update

nextcloud/readme.md

@@ -14,17 +14,17 @@ File share & sync.
 
 # Files and directory structure
 
-  ```
-  /home
-  └── ~
-      └── docker
-          └── nextcloud
-              ├── 🗁 nextcloud-data
-              ├── 🗁 nextcloud-db-data
-              ├── 🗋 .env
-              ├── 🗋 docker-compose.yml
-              └── 🗋 nextcloud-backup-script.sh
-  ```
+```
+/home
+└── ~
+    └── docker
+        └── nextcloud
+            ├── 🗁 nextcloud-data
+            ├── 🗁 nextcloud-db-data
+            ├── 🗋 .env
+            ├── 🗋 docker-compose.yml
+            └── 🗋 nextcloud-backup-script.sh
+```
 
 # docker-compose
 
@@ -36,123 +36,116 @@ Four containers are spin up
   - `nextcloud-redis` - in memory file caching and more reliable transactional file locking
   - `nextcloud-cron` - for being able to run maintenance cronjobs
 
-  `docker-compose.yml`
+`docker-compose.yml`
+```yml
+version: '3'
+services:
 
-  ```
-  version: '3'
-  services:
+  nextcloud-db:
+    image: mariadb
+    container_name: nextcloud-db
+    hostname: nextcloud-db
+    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
+    restart: unless-stopped
+    volumes:
+      - ./nextcloud-data-db:/var/lib/mysql
+    environment:
+      - MYSQL_ROOT_PASSWORD
+      - MYSQL_PASSWORD
+      - MYSQL_DATABASE
+      - MYSQL_USER
 
-    nextcloud-db:
-      image: mariadb
-      container_name: nextcloud-db
-      hostname: nextcloud-db
-      command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
-      restart: unless-stopped
-      volumes:
-        - ./nextcloud-data-db:/var/lib/mysql
-      environment:
-        - MYSQL_ROOT_PASSWORD
-        - MYSQL_PASSWORD
-        - MYSQL_DATABASE
-        - MYSQL_USER
+  nextcloud-redis:
+    image: redis:alpine
+    container_name: nextcloud-redis
+    hostname: nextcloud-redis
+    restart: unless-stopped
 
-    nextcloud-redis:
-      image: redis:alpine
-      container_name: nextcloud-redis
-      hostname: nextcloud-redis
-      restart: unless-stopped
+  nextcloud:
+    image: nextcloud:apache
+    container_name: nextcloud
+    hostname: nextcloud
+    restart: unless-stopped
+    depends_on:
+      - nextcloud-db
+      - nextcloud-redis
+    volumes:
+      - ./nextcloud-data/:/var/www/html
+    environment:
+      - MYSQL_HOST
+      - REDIS_HOST
+      - MAIL_DOMAIN
+      - MAIL_FROM_ADDRESS
+      - SMTP_SECURE
+      - SMTP_HOST
+      - SMTP_PORT
+      - SMTP_NAME
+      - SMTP_PASSWORD
 
-    nextcloud:
-      image: nextcloud:apache
-      container_name: nextcloud
-      hostname: nextcloud
-      restart: unless-stopped
-      depends_on:
-        - nextcloud-db
-        - nextcloud-redis
-      volumes:
-        - ./nextcloud-data/:/var/www/html
-      environment:
-        - MYSQL_HOST
-        - REDIS_HOST
-        - MAIL_DOMAIN
-        - MAIL_FROM_ADDRESS
-        - SMTP_SECURE
-        - SMTP_HOST
-        - SMTP_PORT
-        - SMTP_NAME
-        - SMTP_PASSWORD
+  nextcloud-cron:
+    image: nextcloud:apache
+    container_name: nextcloud-cron
+    hostname: nextcloud-cron
+    restart: unless-stopped
+    volumes:
+      - ./nextcloud-data/:/var/www/html
+    entrypoint: /cron.sh
+    depends_on:
+      - nextcloud-db
+      - nextcloud-redis
 
-    nextcloud-cron:
-      image: nextcloud:apache
-      container_name: nextcloud-cron
-      hostname: nextcloud-cron
-      restart: unless-stopped
-      volumes:
-        - ./nextcloud-data/:/var/www/html
-      entrypoint: /cron.sh
-      depends_on:
-        - nextcloud-db
-        - nextcloud-redis
+networks:
+  default:
+    external:
+      name: $DEFAULT_NETWORK
+```
 
-  networks:
-    default:
-      external:
-        name: $DEFAULT_NETWORK
-  ```
+`.env`
+```bash
+# GENERAL
+MY_DOMAIN=blabla.org
+DEFAULT_NETWORK=caddy_net
+TZ=Europe/Prague
 
-  `.env`
-  ```
-  # GENERAL
-  MY_DOMAIN=blabla.org
-  DEFAULT_NETWORK=caddy_net
-  TZ=Europe/Prague
+# NEXTCLOUD-MARIADB
+MYSQL_ROOT_PASSWORD=nextcloud
+MYSQL_PASSWORD=nextcloud
+MYSQL_DATABASE=nextcloud
+MYSQL_USER=nextcloud
 
-  # NEXTCLOUD-MARIADB
-  MYSQL_ROOT_PASSWORD=nextcloud
-  MYSQL_PASSWORD=nextcloud
-  MYSQL_DATABASE=nextcloud
-  MYSQL_USER=nextcloud
+# NEXTCLOUD
+MYSQL_HOST=nextcloud-db
+REDIS_HOST=nextcloud-redis
 
-  # NEXTCLOUD
-  MYSQL_HOST=nextcloud-db
-  REDIS_HOST=nextcloud-redis
-
-  # USING SENDGRID FOR SENDING EMAILS
-  MAIL_DOMAIN=blabla.org
-  MAIL_FROM_ADDRESS=nextcloud
-  SMTP_SECURE=ssl
-  SMTP_HOST=smtp.sendgrid.net
-  SMTP_PORT=465
-  SMTP_NAME=apikey
-  SMTP_PASSWORD=SG.asdasdasdasdasdasdsaasdasdsa
-  ```
-  **All containers must be on the same network**.</br>
-  If one does not exist yet: `docker network create caddy_net`
+# USING SENDGRID FOR SENDING EMAILS
+MAIL_DOMAIN=blabla.org
+MAIL_FROM_ADDRESS=nextcloud
+SMTP_SECURE=ssl
+SMTP_HOST=smtp.sendgrid.net
+SMTP_PORT=465
+SMTP_NAME=apikey
+SMTP_PASSWORD=SG.asdasdasdasdasdasdsaasdasdsa
+```
+**All containers must be on the same network**.</br>
+If one does not exist yet: `docker network create caddy_net`
 
 # Reverse proxy
 
-  [Nextcloud official documentation](https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/reverse_proxy_configuration.html)
-  regarding reverse proxy.
+[Nextcloud official documentation](https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/reverse_proxy_configuration.html)
+regarding reverse proxy.</br>
+Caddy v2 is used,
+details [here](https://github.com/DoTheEvo/Caddy-v2-docker-example-setup).</br>
+There are few extra directives here to fix some nextcloud warnings.
 
-  Caddy v2 is used,
-  details [here](https://github.com/DoTheEvo/Caddy-v2-docker-example-setup)
-
-  There are few extra directives here to fix some nextcloud warnings
-
-  `Caddyfile`
-  ```
-  {
-      # acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
-  }
-
-  nextcloud.{$MY_DOMAIN} {
-      reverse_proxy nextcloud:80
-      header Strict-Transport-Security max-age=31536000;
-      redir /.well-known/carddav /remote.php/carddav 301
-      redir /.well-known/caldav /remote.php/caldav 301
-  }
-  ```
+`Caddyfile`
+```
+nextcloud.{$MY_DOMAIN} {
+    reverse_proxy nextcloud:80
+    header Strict-Transport-Security max-age=31536000;
+    redir /.well-known/carddav /remote.php/carddav 301
+    redir /.well-known/caldav /remote.php/caldav 301
+}
+```
 
 # First run
 
@@ -171,21 +164,25 @@ Editing config.php and adding the new domain will fix it.
 Nextcloud has status check in *Settings > Administration > Overview*</br>
 There are likely several warnings on a freshly spun container.
 
-  - **The database is missing some indexes**
-    - `docker exec --user www-data --workdir /var/www/html nextcloud php occ db:add-missing-indices`
+##### The database is missing some indexes
 
-  - **Some columns in the database are missing a conversion to big int**
-    - `docker exec --user www-data --workdir /var/www/html nextcloud php occ db:convert-filecache-bigint`
+`docker exec --user www-data --workdir /var/www/html nextcloud php occ db:add-missing-indices`
 
-  - **The "Strict-Transport-Security" HTTP header is not set to at least "15552000" seconds.**
-    - helps to know what [HSTS means](https://www.youtube.com/watch?v=kYhMnw4aJTw)
-    - fixed in the reverse proxy section above in caddy config
-    - the line `header Strict-Transport-Security max-age=31536000;`
+##### Some columns in the database are missing a conversion to big int
 
-  - **Your web server is not properly set up to resolve "/.well-known/caldav"** and **Your web server is not properly set up to resolve "/.well-known/carddav".**
-    - fixed in the reverse proxy section above in caddy config
-    - `redir /.well-known/carddav /remote.php/carddav 301`
-    - `redir /.well-known/caldav /remote.php/caldav 301`
+`docker exec --user www-data --workdir /var/www/html nextcloud php occ db:convert-filecache-bigint`
+
+##### The "Strict-Transport-Security" HTTP header is not set to at least "15552000" seconds.
+
+- helps to know what is [HSTS](https://www.youtube.com/watch?v=kYhMnw4aJTw)
+- fixed in the reverse proxy section above in caddy config
+- the line `header Strict-Transport-Security max-age=31536000;`
+
+##### Your web server is not properly set up to resolve "/.well-known/caldav" and Your web server is not properly set up to resolve "/.well-known/carddav".
+
+- fixed in the reverse proxy section above in caddy config
+- `redir /.well-known/carddav /remote.php/carddav 301`
+- `redir /.well-known/caldav /remote.php/caldav 301`
 
 ![status-pic](https://i.imgur.com/wjjd5CJ.png)
 
@@ -228,7 +225,7 @@ There are likely several warnings on a freshly spun container.
 
 # Backup of just user data
 
-user-data daily export using the [official procedure.](https://docs.nextcloud.com/server/latest/admin_manual/maintenance/backup.html)</br>
+User-data daily export using the [official procedure.](https://docs.nextcloud.com/server/latest/admin_manual/maintenance/backup.html)</br>
 For nextcloud it means entering maintenance mode,
 database dump and backing up several directories containing data, configs, themes.</br>
 
@@ -236,47 +233,49 @@ For the script it just means database dump as borg backup and its deduplication
 will deal with the directories, especially in the case of nextcloud where 
 hundreds gigabytes can be stored.
 
-* **create a backup script**</br>
-    placed inside `nextcloud` directory on the host
+#### Create a backup script
 
-    `nextcloud-backup-script.sh`
-    ```
-    #!/bin/bash
+Placed inside `nextcloud` directory on the host.
 
-    # MAINTENANCE MODE ON
-    docker container exec --user www-data --workdir /var/www/html nextcloud php occ maintenance:mode --on
+`nextcloud-backup-script.sh`
+```bash
+#!/bin/bash
 
-    # CREATE DATABASE DUMP, bash -c '...' IS USED OTHERWISE OUTPUT > WOULD TRY TO GO TO THE HOST
-    docker container exec nextcloud-db bash -c 'mysqldump --single-transaction -h nextcloud-db -u $MYSQL_USER -p$MYSQL_PASSWORD $MYSQL_DATABASE > /var/lib/mysql/BACKUP.nextcloud.database.sql'
+# MAINTENANCE MODE ON
+docker container exec --user www-data --workdir /var/www/html nextcloud php occ maintenance:mode --on
 
-    # MAINTENANCE MODE OFF
-    docker container exec --user www-data --workdir /var/www/html nextcloud php occ maintenance:mode --off
-    ```
+# CREATE DATABASE DUMP, bash -c '...' IS USED OTHERWISE OUTPUT > WOULD TRY TO GO TO THE HOST
+docker container exec nextcloud-db bash -c 'mysqldump --single-transaction -h nextcloud-db -u $MYSQL_USER -p$MYSQL_PASSWORD $MYSQL_DATABASE > /var/lib/mysql/BACKUP.nextcloud.database.sql'
 
-    the script must be **executable** - `chmod +x nextcloud-backup-script.sh`
+# MAINTENANCE MODE OFF
+docker container exec --user www-data --workdir /var/www/html nextcloud php occ maintenance:mode --off
+```
 
-* **cronjob** on the host</br>
-  `crontab -e` - add new cron job</br>
-  `0 2 * * * /home/bastard/docker/nextcloud/nextcloud-backup-script.sh` - run it [at 02:00](https://crontab.guru/#0_2_*_*_*)</br>
-  `crontab -l` - list cronjobs
+the script must be **executable** - `chmod +x nextcloud-backup-script.sh`
+
+#### Cronjob on the host
+
+`crontab -e` - add new cron job</br>
+`0 2 * * * /home/bastard/docker/nextcloud/nextcloud-backup-script.sh` - run it [at 02:00](https://crontab.guru/#0_2_*_*_*)</br>
+`crontab -l` - list cronjobs
 
 # Restore the user data
 
-  Assuming clean start, first restore the database before running the app container.
+Assuming clean start, first restore the database before running the app container.
 
-  * start the containers: `docker-compose up -d`</br>
-    let it run so it creates its file structure
-  * down the containers: `docker-compose up -d`
-  * from backup copy the directories `data`, `configs`, `themes` in to `nextcloud-data` replacing the ones in place
-  * from backup copy the backup database in to `nextcloud-db-data`
-  * start the containers: `docker-compose up -d`
-  * set the correct user ownership of the directories copied:</br>
-    `docker exec --workdir /var/www/html nextcloud chown -R www-data:www-data config data themes`
-  * restore the database</br>
-    `docker exec --workdir /var/lib/mysql nextcloud-db bash -c 'mysql -u $MYSQL_USER -p$MYSQL_PASSWORD $MYSQL_DATABASE < BACKUP.nextcloud.database.sql'`
-  * turn off the maintenance mode:</br>
-    `docker container exec --user www-data --workdir /var/www/html nextcloud php occ maintenance:mode --off`
-  * update the systems data-fingerprint:</br>
-    `docker exec --user www-data --workdir /var/www/html nextcloud php occ maintenance:data-fingerprint`
-  * restart the containers: `docker-compose restart`
-  * log in
+* start the containers: `docker-compose up -d`</br>
+  let it run so it creates its file structure
+* down the containers: `docker-compose up -d`
+* from backup copy the directories `data`, `configs`, `themes` in to `nextcloud-data` replacing the ones in place
+* from backup copy the backup database in to `nextcloud-db-data`
+* start the containers: `docker-compose up -d`
+* set the correct user ownership of the directories copied:</br>
+  `docker exec --workdir /var/www/html nextcloud chown -R www-data:www-data config data themes`
+* restore the database</br>
+  `docker exec --workdir /var/lib/mysql nextcloud-db bash -c 'mysql -u $MYSQL_USER -p$MYSQL_PASSWORD $MYSQL_DATABASE < BACKUP.nextcloud.database.sql'`
+* turn off the maintenance mode:</br>
+  `docker container exec --user www-data --workdir /var/www/html nextcloud php occ maintenance:mode --off`
+* update the systems data-fingerprint:</br>
+  `docker exec --user www-data --workdir /var/www/html nextcloud php occ maintenance:data-fingerprint`
+* restart the containers: `docker-compose restart`
+* log in