[Techshare] Backup from Alibaba Cloud OSS to your Synology NAS INTERNALLY

4.3/5 - (6 votes)

The original post: https://www.linkedin.com/pulse/techshare-backup-from-alibaba-cloud-oss-your-synology-vincent-siu/

Hello World, this is my very first time to post on Linux CHATTER. I have just become an Alibaba Cloud Certified Expert (ACE) two months ago, I am fascinated by the magic of the cloud technology and I can’t wait to tell the world GOING CLOUD NOW. I am a young blooger, I eagar to learn and happy to contribute, so help me to grow stronger !

This post is all about OSS backup. Although I give this tutorial base on Alibaba Cloud, the concept follows the same on ANY Cloud. This is one step forward to this article which is written by Wojciech Marusiak. Also, I got inspiration from Anto Online.

First of all, if you have files on OSS and you want to backup to your local drive, there are two options, public endpoint and internal endpoint. Since going through a public endpoint is too easy, I won’t discuss it here.

As long as you have a private connection between your data center and your virtual private cloud (VPC), such as Alibaba Express Connect, then you have to read this.


  • you have Alibaba Express Connect
  • you have a Synology NAS (IP is and the administrative privileges
  • you have already got the permission right for the OSS Bucket
  • you have already configured access_key_id and secret_access_key on Alibaba Cloud for this task
  • you have a fair understanding by using terminal and shell commands


1/ Configuring the routing table

1.1/ Log in to the account on Alibaba Cloud

1.2/ Navigate to Express Connect > Virtual Border Routers (VBRs)

1.3/ Next click on the Instance ID which you have ordered from ISP

1.4/ Then, click on the “Advertised BGP Subnets” tab

1.5/ Click on the blue button “Advertise BGP Subnet” to add the VIP for your region (I am in Hong Kong, so I pick up the VIP according to this table)

No alt text provided for this image

2/ Connecting Synology NAS and getting root permission

  # ssh

  # sudo -i

3/ Download the Rclone install script

  # wget https://rclone.org/install.sh | chmod +x install.sh

4/ Install Rclone

  # ./install.sh

5/ Create rclone config file (for details, refer to here)

  # rclone config

6/ Simply follow the on-screen instruction

This is the summary after configurating [rclone config] as below:


type = s3

provider = Alibaba

access_key_id = Your-key-id-put-here

secret_access_key = Your-access-key-put-here

endpoint = oss-cn-hongkong-internal.aliyuncs.com

acl = private

*Note: this is the gem in this tutorial, I make sure I select an internal endpoint. So the backup path must be gone through Express Connect.

7/ Run rclone manually

  # ssh

  # rclone lsf AliOSS:your-bucket

  # rclone sync AliOSS:your-bucket /volume1/Folder-on-NAS -v

Note: this graph shows that there is only Intranet traffic after using rclone, I SAVE my traffic cost !

No alt text provided for this image

8/ Run rclone by a cron job (optional)

*** Credit to Anto’s editorial team

8.1/ Log in to the Synology NAS (I suggest you better create a user such as BAKoperator for this task)

8.2/ Navigate to Control Panel > Task Scheduler

8.3/ Next click on the create button and then click on scheduled task > user-defined script

8.4/ Then, on the create task window, enter your task name in the general settings tab

8.5/ Next on the schedule tab choose the schedule

8.6/ Finally, on the task setting tab, enter your user-defined script

No alt text provided for this image

Credits and References:

1/ How to Use Alibaba Cloud Object Storage Service with QNAP – Alibaba Cloud Community

2/ Backup with rclone and Cron from your Synology NAS – Anto ./ Online

3/ How can I sign in to DSM/SRM with root privilege via SSH? – Synology Knowledge Center

4/ OSS internal endpoints and VIP ranges