Nextcloud¶
Stack:
stack/nextcloud/· Host:phil-app· Updated: 2026-03-01
Self-hosted cloud storage and collaboration for the household.
Overview¶
Nextcloud runs on phil-app with primary data on a dedicated SATA HDD (/srv/nextcloud_data, 938 GB) and legacy SSHFS mount from Hetzner StorageBox (/mnt/nextcloud_data). Auth via Keycloak OIDC.
Architecture¶
- Containers:
nc(Nextcloud PHP),db(MariaDB or PostgreSQL),redis,nginx,cron,imaginary(×4 image processing),nc-exporter,elasticsearch(full-text search) - Networks:
compose-nextcloud-network,traefik-ingress,ldap-network,prometheus-network,mail-network - Volumes:
nextcloud_data(user data),nextcloud_db(DB) - Auth: Keycloak OIDC (
sso.philipp.info/realms/family)
Storage Layout¶
| Mount | Size | Use |
|---|---|---|
/srv/nextcloud_data |
938 GB SATA HDD | Primary user data (Nextcloud main) |
/mnt/nextcloud_data |
4.8 TB StorageBox | Legacy SSHFS (to be replaced by S3) |
/mnt/paperless_data |
4.8 TB StorageBox | Paperless document storage (SSHFS) |
Elasticsearch¶
- Limit: 2 GiB, runs ~1.2 GiB normally
- Provides full-text search for Nextcloud files
Imaginary (×4)¶
- Image processing service (×4 replicas)
- Limit: 512 MiB each (was 256 MiB — frequent OOM restarts)
Configuration¶
- Mail: via
mail-network→mail:25(Postfix, no TLS — internal subnet) - OIDC:
sso.philipp.info/realms/familyvia Keycloak
Operations¶
Health Check¶
sudo docker compose -f /opt/docker/stack/nextcloud/docker-compose.yml ps
# Nextcloud status
sudo docker exec nextcloud-nc-1 php occ status
Backup¶
Borgmatic config: borgmatic.d/nextcloud.yaml. Backs up nextcloud_data and nextcloud_db volumes.
Warning: nextcloud_data is very large (500+ GB). The borgmatic container needs 4G memory for this repo (large chunk count). First backup takes a long time. See services/backup.md.
Heartbeat: Uptime Kuma push monitor "Backup - Nextcloud".
Paperless Integration¶
Nextcloud and Paperless share a bind-mount for document access. Optionally configurable: - External Storage App: Paperless archive visible in Nextcloud UI - Flow Rules: PDFs automatically copied to Paperless consume folder
Current state: functional bind-mount integration (P3 item in roadmap.md).
Pitfalls¶
SSHFS mounts are fragile¶
The StorageBox SSHFS mounts (/mnt/nextcloud_data, /mnt/paperless_data) can disconnect and require manual remount. This is the P4 roadmap item (replace with Hetzner Object Storage as S3 Primary Storage).
Paperless IMAP consume: update hostname after mail migration¶
Paperless IMAP consume is configured in the Web UI (Admin → Mail → Mail Accounts), not docker-compose. After the Kopano→mailcow migration, the hostname must be updated to mail.dieholzers.at:993 with an app password.
Roadmap¶
- P3: Nextcloud + Paperless better integration (external storage, flow rules)
- P4: Nextcloud Object Storage — replace SSHFS with Hetzner S3 Primary Storage