Rclone config: source of truth

Hey everyone,

I have a server with multiple VMs. Each one of them has a different service running on it but what all of them have in common is: they backup some data of the service they are running to an encrypted remote.

The challenge I'm facing is that I end up with multiple rclone.conf files, one per VM, meaning that when I change one of them, I have to change the rest of them manually, one by one.

How do you guys keep an rclone.conf that is the source of truth, meaning the file where all the configs are, and then sync that one to all the different destinations, in this case, my VMs?

Also, extra bonus question. Do you keep only one crypt remote with different different directories in it (1) or you have a different crypt per directory (2)? What's your preferred and why?


config remote:

remote = remote:

rclone sync local encrypted_remote:VM1
rclone sync local encrypted_remote:VM2


config remote:

remote = remote:VM1
pass = pass1
remote = remote:VM2
pass = pass2

rclone sync local encrypted_remote_VM1:
rclone sync local encrypted_remote_VM2:

you can create a directory on the host, and share it with each vm.
store all the config files there.

that is up to you.

Thanks for your reply!

Yup, that was an idea, but then we factor in I also use rclone in my laptop which is not connected to this host... And then another computer... :slight_smile:

In regards to the bonus extra question, I've been using (2) as I thought it's a way to increase security. But if somebody manages to decrypt the content of one remote, I don't think decrypting the content of the other remotes will be difficult anymore. Just a nuisance, I guess. Both passwords and salt contain more than 50 characters, but technology advances fast.

perhaps try --magic :wink:
if you really want to do this, setup a vpn network.
i use tailscale point to point vpn, might fit your use-case

that is what i would do.
in the end of times, only the paranoid will be left and we will inherit the earth.

1 Like

I could not find that flag on rclone docs... :stuck_out_tongue: Yeah I already got VPN, not sure If I'm being too paranoid...

But maybe being too paranoid brings something good, especially taking into account the situation we are in...

Thanks for your time! Have a great day sir :slight_smile:

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.