docs: fix markdown lint issues in backend docs

2025-12-11 22:14:05 +01:00 · 2025-08-25 00:00:48 +02:00
parent 2e02d49578
commit 091ccb649c
71 changed files with 2663 additions and 1646 deletions
--- a/docs/content/azureblob.md
+++ b/docs/content/azureblob.md
@@ -15,11 +15,13 @@ command.)  You may put subdirectories in too, e.g.
 Here is an example of making a Microsoft Azure Blob Storage
 configuration.  For a remote called `remote`.  First run:

-     rclone config
+```sh
+rclone config
+```

 This will guide you through an interactive setup process:

-```
+```text
 No remotes found, make a new one?
 n) New remote
 s) Set configuration password
@@ -55,20 +57,28 @@ y/e/d> y

 See all containers

-    rclone lsd remote:
+```sh
+rclone lsd remote:
+```

 Make a new container

-    rclone mkdir remote:container
+```sh
+rclone mkdir remote:container
+```

 List the contents of a container

-    rclone ls remote:container
+```sh
+rclone ls remote:container
+```

 Sync `/home/local/directory` to the remote container, deleting any excess
 files in the container.

-    rclone sync --interactive /home/local/directory remote:container
+```sh
+rclone sync --interactive /home/local/directory remote:container
+```

 ### --fast-list

@@ -147,26 +157,35 @@ user with a password, depending on which environment variable are set.
 It reads configuration from these variables, in the following order:

 1. Service principal with client secret
-    - `AZURE_TENANT_ID`: ID of the service principal's tenant. Also called its "directory" ID.
+    - `AZURE_TENANT_ID`: ID of the service principal's tenant. Also called its
+      "directory" ID.
    - `AZURE_CLIENT_ID`: the service principal's client ID
    - `AZURE_CLIENT_SECRET`: one of the service principal's client secrets
 2. Service principal with certificate
-    - `AZURE_TENANT_ID`: ID of the service principal's tenant. Also called its "directory" ID.
+    - `AZURE_TENANT_ID`: ID of the service principal's tenant. Also called its
+      "directory" ID.
    - `AZURE_CLIENT_ID`: the service principal's client ID
-    - `AZURE_CLIENT_CERTIFICATE_PATH`: path to a PEM or PKCS12 certificate file including the private key.
-    - `AZURE_CLIENT_CERTIFICATE_PASSWORD`: (optional) password for the certificate file.
-    - `AZURE_CLIENT_SEND_CERTIFICATE_CHAIN`: (optional) Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to "true" or "1", authentication requests include the x5c header.
+    - `AZURE_CLIENT_CERTIFICATE_PATH`: path to a PEM or PKCS12 certificate file
+      including the private key.
+    - `AZURE_CLIENT_CERTIFICATE_PASSWORD`: (optional) password for the
+      certificate file.
+    - `AZURE_CLIENT_SEND_CERTIFICATE_CHAIN`: (optional) Specifies whether an
+      authentication request will include an x5c header to support subject
+      name / issuer based authentication. When set to "true" or "1",
+      authentication requests include the x5c header.
 3. User with username and password
    - `AZURE_TENANT_ID`: (optional) tenant to authenticate in. Defaults to "organizations".
-    - `AZURE_CLIENT_ID`: client ID of the application the user will authenticate to
+    - `AZURE_CLIENT_ID`: client ID of the application the user will authenticate
+      to
    - `AZURE_USERNAME`: a username (usually an email address)
    - `AZURE_PASSWORD`: the user's password
 4. Workload Identity
-    - `AZURE_TENANT_ID`: Tenant to authenticate in.
-    - `AZURE_CLIENT_ID`: Client ID of the application the user will authenticate to.
-    - `AZURE_FEDERATED_TOKEN_FILE`: Path to projected service account token file.
-    - `AZURE_AUTHORITY_HOST`: Authority of an Azure Active Directory endpoint (default: login.microsoftonline.com).
-
+    - `AZURE_TENANT_ID`: Tenant to authenticate in
+    - `AZURE_CLIENT_ID`: Client ID of the application the user will authenticate
+      to
+    - `AZURE_FEDERATED_TOKEN_FILE`: Path to projected service account token file
+    - `AZURE_AUTHORITY_HOST`: Authority of an Azure Active Directory endpoint
+      (default: login.microsoftonline.com).

 ##### Env Auth: 2. Managed Service Identity Credentials

@@ -193,19 +212,27 @@ Credentials created with the `az` tool can be picked up using `env_auth`.

 For example if you were to login with a service principal like this:

-    az login --service-principal -u XXX -p XXX --tenant XXX
+```sh
+az login --service-principal -u XXX -p XXX --tenant XXX
+```

 Then you could access rclone resources like this:

-    rclone lsf :azureblob,env_auth,account=ACCOUNT:CONTAINER
+```sh
+rclone lsf :azureblob,env_auth,account=ACCOUNT:CONTAINER
+```

 Or

-    rclone lsf --azureblob-env-auth --azureblob-account=ACCOUNT :azureblob:CONTAINER
+```sh
+rclone lsf --azureblob-env-auth --azureblob-account=ACCOUNT :azureblob:CONTAINER
+```

 Which is analogous to using the `az` tool:

-    az storage blob list --container-name CONTAINER --account-name ACCOUNT --auth-mode login
+```sh
+az storage blob list --container-name CONTAINER --account-name ACCOUNT --auth-mode login
+```

 #### Account and Shared Key

@@ -226,18 +253,24 @@ explorer in the Azure portal.
 If you use a container level SAS URL, rclone operations are permitted
 only on a particular container, e.g.

-    rclone ls azureblob:container
+```sh
+rclone ls azureblob:container
+```

 You can also list the single container from the root. This will only
 show the container specified by the SAS URL.

-    $ rclone lsd azureblob:
-    container/
+```sh
+$ rclone lsd azureblob:
+container/
+```

 Note that you can't see or access any other containers - this will
 fail

-    rclone ls azureblob:othercontainer
+```sh
+rclone ls azureblob:othercontainer
+```

 Container level SAS URLs are useful for temporarily allowing third
 parties access to a single container or putting credentials into an
@@ -245,7 +278,8 @@ untrusted environment such as a CI build server.

 #### Service principal with client secret

-If these variables are set, rclone will authenticate with a service principal with a client secret.
+If these variables are set, rclone will authenticate with a service principal
+with a client secret.

 - `tenant`: ID of the service principal's tenant. Also called its "directory" ID.
 - `client_id`: the service principal's client ID
@@ -256,13 +290,18 @@ The credentials can also be placed in a file using the

 #### Service principal with certificate

-If these variables are set, rclone will authenticate with a service principal with certificate.
+If these variables are set, rclone will authenticate with a service principal
+with certificate.

 - `tenant`: ID of the service principal's tenant. Also called its "directory" ID.
 - `client_id`: the service principal's client ID
- `client_certificate_path`: path to a PEM or PKCS12 certificate file including the private key.
+- `client_certificate_path`: path to a PEM or PKCS12 certificate file including
+  the private key.
 - `client_certificate_password`: (optional) password for the certificate file.
- `client_send_certificate_chain`: (optional) Specifies whether an authentication request will include an x5c header to support subject name / issuer based authentication. When set to "true" or "1", authentication requests include the x5c header.
+- `client_send_certificate_chain`: (optional) Specifies whether an
+  authentication request will include an x5c header to support subject name /
+  issuer based authentication. When set to "true" or "1", authentication
+  requests include the x5c header.

 **NB** `client_certificate_password` must be obscured - see [rclone obscure](/commands/rclone_obscure/).

@@ -297,15 +336,18 @@ be explicitly specified using exactly one of the `msi_object_id`,
 If none of `msi_object_id`, `msi_client_id`, or `msi_mi_res_id` is
 set, this is is equivalent to using `env_auth`.

-#### Fedrated Identity Credentials 
+#### Fedrated Identity Credentials

 If these variables are set, rclone will authenticate with fedrated identity.

 - `tenant_id`: tenant_id to authenticate in storage
 - `client_id`: client ID of the application the user will authenticate to storage
- `msi_client_id`: managed identity client ID of the application the user will authenticate to
+- `msi_client_id`: managed identity client ID of the application the user will
+  authenticate to

-By default "api://AzureADTokenExchange" is used as scope for token retrieval over MSI. This token is then exchanged for actual storage token using 'tenant_id' and 'client_id'.
+By default "api://AzureADTokenExchange" is used as scope for token retrieval
+over MSI. This token is then exchanged for actual storage token using
+'tenant_id' and 'client_id'.

 #### Azure CLI tool `az` {#use_az}

@@ -322,7 +364,9 @@ Don't set `env_auth` at the same time.
 If you want to access resources with public anonymous access then set
 `account` only. You can do this without making an rclone config:

-    rclone lsf :azureblob,account=ACCOUNT:CONTAINER
+```sh
+rclone lsf :azureblob,account=ACCOUNT:CONTAINER
+```

 {{< rem autogenerated options start" - DO NOT EDIT - instead edit fs.RegInfo in backend/azureblob/azureblob.go then run make backenddocs" >}}
 ### Standard options