I’d looked arround but haven’t found much helpful right now.
What I need / want:
decrypt all content (as admin would be nice&easy)
download all content with structure
delete all content (incl nextcloud)
update nextcloud (to 15.something)
get all users back
upload all content with original structure again
encrypt all content in a way users can go on using it “without further notice”
Why do I want to do it this way?
using nextcloud since 12.something
not a single update ran faultless (took mostly 2-3 days to fix broken things)
The last update destroyed the whole instance, took me over one week to create a running nextcloud again & rescue some data and I lost approx 1/3 of data (no longer able to decrypt)!
Problem over all:
I’ve got only restricted (only partially) access to typical shell commands.
Is there somewhere a faq-like document I haven’t found yet?
Or is someone able to provide me the basic steps?
Checkout on github and some parts here on the forum (unfortunately, there is no central document for that). I think at some point they manage to decrypt content outside of Nextcloud. If you want to keep the structure, shares, etc. the best way is via updates.
Regarding encryption, I’d take a look if you really benefit from this. It was designed and protects best data on external storage (https://docs.nextcloud.com/server/13/admin_manual/configuration_files/encryption_configuration.html). With local storage, it is more difficult because the encryption is done on the server and somebody with access to the server can also access the data (well, there is an argument about data in rest). However, one big problem is you increase the complexity of your setup a lot. Backups, updates, etc.
Unfortunately, end-to-end encryption is still new… but it’s the best solution against attackers with server access.