- Can be the most secure option listed here, but requires you to configure a web server on a VPS and involves more work than other methods.
- This article only discusses the rclone config. There are many existing documents on how to configure a web server to serve static files and/or enable SSH/SFTP access.
- For the
copymotion script below it is assumed that the directory from which the web server is configured to serve the files is
/var/www/html/motion and that is writable by the user used to SFTP the files to the server. You should adapt the script as appropriate if you configure the web server with a different directory.
- We further assume that the
rclone ‘remote’ is called
remoteweb for this server.
- You also need to configure SFTP as described below.
Configuring SFTP for Use With rclone
- Create a passwordless SSH key for the
motion user to upload to the VPS (it is recommended the user on the VPS only have permissions required to upload motion files to the correct directory. This is known as the principle of least privilege).
sudo -H -u motion ssh-keygen -N '' -C motion@$(hostname -s) -t rsa
- Make sure the
.ssh directory and contents are only accessible to
sudo chown -R motion:motion /var/lib/motion/.ssh && sudo chmod 0700 /var/lib/motion/.ssh
- The public key to copy to the VPS
$HOME/.ssh/authorized_keys in this case would be
- Make sure
/var/www/html/motion is has read, write, and execute permissions for the user with which you use SFTP (usually the same as your SSH user). For the purposes of this documentation we will assume the username is
motion-uploader with group
- For example:
sudo mkdir -p /var/www/html/motion && sudo chown -R motion-uploader:motion-uploader /var/www/html/motion.
- Add an SSH public key for the Pi
motion user to
$HOME/.ssh/authorized_keys file for the
motion-uploader user on the VPS.
Configuring the Pi
To create an new rclone remote as the
motion user, execute:
sudo -H -u motion rclone config
SFTP as the backend and answering the prompts appropriately.
copymotion script for copying to a remote web server directory when using the above autocopy configuration in
Copy this script to
( rclone copy /var/lib/motion/data remoteweb:/var/www/html/motion & )
NB This script assumes you have configured the destination for videos and photos to be
/var/lib/motion (which is the default). This is because the rclone config lives in
/var/lib/motion/.config and we do not want to copy it to the web server.