Cloudron supports encryption of backups with a passphrase. In this guide, we will see how to decrypt Cloudron backups on your laptop/PC.
Have your PC/laptop setup with the Cloudron CLI tool. You can do this
sudo npm install -g cloudron.
Then, login using
cloudron login my.example.com.
To download the backup locally, you need to know where the backup is stored and the backup id.
There are two types of backups - app backups which are per app and box backup which is for the Cloudron platform itself.
App backup configuration can be downloaded from the app's Backup view:
Box backup configuration can be downloaded from the
The backup configuration contains a JSON blob that contains the backup id and storage location of your backup. You can download the backup itself using a variety of tools based on the storage provider.
For example, to download from S3, you can use the AWS CLI tools on Linux:
sudo apt install awscli # for rsync backups AWS_ACCESS_KEY_ID=access_key AWS_SECRET_ACCESS_KEY=secret_key aws --endpoint-url https://region.endpoint.com s3 sync s3://bucket/backupid . # for tgz backups AWS_ACCESS_KEY_ID=access_key AWS_SECRET_ACCESS_KEY=secret_key aws --endpoint-url https://region.endpoint.com s3 sync s3://bucket/backupid.tar.gz.enc .
If the backup format is tgz, the download will just be a single file.
cloudron backup decrypt --secret=passphrase backupid.tar.gz.enc > backupid.tar.gz tar zxvf backupid.tar.gz
If the backup format is rsync, the download will just be a directory.
mkdir /path/to/unencrypted cloudron backup decrypt-dir --secret=passphrase backupid/ /path/to/unencrypted