Nextcloud needs no introduction. It is the most popular open-source software for self-hosting a collaboration suite that gives you access to document collaboration, file hosting, project management boards and chat service.
We have been using Nextcloud for managing our team activities on Linux Handbook and It's FOSS. We self-host our Nextcloud instance, obviously. This self-hosting experience has taught us several important lessons and I am going to share them with you. This will help you if you happen to be a day-to-day Nextcloud administrator.
1. Use the occ command on Nextcloud with Docker
The occ command originates from ownCloud, which is an abbreviation of "ownCloud Console" primarily used for maintenance, diagnosis and fixes. Since Nextcloud is a fork of the ownCloud 2016 code base,
occ's design is very similar.
For Nextcloud administrators, knowledge on its usage can be extremely convenient for maintenance activities and so the reference manual is very helpful.
However, on Docker, the specific syntax on how to use it is quite different and lengthier:
docker exec -u www-data -it nextcloud php occ <command>
Here, you are using
docker exec with
www-data as user.
nextcloud is the name of the Nextcloud Docker container and
php is being used to run the
occ command from within the container.
2. Do not upgrade Nextcloud right after a new release
A brand-new release of Nextcloud can be very tempting. But it has been observed many a time that straightaway going for an upgrade hastily can potentially render Nextcloud completely unusable.
I recommend waiting for at least the first patch to be released. For example, upgrading 20.0.6 to 21.0.0 can be a risky experience. A direct upgrade from xx.0.x to xy.0.0 is NOT recommended. Instead, a better approach would be to at least wait for version xy.0.1.
3. Prioritize security and bug fixes over features whenever you upgrade Nextcloud
It is easy to get tempted about a new feature available only on a newly released version. Make sure the upgrade is not at the cost of reduced performance or deteriorated functionality. It could relate to Nextcloud in its entirety or a specific Nextcloud app that can seriously affect your productivity.
4. Things to consider before upgrading your Nextcloud instance
Thoroughly check the official forum as well GitHub repository for the most recent issues whenever you are thinking of upgrading. Unfortunate as it is being noticed these days, it is very common nowadays that an issue has made the Nextcloud interface extremely slow.
So, ensure you can replicate the scenario on a cloned server and its solution before you do it on a production server. Put the upgrade on hold if it degrades functionality.
5. Always backup the database and Nextcloud volume before an upgrade
At the host system level, you can never use the same files on an upgraded Nextcloud with a downgraded version. Therefore, always create a backup of your Nextcloud and its corresponding database volume before performing the upgrade. The approach is the same that I discussed it for Ghost in a previous post.
6. Regularly keep an eye on the "Overview" section inside the Nextcloud settings
Do you know there is an overview section under the Settings? This section warns you of any security and set up issues.
You can access it by going to the top right corner of your dashboard and go to settings.
You'll see the Overview option under Administration section.
This is where you can have idea about any performance or security issues on your Nextcloud through the relevant reports on the dashboard.
7. Ensure regular checks for security
Nextcloud provides a free web tool to check for any known vulnerabilities on your Nextcloud server. The best thing here is that you don't even need to install anything on your server. Just enter the URL of your instance.
From time to time, it is highly recommended scanning your instance URL to have an idea about the security parameters of your Nextcloud deployment.
8. Keep an eye on the apps you use
Many apps on Nextcloud have been known to have rendered the entire Nextcloud interface completely unusable. Keep an eye on the forums and GitHub issues of the individual apps that you use on your Nextcloud instance.
9. Clone your production server to test upgrades
If you are using a cloud server like Linode, you have the option to easily clone your entire server.
This is an extremely helpful step towards keeping downtime(if any) to an absolute minimum whenever you are thinking of upgrading your Nextcloud instance. It also ensures a live backup copy of your Nextcloud instance available at periodic intervals whenever you clone your server.
Once you have ensured it's a stable upgrade, keep monitoring it for sometime on the cloned server. When you're absolutely sure it's a stable transition, record your experience through a complete documentation of the upgrade process and the steps you might have taken to fix any issues after upgrading. Later, you can go ahead and replicate the same steps on the production server by following your own documentation.
10. Search for reported issues on the forums
Nextcloud usually provides a stepwise process of resolving the issues it reports on the overview settings. If that becomes insufficient, you can copy and paste the reported issues on "GitHub issues" or the Nextcloud forum.
There is a high chance the issue is a known one and the fix has already been provided. Without waiting for the next patch, you can test the fix first on a cloned server and mitigate it yourself.
In general, Nextcloud recommends switching to maintenance mode when specific commands are necessary.
occ db:convert-filecache-bigint that involves BigInt (64bit) identifiers being suggested after an upgrade.
But I'd prefer to always switch to maintenance mode before you run any occ command suggested in the "System & Security Section".
Following up on the example command mentioned in point 1, the corresponding command would be:
docker exec -u www-data -it nextcloud php occ maintenance:mode --on
Now run the command as suggested. For example, suppose you notice this message:
Some indices are missing in the database. Because adding indexes to large tables may take some time, they have not been added automatically. By executing "occ db: add-missing-indices", missing indexes can be added manually while the instance is running. Once the indexes have been added, queries to these tables are usually faster.
Here, the suggestion is to run
occ db: add-missing-indices. But as discussed in point 1, this recommendation is insufficient; especially if you are running Nextcloud with Docker. Hence the complete command required here is:
docker exec -u www-data -it nextcloud php occ db: add-missing-indices
[email protected]:~$ docker exec -u www-data -it nextcloud php occ db:add-missing-indices Check indices of the share table. Check indices of the filecache table. Check indices of the twofactor_providers table. Check indices of the login_flow_v2 table. Check indices of the whats_new table. Check indices of the cards table. Check indices of the cards_properties table. Check indices of the calendarobjects_props table. Adding calendarobject_calid_index index to the calendarobjects_props table, this can take some time... calendarobjects_props table updated successfully. Check indices of the schedulingobjects table. Adding schedulobj_principuri_index index to the schedulingobjects table, this can take some time... schedulingobjects table updated successfully.
Now turn off maintenance mode:
docker exec -u www-data -it nextcloud php occ maintenance:mode --off
Food for thought
All the above 10 pointers are the outcome of experiencing it on a live production system for over a year. During this time, the following triangle has been a very important guide for me to maintain a delicate balance among security, usability and functionality and correlating it with how Nextcloud operates.
This applies to every deployment system and not only Nextcloud. Undoubtedly, these are the founding pillars of any DevOps based deployment.
When it comes to Nextcloud, you must always keep in mind the key difference between Nextcloud and Nextcloud Hub. Nextcloud itself is primarily a file hosting service, whereas Nextcloud Hub is a content collaboration platform(a subset of Nextcloud).
How can you relate this scenario with functionality and ease-of-use? In the discussion above, I've mentioned Collabora Online, which is a part of Nextcloud Hub that can clearly be correlated with ease-of-use.
If the entire Nextcloud Dashboard stalls because of a newly released version of Collabora Online, its functionality goes completely haywire. Collabora Online was bundled with Nextcloud Hub keeping in mind the ease-of-use of managing documents online. But if that comes at the cost of drastically slowing down the entire GUI and rendering it completely unusable, it completely defeats its primary purpose altogether! Therefore, it is always very necessary to keep a watch on maintaining this delicate balance between functionality and usability(with a cautious eye on security of-course).
Every application is different and hence how you calibrate each of these 3 metrics can be extremely crucial, depending on a case-by-case basis.
I really hope these pointers and thoughts help you in managing your Nextcloud instance on a day-to-day basis, especially if you are an admin who manages a self-hosted Nextcloud service with Docker. If you have any comments, suggestions or a new point to share, please do so in the section below.