Skip to main content

Welcome to Cloudstic CLI

Cloudstic is a content-addressable backup tool that creates encrypted, deduplicated snapshots of your files from local directories, Google Drive, OneDrive, or SFTP servers and stores them securely on local storage, Amazon S3, Backblaze B2, or SFTP servers.

Quick Start

Get your first backup running in under 5 minutes

Installation

Install Cloudstic on macOS, Linux, or Windows

User Guide

Complete command reference and advanced usage

Cloud Service

Zero-ops managed backup solution

Key Features

Cloudstic CLI is built for security, efficiency, and flexibility:
All backup data is encrypted with AES-256-GCM before leaving your machine. Choose from multiple authentication methods:
  • Password-based encryption with Argon2id key derivation
  • Platform keys for automation and CI/CD workflows
  • Recovery keys using BIP39 24-word seed phrases
  • Multiple key slots allow different credentials to unlock the same repository
Encryption is mandatory by default — you must explicitly opt out with --no-encryption if needed.
Files are split into chunks and stored by their SHA-256 content hash. This provides:
  • Automatic deduplication across all backups
  • Identical files stored only once, regardless of location or filename
  • Incremental backups that only upload changed chunks
  • Efficient storage that scales with unique data, not backup count
Back up from diverse sources with a single tool:
  • Local directories — Backup any folder on your filesystem
  • Google Drive — Full scan or incremental via Changes API
  • OneDrive — Full scan or incremental via Delta API
  • SFTP servers — Remote server backups
Each source supports gitignore-style exclude patterns to skip development artifacts, build outputs, and temporary files.
Store your encrypted backups wherever you need:
  • Local filesystem — External drives, NAS, or local directories
  • Amazon S3 — Including S3-compatible services like Cloudflare R2, MinIO, and Wasabi
  • Backblaze B2 — Cost-effective cloud storage
  • SFTP — Remote servers accessible via SSH
Use prefixes to namespace multiple repositories within the same bucket.
Automatically manage backup lifecycle with flexible retention rules:
  • --keep-last N — Keep the most recent snapshots
  • --keep-daily N — Keep one snapshot per day
  • --keep-weekly N — Keep one snapshot per week
  • --keep-monthly N — Keep one snapshot per month
  • --keep-yearly N — Keep one snapshot per year
Apply different policies per source, tag, or account for granular control.
Restore any file from any snapshot at any time:
  • Restore entire snapshots as ZIP archives
  • Extract individual files by path
  • Restore entire directory subtrees
  • Preview restore contents with --dry-run
  • Compare snapshots with diff command

How It Works

Cloudstic uses a content-addressable storage model with Merkle tree indexing:
1

Initialize Repository

Create an encrypted repository with your chosen storage backend. A master encryption key is generated and wrapped into key slots protected by your credentials.
2

Backup Source

Cloudstic scans your source (local directory, cloud drive, or SFTP server), chunks files using FastCDC, and computes SHA-256 hashes for each chunk.
3

Deduplicate & Upload

Only new chunks are compressed (zstd), encrypted (AES-256-GCM), and uploaded. Chunks that already exist in your repository are skipped automatically.
4

Build Snapshot Tree

File metadata is stored in a persistent Hash Array Mapped Trie (HAMT) structure, creating an immutable snapshot that references all files and their chunks.
5

Update Index

The snapshot is written to the repository and the index pointer is updated. Your backup is now complete and ready for restore.

Use Cases

Personal Backups

Protect your documents, photos, and important files with encrypted backups to cloud storage or external drives.

Cloud Drive Protection

Create versioned, deduplicated snapshots of Google Drive or OneDrive without relying on vendor lock-in.

Development Workflows

Back up project directories with intelligent exclude patterns for node_modules/, .git/, and build artifacts.

Server Backups

Automate encrypted backups from remote SFTP servers to cost-effective cloud storage with platform key authentication.

Architecture Highlights

Cloudstic is built with a layered architecture for maximum flexibility:Store Layering: CompressedStore → EncryptedStore → MeteredStore → [PackStore] → KeyCacheStore → BackendObject Types: All objects are content-addressed with keys like chunk/<hash>, content/<hash>, filemeta/<hash>, snapshot/<hash>Incremental Sources: Google Drive and OneDrive sources support incremental backups via change/delta APIs for dramatically faster subsequent backups.

Supported Platforms

# Install via Homebrew
brew install cloudstic/tap/cloudstic

What’s Next?

Install Cloudstic

Get Cloudstic installed on your system

Quick Start Guide

Create your first backup in minutes
Don’t want to manage infrastructure? Cloudstic Cloud handles scheduling, storage, and retention automatically with the same encryption and deduplication engine.