fix nextcloud deploy user

active/podman_nextcloud/nextcloud-aio-mastercontainer.container

@@ -9,13 +9,13 @@ ContainerName=nextcloud-aio-mastercontainer
 Image=docker.io/nextcloud/all-in-one:latest
 PublishPort=0.0.0.0:11001:8080
 Volume=nextcloud_aio_mastercontainer:/mnt/docker-aio-config
-Volume=/run/user/1001/podman/podman.sock:/var/run/docker.sock:Z
+Volume=/run/user/1002/podman/podman.sock:/var/run/docker.sock:Z
 Network=bridge
 SecurityLabelDisable=true
 
 Environment=APACHE_PORT=11000
 Environment=APACHE_IP_BINDING=0.0.0.0
-Environment=WATCHTOWER_DOCKER_SOCKET_PATH=/run/user/1001/podman/podman.sock
+Environment=WATCHTOWER_DOCKER_SOCKET_PATH=/run/user/1002/podman/podman.sock
 Environment=NEXTCLOUD_DATADIR="/home/nextcloud/nextcloud_data"
 Environment=SKIP_DOMAIN_VALIDATION=true
 

active/podman_nextcloud/nextcloud-aio.md

@@ -3,13 +3,13 @@
 - [Nextcloud AIO](#nextcloud-aio)
   - [Install with Rootless Podman](#install-with-rootless-podman)
     - [Create the nextcloud user](#create-the-nextcloud-user)
-    - [Install Podman](#install-podman)
     - [Create the container autostart service](#create-the-container-autostart-service)
     - [Install Nextcloud](#install-nextcloud)
     - [Install Caddy](#install-caddy)
     - [Firewall](#firewall)
   - [Backups](#backups)
-  - [Maintenace Mode](#maintenace-mode)
+    - [Manual Backups](#manual-backups)
+  - [Maintenance Mode](#maintenance-mode)
   - [Trusted Proxy](#trusted-proxy)
   - [Default phone region](#default-phone-region)
   - [Adding existing files](#adding-existing-files)
@@ -17,10 +17,13 @@
   - [Changing the domain](#changing-the-domain)
   - [Uninstall](#uninstall)
   - [Edit QCOW](#edit-qcow)
-  - [Stuck in login screen](#stuck-in-login-screen)
-  - [Freezing after working for a bit](#freezing-after-working-for-a-bit)
-    - [Out of disk space](#out-of-disk-space)
-    - [Redis can't dump its DB](#redis-cant-dump-its-db)
+  - [Exclude Lists](#exclude-lists)
+  - [Troubleshooting](#troubleshooting)
+    - [Stuck in login screen](#stuck-in-login-screen)
+    - [Freezing after working for a bit](#freezing-after-working-for-a-bit)
+      - [Out of disk space](#out-of-disk-space)
+      - [Redis can't dump its DB](#redis-cant-dump-its-db)
+      - [Error connecting to server](#error-connecting-to-server)
 
 <https://github.com/nextcloud/all-in-one>
 
@@ -34,32 +37,22 @@ This has been tested working on Fedora 41 with selinux and firewalld enabled.
 
 ```bash
 useradd nextcloud
-su - nextcloud
-ssh-keygen
-exit
-cp ~/.ssh/authorized_keys /home/nextcloud/.ssh/authorized_keys
-chown nextcloud:nextcloud /home/nextcloud/.ssh/authorized_keys
 loginctl enable-linger $(id -u nextcloud)
-```
-
-### Install Podman
-
-```bash
-# As root user
-dnf install podman
-
-# Now SSH into the server as the nextcloud user
-systemctl --user enable podman-restart
-systemctl --user enable --now podman.socket
+systemctl --user --machine=nextcloud@.host enable podman-restart
+systemctl --user --machine=nextcloud@.host enable --now podman.socket
+su -l nextcloud
+mkdir -p /home/nextcloud/.config/containers/systemd
+exit
 ```
 
 ### Create the container autostart service
 
 Edit the autostart service to include "unless-stopped" containers.
 
-As the nextcloud user:
-
-`systemctl --user edit podman-restart.service`
+```bash
+machinectl shell nextcloud@
+systemctl --user edit podman-restart.service
+```
 
 ```conf
 [Service]
@@ -74,21 +67,35 @@ systemctl --user daemon-reload
 
 ### Install Nextcloud
 
+On the operator
+
+1. Edit `nextcloud-aio-mastercontainer.container` to include the correct username and UID where relevant.
+2. Copy the files to the server:
+
 ```bash
-# Make the container systemd directory (if needed)
-ssh nextcloud mkdir -p ~/.config/containers/systemd
-
-# Create the nextcloud network with ipv6
-ssh nextcloud podman network create --ipv6 nextcloud-aio
-
 #  Copy the quadlet files
 scp \
 active/podman_nextcloud/nextcloud-aio-mastercontainer.container \
-nextcloud:.config/containers/systemd/
+3dserver:/home/nextcloud/.config/containers/systemd/
+
+ssh chown -R nextcloud:nextcloud /home/nextcloud/.config/containers/systemd/
+```
+
+On the server
+
+```bash
+machinectl shell nextcloud@
+
+# Create volumes
+mkdir nextcloud_data
+mkdir nextcloud_aio_mastercontainer
+
+# Create the nextcloud network with ipv6
+podman network create --ipv6 nextcloud-aio
 
 # Reload and restart the service
-ssh nextcloud systemctl --user daemon-reload
-ssh nextcloud systemctl --user restart nextcloud-aio-mastercontainer
+systemctl --user daemon-reload
+systemctl --user restart nextcloud-aio-mastercontainer
 ```
 
 ### Install Caddy
@@ -168,7 +175,15 @@ If you need to reset the borg backup repo:
 docker exec nextcloud-aio-borgbackup rm /mnt/docker-aio-config/data/borg.config
 ```
 
-## Maintenace Mode
+### Manual Backups
+
+1. Backup `nextcloud_data`
+2. Backup all nextcloud volumes at `/home/nextcloud/.local/share/containers/storage/volumes/`
+3. Backup `.config/containers/systemd/`
+
+Copy these back to where they came to restore
+
+## Maintenance Mode
 
 ```bash
 docker stop nextcloud-aio-apache
@@ -230,7 +245,127 @@ sudo qemu-nbd -c /dev/nbd0 --read-only /path/to/image.qcow2
 udisksctl mount -b /dev/nbd0p1
 ```
 
-## Stuck in login screen
+## Exclude Lists
+
+Exclude lists take effect only if the folders/files haven't been synced yet. Here's a basic one
+I stole that works well for development resources.
+
+Put this in `~/.config/Nextcloud/sync-exclude.list`
+
+```text
+]*~
+]~$*
+].~lock.*
+]~*.tmp
+]*.~*
+]Icon\r*
+].DS_Store
+].ds_store
+]*.textClipping
+]._*
+]Thumbs.db
+]photothumb.db
+]System Volume Information
+].*.sw?
+].*.*sw?
+].TemporaryItems
+].Trashes
+].DocumentRevisions-V100
+].Trash-*
+].fseventd
+].apdisk
+].Spotlight-V100
+].directory
+]*.part
+]*.filepart
+]*.crdownload
+]*.kate-swp
+]*.gnucash.tmp-*
+].synkron.*
+].sync.ffs_db
+].symform
+].symform-store
+].fuse_hidden*
+]*.unison
+].nfs*
+]My Saved Places.
+]*.sb-*
+]*.dll
+]*.exe
+].git/
+].lock
+]*.bin
+].bin
+]bin/
+]*.lock
+]node_modules/
+].cache/
+].vscode/
+].pytest_cache/
+].github/
+].ipynb_checkpoints/
+]*.exe
+]*.dll
+]*.class
+]*.com
+]*.so
+]*.o
+]@*/
+]__pycache__/
+].Python/
+]build/
+]dist/
+]eggs/
+].eggs/
+]wheels/
+]sdist/
+]var/
+]*.egg/
+]*.egg-info/
+]lib64/
+]lib/
+].tox/
+].nox/
+]env/
+]venv/
+]ENV/
+]env.bak/
+]venv.bak/
+]site/
+]cython_debug/
+]vendor/
+]tmp/
+].libs/
+].debs/
+]src/
+]Debug/
+]debug/
+]*.pdb
+]*.enc
+].enc
+].sass-cache/
+]_site/
+].info
+]*.info
+].jekyll-cache
+].jekyll-cache/
+].zotero-ft-cache
+].zotero-ft-info
+]*.idlk
+]zotero.sqlite.bak
+]*.dwl
+]*.dwl2
+]*.bkp
+]*.dtmp
+].$*
+]*.tmp
+]_build/
+].venv/
+```
+
+## Troubleshooting
+
+### Stuck in login screen
 
 Check logs at `/var/www/html/data/nextcloud.log` in `nextcloud-aio-nextcloud` container.
 
@@ -247,9 +382,9 @@ Sometimes this is caused by a broken app or twofactor. try:
 ./occ app:disable integration_openai
 ```
 
-## Freezing after working for a bit
+### Freezing after working for a bit
 
-### Out of disk space
+#### Out of disk space
 
 This can happen when nextcloud tries to write logs to its volume and doesn't have enough space
 
@@ -258,7 +393,7 @@ podman exec -it nextcloud-aio-nextcloud bash
 df -h .
 ```
 
-### Redis can't dump its DB
+#### Redis can't dump its DB
 
 This can happen when the redis volume doesn't have the correct permissions
 
@@ -267,3 +402,9 @@ podman exec -it --user root nextcloud-aio-redis bash
 ls -lah /data
 chown redis:redis /data
 ```
+
+#### Error connecting to server
+
+Your nextcloud instance won't be able to use host loopback with rootless containers. If you have
+a local DNS record pointing to your server's IP address you'll need to delete that until this is
+fixed.