This is my personal docker-compose stack to deploy Nextcloud on a self hosted machine. It includes https://github.com/b3vis/docker-borgmatic to create hot backups of the nextcloud volume (config, data, themes) and dumps of the running MariaDB.
Rclone is used to automatically upload your local backups to a cloud provider. It can be configured via environment variables: https://rclone.org/docs/#environment-variables. The exact configuration depends on your cloud provider.
In addition it sends encrypted messages to your Smartphone via Simplepush in case of a backup failed.
- Clone this repository
- Create a .env file with following content:
COMPOSE_PROJECT_NAME=nextcloud
MYSQL_ROOT_PASSWORD={YOUR_SECRET_ROOT_PASSWORD}
DNS_ADDRESS={YOUR_DNS_ADDRESS}
LETSENCRYPT_EMAIL={YOUR_EMAIL_ADDRESS}
TZ={YOUR_TIMEZONE} # cat /etc/timezone
BORG_PASSPHRASE={YOUR_SECURE_BORG_PASSWORD} # encrypts your backups, useful to upload the archive to services like AWS Glacier
VOLUME_TARGET={PATH_TO_YOUR_BACKUP_FOLDER}
SIMPLEPUSH_KEY={YOUR_UNIQUE_KEY}
SIMPLEPUSH_PASSWORD={YOUR_SIMPLEPUSH_PASSWORD} # if not set messages are not encrypted
SIMPLEPUSH_SALT={YOUR_SIMPLEPUSH_SALT}
# Check https://rclone.org/docs/#configure or your cloud provider documentation
RCLONE_CONFIG_NEXTCLOUD_TYPE=
RCLONE_CONFIG_NEXTCLOUD_PROVIDER=
RCLONE_CONFIG_NEXTCLOUD_ACL=
RCLONE_CONFIG_NEXTCLOUD_ACCESS_KEY_ID=
RCLONE_CONFIG_NEXTCLOUD_SECRET_ACCESS_KEY=
RCLONE_CONFIG_NEXTCLOUD_ENDPOINT=- Create a db.env file with following content:
MYSQL_PASSWORD={YOUR_SECRET_USER_PASSWORD}
MYSQL_USER={YOUR_SQL_USER_NAME}
MYSQL_DATABASE=nextcloud- Start or update stack with
docker-compose build --pull
docker-compose up -d
- Initialize the borg repository
docker exec nextcloud_borgmatic_backup_1 sh -c "borgmatic --init --encryption repokey-blake2"- Export borg repo key (to your backup folder)
docker exec nextcloud_borgmatic_backup_1 sh -c "borg key export /mnt/borg-repository /mnt/borg-repository/key-export.txt"The stack will automatically back up your running nextlcoud instance with the help of borg/borgmatic. Per default, it will create a new backup every day at 1am. If you want to change this, adapt the crontab.txt in this repository.
This stack is not setting Nextcloud to maintenance mode. If you want to enusre that no data is modified while backups are taken, you can set Nextcloud to maintenance mode via crontab before the backups are taken and release it once the backups are done.
- Run an interactive shell:
docker-compose -f docker-compose.yml -f docker-compose.restore.yml run borgmatic_backup_1 - Fuse-mount the backup:
borg mount /mnt/borg-repository <mount_point> - Restore your files:
- Extract volume data: https://torsion.org/borgmatic/docs/how-to/extract-a-backup/
- Restore database: https://torsion.org/borgmatic/docs/how-to/backup-your-databases/#database-restoration
- General information about Nextcloud restore: https://docs.nextcloud.com/server/latest/admin_manual/maintenance/restore.html
- Finally unmount and exit:
borg umount <mount_point> && exit.
In case Borg fails to create/acquire a lock: borg break-lock /mnt/repository