2018-03-19 11:06:13 +01:00
|
|
|
---
|
|
|
|
title: "rclone serve restic"
|
2020-05-16 16:11:55 +02:00
|
|
|
description: "Serve the remote for restic's REST API."
|
2018-03-19 11:06:13 +01:00
|
|
|
slug: rclone_serve_restic
|
|
|
|
url: /commands/rclone_serve_restic/
|
2020-02-10 13:31:45 +01:00
|
|
|
# autogenerated - DO NOT EDIT, instead edit the source code in cmd/serve/restic/ and as part of making a release run "make commanddocs"
|
2018-03-19 11:06:13 +01:00
|
|
|
---
|
2020-05-22 12:17:37 +02:00
|
|
|
# rclone serve restic
|
2018-03-19 11:06:13 +01:00
|
|
|
|
|
|
|
Serve the remote for restic's REST API.
|
|
|
|
|
2020-05-22 12:17:37 +02:00
|
|
|
## Synopsis
|
2018-03-19 11:06:13 +01:00
|
|
|
|
2022-11-07 04:38:40 +01:00
|
|
|
Run a basic web server to serve a remote over restic's REST backend
|
2022-07-09 19:08:20 +02:00
|
|
|
API over HTTP. This allows restic to use rclone as a data storage
|
2018-03-19 11:06:13 +01:00
|
|
|
mechanism for cloud providers that restic does not support directly.
|
|
|
|
|
2022-03-18 13:29:54 +01:00
|
|
|
[Restic](https://restic.net/) is a command-line program for doing
|
2018-03-19 11:06:13 +01:00
|
|
|
backups.
|
|
|
|
|
|
|
|
The server will log errors. Use -v to see access logs.
|
|
|
|
|
2022-07-09 19:08:20 +02:00
|
|
|
`--bwlimit` will be respected for file transfers.
|
|
|
|
Use `--stats` to control the stats printing.
|
2018-03-19 11:06:13 +01:00
|
|
|
|
2020-05-22 12:17:37 +02:00
|
|
|
## Setting up rclone for use by restic ###
|
2018-03-19 11:06:13 +01:00
|
|
|
|
|
|
|
First [set up a remote for your chosen cloud provider](/docs/#configure).
|
|
|
|
|
|
|
|
Once you have set up the remote, check it is working with, for example
|
|
|
|
"rclone lsd remote:". You may have called the remote something other
|
|
|
|
than "remote:" - just substitute whatever you called it in the
|
|
|
|
following instructions.
|
|
|
|
|
|
|
|
Now start the rclone restic server
|
|
|
|
|
|
|
|
rclone serve restic -v remote:backup
|
|
|
|
|
|
|
|
Where you can replace "backup" in the above by whatever path in the
|
|
|
|
remote you wish to use.
|
|
|
|
|
|
|
|
By default this will serve on "localhost:8080" you can change this
|
2022-07-09 19:08:20 +02:00
|
|
|
with use of the `--addr` flag.
|
2018-03-19 11:06:13 +01:00
|
|
|
|
|
|
|
You might wish to start this server on boot.
|
|
|
|
|
2022-07-09 19:08:20 +02:00
|
|
|
Adding `--cache-objects=false` will cause rclone to stop caching objects
|
2021-02-02 14:42:35 +01:00
|
|
|
returned from the List call. Caching is normally desirable as it speeds
|
|
|
|
up downloading objects, saves transactions and uses very little memory.
|
|
|
|
|
2020-05-22 12:17:37 +02:00
|
|
|
## Setting up restic to use rclone ###
|
2018-03-19 11:06:13 +01:00
|
|
|
|
|
|
|
Now you can [follow the restic
|
|
|
|
instructions](http://restic.readthedocs.io/en/latest/030_preparing_a_new_repo.html#rest-server)
|
|
|
|
on setting up restic.
|
|
|
|
|
|
|
|
Note that you will need restic 0.8.2 or later to interoperate with
|
|
|
|
rclone.
|
|
|
|
|
|
|
|
For the example above you will want to use "http://localhost:8080/" as
|
|
|
|
the URL for the REST server.
|
|
|
|
|
|
|
|
For example:
|
|
|
|
|
|
|
|
$ export RESTIC_REPOSITORY=rest:http://localhost:8080/
|
|
|
|
$ export RESTIC_PASSWORD=yourpassword
|
|
|
|
$ restic init
|
|
|
|
created restic backend 8b1a4b56ae at rest:http://localhost:8080/
|
2019-06-15 13:01:29 +02:00
|
|
|
|
2018-03-19 11:06:13 +01:00
|
|
|
Please note that knowledge of your password is required to access
|
|
|
|
the repository. Losing your password means that your data is
|
|
|
|
irrecoverably lost.
|
|
|
|
$ restic backup /path/to/files/to/backup
|
|
|
|
scan [/path/to/files/to/backup]
|
|
|
|
scanned 189 directories, 312 files in 0:00
|
2019-06-15 13:01:29 +02:00
|
|
|
[0:00] 100.00% 38.128 MiB / 38.128 MiB 501 / 501 items 0 errors ETA 0:00
|
2018-03-19 11:06:13 +01:00
|
|
|
duration: 0:00
|
|
|
|
snapshot 45c8fdd8 saved
|
|
|
|
|
2020-05-22 12:17:37 +02:00
|
|
|
### Multiple repositories ####
|
2018-03-19 11:06:13 +01:00
|
|
|
|
|
|
|
Note that you can use the endpoint to host multiple repositories. Do
|
|
|
|
this by adding a directory name or path after the URL. Note that
|
|
|
|
these **must** end with /. Eg
|
|
|
|
|
|
|
|
$ export RESTIC_REPOSITORY=rest:http://localhost:8080/user1repo/
|
|
|
|
# backup user1 stuff
|
|
|
|
$ export RESTIC_REPOSITORY=rest:http://localhost:8080/user2repo/
|
|
|
|
# backup user2 stuff
|
|
|
|
|
2020-05-22 12:17:37 +02:00
|
|
|
### Private repositories ####
|
2019-06-15 13:01:29 +02:00
|
|
|
|
2022-07-09 19:08:20 +02:00
|
|
|
The`--private-repos` flag can be used to limit users to repositories starting
|
2020-05-22 13:22:52 +02:00
|
|
|
with a path of `/<username>/`.
|
2018-03-19 11:06:13 +01:00
|
|
|
|
2020-05-22 12:17:37 +02:00
|
|
|
## Server options
|
2018-03-19 11:06:13 +01:00
|
|
|
|
2022-07-09 19:08:20 +02:00
|
|
|
Use `--addr` to specify which IP address and port the server should
|
|
|
|
listen on, e.g. `--addr 1.2.3.4:8000` or `--addr :8080` to
|
|
|
|
listen to all IPs. By default it only listens on localhost. You can use port
|
2018-04-28 12:46:27 +02:00
|
|
|
:0 to let the OS choose an available port.
|
2018-03-19 11:06:13 +01:00
|
|
|
|
2022-07-09 19:08:20 +02:00
|
|
|
If you set `--addr` to listen on a public or LAN accessible IP address
|
2018-04-28 12:46:27 +02:00
|
|
|
then using Authentication is advised - see the next section for info.
|
2018-03-19 11:06:13 +01:00
|
|
|
|
2022-07-09 19:08:20 +02:00
|
|
|
`--server-read-timeout` and `--server-write-timeout` can be used to
|
2018-03-19 11:06:13 +01:00
|
|
|
control the timeouts on the server. Note that this is the total time
|
|
|
|
for a transfer.
|
|
|
|
|
2022-07-09 19:08:20 +02:00
|
|
|
`--max-header-bytes` controls the maximum number of bytes the server will
|
2018-03-19 11:06:13 +01:00
|
|
|
accept in the HTTP header.
|
|
|
|
|
2022-07-09 19:08:20 +02:00
|
|
|
`--baseurl` controls the URL prefix that rclone serves from. By default
|
|
|
|
rclone will serve from the root. If you used `--baseurl "/rclone"` then
|
2019-08-26 16:25:20 +02:00
|
|
|
rclone would serve from a URL starting with "/rclone/". This is
|
|
|
|
useful if you wish to proxy rclone serve. Rclone automatically
|
2022-07-09 19:08:20 +02:00
|
|
|
inserts leading and trailing "/" on `--baseurl`, so `--baseurl "rclone"`,
|
|
|
|
`--baseurl "/rclone"` and `--baseurl "/rclone/"` are all treated
|
2019-08-26 16:25:20 +02:00
|
|
|
identically.
|
|
|
|
|
2022-07-09 19:08:20 +02:00
|
|
|
`--template` allows a user to specify a custom markup template for HTTP
|
|
|
|
and WebDAV serve functions. The server exports the following markup
|
2020-05-16 16:11:55 +02:00
|
|
|
to be used within the template to server pages:
|
|
|
|
|
|
|
|
| Parameter | Description |
|
|
|
|
| :---------- | :---------- |
|
|
|
|
| .Name | The full path of a file/directory. |
|
|
|
|
| .Title | Directory listing of .Name |
|
|
|
|
| .Sort | The current sort used. This is changeable via ?sort= parameter |
|
2021-02-02 14:42:35 +01:00
|
|
|
| | Sort Options: namedirfirst,name,size,time (default namedirfirst) |
|
2020-05-16 16:11:55 +02:00
|
|
|
| .Order | The current ordering used. This is changeable via ?order= parameter |
|
|
|
|
| | Order Options: asc,desc (default asc) |
|
|
|
|
| .Query | Currently unused. |
|
|
|
|
| .Breadcrumb | Allows for creating a relative navigation |
|
|
|
|
|-- .Link | The relative to the root link of the Text. |
|
|
|
|
|-- .Text | The Name of the directory. |
|
|
|
|
| .Entries | Information about a specific file/directory. |
|
|
|
|
|-- .URL | The 'url' of an entry. |
|
|
|
|
|-- .Leaf | Currently same as 'URL' but intended to be 'just' the name. |
|
|
|
|
|-- .IsDir | Boolean for if an entry is a directory or not. |
|
|
|
|
|-- .Size | Size in Bytes of the entry. |
|
|
|
|
|-- .ModTime | The UTC timestamp of an entry. |
|
|
|
|
|
2020-05-22 12:17:37 +02:00
|
|
|
### Authentication
|
2018-03-19 11:06:13 +01:00
|
|
|
|
|
|
|
By default this will serve files without needing a login.
|
|
|
|
|
|
|
|
You can either use an htpasswd file which can take lots of users, or
|
2022-07-09 19:08:20 +02:00
|
|
|
set a single username and password with the `--user` and `--pass` flags.
|
2018-03-19 11:06:13 +01:00
|
|
|
|
2022-07-09 19:08:20 +02:00
|
|
|
Use `--htpasswd /path/to/htpasswd` to provide an htpasswd file. This is
|
2018-03-19 11:06:13 +01:00
|
|
|
in standard apache format and supports MD5, SHA1 and BCrypt for basic
|
|
|
|
authentication. Bcrypt is recommended.
|
|
|
|
|
|
|
|
To create an htpasswd file:
|
|
|
|
|
|
|
|
touch htpasswd
|
|
|
|
htpasswd -B htpasswd user
|
|
|
|
htpasswd -B htpasswd anotherUser
|
|
|
|
|
|
|
|
The password file can be updated while rclone is running.
|
|
|
|
|
2022-07-09 19:08:20 +02:00
|
|
|
Use `--realm` to set the authentication realm.
|
2018-03-19 11:06:13 +01:00
|
|
|
|
2020-05-22 12:17:37 +02:00
|
|
|
### SSL/TLS
|
2018-03-19 11:06:13 +01:00
|
|
|
|
2022-07-09 19:08:20 +02:00
|
|
|
By default this will serve over HTTP. If you want you can serve over
|
|
|
|
HTTPS. You will need to supply the `--cert` and `--key` flags.
|
|
|
|
If you wish to do client side certificate validation then you will need to
|
|
|
|
supply `--client-ca` also.
|
2018-03-19 11:06:13 +01:00
|
|
|
|
2022-07-09 19:08:20 +02:00
|
|
|
`--cert` should be either a PEM encoded certificate or a concatenation
|
|
|
|
of that with the CA certificate. `--key` should be the PEM encoded
|
|
|
|
private key and `--client-ca` should be the PEM encoded client
|
2018-03-19 11:06:13 +01:00
|
|
|
certificate authority certificate.
|
|
|
|
|
2022-10-21 16:06:08 +02:00
|
|
|
--min-tls-version is minimum TLS version that is acceptable. Valid
|
|
|
|
values are "tls1.0", "tls1.1", "tls1.2" and "tls1.3" (default
|
|
|
|
"tls1.0").
|
|
|
|
|
2018-03-19 11:06:13 +01:00
|
|
|
|
|
|
|
```
|
|
|
|
rclone serve restic remote:path [flags]
|
|
|
|
```
|
|
|
|
|
2020-05-22 12:17:37 +02:00
|
|
|
## Options
|
2018-03-19 11:06:13 +01:00
|
|
|
|
|
|
|
```
|
2021-11-01 16:42:05 +01:00
|
|
|
--addr string IPaddress:Port or :Port to bind server to (default "localhost:8080")
|
|
|
|
--append-only Disallow deletion of repository data
|
|
|
|
--baseurl string Prefix for URLs - leave blank for root
|
|
|
|
--cache-objects Cache listed objects (default true)
|
2018-03-19 11:06:13 +01:00
|
|
|
--cert string SSL PEM key (concatenation of certificate and CA certificate)
|
|
|
|
--client-ca string Client certificate authority to verify clients with
|
|
|
|
-h, --help help for restic
|
|
|
|
--htpasswd string htpasswd file - if not provided no authentication is done
|
|
|
|
--key string SSL PEM Private key
|
|
|
|
--max-header-bytes int Maximum size of request header (default 4096)
|
2022-10-21 16:06:08 +02:00
|
|
|
--min-tls-version string Minimum TLS version that is acceptable (default "tls1.0")
|
2021-11-01 16:42:05 +01:00
|
|
|
--pass string Password for authentication
|
|
|
|
--private-repos Users can only access their private repo
|
2022-03-18 13:29:54 +01:00
|
|
|
--realm string Realm for authentication (default "rclone")
|
2018-03-19 11:06:13 +01:00
|
|
|
--server-read-timeout duration Timeout for server reading data (default 1h0m0s)
|
|
|
|
--server-write-timeout duration Timeout for server writing data (default 1h0m0s)
|
2021-11-01 16:42:05 +01:00
|
|
|
--stdio Run an HTTP2 server on stdin/stdout
|
|
|
|
--template string User-specified template
|
|
|
|
--user string User name for authentication
|
2018-03-19 11:06:13 +01:00
|
|
|
```
|
|
|
|
|
2019-06-20 17:18:02 +02:00
|
|
|
See the [global flags page](/flags/) for global options not listed here.
|
|
|
|
|
2020-05-22 12:17:37 +02:00
|
|
|
## SEE ALSO
|
2018-03-19 11:06:13 +01:00
|
|
|
|
|
|
|
* [rclone serve](/commands/rclone_serve/) - Serve a remote over a protocol.
|
|
|
|
|