Backup and Restore NextCloud

The two bash scripts in this repository can be used to back up or restore a NextCloud instance. They were inspired by DetaTec. The main differences are the use of EncPass to hide secrets, and the replacement of ls calls by the find command, thus simplifying the code to remove old backups.

The repository is maintained on Codeberg.

The scripts must be configured by defining a few variables in the VARIABLES sections.

NextCloud Directories and Database Type

To back up/restore a NextCloud instance, two directories and a database must be backed up or restored. Those values can be set in the VARIABLES section of the scripts, i.e.

# specify the location of the nextcloud installation directory
nextcloudInstallationDirectory='/var/www/nextcloud'

# specify the location of the nextcloud data directory
nextcloudDataDirectory='/home/nextcloud/data'

# specify the database: can either be mysql, mariadb, postgresql
database='postgresql'

NextCloud Installation Directory

This is the installation directory of NextCloud, which can usually be found within the web directory of a server. The default is set to /var/www/nextcloud.

NextCloud Data Directory

This is the working or data directory of NextCloud. The default is set to /home/nextcloud/data.

NextCloud Database

To dump the NextCloud database, and to import that dump again, later on, the script needs to know which database is used. The default is set to postgresql, i.e. a PostgreSQL database is used.

Warning: The script assumes that the database was created with UTF-8 support.

Secrets and EncPass

To avoid storing secrets in a script, most bell0bytes scripts use EncPass.

The backup and restore scripts require the following information:

  • nextcloudDB: the name of the NextCloud database
  • nextcloudDBUser: the user to access the database specified above
  • nextCloudDBPassword: the password to authenticate the above specified user with

Before starting the scripts, one must thus make sure that those secrets actually exists. A list of secrets for a given bucket can be shown with the list command, as follows:

sudo encpass.sh list nextcloud

If the output looks like this, everything is fine:

db
dbPassword
dbUser

If not, the secrets have to be created:

sudo encpass.sh add nextcloud db
sudo encpass.sh add nextcloud dbUser
sudo encpass.sh add nextcloud dbPassword

Note: Since the backup script must be run as root, the EncPass secrets must also be created for the root user, hence the use of sudo. Make sure that the EncPass scripts are available in the /bin directory.

PostgreSQL Password

When using a PostgreSQL database, the script assumes a .pgpass file to exist in the root home folder, with at least the following information for the database to be backed up, and the user to connect to the database to:

hostname:port:database:username:password

localhost:5432:nextcloud:nextcloud:***

Note: The file must have 0600 permissions.

Further Configuration

The following variables should be set to adapt the script to the environment in question.

Variable Description Default
backupRoot the root directory for the backups /mnt/backup/nextcloud
useCompression true iff compression should be used false
webServerService the name of the web or proxy server nginx
webServerUser the web user www-data
nBackupsToKeep the number of backups to keep 7
fnBackupInstallationDirectory the name of the backup file for the installation directory nextcloud-installation-directory.tar
fnBackupDataDirectory the name of the backup file for the data directory nextcloud-data-directory.tar
fnBackupDB the name of the backup file for the database dump nextcloud-db.dump

NB 1: If useCompression is set to true, .gz will be appended to the file names.

NB 2: If another backup software, such as Borg, is to be used, compression should be disabled.

Automation with Cronjobs

I suggest running the backup script each evening and keeping $7$ backups. To do so, a cronjob must be created for the root user.

sudo crontab -e

0 5 * * * /bin/bash '/home/symplectos/Scripts/Backup/NextCloud/nextcloudBackup.sh'

Note: Make sure the script is executable.

Manual Usage

Backup

Simply run the backup script with superuser do:

sudo ./nextcloudBackup.sh

Restore

To restore a backup, run the script, with superuser do, specifying the desired backup to restore as parameter:

sudo ./nextcloudRestore.sh 20210325_050000

Test Run

Test run with nBackupsToKeep=1 and useCompression=false:

sudo ./nextcloudBackup.sh

Creating a backup of the NextCloud instance ...

Backup Directory: /mnt/backup/nextcloud
Backup Date: 20210328_101838


Maintenance mode enabled

Stopping the web server ... done
Creating backup of the NextCloud installation directory ... done
Creating backup of the NextCloud data directory ... done
Dumping the NextCloud DB (PostgreSQL) ... done
Restarting the web server ... done

Maintenance mode disabled


The Backup of the NextCloud instance was successful!

Created Backup: /mnt/backup/nextcloud/20210328_101838/
This Backup can now be assimilated by the Borg!

To restore this backup, the 20210327_200514 should be given as a parameter to the restore script:

sudo ./nextcloudRestore.sh 20210328_101838

Restoring Backup: /mnt/backup/nextcloud/20210328_101838

Maintenance mode enabled
Stopping the web server ... done
Deleting the old NextCloud installation directory ... done
Deleting the old NextCloud data directory ... done
Restoring the NextCloud installation directory ... done
Restoring the NextCloud data directory ... done

Dropping the old NextCloud DB ...
DROP DATABASE
Done

Creating the new NextCloud DB ...
CREATE DATABASE
Done

Importing the DB dump into the new DB ...
...
Done

Restarting the web server ... done
Chowning the correct directory permissions ... done
Updating the System Data-Fingerprint ...
Nextcloud is in maintenance mode - no apps have been loaded

Done

Maintenance mode disabled

Done: The Backup 20210328_101838 was successfully restored!

References