TrueNAS SCALE: Create OneDrive cloud sync task

After migrating from TrueNAS Core to TrueNAS SCALE, I noticed that my OneDrive cloud sync tasks are not working anymore. This is due to the removal of the formerly used OneDrive implementation. Since it was outdated and won’t work with the Python version shipped with TrueNAS SCALE Bluefin, it has been removed from TrueNAS SCALE itself.

However, since the implementation based on rclone, which is getting shipped with TrueNAS SCALE, we can create our own implementation. rclone has an interactive configuration guide for easier setup of supported remotes.

First of all, make sure to have a dataset configured where you can store the rclone configuration and logs. Otherwise, it is not necessary safe that this data persists after a reboot or update. So better save than sorry.

After that, login via SSH and change to this dataset. In my example, the dataset is called rclone, so it’s mounted in /mnt/rclone.

ssh root@10.10.10.2
cd /mnt/rcloneCode language: Bash (bash)

Now you need to configure Microsoft OneDrive as remote in rclone. Please follow this guide with one exception (see below): https://rclone.org/onedrive/

At the point where you need to setup the remote config via web browser, make sure to select N since you have no access to a web browser from within TrueNAS SCALE by default. You then need to use your own computer to get the credentials. So make sure to have rclone installed on your own computer, too (you can uninstall it afterwards if you don’t need it otherwise).

Data encryption

If you also want to encrypt the data uploaded to Microsoft OneDrive (recommended), create a new config with the storage type crypt as described here: https://rclone.org/crypt/

This method is compatible to the encryption method available in TrueNAS Core.

Here you will be asked for a “Remote to encrypt/decrypt”. You need the format myremote:path/to/dir here. For myremote, enter the remote name you previously configured (if you followed the guide, it’s onedrive). As path, enter /. So the full remote would be: onedrive:/. I named the encryption remote onedrive-crypt.

If you previously had enabled encryption for your OneDrive Cloud Sync Task, select “Encrypt the filenames” as well as “Encrypt directory names” and enter your own password and your own salt as second password.

Since I only created one OneDrive remote with the path /, using the encryption now also encrypts the folder name on first level, which was not the case with the Cloud Sync Task before. So in order to keep previous synched data recognized, I started the rclone task as configured in the cron job command below manually and interrupted it after a couple of seconds by pressing CTRL + C. That way it the encrypted folder name was already created. So I copied its name, removed it and renamed the original.

Prepare configuration

To make sure the configuration is persistent, copy it from the default location to your dataset and make it private. It should be located at /root/.config/rclone/rclone.conf by default, but you can also get the path via the command rclone config file.

cp /root/.config/rclone/rclone.conf /mnt/rclone/
chmod 400 /mnt/rclone/rclone.confCode language: Bash (bash)

To also log the output of the rclone process later on, create a logs folder in your dataset.

mkdir /mnt/rclone/logsCode language: Bash (bash)

Configure cron job

Since you cannot use the Cloud Sync Tasks in the Data Protection area of TrueNAS SCALE, you need to setup a cron job to run rclone. Go to System Settings > Advanced > Cron Jobs and add a new cron job. I use multiple cron jobs for different folders, that’s why all my descriptions contain the folder name.

Form to add a cron job

For my Seafile data, I use the description “rclone OneDrive Seafile”.

As command, I use the following:

rclone -v copy /mnt/data/seafile/ onedrive-crypt:/Seafile --log-file=/mnt/rclone/logs/seafile.log  --config="/mnt/rclone/rclone.conf"Code language: Bash (bash)

For “Run As User”, I use my own user.

Configure the schedule to your liking.

Disable the checkbox for “Hide Standard Output”. In my case, the standard output has been output anyways but again, better save than sorry.

Save it and you’re good to go.

Log rotation

Since rclone always uses the same log file to write its logs to, it’s recommended to rotate them regularly to keep them small in size. Luckily, TrueNAS SCALE comes with logrotate builtin, which you can use to rotate the log.

First, create the logrotate.conf in /mnt/rclone/logrotate.conf:

/mnt/rclone/logs/*.log {
	su matze matze
	rotate 7
	copytruncate
	daily
	compress
	missingok
	notifempty
}

Adjust the username in line two accordingly to your configuration.

To execute the log rotation regularly, add a new cron job with the following command:

logrotate /mnt/rclone/logrotate.confCode language: Bash (bash)

You can also run this command after a day manually first to make sure everything works.

Since rclone doesn’t work well with logrotate (see the discussion here), I recommend setting a custom schedule. I used the daily preset, but changed the minutes to 55 so that I can be pretty sure that the rclone task has finished before the log rotates. This is enough for my hourly tasks. If you run your tasks less frequently, you can also just rotate the logs a few minutes before they run.

Configuration encryption

If you want to encrypt your rclone configuration file (recommended), you can do that via rclone config. Select the entry “Set configuration password” and follow the instructions.

Don’t forget to copy the configuration file to your dataset after the encryption (and after every other change as well)!

After that, every time rclone tries to access the configuration file, you need to enter the password. Also for the cron jobs, which prevents them from being executed automatically. There’s two possibilities to change that. The first one is to use the RCLONE_CONFIG_PASS variable directly on your cron job command by adding this code before the actual rclone command:

export RCLONE_CONFIG_PASS=your-password;Code language: Bash (bash)

However, I don’t like to expose the password directly in the web view of TrueNAS.

For the second method, store the password in the file /mnt/rclone/rclone.conf.p:

nano /mnt/rclone/rclone.conf.p
chmod 400 /mnt/rclone/rclone.conf.pCode language: Bash (bash)

Then you can use the password-command parameter from rclone to access the password in your cron job command by expending it with this:

--password-command "cat /mnt/rclone/rclone.conf.p"Code language: Bash (bash)

Conclusion

While it’s not within the nice web view and in the same area as other cloud sync tasks, it’s still possible to use the same functionality as before to synchronize your data via rclone to Microsoft OneDrive from within your TrueNAS SCALE.

Leave a Reply

Your email address will not be published. Required fields are marked *