Does anyone have any best practices they could share for configuring a GCP bucket?
I’m using rclone no sync a local restic repo to a GCP bucket and am trying to figure out the best way to go about having an “append only” configuration so if my scheduled rclone sync runs when the restic volume isn’t mounted it won’t sync an empty directory to the GCP bucket and erase everything
For unattended copying, don’t use rclone sync. Use rclone copy, which will not delete files in the destination that aren’t present in the source.
If you want true append-only then you want rclone copy --immutable which will also not copy files that have changed; it will only copy files that exist in the source but not the destination.
Thanks! That’s a great starting point.
Does anyone have any practices they could share around locking down the access/permissions on a GCP storage bucket to enforce immutability without interfering with rclone copy --immutable operations or potentially damaging the content integrity?