipalHelpText = `use an OCI user and an API key for authentication.
+you’ll need to put in a config file your tenancy OCID, user OCID, region, the path, fingerprint to an API key.
+https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm`
+
+ instancePrincipalHelpText = `use instance principals to authorize an instance to make API calls.
+each instance has its own identity, and authenticates using the certificates that are read from instance metadata.
+https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm`
+
+ resourcePrincipalHelpText = `use resource principals to make API calls`
+
+ environmentAuthHelpText = `automatically pickup the credentials from runtime(env), first one to provide auth wins`
+
+ noAuthHelpText = `no credentials needed, this is typically for reading public buckets`
+)
+
+// Options defines the configuration for this backend
+type Options struct {
+ Provider string `config:"provider"`
+ Compartment string `config:"compartment"`
+ Namespace string `config:"namespace"`
+ Region string `config:"region"`
+ Endpoint string `config:"endpoint"`
+ Enc encoder.MultiEncoder `config:"encoding"`
+ ConfigFile string `config:"config_file"`
+ ConfigProfile string `config:"config_profile"`
+ UploadCutoff fs.SizeSuffix `config:"upload_cutoff"`
+ ChunkSize fs.SizeSuffix `config:"chunk_size"`
+ UploadConcurrency int `config:"upload_concurrency"`
+ DisableChecksum bool `config:"disable_checksum"`
+ CopyCutoff fs.SizeSuffix `config:"copy_cutoff"`
+ CopyTimeout fs.Duration `config:"copy_timeout"`
+ StorageTier string `config:"storage_tier"`
+ LeavePartsOnError bool `config:"leave_parts_on_error"`
+ NoCheckBucket bool `config:"no_check_bucket"`
+}
+
+func newOptions() []fs.Option {
+ return []fs.Option{{
+ Name: fs.ConfigProvider,
+ Help: "Choose your Auth Provider",
+ Required: true,
+ Default: environmentAuth,
+ Examples: []fs.OptionExample{{
+ Value: environmentAuth,
+ Help: environmentAuthHelpText,
+ }, {
+ Value: userPrincipal,
+ Help: userPrincipalHelpText,
+ }, {
+ Value: instancePrincipal,
+ Help: instancePrincipalHelpText,
+ }, {
+ Value: resourcePrincipal,
+ Help: resourcePrincipalHelpText,
+ }, {
+ Value: noAuth,
+ Help: noAuthHelpText,
+ }},
+ }, {
+ Name: "namespace",
+ Help: "Object storage namespace",
+ Required: true,
+ }, {
+ Name: "compartment",
+ Help: "Object storage compartment OCID",
+ Provider: "!no_auth",
+ Required: true,
+ }, {
+ Name: "region",
+ Help: "Object storage Region",
+ Required: true,
+ }, {
+ Name: "endpoint",
+ Help: "Endpoint for Object storage API.\n\nLeave blank to use the default endpoint for the region.",
+ Required: false,
+ }, {
+ Name: "config_file",
+ Help: "Path to OCI config file",
+ Provider: userPrincipal,
+ Default: "~/.oci/config",
+ Examples: []fs.OptionExample{{
+ Value: "~/.oci/config",
+ Help: "oci configuration file location",
+ }},
+ }, {
+ Name: "config_profile",
+ Help: "Profile name inside the oci config file",
+ Provider: userPrincipal,
+ Default: "Default",
+ Examples: []fs.OptionExample{{
+ Value: "Default",
+ Help: "Use the default profile",
+ }},
+ }, {
+ // Mapping from here: https://github.com/oracle/oci-go-sdk/blob/master/objectstorage/storage_tier.go
+ Name: "storage_tier",
+ Help: "The storage class to use when storing new objects in storage. https://docs.oracle.com/en-us/iaas/Content/Object/Concepts/understandingstoragetiers.htm",
+ Default: "Standard",
+ Advanced: true,
+ Examples: []fs.OptionExample{{
+ Value: "Standard",
+ Help: "Standard storage tier, this is the default tier",
+ }, {
+ Value: "InfrequentAccess",
+ Help: "InfrequentAccess storage tier",
+ }, {
+ Value: "Archive",
+ Help: "Archive storage tier",
+ }},
+ }, {
+ Name: "upload_cutoff",
+ Help: `Cutoff for switching to chunked upload.
+
+Any files larger than this will be uploaded in chunks of chunk_size.
+The minimum is 0 and the maximum is 5 GiB.`,
+ Default: defaultUploadCutoff,
+ Advanced: true,
+ }, {
+ Name: "chunk_size",
+ Help: `Chunk size to use for uploading.
+
+When uploading files larger than upload_cutoff or files with unknown
+size (e.g. from "rclone rcat" or uploaded with "rclone mount" or google
+photos or google docs) they will be uploaded as multipart uploads
+using this chunk size.
+
+Note that "upload_concurrency" chunks of this size are buffered
+in memory per transfer.
+
+If you are transferring large files over high-speed links and you have
+enough memory, then increasing this will speed up the transfers.
+
+Rclone will automatically increase the chunk size when uploading a
+large file of known size to stay below the 10,000 chunks limit.
+
+Files of unknown size are uploaded with the configured
+chunk_size. Since the default chunk size is 5 MiB and there can be at
+most 10,000 chunks, this means that by default the maximum size of
+a file you can stream upload is 48 GiB. If you wish to stream upload
+larger files then you will need to increase chunk_size.
+
+Increasing the chunk size decreases the accuracy of the progress
+statistics displayed with "-P" flag.
+`,
+ Default: minChunkSize,
+ Advanced: true,
+ }, {
+ Name: "upload_concurrency",
+ Help: `Concurrency for multipart uploads.
+
+This is the number of chunks of the same file that are uploaded
+concurrently.
+
+If you are uploading small numbers of large files over high-speed links
+and these uploads do not fully utilize your bandwidth, then increasing
+this may help to speed up the transfers.`,
+ Default: defaultUploadConcurrency,
+ Advanced: true,
+ }, {
+ Name: "copy_cutoff",
+ Help: `Cutoff for switching to multipart copy.
+
+Any files larger than this that need to be server-side copied will be
+copied in chunks of this size.
+
+The minimum is 0 and the maximum is 5 GiB.`,
+ Default: fs.SizeSuffix(maxSizeForCopy),
+ Advanced: true,
+ }, {
+ Name: "copy_timeout",
+ Help: `Timeout for copy.
+
+Copy is an asynchronous operation, specify timeout to wait for copy to succeed
+`,
+ Default: defaultCopyTimeoutDuration,
+ Advanced: true,
+ }, {
+ Name: "disable_checksum",
+ Help: `Don't store MD5 checksum with object metadata.
+
+Normally rclone will calculate the MD5 checksum of the input before
+uploading it so it can add it to metadata on the object. This is great
+for data integrity checking but can cause long delays for large files
+to start uploading.`,
+ Default: false,
+ Advanced: true,
+ }, {
+ Name: config.ConfigEncoding,
+ Help: config.ConfigEncodingHelp,
+ Advanced: true,
+ // Any UTF-8 character is valid in a key, however it can't handle
+ // invalid UTF-8 and / have a special meaning.
+ //
+ // The SDK can't seem to handle uploading files called '.
+ // - initial / encoding
+ // - doubled / encoding
+ // - trailing / encoding
+ // so that OSS keys are always valid file names
+ Default: encoder.EncodeInvalidUtf8 |
+ encoder.EncodeSlash |
+ encoder.EncodeDot,
+ }, {
+ Name: "leave_parts_on_error",
+ Help: `If true avoid calling abort upload on a failure, leaving all successfully uploaded parts on S3 for manual recovery.
+
+It should be set to true for resuming uploads across different sessions.
+
+WARNING: Storing parts of an incomplete multipart upload counts towards space usage on object storage and will add
+additional costs if not cleaned up.
+`,
+ Default: false,
+ Advanced: true,
+ }, {
+ Name: "no_check_bucket",
+ Help: `If set, don't attempt to check the bucket exists or create it.
+
+This can be useful when trying to minimise the number of transactions
+rclone does if you know the bucket exists already.
+
+It can also be needed if the user you are using does not have bucket
+creation permissions.
+`,
+ Default: false,
+ Advanced: true,
+ }}
+}
diff --git a/backend/oracleobjectstorage/oracleobjectstorage.go b/backend/oracleobjectstorage/oracleobjectstorage.go
new file mode 100644
index 0000000000000..6f730f2587e1d
--- /dev/null
+++ b/backend/oracleobjectstorage/oracleobjectstorage.go
@@ -0,0 +1,695 @@
+//go:build !plan9 && !solaris && !js
+// +build !plan9,!solaris,!js
+
+// Package oracleobjectstorage provides an interface to the OCI object storage system.
+package oracleobjectstorage
+
+import (
+ "context"
+ "fmt"
+ "io"
+ "net/http"
+ "path"
+ "strings"
+ "time"
+
+ "github.com/oracle/oci-go-sdk/v65/common"
+ "github.com/oracle/oci-go-sdk/v65/objectstorage"
+ "github.com/rclone/rclone/fs"
+ "github.com/rclone/rclone/fs/config/configmap"
+ "github.com/rclone/rclone/fs/config/configstruct"
+ "github.com/rclone/rclone/fs/hash"
+ "github.com/rclone/rclone/fs/operations"
+ "github.com/rclone/rclone/fs/walk"
+ "github.com/rclone/rclone/lib/bucket"
+ "github.com/rclone/rclone/lib/pacer"
+)
+
+// Register with Fs
+func init() {
+ fs.Register(&fs.RegInfo{
+ Name: "oracleobjectstorage",
+ Description: "Oracle Cloud Infrastructure Object Storage",
+ Prefix: "oos",
+ NewFs: NewFs,
+ CommandHelp: commandHelp,
+ Options: newOptions(),
+ })
+}
+
+// Fs represents a remote object storage server
+type Fs struct {
+ name string // name of this remote
+ root string // the path we are working on if any
+ opt Options // parsed config options
+ ci *fs.ConfigInfo // global config
+ features *fs.Features // optional features
+ srv *objectstorage.ObjectStorageClient // the connection to the object storage
+ rootBucket string // bucket part of root (if any)
+ rootDirectory string // directory part of root (if any)
+ cache *bucket.Cache // cache for bucket creation status
+ pacer *fs.Pacer // To pace the API calls
+}
+
+// NewFs Initialize backend
+func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, error) {
+ // Parse config into Options struct
+ opt := new(Options)
+ err := configstruct.Set(m, opt)
+ if err != nil {
+ return nil, err
+ }
+ ci := fs.GetConfig(ctx)
+ objectStorageClient, err := newObjectStorageClient(ctx, opt)
+ if err != nil {
+ return nil, err
+ }
+ p := pacer.NewDefault(pacer.MinSleep(minSleep), pacer.MaxSleep(maxSleep), pacer.DecayConstant(decayConstant))
+ f := &Fs{
+ name: name,
+ opt: *opt,
+ ci: ci,
+ srv: objectStorageClient,
+ cache: bucket.NewCache(),
+ pacer: fs.NewPacer(ctx, p),
+ }
+ f.setRoot(root)
+ f.features = (&fs.Features{
+ ReadMimeType: true,
+ WriteMimeType: true,
+ BucketBased: true,
+ BucketBasedRootOK: true,
+ SetTier: true,
+ GetTier: true,
+ SlowModTime: true,
+ }).Fill(ctx, f)
+ if f.rootBucket != "" && f.rootDirectory != "" && !strings.HasSuffix(root, "/") {
+ // Check to see if the (bucket,directory) is actually an existing file
+ oldRoot := f.root
+ newRoot, leaf := path.Split(oldRoot)
+ f.setRoot(newRoot)
+ _, err := f.NewObject(ctx, leaf)
+ if err != nil {
+ // File doesn't exist or is a directory so return old f
+ f.setRoot(oldRoot)
+ return f, nil
+ }
+ // return an error with fs which points to the parent
+ return f, fs.ErrorIsFile
+ }
+ return f, err
+}
+
+func checkUploadChunkSize(cs fs.SizeSuffix) error {
+ if cs < minChunkSize {
+ return fmt.Errorf("%s is less than %s", cs, minChunkSize)
+ }
+ return nil
+}
+
+func (f *Fs) setUploadChunkSize(cs fs.SizeSuffix) (old fs.SizeSuffix, err error) {
+ err = checkUploadChunkSize(cs)
+ if err == nil {
+ old, f.opt.ChunkSize = f.opt.ChunkSize, cs
+ }
+ return
+}
+
+func checkUploadCutoff(cs fs.SizeSuffix) error {
+ if cs > maxUploadCutoff {
+ return fmt.Errorf("%s is greater than %s", cs, maxUploadCutoff)
+ }
+ return nil
+}
+
+func (f *Fs) setUploadCutoff(cs fs.SizeSuffix) (old fs.SizeSuffix, err error) {
+ err = checkUploadCutoff(cs)
+ if err == nil {
+ old, f.opt.UploadCutoff = f.opt.UploadCutoff, cs
+ }
+ return
+}
+
+// ------------------------------------------------------------
+// Implement backed that represents a remote object storage server
+// Fs is the interface a cloud storage system must provide
+// ------------------------------------------------------------
+
+// Name of the remote (as passed into NewFs)
+func (f *Fs) Name() string {
+ return f.name
+}
+
+// Root of the remote (as passed into NewFs)
+func (f *Fs) Root() string {
+ return f.root
+}
+
+// String converts this Fs to a string
+func (f *Fs) String() string {
+ if f.rootBucket == "" {
+ return "oos:root"
+ }
+ if f.rootDirectory == "" {
+ return fmt.Sprintf("oos:bucket %s", f.rootBucket)
+ }
+ return fmt.Sprintf("oos:bucket %s, path %s", f.rootBucket, f.rootDirectory)
+}
+
+// Features returns the optional features of this Fs
+func (f *Fs) Features() *fs.Features {
+ return f.features
+}
+
+// Precision of the remote
+func (f *Fs) Precision() time.Duration {
+ return time.Millisecond
+}
+
+// Hashes returns the supported hash sets.
+func (f *Fs) Hashes() hash.Set {
+ return hash.Set(hash.MD5)
+}
+
+// setRoot changes the root of the Fs
+func (f *Fs) setRoot(root string) {
+ f.root = parsePath(root)
+ f.rootBucket, f.rootDirectory = bucket.Split(f.root)
+}
+
+// parsePath parses a remote 'url'
+func parsePath(path string) (root string) {
+ root = strings.Trim(path, "/")
+ return
+}
+
+// split returns bucket and bucketPath from the rootRelativePath
+// relative to f.root
+func (f *Fs) split(rootRelativePath string) (bucketName, bucketPath string) {
+ bucketName, bucketPath = bucket.Split(path.Join(f.root, rootRelativePath))
+ return f.opt.Enc.FromStandardName(bucketName), f.opt.Enc.FromStandardPath(bucketPath)
+}
+
+// List the objects and directories in dir into entries. The
+// entries can be returned in any order but should be for a
+// complete directory.
+//
+// dir should be "" to list the root, and should not have
+// trailing slashes.
+//
+// This should return ErrDirNotFound if the directory isn't
+// found.
+func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err error) {
+ bucketName, directory := f.split(dir)
+ fs.Debugf(f, "listing: bucket : %v, directory: %v", bucketName, dir)
+ if bucketName == "" {
+ if directory != "" {
+ return nil, fs.ErrorListBucketRequired
+ }
+ return f.listBuckets(ctx)
+ }
+ return f.listDir(ctx, bucketName, directory, f.rootDirectory, f.rootBucket == "")
+}
+
+// listFn is called from list to handle an object.
+type listFn func(remote string, object *objectstorage.ObjectSummary, isDirectory bool) error
+
+// list the objects into the function supplied from
+// the bucket and root supplied
+// (bucket, directory) is the starting directory
+// If prefix is set then it is removed from all file names
+// If addBucket is set then it adds the bucket to the start of the remotes generated
+// If recurse is set the function will recursively list
+// If limit is > 0 then it limits to that many files (must be less than 1000)
+// If hidden is set then it will list the hidden (deleted) files too.
+// if findFile is set it will look for files called (bucket, directory)
+func (f *Fs) list(ctx context.Context, bucket, directory, prefix string, addBucket bool, recurse bool, limit int,
+ fn listFn) (err error) {
+ if prefix != "" {
+ prefix += "/"
+ }
+ if directory != "" {
+ directory += "/"
+ }
+
+ delimiter := ""
+ if !recurse {
+ delimiter = "/"
+ }
+ chunkSize := 1000
+ if limit > 0 {
+ chunkSize = limit
+ }
+ var request = objectstorage.ListObjectsRequest{
+ NamespaceName: common.String(f.opt.Namespace),
+ BucketName: common.String(bucket),
+ Prefix: common.String(directory),
+ Limit: common.Int(chunkSize),
+ Fields: common.String("name,size,etag,timeCreated,md5,timeModified,storageTier,archivalState"),
+ }
+ if delimiter != "" {
+ request.Delimiter = common.String(delimiter)
+ }
+
+ for {
+ var resp objectstorage.ListObjectsResponse
+ err = f.pacer.Call(func() (bool, error) {
+ var err error
+ resp, err = f.srv.ListObjects(ctx, request)
+ return shouldRetry(ctx, resp.HTTPResponse(), err)
+ })
+ if err != nil {
+ if ociError, ok := err.(common.ServiceError); ok {
+ // If it is a timeout then we want to retry that
+ if ociError.GetHTTPStatusCode() == http.StatusNotFound {
+ err = fs.ErrorDirNotFound
+ }
+ }
+ if f.rootBucket == "" {
+ // if listing from the root ignore wrong region requests returning
+ // empty directory
+ if reqErr, ok := err.(common.ServiceError); ok {
+ // 301 if wrong region for bucket
+ if reqErr.GetHTTPStatusCode() == http.StatusMovedPermanently {
+ fs.Errorf(f, "Can't change region for bucket %q with no bucket specified", bucket)
+ return nil
+ }
+ }
+ }
+ return err
+ }
+ if !recurse {
+ for _, commonPrefix := range resp.ListObjects.Prefixes {
+ if commonPrefix == "" {
+ fs.Logf(f, "Nil common prefix received")
+ continue
+ }
+ remote := commonPrefix
+ remote = f.opt.Enc.ToStandardPath(remote)
+ if !strings.HasPrefix(remote, prefix) {
+ fs.Logf(f, "Odd name received %q", remote)
+ continue
+ }
+ remote = remote[len(prefix):]
+ if addBucket {
+ remote = path.Join(bucket, remote)
+ }
+ remote = strings.TrimSuffix(remote, "/")
+ err = fn(remote, &objectstorage.ObjectSummary{Name: &remote}, true)
+ if err != nil {
+ return err
+ }
+ }
+ }
+ for i := range resp.Objects {
+ object := &resp.Objects[i]
+ // Finish if file name no longer has prefix
+ //if prefix != "" && !strings.HasPrefix(file.Name, prefix) {
+ // return nil
+ //}
+ remote := *object.Name
+ remote = f.opt.Enc.ToStandardPath(remote)
+ if !strings.HasPrefix(remote, prefix) {
+ // fs.Debugf(f, "Odd name received %v", object.Name)
+ continue
+ }
+ remote = remote[len(prefix):]
+ // Check for directory
+ isDirectory := remote == "" || strings.HasSuffix(remote, "/")
+ if addBucket {
+ remote = path.Join(bucket, remote)
+ }
+ // is this a directory marker?
+ if isDirectory && object.Size != nil && *object.Size == 0 {
+ continue // skip directory marker
+ }
+ if isDirectory && len(remote) > 1 {
+ remote = remote[:len(remote)-1]
+ }
+ err = fn(remote, object, isDirectory)
+ if err != nil {
+ return err
+ }
+ }
+ // end if no NextFileName
+ if resp.NextStartWith == nil {
+ break
+ }
+ request.Start = resp.NextStartWith
+ }
+ return nil
+}
+
+// Convert a list item into a DirEntry
+func (f *Fs) itemToDirEntry(ctx context.Context, remote string, object *objectstorage.ObjectSummary, isDirectory bool) (fs.DirEntry, error) {
+ if isDirectory {
+ size := int64(0)
+ if object.Size != nil {
+ size = *object.Size
+ }
+ d := fs.NewDir(remote, time.Time{}).SetSize(size)
+ return d, nil
+ }
+ o, err := f.newObjectWithInfo(ctx, remote, object)
+ if err != nil {
+ return nil, err
+ }
+ return o, nil
+}
+
+// listDir lists a single directory
+func (f *Fs) listDir(ctx context.Context, bucket, directory, prefix string, addBucket bool) (entries fs.DirEntries, err error) {
+ fn := func(remote string, object *objectstorage.ObjectSummary, isDirectory bool) error {
+ entry, err := f.itemToDirEntry(ctx, remote, object, isDirectory)
+ if err != nil {
+ return err
+ }
+ if entry != nil {
+ entries = append(entries, entry)
+ }
+ return nil
+ }
+ err = f.list(ctx, bucket, directory, prefix, addBucket, false, 0, fn)
+ if err != nil {
+ return nil, err
+ }
+ // bucket must be present if listing succeeded
+ f.cache.MarkOK(bucket)
+ return entries, nil
+}
+
+// listBuckets returns all the buckets to out
+func (f *Fs) listBuckets(ctx context.Context) (entries fs.DirEntries, err error) {
+ if f.opt.Provider == noAuth {
+ return nil, fmt.Errorf("can't list buckets with %v provider, use a valid auth provider in config file", noAuth)
+ }
+ var request = objectstorage.ListBucketsRequest{
+ NamespaceName: common.String(f.opt.Namespace),
+ CompartmentId: common.String(f.opt.Compartment),
+ }
+ var resp objectstorage.ListBucketsResponse
+ for {
+ err = f.pacer.Call(func() (bool, error) {
+ resp, err = f.srv.ListBuckets(ctx, request)
+ return shouldRetry(ctx, resp.HTTPResponse(), err)
+ })
+ if err != nil {
+ return nil, err
+ }
+ for _, item := range resp.Items {
+ bucketName := f.opt.Enc.ToStandardName(*item.Name)
+ f.cache.MarkOK(bucketName)
+ d := fs.NewDir(bucketName, item.TimeCreated.Time)
+ entries = append(entries, d)
+ }
+ if resp.OpcNextPage == nil {
+ break
+ }
+ request.Page = resp.OpcNextPage
+ }
+ return entries, nil
+}
+
+// Return an Object from a path
+// If it can't be found it returns the error fs.ErrorObjectNotFound.
+func (f *Fs) newObjectWithInfo(ctx context.Context, remote string, info *objectstorage.ObjectSummary) (fs.Object, error) {
+ o := &Object{
+ fs: f,
+ remote: remote,
+ }
+ if info != nil {
+ // Set info but not meta
+ if info.TimeModified == nil {
+ fs.Logf(o, "Failed to read last modified")
+ o.lastModified = time.Now()
+ } else {
+ o.lastModified = info.TimeModified.Time
+ }
+ if info.Md5 != nil {
+ md5, err := o.base64ToMd5(*info.Md5)
+ if err != nil {
+ o.md5 = md5
+ }
+ }
+ o.bytes = *info.Size
+ o.storageTier = storageTierMap[strings.ToLower(string(info.StorageTier))]
+ } else {
+ err := o.readMetaData(ctx) // reads info and headers, returning an error
+ if err != nil {
+ return nil, err
+ }
+ }
+ return o, nil
+}
+
+// NewObject finds the Object at remote. If it can't be found
+// it returns the error fs.ErrorObjectNotFound.
+func (f *Fs) NewObject(ctx context.Context, remote string) (fs.Object, error) {
+ return f.newObjectWithInfo(ctx, remote, nil)
+}
+
+// Put the object into the bucket
+// Copy the reader in to the new object which is returned
+// The new object may have been created if an error is returned
+func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
+ // Temporary Object under construction
+ o := &Object{
+ fs: f,
+ remote: src.Remote(),
+ }
+ return o, o.Update(ctx, in, src, options...)
+}
+
+// PutStream uploads to the remote path with the modTime given of indeterminate size
+func (f *Fs) PutStream(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
+ return f.Put(ctx, in, src, options...)
+}
+
+// Mkdir creates the bucket if it doesn't exist
+func (f *Fs) Mkdir(ctx context.Context, dir string) error {
+ bucketName, _ := f.split(dir)
+ return f.makeBucket(ctx, bucketName)
+}
+
+// makeBucket creates the bucket if it doesn't exist
+func (f *Fs) makeBucket(ctx context.Context, bucketName string) error {
+ if f.opt.NoCheckBucket {
+ return nil
+ }
+ return f.cache.Create(bucketName, func() error {
+ details := objectstorage.CreateBucketDetails{
+ Name: common.String(bucketName),
+ CompartmentId: common.String(f.opt.Compartment),
+ PublicAccessType: objectstorage.CreateBucketDetailsPublicAccessTypeNopublicaccess,
+ }
+ req := objectstorage.CreateBucketRequest{
+ NamespaceName: common.String(f.opt.Namespace),
+ CreateBucketDetails: details,
+ }
+ err := f.pacer.Call(func() (bool, error) {
+ resp, err := f.srv.CreateBucket(ctx, req)
+ return shouldRetry(ctx, resp.HTTPResponse(), err)
+ })
+ if err == nil {
+ fs.Infof(f, "Bucket %q created with accessType %q", bucketName,
+ objectstorage.CreateBucketDetailsPublicAccessTypeNopublicaccess)
+ }
+ if svcErr, ok := err.(common.ServiceError); ok {
+ if code := svcErr.GetCode(); code == "BucketAlreadyOwnedByYou" || code == "BucketAlreadyExists" {
+ err = nil
+ }
+ }
+ return err
+ }, func() (bool, error) {
+ return f.bucketExists(ctx, bucketName)
+ })
+}
+
+// Check if the bucket exists
+//
+// NB this can return incorrect results if called immediately after bucket deletion
+func (f *Fs) bucketExists(ctx context.Context, bucketName string) (bool, error) {
+ req := objectstorage.HeadBucketRequest{
+ NamespaceName: common.String(f.opt.Namespace),
+ BucketName: common.String(bucketName),
+ }
+ err := f.pacer.Call(func() (bool, error) {
+ resp, err := f.srv.HeadBucket(ctx, req)
+ return shouldRetry(ctx, resp.HTTPResponse(), err)
+ })
+ if err == nil {
+ return true, nil
+ }
+ if err, ok := err.(common.ServiceError); ok {
+ if err.GetHTTPStatusCode() == http.StatusNotFound {
+ return false, nil
+ }
+ }
+ return false, err
+}
+
+// Rmdir delete an empty bucket. if bucket is not empty this is will fail with appropriate error
+func (f *Fs) Rmdir(ctx context.Context, dir string) error {
+ bucketName, directory := f.split(dir)
+ if bucketName == "" || directory != "" {
+ return nil
+ }
+ return f.cache.Remove(bucketName, func() error {
+ req := objectstorage.DeleteBucketRequest{
+ NamespaceName: common.String(f.opt.Namespace),
+ BucketName: common.String(bucketName),
+ }
+ err := f.pacer.Call(func() (bool, error) {
+ resp, err := f.srv.DeleteBucket(ctx, req)
+ return shouldRetry(ctx, resp.HTTPResponse(), err)
+ })
+ if err == nil {
+ fs.Infof(f, "Bucket %q deleted", bucketName)
+ }
+ return err
+ })
+}
+
+func (f *Fs) abortMultiPartUpload(ctx context.Context, bucketName, bucketPath, uploadID string) (err error) {
+ if uploadID == "" {
+ return nil
+ }
+ request := objectstorage.AbortMultipartUploadRequest{
+ NamespaceName: common.String(f.opt.Namespace),
+ BucketName: common.String(bucketName),
+ ObjectName: common.String(bucketPath),
+ UploadId: common.String(uploadID),
+ }
+ err = f.pacer.Call(func() (bool, error) {
+ resp, err := f.srv.AbortMultipartUpload(ctx, request)
+ return shouldRetry(ctx, resp.HTTPResponse(), err)
+ })
+ return err
+}
+
+// cleanUpBucket removes all pending multipart uploads for a given bucket over the age of maxAge
+func (f *Fs) cleanUpBucket(ctx context.Context, bucket string, maxAge time.Duration,
+ uploads []*objectstorage.MultipartUpload) (err error) {
+ fs.Infof(f, "cleaning bucket %q of pending multipart uploads older than %v", bucket, maxAge)
+ for _, upload := range uploads {
+ if upload.TimeCreated != nil && upload.Object != nil && upload.UploadId != nil {
+ age := time.Since(upload.TimeCreated.Time)
+ what := fmt.Sprintf("pending multipart upload for bucket %q key %q dated %v (%v ago)", bucket, *upload.Object,
+ upload.TimeCreated, age)
+ if age > maxAge {
+ fs.Infof(f, "removing %s", what)
+ if operations.SkipDestructive(ctx, what, "remove pending upload") {
+ continue
+ }
+ ignoreErr := f.abortMultiPartUpload(ctx, *upload.Bucket, *upload.Object, *upload.UploadId)
+ if ignoreErr != nil {
+ // fs.Debugf(f, "ignoring error %s", ignoreErr)
+ }
+ } else {
+ // fs.Debugf(f, "ignoring %s", what)
+ }
+ } else {
+ fs.Infof(f, "MultipartUpload doesn't have sufficient details to abort.")
+ }
+ }
+ return err
+}
+
+// CleanUp removes all pending multipart uploads
+func (f *Fs) cleanUp(ctx context.Context, maxAge time.Duration) (err error) {
+ uploadsMap, err := f.listMultipartUploadsAll(ctx)
+ if err != nil {
+ return err
+ }
+ for bucketName, uploads := range uploadsMap {
+ cleanErr := f.cleanUpBucket(ctx, bucketName, maxAge, uploads)
+ if err != nil {
+ fs.Errorf(f, "Failed to cleanup bucket %q: %v", bucketName, cleanErr)
+ err = cleanErr
+ }
+ }
+ return err
+}
+
+// CleanUp removes all pending multipart uploads older than 24 hours
+func (f *Fs) CleanUp(ctx context.Context) (err error) {
+ return f.cleanUp(ctx, 24*time.Hour)
+}
+
+// ------------------------------------------------------------
+// Implement ListRer is an optional interfaces for Fs
+//------------------------------------------------------------
+
+/*
+ListR lists the objects and directories of the Fs starting
+from dir recursively into out.
+
+dir should be "" to start from the root, and should not
+have trailing slashes.
+
+This should return ErrDirNotFound if the directory isn't
+found.
+
+It should call callback for each tranche of entries read.
+These need not be returned in any particular order. If
+callback returns an error then the listing will stop
+immediately.
+
+Don't implement this unless you have a more efficient way
+of listing recursively that doing a directory traversal.
+*/
+func (f *Fs) ListR(ctx context.Context, dir string, callback fs.ListRCallback) (err error) {
+ bucketName, directory := f.split(dir)
+ list := walk.NewListRHelper(callback)
+ listR := func(bucket, directory, prefix string, addBucket bool) error {
+ return f.list(ctx, bucket, directory, prefix, addBucket, true, 0, func(remote string, object *objectstorage.ObjectSummary, isDirectory bool) error {
+ entry, err := f.itemToDirEntry(ctx, remote, object, isDirectory)
+ if err != nil {
+ return err
+ }
+ return list.Add(entry)
+ })
+ }
+ if bucketName == "" {
+ entries, err := f.listBuckets(ctx)
+ if err != nil {
+ return err
+ }
+ for _, entry := range entries {
+ err = list.Add(entry)
+ if err != nil {
+ return err
+ }
+ bucketName := entry.Remote()
+ err = listR(bucketName, "", f.rootDirectory, true)
+ if err != nil {
+ return err
+ }
+ // bucket must be present if listing succeeded
+ f.cache.MarkOK(bucketName)
+ }
+ } else {
+ err = listR(bucketName, directory, f.rootDirectory, f.rootBucket == "")
+ if err != nil {
+ return err
+ }
+ // bucket must be present if listing succeeded
+ f.cache.MarkOK(bucketName)
+ }
+ return list.Flush()
+}
+
+// Check the interfaces are satisfied
+var (
+ _ fs.Fs = &Fs{}
+ _ fs.Copier = &Fs{}
+ _ fs.PutStreamer = &Fs{}
+ _ fs.ListRer = &Fs{}
+ _ fs.Commander = &Fs{}
+ _ fs.CleanUpper = &Fs{}
+
+ _ fs.Object = &Object{}
+ _ fs.MimeTyper = &Object{}
+ _ fs.GetTierer = &Object{}
+ _ fs.SetTierer = &Object{}
+)
diff --git a/backend/oracleobjectstorage/oracleobjectstorage_test.go b/backend/oracleobjectstorage/oracleobjectstorage_test.go
new file mode 100644
index 0000000000000..479da7b5ba9f7
--- /dev/null
+++ b/backend/oracleobjectstorage/oracleobjectstorage_test.go
@@ -0,0 +1,33 @@
+//go:build !plan9 && !solaris && !js
+// +build !plan9,!solaris,!js
+
+package oracleobjectstorage
+
+import (
+ "testing"
+
+ "github.com/rclone/rclone/fs"
+ "github.com/rclone/rclone/fstest/fstests"
+)
+
+// TestIntegration runs integration tests against the remote
+func TestIntegration(t *testing.T) {
+ fstests.Run(t, &fstests.Opt{
+ RemoteName: "TestOracleObjectStorage:",
+ TiersToTest: []string{"standard", "archive"},
+ NilObject: (*Object)(nil),
+ ChunkedUpload: fstests.ChunkedUploadConfig{
+ MinChunkSize: minChunkSize,
+ },
+ })
+}
+
+func (f *Fs) SetUploadChunkSize(cs fs.SizeSuffix) (fs.SizeSuffix, error) {
+ return f.setUploadChunkSize(cs)
+}
+
+func (f *Fs) SetUploadCutoff(cs fs.SizeSuffix) (fs.SizeSuffix, error) {
+ return f.setUploadCutoff(cs)
+}
+
+var _ fstests.SetUploadChunkSizer = (*Fs)(nil)
diff --git a/backend/oracleobjectstorage/oracleobjectstorage_unsupported.go b/backend/oracleobjectstorage/oracleobjectstorage_unsupported.go
new file mode 100644
index 0000000000000..8df06ee6aa628
--- /dev/null
+++ b/backend/oracleobjectstorage/oracleobjectstorage_unsupported.go
@@ -0,0 +1,7 @@
+// Build for oracleobjectstorage for unsupported platforms to stop go complaining
+// about "no buildable Go source files "
+
+//go:build plan9 || solaris || js
+// +build plan9 solaris js
+
+package oracleobjectstorage
diff --git a/backend/oracleobjectstorage/waiter.go b/backend/oracleobjectstorage/waiter.go
new file mode 100644
index 0000000000000..d241ff8a783f7
--- /dev/null
+++ b/backend/oracleobjectstorage/waiter.go
@@ -0,0 +1,362 @@
+//go:build !plan9 && !solaris && !js
+// +build !plan9,!solaris,!js
+
+package oracleobjectstorage
+
+import (
+ "context"
+ "fmt"
+ "strings"
+ "time"
+
+ "github.com/rclone/rclone/fs"
+)
+
+var refreshGracePeriod = 30 * time.Second
+
+// StateRefreshFunc is a function type used for StateChangeConf that is
+// responsible for refreshing the item being watched for a state change.
+//
+// It returns three results. `result` is any object that will be returned
+// as the final object after waiting for state change. This allows you to
+// return the final updated object, for example an EC2 instance after refreshing
+// it. A nil result represents not found.
+//
+// `state` is the latest state of that object. And `err` is any error that
+// may have happened while refreshing the state.
+type StateRefreshFunc func() (result interface{}, state string, err error)
+
+// StateChangeConf is the configuration struct used for `WaitForState`.
+type StateChangeConf struct {
+ Delay time.Duration // Wait this time before starting checks
+ Pending []string // States that are "allowed" and will continue trying
+ Refresh StateRefreshFunc // Refreshes the current state
+ Target []string // Target state
+ Timeout time.Duration // The amount of time to wait before timeout
+ MinTimeout time.Duration // Smallest time to wait before refreshes
+ PollInterval time.Duration // Override MinTimeout/backoff and only poll this often
+ NotFoundChecks int // Number of times to allow not found (nil result from Refresh)
+
+ // This is to work around inconsistent APIs
+ ContinuousTargetOccurrence int // Number of times the Target state has to occur continuously
+}
+
+// WaitForStateContext watches an object and waits for it to achieve the state
+// specified in the configuration using the specified Refresh() func,
+// waiting the number of seconds specified in the timeout configuration.
+//
+// If the Refresh function returns an error, exit immediately with that error.
+//
+// If the Refresh function returns a state other than the Target state or one
+// listed in Pending, return immediately with an error.
+//
+// If the Timeout is exceeded before reaching the Target state, return an
+// error.
+//
+// Otherwise, the result is the result of the first call to the Refresh function to
+// reach the target state.
+//
+// Cancellation from the passed in context will cancel the refresh loop
+func (conf *StateChangeConf) WaitForStateContext(ctx context.Context, entityType string) (interface{}, error) {
+ // fs.Debugf(entityType, "Waiting for state to become: %s", conf.Target)
+
+ notfoundTick := 0
+ targetOccurrence := 0
+
+ // Set a default for times to check for not found
+ if conf.NotFoundChecks == 0 {
+ conf.NotFoundChecks = 20
+ }
+
+ if conf.ContinuousTargetOccurrence == 0 {
+ conf.ContinuousTargetOccurrence = 1
+ }
+
+ type Result struct {
+ Result interface{}
+ State string
+ Error error
+ Done bool
+ }
+
+ // Read every result from the refresh loop, waiting for a positive result.Done.
+ resCh := make(chan Result, 1)
+ // cancellation channel for the refresh loop
+ cancelCh := make(chan struct{})
+
+ result := Result{}
+
+ go func() {
+ defer close(resCh)
+
+ select {
+ case <-time.After(conf.Delay):
+ case <-cancelCh:
+ return
+ }
+
+ // start with 0 delay for the first loop
+ var wait time.Duration
+
+ for {
+ // store the last result
+ resCh <- result
+
+ // wait and watch for cancellation
+ select {
+ case <-cancelCh:
+ return
+ case <-time.After(wait):
+ // first round had no wait
+ if wait == 0 {
+ wait = 100 * time.Millisecond
+ }
+ }
+
+ res, currentState, err := conf.Refresh()
+ result = Result{
+ Result: res,
+ State: currentState,
+ Error: err,
+ }
+
+ if err != nil {
+ resCh <- result
+ return
+ }
+
+ // If we're waiting for the absence of a thing, then return
+ if res == nil && len(conf.Target) == 0 {
+ targetOccurrence++
+ if conf.ContinuousTargetOccurrence == targetOccurrence {
+ result.Done = true
+ resCh <- result
+ return
+ }
+ continue
+ }
+
+ if res == nil {
+ // If we didn't find the resource, check if we have been
+ // not finding it for a while, and if so, report an error.
+ notfoundTick++
+ if notfoundTick > conf.NotFoundChecks {
+ result.Error = &NotFoundError{
+ LastError: err,
+ Retries: notfoundTick,
+ }
+ resCh <- result
+ return
+ }
+ } else {
+ // Reset the counter for when a resource isn't found
+ notfoundTick = 0
+ found := false
+
+ for _, allowed := range conf.Target {
+ if currentState == allowed {
+ found = true
+ targetOccurrence++
+ if conf.ContinuousTargetOccurrence == targetOccurrence {
+ result.Done = true
+ resCh <- result
+ return
+ }
+ continue
+ }
+ }
+
+ for _, allowed := range conf.Pending {
+ if currentState == allowed {
+ found = true
+ targetOccurrence = 0
+ break
+ }
+ }
+
+ if !found && len(conf.Pending) > 0 {
+ result.Error = &UnexpectedStateError{
+ LastError: err,
+ State: result.State,
+ ExpectedState: conf.Target,
+ }
+ resCh <- result
+ return
+ }
+ }
+
+ // Wait between refreshes using exponential backoff, except when
+ // waiting for the target state to reoccur.
+ if targetOccurrence == 0 {
+ wait *= 2
+ }
+
+ // If a poll interval has been specified, choose that interval.
+ // Otherwise, bound the default value.
+ if conf.PollInterval > 0 && conf.PollInterval < 180*time.Second {
+ wait = conf.PollInterval
+ } else {
+ if wait < conf.MinTimeout {
+ wait = conf.MinTimeout
+ } else if wait > 10*time.Second {
+ wait = 10 * time.Second
+ }
+ }
+
+ // fs.Debugf(entityType, "[TRACE] Waiting %s before next try", wait)
+ }
+ }()
+
+ // store the last value result from the refresh loop
+ lastResult := Result{}
+
+ timeout := time.After(conf.Timeout)
+ for {
+ select {
+ case r, ok := <-resCh:
+ // channel closed, so return the last result
+ if !ok {
+ return lastResult.Result, lastResult.Error
+ }
+
+ // we reached the intended state
+ if r.Done {
+ return r.Result, r.Error
+ }
+
+ // still waiting, store the last result
+ lastResult = r
+ case <-ctx.Done():
+ close(cancelCh)
+ return nil, ctx.Err()
+ case <-timeout:
+ // fs.Debugf(entityType, "[WARN] WaitForState timeout after %s", conf.Timeout)
+ // fs.Debugf(entityType, "[WARN] WaitForState starting %s refresh grace period", refreshGracePeriod)
+
+ // cancel the goroutine and start our grace period timer
+ close(cancelCh)
+ timeout := time.After(refreshGracePeriod)
+
+ // we need a for loop and a label to break on, because we may have
+ // an extra response value to read, but still want to wait for the
+ // channel to close.
+ forSelect:
+ for {
+ select {
+ case r, ok := <-resCh:
+ if r.Done {
+ // the last refresh loop reached the desired state
+ return r.Result, r.Error
+ }
+
+ if !ok {
+ // the goroutine returned
+ break forSelect
+ }
+
+ // target state not reached, save the result for the
+ // TimeoutError and wait for the channel to close
+ lastResult = r
+ case <-ctx.Done():
+ fs.Errorf(entityType, "Context cancellation detected, abandoning grace period")
+ break forSelect
+ case <-timeout:
+ fs.Errorf(entityType, "WaitForState exceeded refresh grace period")
+ break forSelect
+ }
+ }
+
+ return nil, &TimeoutError{
+ LastError: lastResult.Error,
+ LastState: lastResult.State,
+ Timeout: conf.Timeout,
+ ExpectedState: conf.Target,
+ }
+ }
+ }
+}
+
+// NotFoundError resource not found error
+type NotFoundError struct {
+ LastError error
+ LastRequest interface{}
+ LastResponse interface{}
+ Message string
+ Retries int
+}
+
+func (e *NotFoundError) Error() string {
+ if e.Message != "" {
+ return e.Message
+ }
+
+ if e.Retries > 0 {
+ return fmt.Sprintf("couldn't find resource (%d retries)", e.Retries)
+ }
+
+ return "couldn't find resource"
+}
+
+func (e *NotFoundError) Unwrap() error {
+ return e.LastError
+}
+
+// UnexpectedStateError is returned when Refresh returns a state that's neither in Target nor Pending
+type UnexpectedStateError struct {
+ LastError error
+ State string
+ ExpectedState []string
+}
+
+func (e *UnexpectedStateError) Error() string {
+ return fmt.Sprintf(
+ "unexpected state '%s', wanted target '%s'. last error: %s",
+ e.State,
+ strings.Join(e.ExpectedState, ", "),
+ e.LastError,
+ )
+}
+
+func (e *UnexpectedStateError) Unwrap() error {
+ return e.LastError
+}
+
+// TimeoutError is returned when WaitForState times out
+type TimeoutError struct {
+ LastError error
+ LastState string
+ Timeout time.Duration
+ ExpectedState []string
+}
+
+func (e *TimeoutError) Error() string {
+ expectedState := "resource to be gone"
+ if len(e.ExpectedState) > 0 {
+ expectedState = fmt.Sprintf("state to become '%s'", strings.Join(e.ExpectedState, ", "))
+ }
+
+ extraInfo := make([]string, 0)
+ if e.LastState != "" {
+ extraInfo = append(extraInfo, fmt.Sprintf("last state: '%s'", e.LastState))
+ }
+ if e.Timeout > 0 {
+ extraInfo = append(extraInfo, fmt.Sprintf("timeout: %s", e.Timeout.String()))
+ }
+
+ suffix := ""
+ if len(extraInfo) > 0 {
+ suffix = fmt.Sprintf(" (%s)", strings.Join(extraInfo, ", "))
+ }
+
+ if e.LastError != nil {
+ return fmt.Sprintf("timeout while waiting for %s%s: %s",
+ expectedState, suffix, e.LastError)
+ }
+
+ return fmt.Sprintf("timeout while waiting for %s%s",
+ expectedState, suffix)
+}
+
+func (e *TimeoutError) Unwrap() error {
+ return e.LastError
+}
diff --git a/backend/pcloud/api/types.go b/backend/pcloud/api/types.go
index 974d9f5f36fbd..c1b5dc2176ff0 100644
--- a/backend/pcloud/api/types.go
+++ b/backend/pcloud/api/types.go
@@ -13,7 +13,7 @@ const (
timeFormat = `"` + time.RFC1123Z + `"`
)
-// Time represents represents date and time information for the
+// Time represents date and time information for the
// pcloud API, by using RFC1123Z
type Time time.Time
@@ -136,7 +136,7 @@ func (g *GetFileLinkResult) IsValid() bool {
if len(g.Hosts) == 0 {
return false
}
- return time.Time(g.Expires).Sub(time.Now()) > 30*time.Second
+ return time.Until(time.Time(g.Expires)) > 30*time.Second
}
// URL returns a URL from the Path and Hosts. Check with IsValid
diff --git a/backend/pcloud/pcloud.go b/backend/pcloud/pcloud.go
index 82f9f42f53dbf..726d9ee8bd3fc 100644
--- a/backend/pcloud/pcloud.go
+++ b/backend/pcloud/pcloud.go
@@ -24,6 +24,7 @@ import (
"github.com/rclone/rclone/fs/config/configstruct"
"github.com/rclone/rclone/fs/config/obscure"
"github.com/rclone/rclone/fs/fserrors"
+ "github.com/rclone/rclone/fs/fshttp"
"github.com/rclone/rclone/fs/hash"
"github.com/rclone/rclone/fs/walk"
"github.com/rclone/rclone/lib/dircache"
@@ -130,6 +131,19 @@ with rclone authorize.
Value: "eapi.pcloud.com",
Help: "EU region",
}},
+ }, {
+ Name: "username",
+ Help: `Your pcloud username.
+
+This is only required when you want to use the cleanup command. Due to a bug
+in the pcloud API the required API does not support OAuth authentication so
+we have to rely on user password authentication for it.`,
+ Advanced: true,
+ }, {
+ Name: "password",
+ Help: "Your pcloud password.",
+ IsPassword: true,
+ Advanced: true,
}}...),
})
}
@@ -139,6 +153,8 @@ type Options struct {
Enc encoder.MultiEncoder `config:"encoding"`
RootFolderID string `config:"root_folder_id"`
Hostname string `config:"hostname"`
+ Username string `config:"username"`
+ Password string `config:"password"`
}
// Fs represents a remote pcloud
@@ -148,6 +164,7 @@ type Fs struct {
opt Options // parsed options
features *fs.Features // optional features
srv *rest.Client // the connection to the server
+ cleanupSrv *rest.Client // the connection used for the cleanup method
dirCache *dircache.DirCache // Map of directory path to directory id
pacer *fs.Pacer // pacer for API calls
tokenRenewer *oauthutil.Renew // renew the token on expiry
@@ -227,7 +244,7 @@ func shouldRetry(ctx context.Context, resp *http.Response, err error) (bool, err
}
}
- if resp != nil && resp.StatusCode == 401 && len(resp.Header["Www-Authenticate"]) == 1 && strings.Index(resp.Header["Www-Authenticate"][0], "expired_token") >= 0 {
+ if resp != nil && resp.StatusCode == 401 && len(resp.Header["Www-Authenticate"]) == 1 && strings.Contains(resp.Header["Www-Authenticate"][0], "expired_token") {
doRetry = true
fs.Debugf(nil, "Should retry: %v", err)
}
@@ -293,6 +310,7 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
}
updateTokenURL(oauthConfig, opt.Hostname)
+ canCleanup := opt.Username != "" && opt.Password != ""
f := &Fs{
name: name,
root: root,
@@ -300,10 +318,16 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
srv: rest.NewClient(oAuthClient).SetRoot("https://" + opt.Hostname),
pacer: fs.NewPacer(ctx, pacer.NewDefault(pacer.MinSleep(minSleep), pacer.MaxSleep(maxSleep), pacer.DecayConstant(decayConstant))),
}
+ if canCleanup {
+ f.cleanupSrv = rest.NewClient(fshttp.NewClient(ctx)).SetRoot("https://" + opt.Hostname)
+ }
f.features = (&fs.Features{
CaseInsensitive: false,
CanHaveEmptyDirectories: true,
}).Fill(ctx, f)
+ if !canCleanup {
+ f.features.CleanUp = nil
+ }
f.srv.SetErrorHandler(errorHandler)
// Renew the token in the background
@@ -564,7 +588,7 @@ func (f *Fs) ListR(ctx context.Context, dir string, callback fs.ListRCallback) (
// Creates from the parameters passed in a half finished Object which
// must have setMetaData called on it
//
-// Returns the object, leaf, directoryID and error
+// Returns the object, leaf, directoryID and error.
//
// Used to create new objects
func (f *Fs) createObject(ctx context.Context, remote string, modTime time.Time, size int64) (o *Object, leaf string, directoryID string, err error) {
@@ -583,7 +607,7 @@ func (f *Fs) createObject(ctx context.Context, remote string, modTime time.Time,
// Put the object into the container
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
@@ -657,9 +681,9 @@ func (f *Fs) Precision() time.Duration {
// Copy src to this remote using server-side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -729,10 +753,12 @@ func (f *Fs) CleanUp(ctx context.Context) error {
Parameters: url.Values{},
}
opts.Parameters.Set("folderid", dirIDtoNumber(rootID))
+ opts.Parameters.Set("username", f.opt.Username)
+ opts.Parameters.Set("password", obscure.MustReveal(f.opt.Password))
var resp *http.Response
var result api.Error
return f.pacer.Call(func() (bool, error) {
- resp, err = f.srv.CallJSON(ctx, &opts, nil, &result)
+ resp, err = f.cleanupSrv.CallJSON(ctx, &opts, nil, &result)
err = result.Update(err)
return shouldRetry(ctx, resp, err)
})
@@ -740,9 +766,9 @@ func (f *Fs) CleanUp(ctx context.Context) error {
// Move src to this remote using server-side move operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -908,10 +934,14 @@ func (f *Fs) About(ctx context.Context) (usage *fs.Usage, err error) {
if err != nil {
return nil, err
}
+ free := q.Quota - q.UsedQuota
+ if free < 0 {
+ free = 0
+ }
usage = &fs.Usage{
- Total: fs.NewUsageValue(q.Quota), // quota of bytes that can be used
- Used: fs.NewUsageValue(q.UsedQuota), // bytes in use
- Free: fs.NewUsageValue(q.Quota - q.UsedQuota), // bytes which can be uploaded before reaching the quota
+ Total: fs.NewUsageValue(q.Quota), // quota of bytes that can be used
+ Used: fs.NewUsageValue(q.UsedQuota), // bytes in use
+ Free: fs.NewUsageValue(free), // bytes which can be uploaded before reaching the quota
}
return usage, nil
}
@@ -1043,7 +1073,6 @@ func (o *Object) readMetaData(ctx context.Context) (err error) {
// ModTime returns the modification time of the object
//
-//
// It attempts to read the objects mtime and if that isn't present the
// LastModified returned in the http headers
func (o *Object) ModTime(ctx context.Context) time.Time {
@@ -1122,7 +1151,7 @@ func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (in io.Read
// Update the object with the contents of the io.Reader, modTime and size
//
-// If existing is set then it updates the object rather than creating a new one
+// If existing is set then it updates the object rather than creating a new one.
//
// The new object may have been created if an error is returned
func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (err error) {
diff --git a/backend/premiumizeme/premiumizeme.go b/backend/premiumizeme/premiumizeme.go
index 3b02a3ac3176e..8f3aa1ce8c377 100644
--- a/backend/premiumizeme/premiumizeme.go
+++ b/backend/premiumizeme/premiumizeme.go
@@ -493,7 +493,7 @@ func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err e
// Creates from the parameters passed in a half finished Object which
// must have setMetaData called on it
//
-// Returns the object, leaf, directoryID and error
+// Returns the object, leaf, directoryID and error.
//
// Used to create new objects
func (f *Fs) createObject(ctx context.Context, remote string, modTime time.Time, size int64) (o *Object, leaf string, directoryID string, err error) {
@@ -512,7 +512,7 @@ func (f *Fs) createObject(ctx context.Context, remote string, modTime time.Time,
// Put the object
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
@@ -530,9 +530,9 @@ func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options .
// PutUnchecked the object into the container
//
-// This will produce an error if the object already exists
+// This will produce an error if the object already exists.
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) PutUnchecked(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
@@ -694,9 +694,9 @@ func (f *Fs) move(ctx context.Context, isFile bool, id, oldLeaf, newLeaf, oldDir
// Move src to this remote using server-side move operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -870,7 +870,6 @@ func (o *Object) readMetaData(ctx context.Context) (err error) {
// ModTime returns the modification time of the object
//
-//
// It attempts to read the objects mtime and if that isn't present the
// LastModified returned in the http headers
func (o *Object) ModTime(ctx context.Context) time.Time {
@@ -917,7 +916,7 @@ func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (in io.Read
// Update the object with the contents of the io.Reader, modTime and size
//
-// If existing is set then it updates the object rather than creating a new one
+// If existing is set then it updates the object rather than creating a new one.
//
// The new object may have been created if an error is returned
func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (err error) {
diff --git a/backend/putio/fs.go b/backend/putio/fs.go
index 3e2855b7daaa6..cbcda547f7475 100644
--- a/backend/putio/fs.go
+++ b/backend/putio/fs.go
@@ -230,7 +230,7 @@ func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err e
// Put the object
//
-// Copy the reader in to the new object which is returned
+// Copy the reader in to the new object which is returned.
//
// The new object may have been created if an error is returned
func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (o fs.Object, err error) {
@@ -523,9 +523,9 @@ func (f *Fs) Purge(ctx context.Context, dir string) (err error) {
// Copy src to this remote using server-side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -562,9 +562,9 @@ func (f *Fs) Copy(ctx context.Context, src fs.Object, remote string) (o fs.Objec
// Move src to this remote using server-side move operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
diff --git a/backend/putio/object.go b/backend/putio/object.go
index 28caa5d1e4a55..bd03982caf7c8 100644
--- a/backend/putio/object.go
+++ b/backend/putio/object.go
@@ -261,7 +261,7 @@ func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (in io.Read
// Update the already existing object
//
-// Copy the reader into the object updating modTime and size
+// Copy the reader into the object updating modTime and size.
//
// The new object may have been created if an error is returned
func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (err error) {
diff --git a/backend/putio/putio.go b/backend/putio/putio.go
index 766a99b77f63e..6923641666d46 100644
--- a/backend/putio/putio.go
+++ b/backend/putio/putio.go
@@ -1,3 +1,4 @@
+// Package putio provides an interface to the put.io storage system.
package putio
import (
diff --git a/backend/qingstor/qingstor.go b/backend/qingstor/qingstor.go
index d4053e250ffca..a3d0bd639341d 100644
--- a/backend/qingstor/qingstor.go
+++ b/backend/qingstor/qingstor.go
@@ -1,9 +1,8 @@
-// Package qingstor provides an interface to QingStor object storage
-// Home: https://www.qingcloud.com/
-
//go:build !plan9 && !js
// +build !plan9,!js
+// Package qingstor provides an interface to QingStor object storage
+// Home: https://www.qingcloud.com/
package qingstor
import (
@@ -253,7 +252,7 @@ func qsServiceConnection(ctx context.Context, opt *Options) (*qs.Service, error)
_protocol, _host, _port, err := qsParseEndpoint(endpoint)
if err != nil {
- return nil, fmt.Errorf("The endpoint \"%s\" format error", endpoint)
+ return nil, fmt.Errorf("the endpoint \"%s\" format error", endpoint)
}
if _protocol != "" {
@@ -431,9 +430,9 @@ func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options .
// Copy src to this remote using server-side copy operations.
//
-// This is stored with the remote path given
+// This is stored with the remote path given.
//
-// It returns the destination Object and a possible error
+// It returns the destination Object and a possible error.
//
// Will only be called if src.Fs().Name() == f.Name()
//
@@ -477,7 +476,7 @@ func (f *Fs) NewObject(ctx context.Context, remote string) (fs.Object, error) {
// Return an Object from a path
//
-//If it can't be found it returns the error ErrorObjectNotFound.
+// If it can't be found it returns the error ErrorObjectNotFound.
func (f *Fs) newObjectWithInfo(remote string, info *qs.KeyType) (fs.Object, error) {
o := &Object{
fs: f,
@@ -573,9 +572,7 @@ func (f *Fs) list(ctx context.Context, bucket, directory, prefix string, addBuck
if addBucket {
remote = path.Join(bucket, remote)
}
- if strings.HasSuffix(remote, "/") {
- remote = remote[:len(remote)-1]
- }
+ remote = strings.TrimSuffix(remote, "/")
err = fn(remote, &qs.KeyType{Key: &remote}, true)
if err != nil {
return err
@@ -775,8 +772,6 @@ func (f *Fs) makeBucket(ctx context.Context, bucket string) error {
retries++
wasDeleted = true
continue
- default:
- break
}
break
}
@@ -854,7 +849,6 @@ func (f *Fs) Rmdir(ctx context.Context, dir string) error {
continue
default:
err = e
- break
}
}
} else {
diff --git a/backend/qingstor/upload.go b/backend/qingstor/upload.go
index d9a81801950d4..797e718f89b79 100644
--- a/backend/qingstor/upload.go
+++ b/backend/qingstor/upload.go
@@ -184,7 +184,7 @@ func (u *uploader) upload() error {
fs.Debugf(u, "Uploading as single part object to QingStor")
return u.singlePartUpload(reader, u.readerPos)
} else if err != nil {
- return fmt.Errorf("read upload data failed: %s", err)
+ return fmt.Errorf("read upload data failed: %w", err)
}
fs.Debugf(u, "Uploading as multi-part object to QingStor")
diff --git a/backend/realdebrid/api/types.go b/backend/realdebrid/api/types.go
new file mode 100644
index 0000000000000..ce6397188e42c
--- /dev/null
+++ b/backend/realdebrid/api/types.go
@@ -0,0 +1,99 @@
+// Package api contains definitions for using the premiumize.me API
+package api
+
+import "fmt"
+
+// Response is returned by all messages and embedded in the
+// structures below
+type Response struct {
+ Message string `json:"message,omitempty"`
+ Status string `json:"status"`
+}
+
+// Error satisfies the error interface
+func (e *Response) Error() string {
+ return fmt.Sprintf("%s: %s", e.Status, e.Message)
+}
+
+// AsErr checks the status and returns an err if bad or nil if good
+func (e *Response) AsErr() error {
+ if e.Status != "success" {
+ return e
+ }
+ return nil
+}
+
+// Item Types
+const (
+ ItemTypeFolder = "folder"
+ ItemTypeFile = "file"
+)
+
+// Item refers to a file or folder
+type Item struct {
+ Breadcrumbs []Breadcrumb ``
+ CreatedAt int64 ``
+ ID string `json:"id,omitempty"`
+ ParentID string ``
+ Link string `json:"download,omitempty"`
+ OriginalLink string `json:"link,omitempty"`
+ Name string `json:"filename,omitempty"`
+ DefaultLocation string ``
+ MappingID string ``
+ Size int64 `json:"filesize,omitempty"`
+ Status string `json:"status,omitempty"`
+ StreamLink string ``
+ Type string `json:"type,omitempty"`
+ TranscodeStatus string ``
+ IP string ``
+ MimeType string `json:"mimeType,omitempty"`
+ Ended string `json:"added,omitempty"`
+ Generated string `json:"generated,omitempty"`
+ Links []string `json:"links,omitempty"`
+ Files []File `json:"files,omitempty"`
+ TorrentHash string `json:"hash,omitempty"`
+}
+
+type File struct {
+ ID int64 `json:"id,omitempty"`
+ Selected int64 `json:"selected,omitempty"`
+}
+
+// Breadcrumb is part the breadcrumb trail for a file or folder. It
+// is returned as part of folder/list if required
+type Breadcrumb struct {
+ ID string `json:"id,omitempty"`
+ Name string `json:"name,omitempty"`
+ ParentID string `json:"parent_id,omitempty"`
+}
+
+// FolderListResponse is the response to folder/list
+type FolderListResponse struct {
+ Response
+ Content []Item `` //`json:"content"`
+ Name string `json:"filename,omitempty"` //`json:"name,omitempty"`
+ ParentID string `` //`json:"parent_id,omitempty"`
+ FolderID string `` //`json:"folder_id,omitempty"`
+}
+
+// FolderCreateResponse is the response to folder/create
+type FolderCreateResponse struct {
+ Response
+ ID string `json:"id,omitempty"`
+}
+
+// FolderUploadinfoResponse is the response to folder/uploadinfo
+type FolderUploadinfoResponse struct {
+ Response
+ Token string `json:"token,omitempty"`
+ URL string `json:"url,omitempty"`
+}
+
+// AccountInfoResponse is the response to account/info
+type AccountInfoResponse struct {
+ Response
+ CustomerID string `json:"customer_id,omitempty"`
+ LimitUsed float64 `json:"limit_used,omitempty"` // fraction 0..1 of download traffic limit
+ PremiumUntil int64 `json:"premium_until,omitempty"`
+ SpaceUsed float64 `json:"space_used,omitempty"`
+}
diff --git a/backend/realdebrid/realdebrid.go b/backend/realdebrid/realdebrid.go
new file mode 100644
index 0000000000000..1dd5a5cdec986
--- /dev/null
+++ b/backend/realdebrid/realdebrid.go
@@ -0,0 +1,1859 @@
+// Package realdebrid provides an interface to the real-debrid.com
+// object storage system.
+package realdebrid
+
+/*
+Run of rclone info
+stringNeedsEscaping = []rune{
+ 0x00, 0x0A, 0x0D, 0x22, 0x2F, 0x5C, 0xBF, 0xFE
+ 0x00, 0x0A, 0x0D, '"', '/', '\\', 0xBF, 0xFE
+}
+maxFileLength = 255
+canWriteUnnormalized = true
+canReadUnnormalized = true
+canReadRenormalized = false
+canStream = true
+*/
+
+import (
+ "bufio"
+ "context"
+ "encoding/json"
+ "errors"
+ "fmt"
+ "io"
+ "math"
+ "net/http"
+ "net/url"
+ "os"
+ "path"
+ "regexp"
+ "strconv"
+ "strings"
+ "sync"
+ "time"
+
+ "github.com/puzpuzpuz/xsync"
+ "github.com/rclone/rclone/backend/realdebrid/api"
+ "github.com/rclone/rclone/fs"
+ "github.com/rclone/rclone/fs/config"
+ "github.com/rclone/rclone/fs/config/configmap"
+ "github.com/rclone/rclone/fs/config/configstruct"
+ "github.com/rclone/rclone/fs/config/obscure"
+ "github.com/rclone/rclone/fs/fserrors"
+ "github.com/rclone/rclone/fs/fshttp"
+ "github.com/rclone/rclone/fs/hash"
+ "github.com/rclone/rclone/lib/dircache"
+ "github.com/rclone/rclone/lib/encoder"
+ "github.com/rclone/rclone/lib/oauthutil"
+ "github.com/rclone/rclone/lib/pacer"
+ "github.com/rclone/rclone/lib/rest"
+ "golang.org/x/oauth2"
+)
+
+const (
+ rcloneClientID = "X245A4XAIBGVM"
+ rcloneEncryptedClientSecret = "B5YIvQoRIhcpAYs8HYeyjb9gK-ftmZEbqdh_gNfc4RgO9Q"
+ minSleep = 10 * time.Millisecond
+ maxSleep = 2 * time.Second
+ decayConstant = 2 // bigger for slower decay, exponential
+ rootID = "/" // ID of root folder is always this
+ rootURL = "https://api.real-debrid.com/rest/1.0"
+)
+
+// Globals
+var (
+ // Description of how to auth for this app
+ oauthConfig = &oauth2.Config{
+ Scopes: nil,
+ Endpoint: oauth2.Endpoint{
+ AuthURL: "https://api.real-debrid.com/oauth/v2/auth",
+ TokenURL: "https://api.real-debrid.com/oauth/v2/token",
+ },
+ ClientID: rcloneClientID,
+ ClientSecret: obscure.MustReveal(rcloneEncryptedClientSecret),
+ RedirectURL: oauthutil.RedirectURL,
+ }
+)
+
+type RegexValuePair struct {
+ Regex *regexp.Regexp
+ Value string
+}
+
+//Global variables
+var cached []api.Item
+var torrents []api.Item
+var broken_torrents []string
+var broken_links []string
+var lastcheck int64 = 0
+var lastFileMod int64 = 0
+var interval int64 = 15 * 60
+var file_mutex = &sync.RWMutex{}
+var move_mutex = &sync.RWMutex{}
+var moving = false
+var mapping = xsync.NewMap()
+var sorting_file = xsync.NewMap()
+var folders = xsync.NewMap()
+var regex_defs = []RegexValuePair{}
+var trash_indicator = ".trashed"
+var move_chars = " -> "
+var regx_chars = " == "
+var default_sorting = `# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+# ~~~~~~~~~~~~~ rclone_rd sorting file ~~~~~~~~~~~~
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# - write comment lines using "#"
+#
+# - write regex definitions using: "/foldername" + " == " + regex definition. You can edit the exising ones or create new ones.
+# Order matters for regex folders, first match will be final destination. Make sure there are no trailing space characters.
+# torrents that dont match any regex definition end up in a folder named "default".
+# Example: /movies == (?i)(19|20)([0-9]{2} ?\.?)
+#
+# - create new directories using "/foldername"
+# Example: /shit
+#
+# - write move/renaming changes using: "/" + "actual torrent title" + "/" + "file ID" + " -> " + "destination"
+# You do not need to create the directories you are moving stuff to, this will be done automatically.
+# Example: /some.show.S01/ -> /shows/some.show/season 1/
+# Example: /some.show.S01/ABCDEFGHIJKL -> /shows/some.show/season 1/episode 1.mkv
+
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+# ~~~~~~~~~ top level and regex folders: ~~~~~~~~~~
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+/shows == (?i)(S[0-9]{2}|SEASONS?.[0-9]|COMPLETE|[^457a-z\W\s]-[0-9]+)
+/movies == (?i)(19|20)([0-9]{2} ?\.?)
+/default
+
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+# ~~~ recorded/manual changes to the structure: ~~~
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+
+`
+
+// Register with Fs
+func init() {
+ fs.Register(&fs.RegInfo{
+ Name: "realdebrid",
+ Description: "real-debrid.com",
+ NewFs: NewFs,
+ Options: []fs.Option{{
+ Name: "api_key",
+ Help: `please provide your RealDebrid API key.`,
+ Default: "",
+ }, {
+ Name: "sort_file",
+ Help: `please provide the full path to a file (file does not need to exist) that should be used for sorting`,
+ Advanced: true,
+ Default: path.Join(path.Dir(config.GetConfigPath()), "sorting.txt"),
+ }, {
+ Name: config.ConfigEncoding,
+ Help: config.ConfigEncodingHelp,
+ Advanced: true,
+ // Encode invalid UTF-8 bytes as json doesn't handle them properly.
+ Default: (encoder.Display |
+ encoder.EncodeBackSlash |
+ encoder.EncodeDoubleQuote |
+ encoder.EncodeInvalidUtf8),
+ }},
+ })
+}
+
+// Options defines the configuration for this backend
+type Options struct {
+ SortFile string `config:"sort_file"`
+ APIKey string `config:"api_key"`
+ Enc encoder.MultiEncoder `config:"encoding"`
+}
+
+// Fs represents a remote cloud storage system
+type Fs struct {
+ name string // name of this remote
+ root string // the path we are working on
+ opt Options // parsed options
+ features *fs.Features // optional features
+ srv *rest.Client // the connection to the server
+ dirCache *dircache.DirCache // Map of directory path to directory id
+ pacer *fs.Pacer // pacer for API calls
+ tokenRenewer *oauthutil.Renew // renew the token on expiry
+}
+
+// Object describes a file
+type Object struct {
+ fs *Fs // what this object is part of
+ remote string // The remote path
+ hasMetaData bool // metadata is present and correct
+ size int64 // size of the object
+ modTime time.Time // modification time of the object
+ id string // ID of the object
+ ParentID string // ID of parent directory
+ mimeType string // Mime type of object
+ url string // URL to download file
+ TorrentHash string // Torrent Hash
+ MappingID string // Internal Mapping ID used for sorting
+ OriginalLink string //Internal original Link
+}
+
+// ------------------------------------------------------------
+
+// Name of the remote (as passed into NewFs)
+func (f *Fs) Name() string {
+ return f.name
+}
+
+// Root of the remote (as passed into NewFs)
+func (f *Fs) Root() string {
+ return f.root
+}
+
+// String converts this Fs to a string
+func (f *Fs) String() string {
+ return fmt.Sprintf("realdebrid root '%s'", f.root)
+}
+
+// Features returns the optional features of this Fs
+func (f *Fs) Features() *fs.Features {
+ return f.features
+}
+
+// parsePath parses a realdebrid 'url'
+func parsePath(path string) (root string) {
+ root = strings.Trim(path, "/")
+ return
+}
+
+// retryErrorCodes is a slice of error codes that we will retry
+var retryErrorCodes = []int{
+ 429, // Too Many Requests.
+ 500, // Internal Server Error
+ 502, // Bad Gateway
+ 504, // Gateway Timeout
+ 509, // Bandwidth Limit Exceeded
+}
+
+// shouldRetry returns a boolean as to whether this resp and err
+// deserve to be retried. It returns the err as a convenience
+func shouldRetry(ctx context.Context, resp *http.Response, err error) (bool, error) {
+ if fserrors.ContextError(ctx, &err) {
+ return false, err
+ }
+ return fserrors.ShouldRetry(err) || fserrors.ShouldRetryHTTP(resp, retryErrorCodes), err
+}
+
+// readMetaDataForPath reads the metadata from the path
+func (f *Fs) readMetaDataForPath(ctx context.Context, path string, directoriesOnly bool, filesOnly bool) (info *api.Item, err error) {
+ // defer fs.Trace(f, "path=%q", path)("info=%+v, err=%v", &info, &err)
+ leaf, directoryID, err := f.dirCache.FindPath(ctx, path, false)
+ if err != nil {
+ if err == fs.ErrorDirNotFound {
+ return nil, fs.ErrorObjectNotFound
+ }
+ return nil, err
+ }
+ if len(directoryID) > 0 && directoryID != "0" {
+ if last := directoryID[len(directoryID)-1]; last != '/' {
+ directoryID = directoryID + "/"
+ }
+ }
+ lcLeaf := strings.ToLower(leaf)
+ _, found, err := f.listAll(ctx, directoryID, directoriesOnly, filesOnly, func(item *api.Item) bool {
+ if strings.ToLower(item.Name) == lcLeaf {
+ info = item
+ return true
+ }
+ return false
+ })
+ if err != nil {
+ return nil, err
+ }
+ if !found {
+ return nil, fs.ErrorObjectNotFound
+ }
+ return info, nil
+}
+
+// errorHandler parses a non 2xx error response into an error
+func errorHandler(resp *http.Response) error {
+ body, err := rest.ReadBody(resp)
+ if err != nil {
+ body = nil
+ }
+ var e = api.Response{
+ Message: string(body),
+ Status: fmt.Sprintf("%s (%d)", resp.Status, resp.StatusCode),
+ }
+ if body != nil {
+ _ = json.Unmarshal(body, &e)
+ }
+ return &e
+}
+
+// Return a url.Values with the api key in
+func (f *Fs) baseParams() url.Values {
+ params := url.Values{}
+ if f.opt.APIKey != "" {
+ params.Add("auth_token", f.opt.APIKey)
+ }
+ return params
+}
+
+// NewFs constructs an Fs from the path, container:path
+func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, error) {
+ // Parse config into Options struct
+ opt := new(Options)
+ err := configstruct.Set(m, opt)
+ if err != nil {
+ return nil, err
+ }
+
+ root = parsePath(root)
+
+ var client *http.Client
+ var ts *oauthutil.TokenSource
+ if opt.APIKey == "" {
+ client, ts, err = oauthutil.NewClient(ctx, name, m, oauthConfig)
+ if err != nil {
+ return nil, fmt.Errorf("failed to configure realdebrid: %w", err)
+ }
+ } else {
+ client = fshttp.NewClient(ctx)
+ }
+
+ f := &Fs{
+ name: name,
+ root: root,
+ opt: *opt,
+ srv: rest.NewClient(client).SetRoot(rootURL),
+ pacer: fs.NewPacer(ctx, pacer.NewDefault(pacer.MinSleep(minSleep), pacer.MaxSleep(maxSleep), pacer.DecayConstant(decayConstant))),
+ }
+ f.features = (&fs.Features{
+ CaseInsensitive: true,
+ CanHaveEmptyDirectories: true,
+ ReadMimeType: true,
+ }).Fill(ctx, f)
+ f.srv.SetErrorHandler(errorHandler)
+
+ // Renew the token in the background
+ if ts != nil {
+ f.tokenRenewer = oauthutil.NewRenew(f.String(), ts, func() error {
+ _, err := f.About(ctx)
+ return err
+ })
+ }
+
+ // Get rootID
+ f.dirCache = dircache.New(root, rootID, f)
+
+ // Find the current root
+ err = f.dirCache.FindRoot(ctx, false)
+ if err != nil {
+ // Assume it is a file
+ newRoot, remote := dircache.SplitPath(root)
+ tempF := *f
+ tempF.dirCache = dircache.New(newRoot, rootID, &tempF)
+ tempF.root = newRoot
+ // Make new Fs which is the parent
+ err = tempF.dirCache.FindRoot(ctx, false)
+ if err != nil {
+ // No root so return old f
+ return f, nil
+ }
+ _, err := tempF.newObjectWithInfo(ctx, remote, nil)
+ if err != nil {
+ if err == fs.ErrorObjectNotFound {
+ // File doesn't exist so return old f
+ return f, nil
+ }
+ return nil, err
+ }
+ f.features.Fill(ctx, &tempF)
+ // XXX: update the old f here instead of returning tempF, since
+ // `features` were already filled with functions having *f as a receiver.
+ // See https://github.com/rclone/rclone/issues/2182
+ f.dirCache = tempF.dirCache
+ f.root = tempF.root
+ // return an error with an fs which points to the parent
+ return f, fs.ErrorIsFile
+ }
+ return f, nil
+}
+
+// Return an Object from a path
+//
+// If it can't be found it returns the error fs.ErrorObjectNotFound.
+func (f *Fs) newObjectWithInfo(ctx context.Context, remote string, info *api.Item) (fs.Object, error) {
+ o := &Object{
+ fs: f,
+ remote: remote,
+ }
+ var err error
+ if info != nil {
+ // Set info
+ err = o.setMetaData(info)
+ } else {
+ err = o.readMetaData(ctx) // reads info and meta, returning an error
+ }
+ if err != nil {
+ return nil, err
+ }
+ return o, nil
+}
+
+// NewObject finds the Object at remote. If it can't be found
+// it returns the error fs.ErrorObjectNotFound.
+func (f *Fs) NewObject(ctx context.Context, remote string) (fs.Object, error) {
+ return f.newObjectWithInfo(ctx, remote, nil)
+}
+
+// FindLeaf finds a directory of name leaf in the folder with ID pathID
+func (f *Fs) FindLeaf(ctx context.Context, pathID, leaf string) (pathIDOut string, found bool, err error) {
+ // Find the leaf in pathID
+ var newDirID string
+ newDirID, found, err = f.listAll(ctx, pathID, true, false, func(item *api.Item) bool {
+ if strings.EqualFold(item.Name, leaf) {
+ pathIDOut = item.ID
+ return true
+ }
+ return false
+ })
+ // Update the Root directory ID to its actual value
+ if pathID == rootID {
+ f.dirCache.SetRootIDAlias(newDirID)
+ }
+ return pathIDOut, found, err
+}
+
+// CreateDir makes a directory with pathID as parent and name leaf
+func (f *Fs) CreateDir(ctx context.Context, dirID, leaf string) (newID string, err error) {
+ // fs.LogPrint(fs.LogLevelDebug, "CreateDir locking file_mutex")
+ file_mutex.Lock()
+ defer file_mutex.Unlock()
+ // defer fs.LogPrint(fs.LogLevelDebug, "CreateDir unlocking file_mutex")
+ if len(dirID) > 0 && dirID != "/" {
+ if first := dirID[0]; first != '/' {
+ dirID = "/" + dirID
+ }
+ if last := dirID[len(dirID)-1]; last != '/' {
+ dirID = dirID + "/"
+ }
+ } else {
+ err := fmt.Errorf("cant create directories in root directory. this is reserved for regex folders")
+ return "", err
+ }
+ if last := leaf[len(leaf)-1]; last != '/' {
+ leaf = leaf + "/"
+ }
+ file, err := os.OpenFile(f.opt.SortFile, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
+ if err != nil {
+ fmt.Println(err)
+ return "", err
+ }
+ defer file.Close()
+ _, err = file.WriteString(dirID + leaf + "\n")
+ if err != nil {
+ fmt.Println(err)
+ return dirID + leaf, err
+ }
+ return dirID + leaf, nil
+}
+
+// Redownload a dead torrent
+func (f *Fs) redownloadTorrent(ctx context.Context, torrent api.Item) (redownloaded_torrent api.Item) {
+ fs.LogPrint(fs.LogLevelNotice, "redownloading dead torrent: "+torrent.Name)
+ //Get dead torrent file and hash info
+ var method = "GET"
+ var path = "/torrents/info/" + torrent.ID
+ var opts = rest.Opts{
+ Method: method,
+ Path: path,
+ Parameters: f.baseParams(),
+ }
+ _, _ = f.srv.CallJSON(ctx, &opts, nil, &torrent)
+ var selected_files []int64
+ var dead_torrent_id = torrent.ID
+ for _, file := range torrent.Files {
+ if file.Selected == 1 {
+ selected_files = append(selected_files, file.ID)
+ }
+ }
+ var selected_files_str = strings.Trim(strings.Join(strings.Fields(fmt.Sprint(selected_files)), ","), "[]")
+ //Delete old download links
+ for _, link := range torrent.Links {
+ for i, cachedfile := range cached {
+ if cachedfile.OriginalLink == link {
+ path = "/downloads/delete/" + cachedfile.ID
+ opts = rest.Opts{
+ Method: "DELETE",
+ Path: path,
+ Parameters: f.baseParams(),
+ }
+ var resp *http.Response
+ var result api.Response
+ var retries = 0
+ var err_code = 0
+ resp, _ = f.srv.CallJSON(ctx, &opts, nil, &result)
+ if resp != nil {
+ err_code = resp.StatusCode
+ }
+ for err_code == 429 && retries <= 5 {
+ time.Sleep(time.Duration(2) * time.Second)
+ resp, _ = f.srv.CallJSON(ctx, &opts, nil, &result)
+ if resp != nil {
+ err_code = resp.StatusCode
+ }
+ retries += 1
+ }
+ cached[i].OriginalLink = "this-is-not-a-link"
+ }
+ }
+ }
+ //Add torrent again
+ path = "/torrents/addMagnet"
+ method = "POST"
+ opts = rest.Opts{
+ Method: method,
+ Path: path,
+ MultipartParams: url.Values{
+ "magnet": {"magnet:?xt=urn:btih:" + torrent.TorrentHash},
+ },
+ Parameters: f.baseParams(),
+ }
+ _, _ = f.srv.CallJSON(ctx, &opts, nil, &torrent)
+ method = "GET"
+ path = "/torrents/info/" + torrent.ID
+ opts = rest.Opts{
+ Method: method,
+ Path: path,
+ Parameters: f.baseParams(),
+ }
+ _, _ = f.srv.CallJSON(ctx, &opts, nil, &torrent)
+ var tries = 0
+ for torrent.Status != "waiting_files_selection" && tries < 5 {
+ time.Sleep(time.Duration(1) * time.Second)
+ _, _ = f.srv.CallJSON(ctx, &opts, nil, &torrent)
+ tries += 1
+ }
+ //Select the same files again
+ path = "/torrents/selectFiles/" + torrent.ID
+ method = "POST"
+ opts = rest.Opts{
+ Method: method,
+ Path: path,
+ MultipartParams: url.Values{
+ "files": {selected_files_str},
+ },
+ Parameters: f.baseParams(),
+ }
+ _, _ = f.srv.CallJSON(ctx, &opts, nil, &torrent)
+ //Delete the old torrent
+ path = "/torrents/delete/" + dead_torrent_id
+ method = "DELETE"
+ opts = rest.Opts{
+ Method: method,
+ Path: path,
+ Parameters: f.baseParams(),
+ }
+ _, _ = f.srv.CallJSON(ctx, &opts, nil, &torrent)
+ torrent.Status = "downloaded"
+ lastcheck = time.Now().Unix() - interval
+ for i, TorrentID := range broken_torrents {
+ if dead_torrent_id == TorrentID {
+ broken_torrents[i] = broken_torrents[len(broken_torrents)-1]
+ broken_torrents = broken_torrents[:len(broken_torrents)-1]
+ }
+ }
+ return torrent
+}
+
+// CreateDir makes a directory with pathID as parent and name leaf
+func (f *Fs) folder_exists(dirID string) bool {
+ if dirID == "/" {
+ return false
+ }
+ if _, ok := folders.Load(dirID); ok {
+ return true
+ }
+ return false
+}
+
+// Clean sync.map without creating race conditions
+func eraseSyncMap(m *xsync.Map) {
+ m.Range(func(key string, value interface{}) bool {
+ m.Delete(key)
+ return true
+ })
+}
+
+// list the objects into the function supplied
+//
+// If directories is set it only sends directories
+// User function to process a File item from listAll
+//
+// Should return true to finish processing
+type listAllFn func(*api.Item) bool
+
+// Lists the directory required calling the user function on each item found
+//
+// If the user fn ever returns true then it early exits with found = true
+//
+// It returns a newDirID which is what the system returned as the directory ID
+func (f *Fs) listAll(ctx context.Context, dirID string, directoriesOnly bool, filesOnly bool, fn listAllFn) (newDirID string, found bool, err error) {
+
+ path := "/downloads"
+ method := "GET"
+ var partialresult []api.Item
+ var result []api.Item
+ var resp *http.Response
+
+ if _, ok := folders.Load(dirID); !ok {
+ if _, ok := folders.Load(dirID + "/"); ok {
+ dirID = dirID + "/"
+ } else if _, ok := folders.Load("/" + dirID + "/"); ok {
+ dirID = "/" + dirID + "/"
+ } else if len(dirID) > 1 {
+ if last := dirID[len(dirID)-1]; last == '/' {
+ if _, ok := folders.Load(dirID[:len(dirID)-1]); ok {
+ dirID = dirID[:len(dirID)-1]
+ }
+ }
+ }
+ }
+ // Check the sorting file for updates
+ fileModTime := time.Now().Unix()
+ if math.Abs(float64(fileModTime-lastFileMod)) >= 5 {
+ fileInfo, err := os.Stat(f.opt.SortFile)
+ if os.IsNotExist(err) {
+ // file does not exist
+ } else if err != nil {
+ // error occurred while checking file info
+ } else {
+ // file exists, get modification time
+ fileModTime = fileInfo.ModTime().Unix()
+ }
+ }
+ var updated = false
+ if fileModTime > lastFileMod {
+ updated = true
+ }
+
+ if ((dirID == rootID) || !(f.folder_exists(dirID)) || updated) && !moving {
+ //update global cached list
+ opts := rest.Opts{
+ Method: method,
+ Path: path,
+ Parameters: f.baseParams(),
+ }
+ opts.Parameters.Set("includebreadcrumbs", "false")
+ opts.Parameters.Set("limit", "1")
+ var newcached []api.Item
+ var totalcount int
+ var printed = false
+ var err_code = 429
+ totalcount = 2
+ for len(newcached) < totalcount {
+ partialresult = nil
+ resp, err = f.srv.CallJSON(ctx, &opts, nil, &partialresult)
+ var retries = 0
+ if resp != nil {
+ err_code = resp.StatusCode
+ }
+ for err_code == 429 && retries <= 5 {
+ partialresult = nil
+ time.Sleep(time.Duration(2) * time.Second)
+ resp, err = f.srv.CallJSON(ctx, &opts, nil, &partialresult)
+ if resp != nil {
+ err_code = resp.StatusCode
+ }
+ retries += 1
+ }
+ if err == nil {
+ totalcount, err = strconv.Atoi(resp.Header["X-Total-Count"][0])
+ if err == nil {
+ if totalcount != len(cached) || time.Now().Unix()-lastcheck > interval {
+ if !printed {
+ fs.LogPrint(fs.LogLevelDebug, "updating all links and torrents")
+ printed = true
+ }
+ newcached = append(newcached, partialresult...)
+ opts.Parameters.Set("offset", strconv.Itoa(len(newcached)))
+ opts.Parameters.Set("limit", "2500")
+ // fs.LogPrint(fs.LogLevelDebug, "Setting updated to true")
+ updated = true
+ } else {
+ newcached = cached
+ }
+ } else {
+ break
+ }
+ } else {
+ break
+ }
+ }
+ //fmt.Printf("Done.\n")
+ //fmt.Printf("Updating RealDebrid Torrents ... ")
+ cached = newcached
+ //get torrents
+ path = "/torrents"
+ opts = rest.Opts{
+ Method: method,
+ Path: path,
+ Parameters: f.baseParams(),
+ }
+ opts.Parameters.Set("limit", "1")
+ var newtorrents []api.Item
+ totalcount = 2
+ err_code = 429
+ for len(newtorrents) < totalcount {
+ partialresult = nil
+ resp, err = f.srv.CallJSON(ctx, &opts, nil, &partialresult)
+ if resp != nil {
+ err_code = resp.StatusCode
+ }
+ var retries = 0
+ for err_code == 429 && retries <= 5 {
+ partialresult = nil
+ time.Sleep(time.Duration(2) * time.Second)
+ resp, err = f.srv.CallJSON(ctx, &opts, nil, &partialresult)
+ if resp != nil {
+ err_code = resp.StatusCode
+ }
+ retries += 1
+ }
+ if err == nil {
+ totalcount, err = strconv.Atoi(resp.Header["X-Total-Count"][0])
+ if err == nil {
+ if totalcount != len(torrents) || time.Now().Unix()-lastcheck > interval {
+ if !printed {
+ fs.LogPrint(fs.LogLevelDebug, "updating all links and torrents")
+ printed = true
+ }
+ newtorrents = append(newtorrents, partialresult...)
+ opts.Parameters.Set("offset", strconv.Itoa(len(newtorrents)))
+ opts.Parameters.Set("limit", "2500")
+ // fs.LogPrint(fs.LogLevelDebug, "Setting updated to true")
+ updated = true
+ } else {
+ newtorrents = torrents
+ }
+ } else {
+ break
+ }
+ } else {
+ break
+ }
+ }
+
+ // Set everything as being up to date
+ if time.Now().Unix()-lastcheck > interval {
+ lastcheck = time.Now().Unix()
+ }
+ lastFileMod = fileModTime
+ //fmt.Printf("Done.\n")
+ torrents = newtorrents
+
+ // Create folder structure
+ if updated {
+ // fs.LogPrint(fs.LogLevelDebug, "ListAll Rlocking file_mutex")
+ file_mutex.RLock()
+ // defer fs.LogPrint(fs.LogLevelDebug, "ListAll Runlocking file_mutex")
+ // read the file, create if missing
+ file, err := os.Open(f.opt.SortFile)
+ if os.IsNotExist(err) {
+ fs.LogPrint(fs.LogLevelWarning, "no sorting file found - creating new empty sorting file")
+ file, err = os.OpenFile(f.opt.SortFile, os.O_CREATE|os.O_RDWR, 0644)
+ if err != nil {
+ fmt.Println(err)
+ }
+ defer file.Close()
+
+ if _, err := file.WriteString(default_sorting); err != nil {
+ fmt.Println(err)
+ }
+ file.Sync() // flush file contents to disk
+ } else if err != nil {
+ fmt.Println(err)
+ } else {
+ defer file.Close()
+ }
+
+ // Reset saved folder structure
+ fs.LogPrint(fs.LogLevelDebug, "reading updated sorting file")
+ regex_defs = []RegexValuePair{}
+ eraseSyncMap(folders)
+ eraseSyncMap(mapping)
+ eraseSyncMap(sorting_file)
+
+ // Read the file line by line
+ if _, err := file.Seek(0, io.SeekStart); err != nil {
+ fmt.Println(err)
+ }
+ scanner := bufio.NewScanner(file)
+ for scanner.Scan() {
+ if strings.HasPrefix(scanner.Text(), "#") {
+ continue
+ } else if len(scanner.Text()) == 0 || scanner.Text() == "\n" || scanner.Text() == "\n\r" {
+ continue
+ } else if strings.Contains(scanner.Text(), move_chars) {
+ // Split the line by " -> "
+ parts := strings.Split(scanner.Text(), move_chars)
+ // Add the key-value pair to the map if not present or changed
+ oldValue, ok := mapping.Load(parts[0])
+ if !ok || oldValue.(string) != parts[1] {
+ mapping.Store(parts[0], parts[1])
+ }
+ } else if strings.Contains(scanner.Text(), regx_chars) {
+ // Split the line by " == "
+ parts := strings.Split(scanner.Text(), regx_chars)
+ // Add the key-value pair to the map
+ r, _ := regexp.Compile(parts[1])
+ regex_defs = append(regex_defs, RegexValuePair{r, parts[0]})
+
+ } else {
+ oldValue, ok := mapping.Load(scanner.Text())
+ if !ok || oldValue.(string) != scanner.Text() {
+ mapping.Store(scanner.Text(), scanner.Text())
+ }
+ }
+ }
+
+ file_mutex.RUnlock()
+
+ mapping.Range(func(key string, value interface{}) bool {
+ oldValue, ok := sorting_file.Load(key)
+ if !ok || oldValue != value {
+ sorting_file.Store(key, value)
+ }
+ return true
+ })
+
+ // Iterate through built file and torrent list:
+ var broken = false
+ err_code = 0
+
+ for i := range torrents {
+ //handle dead torrents
+ broken = false
+ for _, TorrentID := range broken_torrents {
+ if torrents[i].ID == TorrentID {
+ broken = true
+ }
+ }
+ if torrents[i].Status == "dead" || torrents[i].Status == "error" || broken {
+ torrents[i] = f.redownloadTorrent(ctx, torrents[i])
+ }
+ //set default torrents[i] location
+ torrents[i].DefaultLocation = "/default/"
+ for _, pair := range regex_defs {
+ match := pair.Regex.MatchString(torrents[i].Name)
+ if match {
+ torrents[i].DefaultLocation = pair.Value + "/"
+ break
+ }
+ }
+ //iterate through files
+ for _, link := range torrents[i].Links {
+ err_code = 0
+ if link == "" {
+ continue
+ }
+ var ItemFile api.Item
+ ItemFile.Name = strings.Split(link, "/")[len(strings.Split(link, "/"))-1]
+ ItemFile.ID = ItemFile.Name
+ mapping_id := "/" + torrents[i].Name + "/" + ItemFile.ID
+ ItemFile.MappingID = mapping_id
+ ItemFile.DefaultLocation = torrents[i].DefaultLocation + torrents[i].Name + "/"
+ ItemFile.ParentID = torrents[i].ID
+ ItemFile.TorrentHash = torrents[i].TorrentHash
+ ItemFile.Generated = torrents[i].Generated
+ ItemFile.Ended = torrents[i].Ended
+ ItemFile.Type = "file"
+ ItemFile.Link = link
+ ItemFile.OriginalLink = link
+ if _, ok := mapping.Load(mapping_id); !ok {
+ if _, ok := mapping.Load("/" + torrents[i].Name + "/"); ok {
+ value, _ := mapping.Load("/" + torrents[i].Name + "/")
+ mapping.Store(mapping_id, value)
+ } else {
+ mapping.Store(mapping_id, ItemFile.DefaultLocation)
+ }
+ } else {
+ if value, _ := mapping.Load(mapping_id); len(value.(string)) > 0 {
+ value, _ := mapping.Load(mapping_id)
+ split := strings.Split(value.(string), "/")
+ if len(split) > 0 {
+ ItemFile.Name = split[len(strings.Split(value.(string), "/"))-1]
+ }
+ }
+ if ItemFile.Name == "" || strings.HasSuffix(ItemFile.Name, trash_indicator) {
+ continue
+ }
+ value, _ := mapping.Load(mapping_id)
+ mapping.Store(mapping_id, strings.Join(strings.Split(value.(string), "/")[:len(strings.Split(value.(string), "/"))-1], "/")+"/")
+ }
+ value, _ := mapping.Load(mapping_id)
+ if value != nil {
+ list, ok := folders.Load(value.(string))
+ if !ok {
+ list = []api.Item{}
+ }
+ skip := false
+ for _, existing_item := range list.([]api.Item) {
+ if existing_item.Name == ItemFile.Name {
+ skip = true
+ break
+ }
+ }
+ if skip {
+ continue
+ }
+ folders.Store(value.(string), append(list.([]api.Item), ItemFile))
+ }
+ }
+ }
+
+ // Iterate through the map
+ mapping.Range(func(key string, newLocation interface{}) bool {
+
+ if strings.HasSuffix(newLocation.(string), trash_indicator) {
+ return true
+ }
+
+ // Split the new location by "/"
+ locationParts := strings.Split(newLocation.(string), "/")
+
+ // Create a new variable to store the full path
+ var location string
+
+ // Iterate through each level of the new location
+ for _, locationPart := range locationParts[:len(locationParts)-1] {
+ // Append the full path to the corresponding level
+ var skip bool
+ skip = false
+ list, ok := folders.Load(location)
+ if !ok {
+ list = []api.Item{}
+ }
+ for _, val := range list.([]api.Item) {
+ if val.Name == locationPart {
+ skip = true
+ break
+ }
+ }
+ if len(location) > 0 {
+ if last := location[len(location)-1]; last != '/' {
+ skip = true
+ }
+ } else {
+ skip = true
+ }
+ if skip {
+ location = location + locationPart + "/"
+ continue
+ }
+
+ // Create the missing folders
+ var ItemFolder api.Item
+ ItemFolder.Name = locationPart
+ ItemFolder.ID = location + locationPart
+ ItemFolder.Type = "folder"
+ if locationPart != "" {
+ folders.Store(location, append(list.([]api.Item), ItemFolder))
+ }
+ // Append the current location part to the full path
+ location = location + locationPart + "/"
+ }
+ return true
+ })
+
+ }
+
+ }
+
+ value, _ := folders.Load(dirID)
+ if value == nil {
+ value = []api.Item{}
+ }
+
+ result = append(result, value.([]api.Item)...)
+
+ if err != nil {
+ return newDirID, found, fmt.Errorf("couldn't list files: %w", err)
+ }
+ loc := time.FixedZone("Europe/Paris", 2*60*60)
+ for i := range result {
+ // Turn temporary restricted items into unretricted items
+ if result[i].Type == api.ItemTypeFile {
+ expired := true
+ for _, cachedfile := range cached {
+ if cachedfile.OriginalLink == result[i].OriginalLink {
+ result[i].Name = cachedfile.Name
+ result[i].Link = cachedfile.Link
+ result[i].Size = cachedfile.Size
+ expired = false
+ break
+ }
+ }
+ if expired {
+ count := 0
+ for _, link := range broken_links {
+ if link == result[i].OriginalLink {
+ count += 1
+ }
+ }
+ if count > 1 {
+ // a redownload of the torrent did not fix the issue
+ fs.LogPrint(fs.LogLevelDebug, fmt.Sprintf("redownloading did not fix file: %s from torrent hash: %s", result[i].Name, result[i].TorrentHash))
+ location := result[i].DefaultLocation + result[i].Name
+ if value, ok := mapping.Load(result[i].MappingID); ok {
+ if len(value.(string)) > 0 {
+ location = value.(string)
+ }
+ }
+ expired_object, _ := f.newObjectWithInfo(ctx, location, &result[i])
+ f.remove(ctx, expired_object.(*Object))
+ continue
+ }
+ fs.LogPrint(fs.LogLevelDebug, fmt.Sprintf("creating new link for file: %s from torrent hash: %s", result[i].Name, result[i].TorrentHash))
+ var ItemFile api.Item
+ broken := false
+ path = "/unrestrict/link"
+ method = "POST"
+ opts := rest.Opts{
+ Method: method,
+ Path: path,
+ MultipartParams: url.Values{
+ "link": {result[i].OriginalLink},
+ },
+ Parameters: f.baseParams(),
+ }
+ err_code := 0
+ resp, _ = f.srv.CallJSON(ctx, &opts, nil, &ItemFile)
+ if resp != nil {
+ err_code = resp.StatusCode
+ }
+ if err_code == 503 || err_code == 404 || resp == nil {
+ broken = true
+ }
+ if !broken {
+ var retries = 0
+ for err_code == 429 && retries <= 5 {
+ time.Sleep(time.Duration(2) * time.Second)
+ resp, _ = f.srv.CallJSON(ctx, &opts, nil, &ItemFile)
+ if resp != nil {
+ err_code = resp.StatusCode
+ }
+ retries += 1
+ }
+ if ItemFile.Link != "" && ItemFile.Name != "" {
+ result[i].Name = ItemFile.Name
+ result[i].Link = ItemFile.Link
+ result[i].Size = ItemFile.Size
+ }
+ } else {
+ broken_links = append(broken_links, result[i].OriginalLink)
+ count := 0
+ for _, link := range broken_links {
+ if link == result[i].OriginalLink {
+ count += 1
+ }
+ }
+ if count > 1 {
+ // a redownload of the torrent did not fix the issue
+ fs.LogPrint(fs.LogLevelDebug, fmt.Sprintf("redownloading did not fix file: %s from torrent hash: %s", result[i].Name, result[i].TorrentHash))
+ location := "broken"
+ result[i].Name = "broken"
+ expired_object, _ := f.newObjectWithInfo(ctx, location, &result[i])
+ f.remove(ctx, expired_object.(*Object))
+ continue
+ }
+ for k, torrent := range torrents {
+ if torrent.ID == result[i].ParentID {
+ torrents[k] = f.redownloadTorrent(ctx, torrents[k])
+ break
+ }
+ }
+
+ }
+
+ }
+ if _, ok := sorting_file.Load(result[i].MappingID); ok {
+ if value, _ := sorting_file.Load(result[i].MappingID); len(value.(string)) > 0 {
+ value, _ := sorting_file.Load(result[i].MappingID)
+ split := strings.Split(value.(string), "/")
+ if len(split) > 0 {
+ result[i].Name = split[len(strings.Split(value.(string), "/"))-1]
+ }
+ }
+ }
+ }
+ item := &result[i]
+ layout := "2006-01-02T15:04:05.000Z"
+ if item.Generated != "" {
+ t, _ := time.ParseInLocation(layout, item.Ended, loc)
+ item.CreatedAt = t.Unix()
+ } else if item.Ended != "" {
+ t, _ := time.ParseInLocation(layout, item.Ended, loc)
+ item.CreatedAt = t.Unix()
+ }
+ if item.Type == api.ItemTypeFolder {
+ if filesOnly {
+ continue
+ }
+ } else if item.Type == api.ItemTypeFile {
+ if directoriesOnly {
+ continue
+ }
+ } else {
+ fs.Debugf(f, "Ignoring %q - unknown type %q", item.Name, item.Type)
+ continue
+ }
+ item.Name = f.opt.Enc.ToStandardName(item.Name)
+ if fn(item) {
+ found = true
+ break
+ }
+ }
+
+ return
+}
+
+// List the objects and directories in dir into entries. The
+// entries can be returned in any order but should be for a
+// complete directory.
+//
+// dir should be "" to list the root, and should not have
+// trailing slashes.
+//
+// This should return ErrDirNotFound if the directory isn't
+// found.
+func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err error) {
+ //fmt.Println("Listing Items ... ")
+ directoryID, err := f.dirCache.FindDir(ctx, dir, false)
+ if err != nil {
+ return nil, err
+ }
+ var iErr error
+ _, _, err = f.listAll(ctx, directoryID, false, false, func(info *api.Item) bool {
+ remote := path.Join(dir, info.Name)
+ if info.Type == api.ItemTypeFolder {
+ // cache the directory ID for later lookups
+ f.dirCache.Put(remote, info.ID)
+ d := fs.NewDir(remote, time.Unix(info.CreatedAt, 0)).SetID(info.ID)
+ entries = append(entries, d)
+ } else if info.Type == api.ItemTypeFile {
+ o, err := f.newObjectWithInfo(ctx, remote, info)
+ if err != nil {
+ iErr = err
+ return true
+ }
+ entries = append(entries, o)
+ }
+ return false
+ })
+ if err != nil {
+ return nil, err
+ }
+ if iErr != nil {
+ return nil, iErr
+ }
+ //fmt.Println("Done Listing Items.")
+ return entries, nil
+}
+
+// Creates from the parameters passed in a half finished Object which
+// must have setMetaData called on it
+//
+// Returns the object, leaf, directoryID and error
+//
+// Used to create new objects
+func (f *Fs) createObject(ctx context.Context, remote string, modTime time.Time, size int64) (o *Object, leaf string, directoryID string, err error) {
+ // Create the directory for the object if it doesn't exist
+ leaf, directoryID, err = f.dirCache.FindPath(ctx, remote, true)
+ if err != nil {
+ return
+ }
+ // Temporary Object under construction
+ o = &Object{
+ fs: f,
+ remote: remote,
+ }
+ return o, leaf, directoryID, nil
+}
+
+// Put the object
+//
+// Copy the reader in to the new object which is returned
+//
+// The new object may have been created if an error is returned
+func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
+ existingObj, err := f.newObjectWithInfo(ctx, src.Remote(), nil)
+ switch err {
+ case nil:
+ return existingObj, existingObj.Update(ctx, in, src, options...)
+ case fs.ErrorObjectNotFound:
+ // Not found so create it
+ return f.PutUnchecked(ctx, in, src, options...)
+ default:
+ return nil, err
+ }
+}
+
+// PutUnchecked the object into the container
+//
+// This will produce an error if the object already exists
+//
+// Copy the reader in to the new object which is returned
+//
+// The new object may have been created if an error is returned
+func (f *Fs) PutUnchecked(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
+ remote := src.Remote()
+ size := src.Size()
+ modTime := src.ModTime(ctx)
+
+ o, _, _, err := f.createObject(ctx, remote, modTime, size)
+ if err != nil {
+ return nil, err
+ }
+ return o, o.Update(ctx, in, src, options...)
+}
+
+// Mkdir creates the container if it doesn't exist
+func (f *Fs) Mkdir(ctx context.Context, dir string) error {
+ _, err := f.dirCache.FindDir(ctx, dir, true)
+ if err != nil {
+ return err
+ }
+ return nil
+}
+
+// purgeCheck removes the root directory, if check is set then it
+// refuses to do so if it has anything in
+func (f *Fs) purgeCheck(ctx context.Context, dir string, check bool) error {
+ root := path.Join(f.root, dir)
+ if root == "" {
+ return errors.New("can't purge root directory")
+ }
+ dc := f.dirCache
+ rootID, err := dc.FindDir(ctx, dir, false)
+ if err != nil {
+ return err
+ }
+
+ // if rootID is a torrent ID
+ if len(rootID) == 13 && rootID == strings.ToUpper(rootID) {
+ fs.LogPrint(fs.LogLevelDebug, "removing realdebrid torrent id: "+rootID)
+ path := "/torrents/delete/DISABLED" + rootID
+ opts := rest.Opts{
+ Method: "DELETE",
+ Path: path,
+ Parameters: f.baseParams(),
+ }
+ var resp *http.Response
+ var result api.Response
+ err = f.pacer.Call(func() (bool, error) {
+ resp, err = f.srv.CallJSON(ctx, &opts, nil, &result)
+ return shouldRetry(ctx, resp, err)
+ })
+ lastcheck = time.Now().Unix() - interval
+ }
+ f.dirCache.FlushDir(dir)
+ return nil
+}
+
+// Rmdir deletes the root folder
+//
+// Returns an error if it isn't empty
+func (f *Fs) Rmdir(ctx context.Context, dir string) error {
+ //fmt.Printf("Rmdir: '%s'\n", dir)
+ return f.purgeCheck(ctx, dir, true)
+}
+
+// Precision return the precision of this Fs
+func (f *Fs) Precision() time.Duration {
+ return fs.ModTimeNotSupported
+}
+
+// Purge deletes all the files in the directory
+//
+// Optional interface: Only implement this if you have a way of
+// deleting all the files quicker than just running Remove() on the
+// result of List()
+func (f *Fs) Purge(ctx context.Context, dir string) error {
+ //fmt.Printf("Purge: '%s'\n", dir)
+ return f.purgeCheck(ctx, dir, false)
+}
+
+// move a file or folder
+//
+func (f *Fs) move(ctx context.Context, isFile bool, id, oldLeaf, newLeaf, oldDirectoryID, newDirectoryID string) (err error) {
+
+ // Handle IDs
+ oldDirectoryID_o := oldDirectoryID
+ for _, torrent := range torrents {
+ if torrent.ID == oldDirectoryID {
+ oldDirectoryID = "/" + torrent.Name + "/"
+ break
+ } else if !isFile && torrent.Name == oldLeaf {
+ oldDirectoryID = "/"
+ break
+ }
+ }
+ // // Handle Files
+ if isFile && len(id) == 13 {
+ oldLeaf = id
+ }
+
+ // There was a change, so update the file requiring a lock
+ // fs.LogPrint(fs.LogLevelDebug, "move locking file_mutex")
+ file_mutex.Lock()
+ defer file_mutex.Unlock()
+ // defer fs.LogPrint(fs.LogLevelDebug, "move unlocking file_mutex")
+ // Open the file
+ file, err := os.OpenFile(f.opt.SortFile, os.O_CREATE|os.O_RDWR, 0644)
+ if err != nil {
+ fmt.Println(err)
+ return err
+ }
+ defer file.Close()
+
+ if last := newDirectoryID[len(newDirectoryID)-1]; last != '/' {
+ newDirectoryID = newDirectoryID + "/"
+ }
+ if first := newDirectoryID[0]; first != '/' {
+ newDirectoryID = "/" + newDirectoryID
+ }
+ if last := oldDirectoryID[len(oldDirectoryID)-1]; last != '/' {
+ oldDirectoryID = oldDirectoryID + "/"
+ }
+ if first := oldDirectoryID[0]; first != '/' {
+ oldDirectoryID = "/" + oldDirectoryID
+ }
+ if last := oldDirectoryID_o[len(oldDirectoryID_o)-1]; last != '/' {
+ oldDirectoryID_o = oldDirectoryID_o + "/"
+ }
+ if first := oldDirectoryID_o[0]; first != '/' {
+ oldDirectoryID_o = "/" + oldDirectoryID_o
+ }
+ if !isFile {
+ if last := newLeaf[len(newLeaf)-1]; last != '/' {
+ newLeaf = newLeaf + "/"
+ }
+ if last := oldLeaf[len(oldLeaf)-1]; last != '/' {
+ oldLeaf = oldLeaf + "/"
+ }
+ }
+
+ // fs.LogPrint(fs.LogLevelDebug, fmt.Sprintf("moving oldLeaf %s from oldDirectoryID %s to newLeaf %s newDirectoryID %s", oldLeaf, oldDirectoryID, newLeaf, newDirectoryID))
+
+ // Get all files that should be moved.
+ var affected_items []string
+ sorting_file.Range(func(key string, value interface{}) bool {
+ if strings.Contains(value.(string), oldDirectoryID+oldLeaf) {
+ affected_items = append(affected_items, key)
+ }
+ return true
+ })
+ if len(affected_items) == 0 || !isFile {
+ affected_items = append(affected_items, oldDirectoryID+oldLeaf)
+ }
+ scanner := bufio.NewScanner(file)
+ var lines []string
+ var new_lines = make(map[string]string)
+ var replaced = false
+ for scanner.Scan() {
+ line := scanner.Text()
+ lines = append(lines, line)
+ }
+ if err := scanner.Err(); err != nil {
+ fmt.Println(err)
+ return err
+ }
+ file.Truncate(0)
+ file.Seek(0, 0)
+ // move all affected items
+ for _, affected_item := range affected_items {
+ for _, line := range lines {
+ if strings.Contains(line, affected_item+move_chars) && !isFile {
+ new_dst := strings.Replace(strings.Split(line, move_chars)[len(strings.Split(line, move_chars))-1], oldDirectoryID_o+oldLeaf, newDirectoryID+newLeaf, -1)
+ new_lines[line] = affected_item + move_chars + new_dst
+ replaced = true
+ } else if strings.Contains(line, affected_item+move_chars) && isFile {
+ new_lines[line] = affected_item + move_chars + newDirectoryID + newLeaf
+ replaced = true
+ } else if line == affected_item {
+ new_lines[line] = newDirectoryID + newLeaf
+ replaced = true
+ }
+ }
+ if !replaced {
+ var line = affected_item + move_chars + newDirectoryID + newLeaf
+ lines = append(lines, line)
+ }
+ }
+ for _, line := range lines {
+ write := line
+ if _, ok := new_lines[line]; ok {
+ write = new_lines[line]
+ }
+ _, err := file.WriteString(write + "\n")
+ if err != nil {
+ fmt.Println(err)
+ return err
+ }
+ }
+ return nil
+}
+
+// Move src to this remote using server-side move operations.
+//
+// This is stored with the remote path given
+//
+// It returns the destination Object and a possible error
+//
+// Will only be called if src.Fs().Name() == f.Name()
+//
+// If it isn't possible then return fs.ErrorCantMove
+func (f *Fs) Move(ctx context.Context, src fs.Object, remote string) (fs.Object, error) {
+
+ move_mutex.Lock()
+ defer move_mutex.Unlock()
+ moving = true
+ defer func() { moving = false }()
+
+ srcObj, ok := src.(*Object)
+ if !ok {
+ fs.Debugf(src, "Can't move - not same remote type")
+ return nil, fs.ErrorCantMove
+ }
+
+ // Create temporary object
+ _, leaf, directoryID, err := f.createObject(ctx, remote, srcObj.modTime, srcObj.size)
+ if err != nil {
+ return nil, err
+ }
+
+ // Do the move
+ err = f.move(ctx, true, srcObj.id, path.Base(srcObj.remote), leaf, srcObj.ParentID, directoryID)
+ if err != nil {
+ return nil, err
+ }
+
+ // Remove the old item from the folder structure
+ oldDir, _ := mapping.LoadAndDelete(srcObj.MappingID)
+ var newItems []api.Item
+ items, _ := folders.Load(oldDir.(string))
+ for i := range items.([]api.Item) {
+ if items.([]api.Item)[i].ID != srcObj.id {
+ newItems = append(newItems, items.([]api.Item)[i])
+ }
+ }
+ folders.Store(oldDir.(string), newItems)
+
+ // Add the new item to the folder structure
+ if last := directoryID[len(directoryID)-1]; last != '/' {
+ directoryID = directoryID + "/"
+ }
+ if first := directoryID[0]; first != '/' {
+ directoryID = "/" + directoryID
+ }
+ mapping.Store(srcObj.MappingID, directoryID)
+ newItem := api.Item{}
+ newItem.Name = strings.Split(remote, "/")[len(strings.Split(remote, "/"))-1]
+ newItem.Size = srcObj.size
+ newItem.ID = srcObj.id
+ newItem.MimeType = srcObj.mimeType
+ newItem.Link = srcObj.url
+ newItem.OriginalLink = srcObj.OriginalLink
+ newItem.ParentID = srcObj.ParentID
+ newItem.TorrentHash = srcObj.TorrentHash
+ newItem.MappingID = srcObj.MappingID
+ newItem.Type = "file"
+ newItem.Generated = srcObj.modTime.Format("2006-01-02T15:04:05.000Z")
+ items, _ = folders.Load(directoryID)
+ if items == nil {
+ items = []api.Item{}
+ }
+ items = items.([]api.Item)
+ items = append(items.([]api.Item), newItem)
+ folders.Store(directoryID, items)
+
+ // moving = false
+ // err = dstObj.readMetaData(ctx)
+
+ if err != nil && !strings.HasSuffix(remote, trash_indicator) {
+ return nil, err
+ }
+ return srcObj, nil
+}
+
+// DirMove moves src, srcRemote to this remote at dstRemote
+// using server-side move operations.
+//
+// Will only be called if src.Fs().Name() == f.Name()
+//
+// If it isn't possible then return fs.ErrorCantDirMove
+//
+// If destination exists then return fs.ErrorDirExists
+func (f *Fs) DirMove(ctx context.Context, src fs.Fs, srcRemote, dstRemote string) error {
+ move_mutex.Lock()
+ defer move_mutex.Unlock()
+
+ srcFs, ok := src.(*Fs)
+ if !ok {
+ fs.Debugf(srcFs, "Can't move directory - not same remote type")
+ return fs.ErrorCantDirMove
+ }
+
+ srcID, srcDirectoryID, srcLeaf, dstDirectoryID, dstLeaf, err := f.dirCache.DirMove(ctx, srcFs.dirCache, srcFs.root, srcRemote, f.root, dstRemote)
+ if err != nil {
+ return err
+ }
+
+ // Do the move
+ err = f.move(ctx, false, srcID, srcLeaf, dstLeaf, srcDirectoryID, dstDirectoryID)
+ if err != nil {
+ return err
+ }
+
+ // List the files to again to make them visible in the new location instantly
+ if last := dstDirectoryID[len(dstDirectoryID)-1]; last != '/' {
+ dstDirectoryID = dstDirectoryID + "/"
+ }
+ if first := dstDirectoryID[0]; first != '/' {
+ dstDirectoryID = "/" + dstDirectoryID
+ }
+
+ f.List(ctx, dstDirectoryID+dstLeaf)
+
+ srcFs.dirCache.FlushDir(srcRemote)
+ return nil
+}
+
+// PublicLink adds a "readable by anyone with link" permission on the given file or folder.
+func (f *Fs) PublicLink(ctx context.Context, remote string, expire fs.Duration, unlink bool) (string, error) {
+ _, err := f.dirCache.FindDir(ctx, remote, false)
+ if err == nil {
+ return "", fs.ErrorCantShareDirectories
+ }
+ o, err := f.NewObject(ctx, remote)
+ if err != nil {
+ return "", err
+ }
+ return o.(*Object).url, nil
+}
+
+// About gets quota information
+func (f *Fs) About(ctx context.Context) (usage *fs.Usage, err error) {
+ return usage, nil
+}
+
+// DirCacheFlush resets the directory cache - used in testing as an
+// optional interface
+func (f *Fs) DirCacheFlush() {
+ f.dirCache.ResetRoot()
+}
+
+// Hashes returns the supported hash sets.
+func (f *Fs) Hashes() hash.Set {
+ return hash.Set(hash.None)
+}
+
+// ------------------------------------------------------------
+
+// Fs returns the parent Fs
+func (o *Object) Fs() fs.Info {
+ return o.fs
+}
+
+// Return a string version
+func (o *Object) String() string {
+ if o == nil {
+ return ""
+ }
+ return o.remote
+}
+
+// Remote returns the remote path
+func (o *Object) Remote() string {
+ return o.remote
+}
+
+// Hash returns the SHA-1 of an object returning a lowercase hex string
+func (o *Object) Hash(ctx context.Context, t hash.Type) (string, error) {
+ return "", hash.ErrUnsupported
+}
+
+// Size returns the size of an object in bytes
+func (o *Object) Size() int64 {
+ err := o.readMetaData(context.TODO())
+ if err != nil {
+ fs.Logf(o, "Failed to read metadata: %v", err)
+ return 0
+ }
+ return o.size
+}
+
+// setMetaData sets the metadata from info
+func (o *Object) setMetaData(info *api.Item) (err error) {
+ if info.Type != "file" {
+ return fmt.Errorf("%q is %q: %w", o.remote, info.Type, fs.ErrorNotAFile)
+ }
+ o.hasMetaData = true
+ o.size = info.Size
+ o.modTime = time.Unix(info.CreatedAt, 0)
+ o.id = info.ID
+ o.mimeType = info.MimeType
+ o.url = info.Link
+ o.ParentID = info.ParentID
+ o.TorrentHash = info.TorrentHash
+ o.MappingID = info.MappingID
+ o.OriginalLink = info.OriginalLink
+ return nil
+}
+
+// readMetaData gets the metadata if it hasn't already been fetched
+//
+// it also sets the info
+func (o *Object) readMetaData(ctx context.Context) (err error) {
+ if o.hasMetaData {
+ return nil
+ }
+ info, err := o.fs.readMetaDataForPath(ctx, o.remote, false, true)
+ if err != nil {
+ return err
+ }
+ return o.setMetaData(info)
+}
+
+// ModTime returns the modification time of the object
+//
+//
+// It attempts to read the objects mtime and if that isn't present the
+// LastModified returned in the http headers
+func (o *Object) ModTime(ctx context.Context) time.Time {
+ err := o.readMetaData(ctx)
+ if err != nil {
+ fs.Logf(o, "Failed to read metadata: %v", err)
+ return time.Now()
+ }
+ return o.modTime
+}
+
+// SetModTime sets the modification time of the local fs object
+func (o *Object) SetModTime(ctx context.Context, modTime time.Time) error {
+ return fs.ErrorCantSetModTime
+}
+
+// Storable returns a boolean showing whether this object storable
+func (o *Object) Storable() bool {
+ return true
+}
+
+// Open an object for read
+func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (in io.ReadCloser, err error) {
+ if o.url == "" {
+ return nil, errors.New("can't download - no URL")
+ }
+ fs.FixRangeOption(options, o.size)
+ var resp *http.Response
+ var err_code = 0
+ opts := rest.Opts{
+ Path: "",
+ RootURL: o.url,
+ Method: "GET",
+ Options: options,
+ }
+ err = o.fs.pacer.Call(func() (bool, error) {
+ resp, err = o.fs.srv.Call(ctx, &opts)
+ if resp != nil {
+ err_code = resp.StatusCode
+ }
+ return shouldRetry(ctx, resp, err)
+ })
+
+ if err != nil || err_code == 404 || err_code == 503 {
+ if err_code == 404 || (err != nil && strings.Contains(err.Error(), "404")) {
+ err_code = 404
+ } else if err_code == 503 || (err != nil && strings.Contains(err.Error(), "503")) {
+ err_code = 503
+ } else {
+ return nil, fmt.Errorf("error: (unknown) accessing url: %s", o.url)
+ }
+ for _, TorrentID := range broken_torrents {
+ if o.ParentID == TorrentID {
+ return nil, err
+ }
+ }
+ msg := ""
+ if err != nil && strings.Contains(err.Error(), "
+
+