Enable automated backups for Nextcloud - 4 backups

Once I had the entire nextcloud setup with mobile client sync, It was important to have the backup process setup before I add more users/files. This makes the installation more reliable as a personal data storage. This allows a point in time recovery for all the data in your nextcloud.

The target is to setup 3-2-1 backup rule for my nextcloud instance at a minimum. if you are not familiar with this general backup guideline I suggest you read more on it before you proceed.

• 3 copies of production data
• 2 media types
• Elastic File System (non-versioned)
• Object Storage (versioned)
• 1 offline copy (versioned) - setting up the offline copy isnt covered in this page

There are following options to choose from when deciding how to use the object storage as the versioned backup solution:

1. Setup object storage as filesystem (s3fs)
1. (pro) get a point in time copy of data that isn't cloud provider dependent
• (pro) allows the backup shell script to take care of object rotation. 
• (con) unnecessarily expose all backup data in the filesystem.
• (con) makes it harder to use the object storage from the context of another client application
2. Use s3cmd for uploading the backup
1. (pro) can use the S3cmd sync for storage/filesystem backup
2. (con) need to manage lifecycle/versions of data outside the backup script
3. Use cloud provider native snapshots
1. (pro) use provider specific APIs to take snapshots of compute and block storage
2. (pro) easiest/fastest recovery option
3. (con) snapshots arent useful outside the cloud provider

I prefer option2 as of now, and given theres flexibility to change the backup design as the service scales I don't see the need to over-engineer it as of now. In near future I will have both option2 and option3 running in parallel. 

Heres the steps I followed:

1. Setup the DigitalOcean Space and get a managed key
2. Install and Configure S3cmd
1. https://www.digitalocean.com/docs/spaces/resources/s3cmd/
2. sudo apt-get update
3. sudo apt-cache madison s3cmd (make sure the version is above 2)
4. sudo apt-get install s3cmd -y
5. sudo s3cmd --configure (go through the interactive process)
3. Create Backup folder
1. sudo mkdir -p /media/nextcloud_data/backups
2. sudo mkdir -p /media/nextcloud_data/backups/logs
3. sudo mkdir -p /media/nextcloud_data/backups/tmp
4. Create backup script
1. sudo vim /usr/sbin/nextcloudbackup.sh
2. Todo: get script from github
3. sudo chmod +x /usr/sbin/nextcloudbackup.sh
4. sudo /usr/sbin/nextcloudbackup.sh
5. Cron setup
1. sudo visudo
2. opuser ALL=(ALL) NOPASSWD: /usr/sbin/nextcloudbackup.sh
3. sudo crontab -u <username> -e
4. 0 2 * * * sudo /usr/sbin/nextcloudbackup.sh
6. Backup pod and volume

Reading material:

• https://www.scottharney.com/digitalocean-and-nextcloud/
• https://kevq.uk/how-to-backup-nextcloud/
• https://github.com/asmw/nextcloud-backup.sh
• https://docs.nextcloud.com/server/latest/admin_manual/maintenance/backup.html
• https://riegers.in/nextcloud-backup-and-restore/

Set up nextcloud on Digitalocean - 3 basic setup (from scratch)

Once I gained enough confidence that nextcloud is the choice of system for replacing my cloud storage providers, I decided its best to set up nextcloud from scratch instead of using SNAP based installation to make sure I have more fine grained control on next cloud config, debug controls, tinkering with code level patches, etc..

Im not going to going to worry about scripting the entire installation on chef/puppet yet. This will be done later when the project is ready to be productionised.

Once the functional aspects are setup properly, I will have time to worry about non functional requirements (security / backup, restore / monitoring / performance / cost efficiency / high availability / etc..)

heres the steps I followed:

1. https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-18-04
   
2. sudo apt-get update
3. sudo apt-get upgrade
4. https://www.youtube.com/watch?v=wd6NvOFERJc

1. sudo apt install -y apache2 mariadb-server mariadb-client php libapache2-mod-php php-gd php-json php-mysql php-curl php-mbstring php-intl php-imagick php-xml php-zip

2. sudo systemctl start apache2
3. sudo systemctl start mariadb
4. sudo systemctl enable apache2
5. sudo systemctl enable mariadb
6. sudo mysql_secure_installation (follow through the steps)
7. sudo ufw allow http
8. sudo ufw allow https
9. sudo ufw enable
10. Setup DB and DB user
1. sudo mysql -u root -p
2. create database <dbname>;
3. create user <name@host> identified by '<pass>';
4. grant all on <db> to <user>;
5. flush privileges;
11. cd /var/www
12. sudo wget https://download.nextcloud.com/server/releases/latest-19.tar.bz2
13. tar -xvf <tar file>
14. chown -R www-data:www-data nextcloud/
15. Setup Apache
1. sudo vim /etc/apache2/sites-available/nextcloud.conf
2. add content to conf (https://docs.nextcloud.com/server/19/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation)
3. sudo a2ensite nextcloud.conf 
4. sudo a2enmod rewrite
5. sudo a2enmod headers
6. sudo a2dissite 000-default
7. sudo systemctl restart apache2
16. Map block storage to droplet
    
1. https://www.digitalocean.com/community/questions/configuring-volumes
2. sudo mkdir -p /media/nextcloud_data
3. sudo mount -o discard,defaults,noatime /dev/disk/by-id/<disk-id> /media/nextcloud_data
4. sudo echo '/dev/disk/by-id/<disk-id> /media/nextcloud_data ext4 defaults,nofail,discard 0 0' | sudo tee -a /etc/fstab
5. sudo chown -R www-data:www-data /media/nextcloud_data
6. sudo chmod -R 774 /media/nextcloud_data
7. sudo mkdir /media/nextcloud_data/data
8. sudo chown -R www-data:www-data /media/nextcloud_data/data
9. sudo chmod -R 770 /media/nextcloud_data/data
17. Goto http:<public-ip> or <domain> to continue with the web setup
18. Update config.php at /var/www/nextcloud/config to add the trusted domains
19. Setup SSL for nextcloud instance
1. https://www.youtube.com/watch?v=mGcqC3oOINw
2. sudo add-apt-repository ppa:certbot/certbot
3. sudo apt install python-certbot-apache -y
4. sudo certbot --apache -d <domain>
1. Go through the interactive setup
20. Follow up with part 2 to finalise the social login setup
21. Remove all unwanted apps via nextcloud admin panel
1. collaborative tags
2. contacts interactions
3. Federation
4. First run wizard
5. Support
6. Usage Survey
22. Setup PHP for memory limit and file uploads
1. sudo vim /etc/php/7.2/apache2/php.ini
2. memory_limit = 512M
3. upload_max_filesize = 100M
4. sudo systemctl restart apache2
23. Setup MariaDB for 4byte characters
1. sudo mysql -u root -p
2. MariaDB prompt:  use nextcloud;
3. MariaDB prompt:  set global innodb_large_prefix=on;
4. MariaDB prompt:  set global innodb_file_format=Barracuda;
5. cd /var/www/nextcloud
6. sudo -u www-data php occ config:system:set mysql.utf8mb4 --type boolean --value="true"
7. sudo -u www-data php occ maintenance:repair
8. sudo -u www-data php occ maintenance:mode --off
24. Install missing PHP libs
1. sudo apt-get install -y php-gmp php-bcmath
2. sudo systemctl restart apache2
25. Setup log location
1. update log config
1. "log_type" => "file",
2. "logfile" => "/var/log/nextcloud.log",
3. "loglevel" => 2,
4. "logdateformat" => "F d, Y H:i:s",
5.  'log.condition' => [
6.     'apps' => ['admin_audit'],
7.  ]
2. sudo touch /var/log/nextcloud.log
3. sudo chown www-data /var/log/nextcloud.log
4. sudo systemctl restart apache2
26. Change nextcloud cron to run via OS cron (you can do this via UI)
1. https://docs.nextcloud.com/server/19/admin_manual/configuration_server/background_jobs_configuration.html
2. crontab -u www-data -e
3. */5  *  *  *  * php -f /var/www/nextcloud/cron.php
27. take a back up of the pod and volume