Nextcloud Backup System

Automated backup solution for Nextcloud using rclone.

Features

• No sudo required - runs as dedicated backup user
• Hybrid backup strategy: daily metadata + weekly/yearly full backups
• Automated scheduling via cron
• Works with rclone (supports 40+ cloud storage providers)
• Automatic tar.gz compression
• Configurable retention policies
• Docker support

Quick Start

Prerequisites

• Ubuntu/Debian server
• Docker-based Nextcloud
• rclone installed
• Dedicated backup user with group permissions

Installation

1. Create backup user:

sudo adduser --system --group --home /opt/backup backup-user
sudo usermod -aG www-data,docker backup-user

2. Create directory structure:

sudo mkdir -p /opt/backup/{bin,logs,backups}
sudo chown -R backup-user:backup-user /opt/backup

3. Configure rclone as backup-user:

sudo -u backup-user rclone config

4. Install backup script:

sudo cp nextcloud-backup.sh /opt/backup/bin/
sudo chmod +x /opt/backup/bin/nextcloud-backup.sh

5. Edit configuration in script:

RCLONE_REMOTE="your-remote:YourPath/Nextcloud"

6. Set read-only permissions on Nextcloud data:

sudo chmod 750 /path/to/nextcloud/data

7. Test backup:

sudo -u backup-user /opt/backup/bin/nextcloud-backup.sh

8. Schedule with cron:

sudo cp nextcloud-backup.cron /etc/cron.d/nextcloud-backup

Configuration

Edit these variables in nextcloud-backup.sh:

# Rclone remote (change to your remote name)
RCLONE_REMOTE="jottacloud:ServerBackup/Nextcloud"

# Docker container name
NEXTCLOUD_CONTAINER="nextcloud-app"

# Retention policy
DAILY_RETENTION=10    # Keep 10 daily backups
WEEKLY_RETENTION=10   # Keep 10 weekly backups
YEARLY_RETENTION=10   # Keep 10 yearly backups

Backup Strategy

• Daily (03:15): Metadata only (database, config, apps) - approximately 100-200MB
• Weekly (Sunday): Complete backup including user data
• Yearly (January 1st): Full archive for long-term storage

Security

Recommended approach: Dedicated backup user without sudo privileges

• Read-only access to Nextcloud data
• Limited permissions via group membership (www-data, docker)
• Reduced attack surface

The legacy sudo-based approach is available in nextcloud-backup-v1.sh for reference but not recommended for new installations.

Troubleshooting

Permission Denied

# Verify backup-user groups
id backup-user

# Should show: www-data, docker

# Check data directory permissions
ls -ld /path/to/nextcloud/data
# Should be: drwxr-x--- (750)

Rclone Authentication Failed

# Reconfigure as backup-user
sudo -u backup-user rclone config reconnect your-remote:

Docker Command Not Found

# Add backup-user to docker group
sudo usermod -aG docker backup-user

Files

• nextcloud-backup.sh - Main backup script (no sudo required)
• nextcloud-backup-v1.sh - Legacy version with sudo (reference only)
• nextcloud-backup.cron - Cron schedule example
• README.md - Documentation

Requirements

• rclone
• Docker
• tar
• gzip

License

MIT License

Author

IBICO74

Support

Open a GitHub issue for questions or problems.