Skip to main content
Profiles let you save your backup configuration once and reuse it with a single flag. Instead of repeating -store, -source, credentials, and encryption flags on every command, define a profile and run cloudstic backup -profile my-backup.

How Profiles Work

Cloudstic’s configuration lives in a single YAML file (profiles.yaml) with three sections:
profiles.yaml
The profiles file location defaults to ~/.config/cloudstic/profiles.yaml (Linux/macOS) or %APPDATA%\cloudstic\profiles.yaml (Windows). Override with -profiles-file or CLOUDSTIC_PROFILES_FILE.

Quick Start with Profiles

1

Create a store

Define where your backups are stored:
If the store hasn’t been initialized yet, you’ll be prompted to do so.
2

Create a profile

Link a source to your store:
3

Run backups with your profile

All flags from the profile (store, encryption, source) are applied automatically.

Managing Stores

Stores define the storage backend and its credentials. Secrets use env var indirection. You store the name of the environment variable, not the secret itself.

Create a Store

In interactive mode, you’ll be prompted for missing fields and offered to initialize the store:

Store Encryption Settings

Stores can carry encryption configuration so you don’t need to pass it on every command:
Encryption secrets are never stored in the YAML file. Use secret references (env://, keychain://, wincred://, secret-service://) so only references are saved.

List and Inspect Stores

Example output:

Managing Auth Entries

Auth entries store cloud OAuth credentials (Google Drive, OneDrive) so they can be shared across multiple profiles.

Create an Auth Entry

Run the OAuth Login Flow

This opens your browser for OAuth authorization and saves the token to the configured file.
Run auth login once per auth entry. The token is refreshed automatically on subsequent backups.

List and Inspect Auth Entries

Managing Profiles

Create a Profile

A profile must always reference a store. For cloud sources, an auth entry is also required:
In interactive mode, if you omit -store-ref or -auth-ref, you’ll be prompted to select an existing one or create a new one. If you create a new store from profile new, Cloudstic also runs the store encryption setup flow immediately (same as store new).

Profile Options

Edit an Existing Profile

Run profile new with the same name to update it. Existing values are preserved unless you override them:

List and Inspect Profiles

Running Backups with Profiles

Single Profile

All Enabled Profiles

This runs each profile sequentially, using its own store and auth configuration. A summary is printed after all profiles complete.

Override Profile Settings

CLI flags take precedence over profile values:

Using Profiles for Other Commands

Any command that accepts global flags (-store, -s3-region, etc.) also works with -profile:
cloudstic store verify checks credential resolution and store access for a store entry. cloudstic store init performs initialization by store reference. cloudstic check -profile ... verifies repository integrity.

Non-Interactive Mode

Use --no-prompt to disable all interactive prompts. This is useful for scripts and CI/CD pipelines:
Without --no-prompt, missing required fields would trigger interactive prompts. With it, missing fields cause an error instead.

Profile-Based Automation

Profiles simplify automated backups significantly. Instead of managing environment variables and long flag lists, your cron job becomes:
~/bin/backup.sh
Compare this to the equivalent without profiles:
Use -all-profiles in your automation scripts. Add or remove profiles from profiles.yaml without touching the backup script.

Profiles File Format

The profiles file is a YAML file with three top-level maps:
profiles.yaml

Next Steps

Store Commands

Create and manage stores

Auth Commands

Set up cloud authentication

Profile Commands

Create and manage profiles

Automation

Automate backups with profiles