So, I moved my nextcloud directory from a local SATA drive to a NFS mount from a nvme array on a 10G network

“I just need to change /docker/nextcloud to /mnt/nfs/nextcloud in the docker-compose.yml, what’s the issue, i do it live” - i tell myself

So i stop the container, copy /docker/nextcloud to /mnt/nfs/nextcloud, then edit the docker-compose.yml… and… because I’m doing it during a phone call without paying too much attention i change the main directory to /docker

I rebuild the container and I immediately hear a flood of telegram notifications from my uptime-kuma bot… oh oh…

Looks like the nextcloud docker image has an initialization script that if it doesn’t find the files in the directory, it will delete everything and install a fresh copy of nextcloud… so it deleted everything on my server

Luckily i had a very recent full borg backup and i’m restoring it (i kinda love-hate borg, i always forget the restore commands when in panic and the docs are a bit cryptic for me)

Lessons learned:

  1. always double check everything

  2. offsite backups are a must (if i accidentally wrote / as path, i would have lost also the borg backups!)

  3. offsite backups should not be permanently mounted, otherwise they would have been wiped as well

  4. learn how to use and schedule filesystem snapshots, so the recovery wouldn’t take ages like it’s taking right now (2+ hours and i’m not even half way…)

  • 4am@lemm.ee
    link
    fedilink
    English
    arrow-up
    8
    arrow-down
    1
    ·
    1 year ago
    1. Always run prod services in a VM or LXC
    2. Snapshot before touching anything

    Fucking up in EZ mode just becomes an hour wasted.

    Having full backups is good too, of course.

    • Pete90@feddit.de
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I’m currently setting up proxmox just for that. Since I’m still quite new to self hosting, I fuck up from time to time. Deleted my root file system once. Updated Nginx proxy manager and took down my services with it. I once fucked up iptables, scary stuff.

      In the future, it’ll be one click and everything works again. It’s so easy on novices, once you get everything going.

    • Nik282000
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I ham-fistedly use LXC to keep my services separate and out of dependancy hell, but would you go as far as putting docker run services in them as well just to keep them away from the host?

          • 4am@lemm.ee
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            Be aware that, in the past anyway, Docker didn’t like some storage mediums when running in LXC (I think there are [were?] issues if you snapshot the LXC image on ZFS and you’re using the Overlay2 driver for Docker), and that you could often find issues with networking that way as well (might be a problem if you are trying to cluster/swarm between multiple LXCs?). For those reasons I’ve kept all my Docker stuff in kvm rather than LXC, I wasn’t experienced enough to untangle it all.