Category: Cloud Infrastructure

Nextcloud S3 Workaround: Multi-User Rclone Mounts with Systemd Templates

I experienced trouble with Nextcloud’s built-in S3 connector, as it would corrupt photos during auto-upload from the Android client. Since dedicated S3FS or Goofys were also not ideal, I decided on a reliable alternative: using rclone to manage the mounts. This strategy allows me to decouple the unreliable Nextcloud S3 implementation from the underlying object storage.

Note: While a native S3 implementation is preferable, this method abstracts the object storage as a block-like device. This compromise is necessary for stability.

Part I: Rclone Setup and S3 Configuration

1. Installation and Credentials

Installing rclone is straightforward. The challenge lies in secure credential management and defining the S3 endpoint.



apt-get install rclone
mkdir /etc/rclone

# Example rclone.conf for MinIO credentials
[minio]
type = s3
region = somewhere-over-the-rainbow
endpoint = http://127.0.0.1:9000
provider = Minio 
env_auth = false
access_key_id = ...
secret_access_key = ...
acl = bucket-owner-full-control

2. The Mounting Challenge

Mounting the entire Nextcloud data directory (/var/www/nextcloud/data) to S3 is suboptimal, as folders like appdata_... and updater often contain volatile data that should not reside on object storage. The cleanest solution is to mount the S3 bucket specifically to the user’s files directory (/var/www/nextcloud/data/user/files), which excludes the trashbin and appdata folders.

Part II: Multi-Instance Management with systemd

To manage mounts for multiple users or multiple S3 buckets without redundant service files, I implemented a systemd multi-instance unit template. This demonstrates efficient Configuration Management and scalable deployment.

Unit Definition (rclone@.service)

The unit template uses the %i placeholder, which corresponds to the username (e.g., rclone@jean).

[Unit]
Description=rclone - s3 mount for nextcloud %i data
Documentation=https://rclone.org/ man:rclone(1)
AssertPathExists=/etc/rclone/rclone-%i.conf
RequiresMountsFor=/var/www/nextcloud/data
Before=nginx.service
After=network-online.target
Wants=network-online.target

Note: The RequiresMountsFor and Before=nginx.service directives are crucial for guaranteeing that the mount point is ready before the webserver attempts to serve files.

Service Execution

The service uses the %i placeholder to reference the correct configuration and the user-specific mount path (/var/www/nextcloud/data/%i/files). The environment variable RCLONE_CONFIG ensures the service loads the correct credential file.

[Service]
Type=notify
Environment=RCLONE_CONFIG=/etc/rclone/rclone-%i.conf
ExecStart=/usr/bin/rclone \
    mount minio:nextcloud-%i /var/www/nextcloud/data/%i/files \
    --allow-other \
    --vfs-cache-mode writes \
    --log-level INFO \
    --log-file /var/log/rclone/rclone-%i.log \
    --umask 002
ExecStop=/bin/fusermount -uz /var/www/nextcloud/data/%i/files
Restart=on-failure
User=www-data
Group=www-data

Part III: Cache Tuning and Verification

VFS Cache and Performance Tuning

I am still experimenting with the optimal mount options, but these settings ensure stability and good performance. The VFS cache settings are critical for preventing corruption and managing the Object Storage paradigm.

   --allow-other \
   --vfs-cache-mode writes \  # Recommended for Nextcloud to handle writes reliably
   --umask 002 \
   --use-server-modtime \
   --transfers 16 \
   --vfs-fast-fingerprint \
   --vfs-cache-max-age 168h \
   --vfs-cache-max-size 15G

Verification and Observability

Verification involves ensuring the mount is persistent and checking the rclone status log.

systemctl enable rclone@jean
systemctl start rclone@jean

# Check status after a few hours
root@nc:~# systemctl status rclone@jean
...
     Active: active (running) since Sun 2024-04-07 04:30:55 CEST; 13h ago
       Docs: https://rclone.org/
             man:rclone(1)
   Main PID: 4105 (rclone)
     Status: "[17:53] vfs cache: objects 21 (was 21) in use 0, to upload 0, uploading 0, total size 895.986Mi (was 895.986Mi)"
...

The log confirms that the mount is active and the VFS cache is managing objects correctly.

Sources / See Also

  1. Rclone Documentation. Mount Options and Usage (VFS Cache Modes). https://rclone.org/commands/rclone_mount/
  2. Nextcloud Documentation. External Storage Configuration (S3 as Primary Storage). https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/external_storage/s3.html
  3. FUSE Project Documentation. Understanding FUSE Filesystems and Permissions (allow-other, umask). https://github.com/libfuse/libfuse
  4. systemd Documentation. Using Templates and Instances (rclone@.service). https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Templates
  5. MinIO Documentation. Reference Guide for S3 Configuration and Endpoints. https://min.io/docs/minio/linux/reference/minio-cli/minio-mc-admin-config.html

Distributed MinIO on AWS Lightsail: Multi-Node Setup

MinIO is a high-performance, S3-compatible object storage solution. This article provides a blueprint for deploying a distributed MinIO stack using Amazon Lightsail, covering the critical steps for multi-node setup, networking, and Systemd.

Continue reading Distributed MinIO on AWS Lightsail: Multi-Node Setup

Nextcloud and MinIO Integration: Why Direct S3 Fails and the Filesystem Abstraction Workaround

MinIO is a fantastic Object Storage solution, and I intended to use my distributed MinIO system as the primary external storage for Nextcloud. This distributed setup, which uses Sidekick as a load balancer for seamless node access, proved functional but revealed a critical stability flaw, particularly with mobile uploads.

Continue reading Nextcloud and MinIO Integration: Why Direct S3 Fails and the Filesystem Abstraction Workaround

Nextcloud Migration and Database Performance: Solving Deadlocks with PostgreSQL

Getting the famous “1213 Deadlock found when trying to get lock; try restarting transaction” error in Nextcloud can be frustrating. This issue affected many users and was discussed in bug reports like this: Nextcloud Deadlock Issue
. The community frequently recommends switching the backend database to PostgreSQL. While I was initially skeptical, the migration proved to be the definitive solution for this recurring issue in my setup.

This guide outlines the streamlined procedure for migrating Nextcloud from MariaDB/MySQL to PostgreSQL. The process is uncomplicated and can drastically improve system stability.

Continue reading Nextcloud Migration and Database Performance: Solving Deadlocks with PostgreSQL

Nextcloud Performance Tuning: PHP, Redis, and Database Optimization

Just a quick guide on how I install Nextcloud. This covers Nextcloud 25.0.1 with PHP 8.1 on Debian Bullseye, optimized with Redis, APCu, and MariaDB.

Continue reading Nextcloud Performance Tuning: PHP, Redis, and Database Optimization