Add external storage in Docker - SMB, bind mount, NFS, WebDAV -> what's the best solution?

Setup: Nextcloud 22.2.3 via docker on QNAP TS-453D NAS.

Problem: terabytes and years of data already exist on the NAS. Nextcloud should access that data, but should not own it exclusively, since various other services are also using it.

Current situation: I’ve been tinkering with Nextcloud for a few weeks now and have added a NAS test-folder as external storage via SMB. Works fine so far, but also no heavy load yet. Then I started reading about bind mounts, NFS, WebDAV, potential persmission issues, etc. - and things got really confusing for me. I can’t tell anymore if SMB is a good option or not.

tl;dr: Should I add terabytes of files and folders as SMB shares or are there performance (or other) downsides to this?

1 Like

I’m not some NextCloud wiz, so don’t rely on this response too heavily. Personally I’d focus on designing exclusive access for NextCloud. Anything else accessing the data (say Plex) can mount it read-only. I’ve seen too many complaints online about people’s NC database getting corrupted or out of sync with the underlying storage. Not something I’d want to mess with, especially for TBs of data.

Beyond that, don’t use WebDAV. NFS or SMB will be fine; use whichever is easiest for you to setup. And of course, give it a little test before going all in (read/write/delete files from a few different types of clients).

1 Like

Thanks, that helps a lot!

I’ve been thinking about giving Nextcloud exclusive access. But that would also mean going all in - and I agree with you that’s not prudent. Since deciding to degoogle and deonedrive, my hope was to get to a point where it’s me who owns the data, so I can switch services if/when needed. Moving it all into Nextcloud would, in a way, be just another proprietary system I might have to get out of at some point. It would also make it harder/impossible to use some of the QNAP services I’m using (the less shitty ones ;-)). Plex, jellyfin, Photoprism, etc. would all get harder to implement.

In other words, I was hoping Nextcloud would be an open system I can use alongside other systems. Is that maybe not the case?

Right, I don’t think it’s open in the way you’re describing. But it’s also not a closed system. Unlike with Google & MSFT, you can still directly access the raw data files. If you ever decide to port out of NC to a different solution.

“Alongside” feels like the biggest challenge. NC expects to have full control of the file repository, so it gets confused if anything changes unexpectedly (by another program). It seems the solution to that is regularly running a job to re-scan the entire dataset to identify any changes, and hope there are no conflicts. I’m certain people have that approach working. It will be more work to setup & maintain.

Even if NC has exclusive control of the files, you can still build a system where other apps can read the data. For example, put everything on a read/write SMB share that NC runs on. Then share a subdir of that to Plex “read only”.

By the way, I’m also concerned about the ability to port-out or any tool if I don’t like it. I used a handful of (essentially) bind mounts to structure my existing files the way NC likes to see it, then NC just scanned it (took 5+ mins, didn’t move/modify anything) and it started serving them. My original file structure is unchanged. I’m very confident I could port out of NC back to Samba in just 1 day if needed. But it won’t be needed - NC is WAY better.

1 Like

Thanks again, learning fast here.

If I understand correctly, in my case, where Nextcloud is running on docker (on my NAS), all data is stored in the docker volume that’s attached to the Nextcloud container, right? So to get my terabytes of data into Nextcloud, I’d have to copy/move it from my file system onto the docker volume, which would take days and a lot of temp storage space - which is where your bind mount solution comes in, which allows you to point Nextcloud to your existing file structure? And then Nextcloud should probably be the only NAS user with r/w access to these folders?

Shouldn’t you be able to get out of Nextcloud, then, pretty instantly? You could just stop Nextcloud and give your other NAS users access to the existing folders. Or am I misunderstanding something?

Sorry if I keep asking you questions. I am very interested in moving to Nextcloud entirely - it’s just that I would prefer to do that in incremental steps instead of copying over terabytes of data without understanding the implications, and I would like to be able to undo everything relatively easily. Which your solution could provide.

No problem about the questions, we’re all learning here. I haven’t used Docker, and I don’t have a formal NAS, so take this with a grain of salt.

You’re correct that all your data will be stored inside your Docker image by default. But you can add remote storage from below (mounting it into your Docker image; NC won’t even know the storage is remote), or from above (NC’s “External Storage” feature will directly connect to the remote storage).

I briefly tried the “External Storage” feature and decided it wasn’t for me. If I remember, it’s focused on adding externals like Google Drive, DropBox, or individual NAS folders. NC shows them as separate shares in a user’s root “Files” view, so you’d have 1 folder that opens up your remote storage. Now that I remember this exists, it might be a good solution for you. Use NFS or SMB.

I chose to mount the data below NC because I didn’t want to overburden it (a glorified web page) with the responsibility of managing the connection back to my “NAS”. My host OS mounts an NFS share from my “NAS” to exactly the folder that NC locally expects the data. Effectively, the NC user has RW access, while everyone else has R-only access. So NC has full control of the data, and then manages permissions from it’s internal database. Since you’re running in a container (Docker), your host OS would need to mount NFS or SMB from your NAS, then you’d need to bind mount that into the Docker container. I’m not sure how to do the 2nd part, but it’d be just like using a physical external HDD. Don’t be scared by performance of double-mounting, it’s faster than your network.

There are challenges to mounting the data from below. NC expects the folders in very exact locations.

  • All data needs to be in ./nextcloud/[USER]/files/[FILES]. If you have a wonderful NAS structure that is [USER]/[FILES], then you’ll need to mount each user separately.
  • Since the data is segregated by [USER], it’s not easy to make truly shared data. The shared files will always exist under a physical user account. I didn’t like this (messes with backup purity) and got around it by making a shared family account, which all users can access.

Yes - but I don’t have a NAS with point & click sharing options, so I’d need to install and configure Samba from the ground up :smiley:

This clarifies a few things, thanks! And sorry about the late reply. Busy days…

But on with the topic!

Mounting an “External Storage” folder via SMB is exactly what I have done so far. But from what you wrote before I understood it would be better to bind mount these folders instead of using the “External Storage” feature.
Using SMB, I could set up a NAS user just for Nextcloud and give that one exclusive RW access. Then Nextcloud would be effectively managing all data. Could that be a solution or are bind mounts (the idea of which I like, but they are definitely more effort since I’d have to figure out the correct docker commands ;-)) still better for some other reason? Would access speed be the same, since both Nextcloud and all data are on the same NAS anyway? In theory, SMB should be slower, I think. And I definitely don’t want to overburden NC with managing SMB - since you called it “a glorified web page”.

Ah, to set up bind mounts I wouldn’t have to use SMB first, since I’m using Docker. It’s not a VM that I need to SMB into. Docker can directly access the data of my NAS (with the right commands…) and bind mount it into Nextcloud. This should basically be direct file system level access. (I am happy to be corrected on this one!)

Your point about the data being segregated by [USER] confused me a little:

  • I definitely need some shared family folders (photos, documents, etc.). If I understand the manual correctly, this should be possible by bind mounting the folder to one Nextcloud user (say Admin) and then sharing that folder with all other users. Or not?
  • Also - and this might be docker related, and possibly only for first setup - when I create a new Nextcloud docker container, there are no users yet. I only create them afterwards. So I can’t bind mount to any user. But I guess I can do it when updating the container, after users have been created.

Ah, i understand!

I agree, SMB External Storage is slower in theory. But you’d need to test it for yourself to see if you notice (or care) about the difference.

Sounds worth the effort to try directly mounting a dataset into Docker. You’ll probably be happier with the end result that way.

Yes, that’s how I worked around the issue. But I created a non-admin user (“Family”) to own the data, and made a group (also “Family”) to share the data. I’d call this a workaround though. Now I need to login to a dummy account to administer the family data (e.g. creating new shares). There’s a NC app/feature called “Group Folders” that solves this whole issue - but its fine print basically says its error prone and may corrupt your data, so I didn’t want to mess with it.

Regarding user creation, that’s a sticky point too. I purposefully created the users first, then defined the mount because I was afraid of NC cheerfully replacing my important docs with the new user template. Maybe unwarranted fear, but I didn’t care to find out. Anyway, if you’re running this for a family, it’s nbd. Probably wouldn’t want the manual processes if you have a 200 person company.

I think you’re on a great path with this. Makes me wish I had a NAS with Docker, it sounds much easier than my concoction, but I’m pretty committed at this point.

It’s been a while, but I thought I’d leave a little update here.

As with anything in life, bind mounting into Nextcloud via docker (more specifically, docker-compose) is super easy if one knows how to do it. :smiley: The solution is here:

As for your mentioned workaround regarding adding folders for the various users, that’s also quite convenient - if one remembers that only admins can add local storage and that one needs to install the “External Storage” app first. But then, I don’t see that workaround being required. An admin can add the bind mounted folders for all users, user groups, or just specific users.

Regarding your sticky point of user creation: since the folders are not bind mounted for specific users - they are just being made available to admins, who can decide to add them to Nextcloud or not - they can be added directly (via docker-compose, for instance) with a fresh install, before even the admin user is created.

Thanks again for the many detailed explanations and good pointers! I’m still not 100% done setting everything up (Collabora is being a little diva at the moment) and it’s been quite the rabbit hole, but I feel like this entire escapade into Nextcloud, docker, and selfhosting various other services has been more educational tech-wise than anything I’ve done in years. :smiley: