{"id":47622425,"url":"https://github.com/fezu54/nextcloud-stack","last_synced_at":"2026-04-01T22:22:29.348Z","repository":{"id":42659961,"uuid":"336388049","full_name":"fezu54/nextcloud-stack","owner":"fezu54","description":"My own nextcloud stack including backup solution. There's also a branch `feat/vaultwarden` which includes a Vaultwarden deployment","archived":false,"fork":false,"pushed_at":"2026-03-28T21:48:03.000Z","size":67,"stargazers_count":8,"open_issues_count":2,"forks_count":3,"subscribers_count":1,"default_branch":"feat/vaultwarden","last_synced_at":"2026-03-28T23:53:08.874Z","etag":null,"topics":["backup","borgmatic","nextcloud","rclone","vaultwarden"],"latest_commit_sha":null,"homepage":"","language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fezu54.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2021-02-05T21:00:33.000Z","updated_at":"2026-03-28T21:04:45.000Z","dependencies_parsed_at":"2025-09-14T20:30:22.329Z","dependency_job_id":null,"html_url":"https://github.com/fezu54/nextcloud-stack","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/fezu54/nextcloud-stack","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fezu54%2Fnextcloud-stack","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fezu54%2Fnextcloud-stack/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fezu54%2Fnextcloud-stack/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fezu54%2Fnextcloud-stack/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fezu54","download_url":"https://codeload.github.com/fezu54/nextcloud-stack/tar.gz/refs/heads/feat/vaultwarden","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fezu54%2Fnextcloud-stack/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31292639,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-01T21:15:39.731Z","status":"ssl_error","status_checked_at":"2026-04-01T21:15:34.046Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["backup","borgmatic","nextcloud","rclone","vaultwarden"],"created_at":"2026-04-01T22:22:28.878Z","updated_at":"2026-04-01T22:22:29.332Z","avatar_url":"https://github.com/fezu54.png","language":"Dockerfile","funding_links":[],"categories":[],"sub_categories":[],"readme":"# nextcloud-stack\nThis is my personal docker-compose stack to deploy Nextcloud on a self hosted machine. It includes https://github.com/b3vis/docker-borgmatic to create hot backups of the nextcloud volume (config, data, themes) and dumps of the running MariaDB.\n\n## Vaultwarden\nIn addition to Nextcloud, this stack also deploys [Vaultwarden](https://github.com/dani-garcia/vaultwarden) to store your passwords and secrets. It is configured to use the standard SQLIte database which is also included in the borgmatic backup.\nOther than that, currently only the `attachments` folder is included as well. For more information about backup and restore, check the [Vaultwarden documentation](https://github.com/dani-garcia/vaultwarden/wiki/Backing-up-your-vault).\n\n## rclone configuration\n[Rclone](https://rclone.org/) is used to automatically upload your local backups to a cloud provider. It can be configured via environment variables: https://rclone.org/docs/#environment-variables. The exact configuration depends on your cloud provider.\n\n## ntfy (Notifications)\n[ntfy](https://ntfy.sh/) is used to send notifications about backup status. To prevent unauthorized access to your notification topics, authentication should be enabled.\n\n### Setup Authentication\n1. Start the stack: `docker compose up -d`\n2. Create an admin user (you will be prompted for a password):\n   ```bash\n   docker compose exec ntfy ntfy user add --role=admin your_username\n   ```\n3. Generate an access token for the backup service:\n   ```bash\n   docker compose exec ntfy ntfy token add your_username\n   ```\n4. Copy the generated token and add it to your `.env` file as `NTFY_TOKEN`.\n\n### Smartphone App\nTo receive notifications on your mobile device, install the `ntfy` app:\n- **Android (Google Play):** [ntfy - PUT/POST to your phone](https://play.google.com/store/apps/details?id=io.heckel.ntfy)\n- **Android (F-Droid):** [ntfy on F-Droid](https://f-droid.org/packages/io.heckel.ntfy/)\n- **iOS (Apple App Store):** [ntfy on the App Store](https://apps.apple.com/app/ntfy/id1625396347)\n\nOnce installed, add your self-hosted server in the app settings to start receiving notifications from your stack.\n\n# Usage\n\n## 1. Secret Management (Vaultwarden)\nThis stack is designed to be deployed securely using your local **Vaultwarden** (via `rbw`). Instead of keeping sensitive `.env` files on your server, create a single item in your vault (e.g., named `.env` in a \"Nextcloud stack\" folder) and add all your variables to its **Note** field in `KEY=VALUE` format:\n\n```text\nCOMPOSE_PROJECT_NAME=nextcloud\nMYSQL_ROOT_PASSWORD=...\nMYSQL_DATABASE=nextcloud\nMYSQL_USER=nextcloud\nMYSQL_PASSWORD=...\nDNS_ADDRESS=...\nVAULTWARDEN_PREFIX=...\nNEXTCLOUD_PREFIX=...\nLETSENCRYPT_EMAIL=...\nTZ=...\nBORG_PASSPHRASE=...\nVOLUME_TARGET=...\nNTFY_PREFIX=...\nNTFY_TOPIC=...\nNTFY_TOKEN=...\n\n# rclone config\nRCLONE_CONFIG_NEXTCLOUD_TYPE=...\n...\n```\n\n## 2. Deploy the Stack\nUse the provided `deploy.sh` script to sync your files and inject secrets from your vault directly into the remote server's memory.\n\n```bash\n# Unlock your local vault first\nrbw unlock\n\n# Run the deployment script\n./deploy.sh \\\n  --user your_ssh_user \\\n  --host your_server_ip \\\n  --path ~/nextcloud-stack \\\n  --item .env \\\n  --folder \"Nextcloud stack\"\n```\n\nThe script will:\n1. Fetch secrets from your local `rbw`.\n2. Sync the stack files to your remote server via `rsync`.\n3. Pull the latest images.\n4. Rebuild custom images (like backup/proxy) with the latest patches.\n5. Start/Restart the containers with the injected secrets.\n\n## 3. Initializing the Stack\nIf this is a fresh installation:\n1. Initialize the borg repository:\n   ```bash\n   ssh your_ssh_user@your_server_ip \"cd ~/nextcloud-stack \u0026\u0026 docker compose exec borgmatic_backup borgmatic --init --encryption repokey-blake2\"\n   ```\n2. Export the borg repo key:\n   ```bash\n   ssh your_ssh_user@your_server_ip \"cd ~/nextcloud-stack \u0026\u0026 docker compose exec borgmatic_backup borg key export /mnt/borg-repository /mnt/borg-repository/key-export.txt\"\n   ```\n\n## 4. First Time Setup (Bootstrap)\nIf you are deploying this stack for the very first time (and don't have a Vaultwarden account yet):\n\n1.  **Run in New Mode:**\n    ```bash\n    ./deploy.sh --user your_user --host your_ip --path ~/nextcloud-stack --new\n    ```\n    Enter your desired passwords and config when prompted.\n2.  **Create Vaultwarden Account:**\n    Once the stack is up, go to `https://vault.yourdomain.com` and register your account.\n3.  **Connect rbw Locally:**\n    ```bash\n    rbw config set base_url https://vault.yourdomain.com\n    rbw login\n    ```\n4.  **Migrate Secrets:**\n    Create a new item in your vault named `.env` and paste the variables you used in step 1 into the **Notes** field.\n5.  **Future Deploys:**\n    From now on, you can just use the standard command without the `--new` flag.\n\n# Backups\nThe stack will automatically back up your running nextlcoud instance with the help of [borg](https://borgbackup.readthedocs.io/en/stable/index.html)/[borgmatic](https://torsion.org/borgmatic/). Per default, it will create a new backup every day at 1am. If you want to change this, adapt the [crontab.txt](https://github.com/fezu54/nextcloud-stack/blob/main/backup/borgmatic.d/crontab.txt) in this repository.\n\n⚠️ It's important to save your borg repo key and the borgmatic passphrase somewhere secure. You'll need it to restore the backups.\n## Nextcloud maintenance mode\nThis stack is not setting Nextcloud to [maintenance mode](https://docs.nextcloud.com/server/latest/admin_manual/maintenance/backup.html#maintenance-mode). If you want to enusre that no data is modified while backups are taken, you can set Nextcloud to maintenance mode via crontab before the backups are taken and release it once the backups are done.\n## Restore backups\n1. Run an interactive shell: `docker-compose -f docker-compose.yml -f docker-compose.restore.yml run borgmatic_backup_1`\n2. Fuse-mount the backup: `borg mount /mnt/borg-repository \u003cmount_point\u003e`\n3. Restore your files:\n* Extract volume data: https://torsion.org/borgmatic/docs/how-to/extract-a-backup/\n* Restore database: https://torsion.org/borgmatic/docs/how-to/backup-your-databases/#database-restoration\n* General information about Nextcloud restore: https://docs.nextcloud.com/server/latest/admin_manual/maintenance/restore.html\n5. Finally unmount and exit: `borg umount \u003cmount_point\u003e \u0026\u0026 exit.`\n\nIn case Borg fails to create/acquire a lock: `borg break-lock /mnt/repository`\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffezu54%2Fnextcloud-stack","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffezu54%2Fnextcloud-stack","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffezu54%2Fnextcloud-stack/lists"}