(Almost) Free Google Drive Backup
Have you truly considered the catastrophic risks of losing all your Google Drive data? Can your business afford such a loss?
Let me guide you in mitigating those risks. I asked myself the same question and searched for a reliable, out-of-the-box solution. Disappointed with Google’s suggestions, I decided to build my own. Think of it as playing with Lego-assembling the necessary components.
What building blocks do we need?
- Access to your Google Cloud Console
- rclone: A powerful tool that provides rsync-like CLI functionality for managing filesystems and cloud storage. It’s well-documented, but we’ll focus on a streamlined approach
Google Cloud Console: Setting Up the Service Account
We’ll start with the most crucial step: obtaining the necessary credentials to interact with the Google API. (Remember to enable the Google Drive API if you haven’t already) This involves creating a Service Account and generating a JSON private key.
Here’s an example of what it looks like:
{
"type": "service_account",
"project_id": "<project name>",
"private_key_id": "<hash>",
"private_key": "-----BEGIN PRIVATE KEY-----\n<some base64 encoded stuff>\n-----END PRIVATE KEY-----\n",
"client_email": "<service account name>@<project name>.iam.gserviceaccount.com",
"client_id": "<another one id>",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/<service account name>%40<project name>.iam.gserviceaccount.com",
"universe_domain": "googleapis.com"
}
rclone: Configuring and Executing the Backup
We’re almost there! The next step is to set up rclone for automated execution using cron on a host of your choice. I’ll skip the details of acquiring a hosting environment.
Here’s prepared rclone.conf
:
[google-drive]
type = drive
service_account_file = /config/rclone/sa.json # <- The key
And here’s how to use it with Docker:
docker run --rm -it \
-v ./config:/config/rclone \
-v ./data:/data \
rclone/rclone --drive-shared-with-me \
copy google-drive:<SHARED FOLDER> /data/$(date +"%Y-%m-%d")
rclone: Recovering the Backup
To restore your backup, simply reverse the source and destination paths in the rclone copy command:
docker run --rm -it \
-v ./config:/config/rclone \
-v ./data:/data \
rclone/rclone --drive-shared-with-me \
copy /data/$(date +"%Y-%m-%d") google-drive:<SHARED FOLDER>
Be aware that if you recover data, the original permissions will be lost, and the Service Account will become the owner of all recovered data.
Important Note
A Service Account is essentially an account with its own folder and
permissions within Google Drive. Therefore, you must share the desired
folders with it. The <SHARED FOLDER>
in the bash command refers to
the exact name of the shared folder.
Conclusion
This provides a solid foundation for Google Drive backup. To enhance its enterprise-level security and reliability, consider implementing additional encryption and robust, cost-effective storage solutions.
Stay tuned, we’re gonna talk about that next.