This is a fairly new, unstable, actively-developed Android app called Round-Sync. It is Rclone for Android with added triggers and schedules. I recommend an eye be kept on it it for possible recommendation once stable.
Though not exactly a privacy tool, it is a way to manage backups on Android without proprietary cloud storage apps.
So you could have your Cryptomator vault backed up to various cloud storage drives, all from the phone.
im already using it, love it. hopefully fdroid/playstore soon 
Can you explain how you would use this to backup cryptomator on Android?
If your cryptomator vault is stored in the cloud, the cryptomator app will let you access it but it doesn’t mount it to the android file system so this app can’t see it (at least, not until document provider access is implemented in cryptomator).
If you mean backing up the encrypted cryptomator vault (either stored locally or in one rclone connected cloud, then backed up to another) I don’t see how that is useful for avoiding data corruption.
If its like the desktop version of rclone, this is exactly what rclone will do. A lot of people use the desktop version to create a virtual drive for their real debrid accounts.
The android rclone client (RoundSync) doesn’t support encrypted config files and is therefore a security risk.
Hello, are you referring to this issue? Encrypted Config · Issue #200 · newhinton/Round-Sync · GitHub
I do not have much technical expertise to understand everything there, but I made a config file on my laptop using rclone. When I imported it into RoundSync, I had to input the password.
So do you mean that the encrypted config file is then stored UNencrypted in the app files once you import it? Meaning that it would be a risk only if someone had physical access to the device?
My use case would be to use the Cryptomator app linked directly to cloud storage (Nexcloud WebDAV). The Nextcloud app would function to sync the encrypted files to my local phone storage. Then RoundSync would be used to run one-way backups of the encrypted files to other cloud storages.
It is in the IzzyOnDroid F-Droid Repo.
You can also update it from Github using the Obtainium app.
Not sure which is better…
This is awesome, good find! If it handles cloud storage like rsync this will be a nice tool in the belt
Edit: so far so good with a test Cryptomator vault, I am happy.
Here’s another option
Without tasks/triggers
I’m glad to see this app recommended here, and get more exposure. What I liked about RSAF is that it doesn’t require any permission other than internet while Round-Sync requires all files permission. Both apps use the crypt command, so it works similar to Cryptomator without the hassle. Just copy, move or upload to that remote crypt bucket and filenames & files are encrypted automatically.
In addition, you can “mount” your remote storage as if it was a local folder. You know how you would use an app’s backup function to save it in the Downloads folder? Now, you can directly access your remote to store your backups in the cloud.
Is rclone crypt as secure as Cryptomator?
I ended up skipping the Nextcloud sync app and instead am using Round Sync only as a backup tool. Cryptomator edits via direct WebDAV or S3, then RoundSync does remote-to-local, then local-to-remote2
RSAF does not have sync ability as far as I know. With Cryptomator, I assume I will have to offset the two sync process timings to avoid data corruption.
Any other thoughts on this? I am considering rclone crypt for Tasks.org and Joplin backup export files.
They can auto export directly in the crypt, then copy to a cloud remote backup.
Do you have any specific you’re looking for? Basing off your previous response, I assume you’re wondering if the encryption is on par with Cryptomator? Here’s a thread on rclone asking a similar question, Has crypt been audited? - Help and Support - rclone forum.
I use B2 as my offsite cloud storage, and I also use Joplin and Tasks.org to backup my files using rclone crypt via RSAF on Android and rclone CLI on desktop. The setup works without turning too many knobs.
Thanks, yeah from what I understand, the encryption is solid but they did have an issue with their password generator at one point Rclone generating weak passwords - CVE-2020-28924 · Issue #4783 · rclone/rclone · GitHub
Are you manually exporting Joplin on Android and browsing to the RSAF crypt? What do you do for other files like PDF’s? It also does not seem RSAF can copy or sync between local and remote like Round Sync can (which I assume is why it needs file permissions).
Basically I am wondering if it still does not meet the requirements for recommendation. It seems the main issue is someone with physical access could plug in the phone and run a root process to get the unencrypted config from the Round Sync app files? I would only sync Cryptomator vaults, except for one rclone crypt mainly for automated Tasks.org export backups.
@Matvei
@matchboxbananasynergy this is rebranded extRact, updated in April and last week (September 2024).
I use the automatic backup feature by selecting the remote_crypt folder on RSAF. I don’t work with a lot of PDF files, but when I do, I just manually move them to the remote folder. I tend to keep my phone storage clean, and once the files are moved to the remote folder, I also back them up to SDD. If you have the need to view your PDF’s from your remote storage, I’d recommend S3Drive app as you can see the image previews, save files offline, and share. However, it is closed source. The author of S3Drive also contributes to the rclone project and active on Discord for any questions you may have.
As far gaining access to my phone, this isn’t in my threat model but the author of RSAF mention this (GitHub - chenxiaolong/RSAF: An Android Storage Access Framework document provider for rclone), “In order to keep credentials secure, the internal config file is encrypted with a password that’s wrapped by a hardware key. Even with root access, it is impossible to back up hardware keys. Thus, when restoring RSAF’s app data using these root-based backup tools, RSAF will not be able to decrypt its config file. Instead, use the builtin config import/export feature.”
did anyone manage to configure RSAF to work with MEGA? MEGA keeps deleting cryptomator files on upload while roundsync works flawlessly (but is less secure)