Skip to main content
This guide walks you through setting up Cloudstic and creating your first encrypted backup, from installation to verification.

Prerequisites

Before you begin, ensure you have:
  • Cloudstic CLI installed (installation instructions)
  • A directory you want to back up
  • A storage location (local directory, S3 bucket, B2 bucket, or SFTP server)

Step 1: Initialize Your Repository

First, create an encrypted repository. Encryption is required by default in Cloudstic.
1

Choose your storage location

Decide where to store your backups. For this example, we’ll use a local directory, but you can also use S3, B2, or SFTP.
# Local storage (default)
export CLOUDSTIC_STORE=local:~/backups

# Or for S3
# export CLOUDSTIC_STORE=s3:my-backup-bucket
# export AWS_ACCESS_KEY_ID=your-key
# export AWS_SECRET_ACCESS_KEY=your-secret

# Or for Backblaze B2
# export CLOUDSTIC_STORE=b2:my-bucket-name
# export B2_KEY_ID=your-key-id
# export B2_APP_KEY=your-app-key
2

Initialize the repository

Create the repository with password-based encryption. We strongly recommend also creating a recovery key.
cloudstic init -password "your strong passphrase" -add-recovery-key
Write down your recovery key immediately! It will only be displayed once. If you lose your password, this 24-word phrase is your only way to recover your backups.
You’ll see output like this:
╔══════════════════════════════════════════════════════════════╗
║                      RECOVERY KEY                           ║
╠══════════════════════════════════════════════════════════════╣
║                                                              ║
║  word1 word2 word3 ... word24                                ║
║                                                              ║
║  Write down these 24 words and store them in a safe place.   ║
║  This is the ONLY time the recovery key will be displayed.   ║
║  If you lose your password, this key is your only way to     ║
║  recover your encrypted backups.                             ║
║                                                              ║
╚══════════════════════════════════════════════════════════════╝

Repository initialized (encrypted: true).
3

Store your credentials safely

Save your encryption password in a secure location:
  • Use a password manager (1Password, Bitwarden, etc.)
  • Write down your recovery key phrase on paper and store it in a safe place
  • Never commit passwords to version control
For convenience, save your password as an environment variable:
echo 'export CLOUDSTIC_PASSWORD="your passphrase"' >> ~/.bashrc
source ~/.bashrc
This way, you won’t need to provide -password with every command.

Step 2: Create Your First Backup

Now that your repository is initialized, let’s back up a directory.
1

Back up a local directory

Start with a simple backup of a local folder:
cloudstic backup -source local:~/Documents
You’ll see progress output:
Scanning source...
Processing files: 1247/1247 [============================] 100%
Uploading chunks: 8532 chunks, 2.3 GiB
Writing snapshot...

Backup complete.
  Files:     847 new, 0 changed, 0 unmodified, 0 removed
  Dirs:      400 new, 0 changed, 0 unmodified, 0 removed
  Raw data:  2.34 GiB
  Stored:    2.31 GiB (compressed)
  Duration:  1m 34s
2

Exclude unwanted files (optional)

If you want to skip certain files or directories, use exclude patterns:
cloudstic backup -source local:~/project \
  -exclude ".git/" -exclude "node_modules/" -exclude "*.tmp"
Or create a .backupignore file:
# .backupignore
.git/
node_modules/
__pycache__/
*.tmp
*.log
build/
dist/
Then reference it:
cloudstic backup -source local:~/project \
  -exclude-file ~/project/.backupignore
3

Add tags (optional)

Tags help organize your backups:
cloudstic backup -source local:~/Documents \
  -tag daily -tag important
4

Dry run first (optional)

Preview what will be backed up without actually writing data:
cloudstic backup -source local:~/Documents -dry-run

Step 3: Verify Your Backup

After creating a backup, verify it was successful.
1

List snapshots

View all backups in your repository:
cloudstic list
Output:
+-----+---------------------+------------------+--------+---------+------------+------+
| Seq | Created             | Snapshot Hash    | Source | Account | Path       | Tags |
+-----+---------------------+------------------+--------+---------+------------+------+
| 1   | 2026-03-03 10:30:15 | abc123def456...  | local  |         | /Documents |      |
+-----+---------------------+------------------+--------+---------+------------+------+
2

List files in the snapshot

Browse the contents of your backup:
cloudstic ls
Or for a specific snapshot:
cloudstic ls abc123def456
3

Verify integrity (optional)

Run a full integrity check to ensure all data is readable:
cloudstic check
Output:
Repository check complete.
  Snapshots checked:  1
  Objects verified:   1247
  Errors found:       0

No errors found. Repository is healthy.
Run cloudstic check -read-data for a deeper verification that re-hashes all chunk data. This takes longer but detects silent corruption.

Step 4: Create Incremental Backups

Subsequent backups are incremental. Only new or changed files are uploaded. 
# Make some changes to your documents
echo "New file" > ~/Documents/new-file.txt

# Run another backup
cloudstic backup -source local:~/Documents
Output: 
Backup complete.
  Files:     1 new, 0 changed, 846 unmodified, 0 removed
  Dirs:      0 new, 1 changed, 399 unmodified, 0 removed
  Raw data:  9 B
  Stored:    142 B (compressed + encrypted)
  Duration:  3s
Cloudstic uses content-addressable storage with deduplication. Identical files across snapshots are stored only once, saving significant space.

Common Patterns

Backing Up Multiple Sources

You can back up different sources into the same repository: 
cloudstic backup -source local:~/Documents -tag documents

Using Configuration Files

For complex setups, use environment variables:
~/.bashrc
export CLOUDSTIC_STORE=s3:my-backup-bucket
export CLOUDSTIC_PASSWORD="your passphrase"
export AWS_ACCESS_KEY_ID=your-key
export AWS_SECRET_ACCESS_KEY=your-secret
Then commands become simpler: 
cloudstic backup -source local:~/Documents
cloudstic list
cloudstic restore

Troubleshooting

”Repository not initialized” Error

Make sure you’ve run cloudstic init first and are pointing to the correct storage location.

Authentication Errors

For cloud storage (S3, B2), verify your credentials are set: 
# For S3
echo $AWS_ACCESS_KEY_ID
echo $AWS_SECRET_ACCESS_KEY

# For B2
echo $B2_KEY_ID
echo $B2_APP_KEY

Slow First Backup

The first backup is always slower because all files must be uploaded. Subsequent backups are much faster due to incremental processing and deduplication.

Next Steps

Retention Policies

Learn how to automatically manage snapshot lifecycle

Restoring Files

Recover files from your backups

Encryption Keys

Manage passwords and recovery keys

Automation

Schedule automatic backups with cron