I've got an upstream (let's call it s3_upstream) which contains mostly unencrypted content, but also has some specific folders with encrypted content only. I would like to have a single view/listing/remote which can display unencrypted data as it is and decrypt names inside these encrypted specific folders.
Given structure:
file.txt
folder/file.txt
encryptedFolder/eFopbFZRBJlFyk7NFHuAQNOKDJhBwow_u_qL6FCG_3g
encryptedFolder2/HHjKeeHy6S-9BJuxpNeKPHqRae6mGHMkCthPsjFZtUk
I would like to end up with:
file.txt
folder/file.txt
encryptedFolder/Loga_Guzowianki.zip
encryptedFolder2/premiumizeme.svg
Please note that: encryptedFolder and encryptedFolder2 are both plaintext names of a folder/location where data and filepaths are encrypted.
eFopbFZRBJlFyk7NFHuAQNOKDJhBwow_u_qL6FCG_3g and HHjKeeHy6S-9BJuxpNeKPHqRae6mGHMkCthPsjFZtUk are encrypted filepaths (base64 encoded).
I think I've got somewhere with a combination of union and combine:
[s3_upstream]
type = s3
endpoint = ...
region = us-east-1
secret_access_key = ...
access_key_id = ...
no_check_bucket = true
provider = Other
[s3_with_bucket]
type = alias
remote = s3_upstream:bucket
[encrypted]
type = crypt
filename_encoding = base64
password = ...
remote = s3_with_bucket:encrypted
[encrypted2]
type = crypt
filename_encoding = base64
password = ...
remote = s3_with_bucket:encrypted2
[vaults]
type = combine
upstreams = "encrypted=encrypted:" "encrypted2=encrypted2:"
[union_vaults]
type = union
upstreams = s3_with_bucket: vaults:
the issue is that with rclone ls union_vaults: I get:
file.txt
folder/file.txt
encryptedFolder/Loga_MercuryHSF.zip
encryptedFolder2/premiumizeme.svg
encryptedFolder/eFopbFZRBJlFyk7NFHuAQNOKDJhBwow_u_qL6FCG_3g
encryptedFolder2/HHjKeeHy6S-9BJuxpNeKPHqRae6mGHMkCthPsjFZtUk
It seems that contents of encryptedFolder and encryptedFolder2 is correctly decrypted, unfortunately unencrypted version is also included.
I need to filter out encryptedFolder/* and encryptedFolder2/* coming from the s3_with_bucket as these locations are decrypted and handled by the vaults: which combines encrypted: and encrypted2:
As far I am concerned it is not possible to define filters on the remote level inside rclone.conf, which would come really handy.
Is there any other approach that can be used to provide such unified view?
===
Using latest Rclone:
rclone v1.70.3
- os/version: ubuntu 25.04 (64 bit)
- os/kernel: 6.14.0-24-generic (x86_64)
- os/type: linux
- os/arch: amd64
- go/version: go1.24.4
- go/linking: static
- go/tags: none