github.com/artpar/rclone@v1.67.3/docs/content/protondrive.md (about) 1 --- 2 title: "Proton Drive" 3 description: "Rclone docs for Proton Drive" 4 versionIntroduced: "v1.64.0" 5 status: Beta 6 --- 7 8 # {{< icon "fa fa-folder" >}} Proton Drive 9 10 [Proton Drive](https://proton.me/drive) is an end-to-end encrypted Swiss vault 11 for your files that protects your data. 12 13 This is an rclone backend for Proton Drive which supports the file transfer 14 features of Proton Drive using the same client-side encryption. 15 16 Due to the fact that Proton Drive doesn't publish its API documentation, this 17 backend is implemented with best efforts by reading the open-sourced client 18 source code and observing the Proton Drive traffic in the browser. 19 20 **NB** This backend is currently in Beta. It is believed to be correct 21 and all the integration tests pass. However the Proton Drive protocol 22 has evolved over time there may be accounts it is not compatible 23 with. Please [post on the rclone forum](https://forum.rclone.org/) if 24 you find an incompatibility. 25 26 Paths are specified as `remote:path` 27 28 Paths may be as deep as required, e.g. `remote:directory/subdirectory`. 29 30 ## Configurations 31 32 Here is an example of how to make a remote called `remote`. First run: 33 34 rclone config 35 36 This will guide you through an interactive setup process: 37 38 ``` 39 No remotes found, make a new one? 40 n) New remote 41 s) Set configuration password 42 q) Quit config 43 n/s/q> n 44 name> remote 45 Type of storage to configure. 46 Choose a number from below, or type in your own value 47 [snip] 48 XX / Proton Drive 49 \ "protondrive" 50 [snip] 51 Storage> protondrive 52 User name 53 user> you@protonmail.com 54 Password. 55 y) Yes type in my own password 56 g) Generate random password 57 n) No leave this optional password blank 58 y/g/n> y 59 Enter the password: 60 password: 61 Confirm the password: 62 password: 63 Option 2fa. 64 2FA code (if the account requires one) 65 Enter a value. Press Enter to leave empty. 66 2fa> 123456 67 Remote config 68 -------------------- 69 [remote] 70 type = protondrive 71 user = you@protonmail.com 72 pass = *** ENCRYPTED *** 73 -------------------- 74 y) Yes this is OK 75 e) Edit this remote 76 d) Delete this remote 77 y/e/d> y 78 ``` 79 80 **NOTE:** The Proton Drive encryption keys need to have been already generated 81 after a regular login via the browser, otherwise attempting to use the 82 credentials in `rclone` will fail. 83 84 Once configured you can then use `rclone` like this, 85 86 List directories in top level of your Proton Drive 87 88 rclone lsd remote: 89 90 List all the files in your Proton Drive 91 92 rclone ls remote: 93 94 To copy a local directory to an Proton Drive directory called backup 95 96 rclone copy /home/source remote:backup 97 98 ### Modification times and hashes 99 100 Proton Drive Bridge does not support updating modification times yet. 101 102 The SHA1 hash algorithm is supported. 103 104 ### Restricted filename characters 105 106 Invalid UTF-8 bytes will be [replaced](/overview/#invalid-utf8), also left and 107 right spaces will be removed ([code reference](https://github.com/ProtonMail/WebClients/blob/b4eba99d241af4fdae06ff7138bd651a40ef5d3c/applications/drive/src/app/store/_links/validation.ts#L51)) 108 109 ### Duplicated files 110 111 Proton Drive can not have two files with exactly the same name and path. If the 112 conflict occurs, depending on the advanced config, the file might or might not 113 be overwritten. 114 115 ### [Mailbox password](https://proton.me/support/the-difference-between-the-mailbox-password-and-login-password) 116 117 Please set your mailbox password in the advanced config section. 118 119 ### Caching 120 121 The cache is currently built for the case when the rclone is the only instance 122 performing operations to the mount point. The event system, which is the proton 123 API system that provides visibility of what has changed on the drive, is yet 124 to be implemented, so updates from other clients won’t be reflected in the 125 cache. Thus, if there are concurrent clients accessing the same mount point, 126 then we might have a problem with caching the stale data. 127 128 {{< rem autogenerated options start" - DO NOT EDIT - instead edit fs.RegInfo in backend/protondrive/protondrive.go then run make backenddocs" >}} 129 ### Standard options 130 131 Here are the Standard options specific to protondrive (Proton Drive). 132 133 #### --protondrive-username 134 135 The username of your proton account 136 137 Properties: 138 139 - Config: username 140 - Env Var: RCLONE_PROTONDRIVE_USERNAME 141 - Type: string 142 - Required: true 143 144 #### --protondrive-password 145 146 The password of your proton account. 147 148 **NB** Input to this must be obscured - see [rclone obscure](/commands/rclone_obscure/). 149 150 Properties: 151 152 - Config: password 153 - Env Var: RCLONE_PROTONDRIVE_PASSWORD 154 - Type: string 155 - Required: true 156 157 #### --protondrive-2fa 158 159 The 2FA code 160 161 The value can also be provided with --protondrive-2fa=000000 162 163 The 2FA code of your proton drive account if the account is set up with 164 two-factor authentication 165 166 Properties: 167 168 - Config: 2fa 169 - Env Var: RCLONE_PROTONDRIVE_2FA 170 - Type: string 171 - Required: false 172 173 ### Advanced options 174 175 Here are the Advanced options specific to protondrive (Proton Drive). 176 177 #### --protondrive-mailbox-password 178 179 The mailbox password of your two-password proton account. 180 181 For more information regarding the mailbox password, please check the 182 following official knowledge base article: 183 https://proton.me/support/the-difference-between-the-mailbox-password-and-login-password 184 185 186 **NB** Input to this must be obscured - see [rclone obscure](/commands/rclone_obscure/). 187 188 Properties: 189 190 - Config: mailbox_password 191 - Env Var: RCLONE_PROTONDRIVE_MAILBOX_PASSWORD 192 - Type: string 193 - Required: false 194 195 #### --protondrive-client-uid 196 197 Client uid key (internal use only) 198 199 Properties: 200 201 - Config: client_uid 202 - Env Var: RCLONE_PROTONDRIVE_CLIENT_UID 203 - Type: string 204 - Required: false 205 206 #### --protondrive-client-access-token 207 208 Client access token key (internal use only) 209 210 Properties: 211 212 - Config: client_access_token 213 - Env Var: RCLONE_PROTONDRIVE_CLIENT_ACCESS_TOKEN 214 - Type: string 215 - Required: false 216 217 #### --protondrive-client-refresh-token 218 219 Client refresh token key (internal use only) 220 221 Properties: 222 223 - Config: client_refresh_token 224 - Env Var: RCLONE_PROTONDRIVE_CLIENT_REFRESH_TOKEN 225 - Type: string 226 - Required: false 227 228 #### --protondrive-client-salted-key-pass 229 230 Client salted key pass key (internal use only) 231 232 Properties: 233 234 - Config: client_salted_key_pass 235 - Env Var: RCLONE_PROTONDRIVE_CLIENT_SALTED_KEY_PASS 236 - Type: string 237 - Required: false 238 239 #### --protondrive-encoding 240 241 The encoding for the backend. 242 243 See the [encoding section in the overview](/overview/#encoding) for more info. 244 245 Properties: 246 247 - Config: encoding 248 - Env Var: RCLONE_PROTONDRIVE_ENCODING 249 - Type: Encoding 250 - Default: Slash,LeftSpace,RightSpace,InvalidUtf8,Dot 251 252 #### --protondrive-original-file-size 253 254 Return the file size before encryption 255 256 The size of the encrypted file will be different from (bigger than) the 257 original file size. Unless there is a reason to return the file size 258 after encryption is performed, otherwise, set this option to true, as 259 features like Open() which will need to be supplied with original content 260 size, will fail to operate properly 261 262 Properties: 263 264 - Config: original_file_size 265 - Env Var: RCLONE_PROTONDRIVE_ORIGINAL_FILE_SIZE 266 - Type: bool 267 - Default: true 268 269 #### --protondrive-app-version 270 271 The app version string 272 273 The app version string indicates the client that is currently performing 274 the API request. This information is required and will be sent with every 275 API request. 276 277 Properties: 278 279 - Config: app_version 280 - Env Var: RCLONE_PROTONDRIVE_APP_VERSION 281 - Type: string 282 - Default: "macos-drive@1.0.0-alpha.1+rclone" 283 284 #### --protondrive-replace-existing-draft 285 286 Create a new revision when filename conflict is detected 287 288 When a file upload is cancelled or failed before completion, a draft will be 289 created and the subsequent upload of the same file to the same location will be 290 reported as a conflict. 291 292 The value can also be set by --protondrive-replace-existing-draft=true 293 294 If the option is set to true, the draft will be replaced and then the upload 295 operation will restart. If there are other clients also uploading at the same 296 file location at the same time, the behavior is currently unknown. Need to set 297 to true for integration tests. 298 If the option is set to false, an error "a draft exist - usually this means a 299 file is being uploaded at another client, or, there was a failed upload attempt" 300 will be returned, and no upload will happen. 301 302 Properties: 303 304 - Config: replace_existing_draft 305 - Env Var: RCLONE_PROTONDRIVE_REPLACE_EXISTING_DRAFT 306 - Type: bool 307 - Default: false 308 309 #### --protondrive-enable-caching 310 311 Caches the files and folders metadata to reduce API calls 312 313 Notice: If you are mounting ProtonDrive as a VFS, please disable this feature, 314 as the current implementation doesn't update or clear the cache when there are 315 external changes. 316 317 The files and folders on ProtonDrive are represented as links with keyrings, 318 which can be cached to improve performance and be friendly to the API server. 319 320 The cache is currently built for the case when the rclone is the only instance 321 performing operations to the mount point. The event system, which is the proton 322 API system that provides visibility of what has changed on the drive, is yet 323 to be implemented, so updates from other clients won’t be reflected in the 324 cache. Thus, if there are concurrent clients accessing the same mount point, 325 then we might have a problem with caching the stale data. 326 327 Properties: 328 329 - Config: enable_caching 330 - Env Var: RCLONE_PROTONDRIVE_ENABLE_CACHING 331 - Type: bool 332 - Default: true 333 334 #### --protondrive-description 335 336 Description of the remote 337 338 Properties: 339 340 - Config: description 341 - Env Var: RCLONE_PROTONDRIVE_DESCRIPTION 342 - Type: string 343 - Required: false 344 345 {{< rem autogenerated options stop >}} 346 347 ## Limitations 348 349 This backend uses the 350 [Proton-API-Bridge](https://github.com/henrybear327/Proton-API-Bridge), which 351 is based on [go-proton-api](https://github.com/henrybear327/go-proton-api), a 352 fork of the [official repo](https://github.com/ProtonMail/go-proton-api). 353 354 There is no official API documentation available from Proton Drive. But, thanks 355 to Proton open sourcing [proton-go-api](https://github.com/ProtonMail/go-proton-api) 356 and the web, iOS, and Android client codebases, we don't need to completely 357 reverse engineer the APIs by observing the web client traffic! 358 359 [proton-go-api](https://github.com/ProtonMail/go-proton-api) provides the basic 360 building blocks of API calls and error handling, such as 429 exponential 361 back-off, but it is pretty much just a barebone interface to the Proton API. 362 For example, the encryption and decryption of the Proton Drive file are not 363 provided in this library. 364 365 The Proton-API-Bridge, attempts to bridge the gap, so rclone can be built on 366 top of this quickly. This codebase handles the intricate tasks before and after 367 calling Proton APIs, particularly the complex encryption scheme, allowing 368 developers to implement features for other software on top of this codebase. 369 There are likely quite a few errors in this library, as there isn't official 370 documentation available.