Brent LaRowe

Essays, experiences, insights. Hand-crafted from start to finish.

Migrating Nextcloud from AIO to Docker Compose

Sometimes, an update breaks something, and no amount of troubleshooting seems to fix it. That’s what happened to me after a recent Docker update and a Nextcloud AIO Mastercontainer update. Suddenly, my externally mounted drive setup for Nextcloud’s data path stopped working. I tried to troubleshoot the issue, but after running in circles, I decided to take a different approach—ditch AIO and rebuild my Nextcloud deployment using docker compose.

Here’s how I pulled it off.

Step 1: Setting Up the New Environment

The first step was getting a fresh Docker Compose stack ready before pulling the plug on AIO. My new stack consists of:

  • Nextcloud – Running the official nextcloud:latest image.
  • PostgreSQL – Imported the old database dump, ensuring credentials matched.
  • Redis – Configured caching and locking to boost performance.
  • Imaginary – Speeds up preview generation, mirroring AIO’s setup.

With everything configured, I confirmed the new environment was fully functional before giving up on the AIO instance.

Step 2: Migrating Data & Database

Since this migration was forced by a broken data path, preserving my existing files and database was critical. I:

  • Copied over the data directory and ensured www-data ownership inside the container.
  • Imported the PostgreSQL database dump to restore all previous Nextcloud settings.
  • Ran occ upgrade to check for schema changes and complete the migration.
  • Added missing indices and performed mimetype migrations to optimize the database.

Step 3: Configuring Nextcloud

With my data in place, I had to tweak config.php for the new environment:

  • Updated trusted proxies and overwrite settings to ensure HTTPS worked properly.
  • Verified the data directory and instance ID to ensure Nextcloud recognized the restored setup.

After these updates, Nextcloud was fully operational in its new home.

Step 4: Automating Background Jobs & Security Hardening

With Nextcloud running smoothly, I added automation and security improvements:

  • Set up a cron container to run php -f /var/www/html/cron.php every five minutes.
  • Configured Traefik as a reverse proxy to handle SSL with Let’s Encrypt, enforce HSTS headers, and redirect HTTP to HTTPS.
  • Cleared all security warnings, with Nextcloud’s security scan confirming an A rating.
  • Removed unused Talk (Spreed) references.

Step 5: Automating Updates with Watchtower

Keeping things up to date is crucial. I added a Watchtower service to:

  • Monitor and automatically update Nextcloud and supporting containers.
  • Ensure patch-level security without manual intervention.

No more worrying about running outdated images—Watchtower keeps things fresh.

Step 6: Final Checks & Cleanup

With everything running smoothly, I performed a final sweep:

  • Verified database connectivity and directory integrity.
  • Ran a fresh security scan, confirming an A rating.
  • Removed the old AIO containers and volumes.

The Takeaway

This wasn’t a planned migration, but it turned out to be a good one. Moving from AIO to Docker Compose gave me:

  • More control over individual services.
  • Improved performance with Redis and fine-tuned settings.
  • A cleaner, more modular setup that’s easier to maintain.

What started as an unexpected failure turned into an opportunity to rebuild things better. And now, with Watchtower handling updates, I should be in a much better position for the next round of Docker changes.