Disaster recovery plan (external storage encryption)

This is a missing documentation issue. I’m worried if i lose my nextcloud server, i wont be able to recover my data on external storage due to encryption. With modern nextcloud, what files must be backed up to decrypt external storage on another server?

I see the files (The XXX is a replacement of a small string to preserve privacy)

master_XXX.privateKey master_XXX.publicKey pubShare_XXX.privateKey pubShare_XXX.publicKey
in /var/www/nextcloud/data/files_encryption/OC_DEFAULT_MODULE. Are these files sufficient to backup to recover external storage?

I think if you restore the full Nextcloud you can use the Nextcloud and encrypted data again. Then you also can decrypt data if needed.

You need a full backup, not only data and keys, configuration and database are important as well. There have been a few people with problems, so when you do a backup, you should try a recovery as well.

In case you don’t have a database backup but only a backup of the data folder and config file then you could also try to decrypt the files outside of Nextcloud via https://github.com/syseleven/nextcloud-tools/blob/master/rescue/decrypt-all-files.php