Cloudflare R2
Store backups in Cloudflare R2 - S3-compatible object storage with zero egress fees.
Configuration
| Field | Description | Default | Required |
|---|---|---|---|
| Name | Friendly name for this destination | - | ✅ |
| Account ID | Cloudflare Account ID | - | ✅ |
| Bucket | R2 bucket name | - | ✅ |
| Access Key ID | R2 API token Access Key ID | - | ✅ |
| Secret Access Key | R2 API token Secret Access Key | - | ✅ |
| Path Prefix | Folder path within the bucket | - | ❌ |
Setup Guide
- Create an R2 bucket in the Cloudflare Dashboard → R2 → Create bucket
- Create an API token: Go to R2 → Manage R2 API Tokens → Create API token
- Select Object Read & Write permission
- Scope to your specific bucket (recommended)
- Copy the Access Key ID and Secret Access Key
- Copy your Account ID from the Cloudflare Dashboard sidebar (top-right of any page)
- Go to Destinations → Add Destination → Cloudflare R2
- Enter Account ID, Bucket, Access Key ID, and Secret Access Key
- (Optional) Set a Path Prefix for organizing backups
- Click Test to verify the connection
Zero Egress Fees
R2 has no egress fees, making it ideal for backups you may need to restore frequently. Unlike AWS S3, downloading your backups is always free.
How It Works
- DBackup connects to the R2 endpoint
https://<accountId>.r2.cloudflarestorage.comautomatically - Uses S3-compatible API - uploads via multipart for large files
- All credentials are stored AES-256-GCM encrypted in the database
Troubleshooting
AccessDenied
Access Denied (403)Solution: Verify the API token has Object Read & Write permission and is scoped to the correct bucket.
InvalidAccessKeyId
The AWS Access Key Id you provided does not existSolution: Ensure you're using the R2 API token credentials (not your Cloudflare Global API Key). Regenerate the token if needed.
Wrong Account ID
Could not connect to endpointSolution: The Account ID is visible in the Cloudflare Dashboard sidebar. Don't confuse it with the Zone ID.